WWW Guide HASP SRM

#1 Choice of Software Developers Worldwide Since 2002
*Source: Frost & Sullivan World Content Protection and Digital Rights Management Markets Doc #N1AF-70, March 2007 and IDC Worldwide Hardware Authentication Token 2005-2009 Forecast & 2004 Vendor Shares Doc #34452, December 2005
v 3.10
Software Protection and Licensing Guide
A l a d d i n . c o m / H A S P
Copyrights and Trademarks

The HASPSRM system and its documentation are copyrighted 1985 to 2008 by Aladdin Knowledge Systems Ltd. All rights reserved. HASP and Hardlock are registered trademarks of Aladdin Knowledge Systems Ltd. SRM, HASPSRM, HASP SRM Business Studio, Cross-Locking, LicenseOnChip, LoC, Method-level protection, HASPHL Basic, HASPHL Pro, HASPHL Max, HASPHL Time HASPHL Net, HASPHL NetTime, and HASPHL Drive are trademarks of Aladdin Knowledge Systems Ltd. All other trademarks, brands, and product names used in this guide are trademarks of their respective owners. March 2008
HSRM_RG_0308_6
Aladdin Knowledge Systems HASP Product End User License Agreement

IMPORTANT INFORMATIONPLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE CONTENTS OF THE PACKAGE AND/OR BEFORE DOWNLOADING OR INSTALLING THE SOFTWARE PRODUCT. ALL ORDERS FOR AND USE OF THE HASP PRODUCTS (including without limitation, the Developers Kit, libraries, utilities, diskettes, CD_ROM, HASP keys, the software component of Aladdins HASP and the HASP SRM Guides) (hereinafter Product) SUPPLIED BY ALADDIN KNOWLEDGE SYSTEMS LTD. (or any of its affiliates - either of them referred to as ALADDIN) ARE AND SHALL BE, SUBJECT TO THE TERMS AND CONDITIONS SET FORTH IN THIS AGREEMENT. BY OPENING THE PACKAGE CONTAINING THE PRODUCTS AND/OR BY DOWNLOADING THE SOFTWARE (as defined hereunder) AND/OR BY INSTALLING THE SOFTWARE ON YOUR COMPUTER AND/OR BY USING THE PRODUCT, YOU ARE ACCEPTING THIS AGREEMENT AND AGREEING TO BE BOUND BY ITS TERMS AND CONDITIONS. IF YOU DO NOT AGREE TO THIS AGREEMENT OR ARE NOT WILLING TO BE BOUND BY IT, DO NOT OPEN THE PACKAGE AND/OR DOWNLOAD AND/OR INSTALL THE SOFTWARE AND PROMPTLY (at least within 7 days from the date you received this package) RETURN THE PRODUCTS TO ALADDIN, ERASE THE SOFTWARE, AND ANY PART THEREOF, FROM YOUR COMPUTER AND DO NOT USE IT IN ANY MANNER WHATSOEVER. This Agreement has 3 sections: Section I applies if you are downloading or using the Product free of charge for evaluation purposes only. Section II applies if you have purchased or have been otherwise granted by Aladdin a license to use the Product. Section III applies to all grants of license.

1. SECTION ITERMS APPLICABLE TO GRANT OF EVALUATION LICENSE 1.1 License Grant. License Grant. Aladdin hereby grants to you, and you accept, a nonexclusive license to use the Product in machine-readable, object code form only, free of charge, for the purpose of evaluating whether to purchase an ongoing license to the Product and only as authorized in this License Agreement. The evaluation period is limited to the maximum amount of days specified in your applicable evaluation package. You may use the Product, during the evaluation period, in the manner described in Section III below under Extent of Grant. DISCLAIMER OF WARRANTY. The Product is provided on an AS IS basis, without warranty of any kind. IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, SATISFACTION AND MERCHANTABILITY SHALL NOT APPLY. SOME JURISDICTIONS DO NOT ALLOW EXCLUSIONS OF AN IMPLIED WARRANTY, SO THIS DISCLAIMER MAY NOT APPLY TO YOU AND YOU MAY HAVE OTHER LEGAL RIGHTS THAT VARY BY JURISDICTION. The entire risk as to the quality and performance of the Product is borne by you. This disclaimer of warranty constitutes an essential part of the agreement. If you initially acquired a copy of the Product without purchasing a license and you wish to purchase a license, contact Aladdin or any Aladdin representative. 2. SECTION II -- APPLICABLE TERMS WHEN GRANTED A LICENSE 2.1 License Grant. Subject to your payment of the license fees applicable to the type and amount of licenses purchased by you and set forth in your applicable purchase order, Aladdin hereby grants to you, and you accept, a personal, nonexclusive and fully revocable limited License to use the Software (as such term is defined in Section III hereunder, in the Intellectual Property subsection), in executable form only, as described in the Software accompanying user documentation and only according to the terms of this Agreement: (i) you may install the Software and use it on computers located in your place of business, as described in Aladdins related documentation; (ii) you may merge and link the Software into your computer programs for the sole purpose described in the HASP SRM Guide; however, any portion of the Software merged into another computer program shall be deemed as derivative work and will continue to be subject to the terms of this Agreement; and (iii) you are permitted to make a reasonable number of copies of the Software solely for backup purposes. The Software shall not be used for any other purposes. Sub-Licensing. After merging the Software in your computer program(s) according to the License Grant section above, you may sub-license, pursuant to the terms of this Agreement, the merged Software and resell the hardware components of the Product, which you purchased from Aladdin, if applicable, to distributors and/or users. Preceding such a sale and sub-licensing, you shall make sure that your contracts with any of your distributors and/or end users (and their contracts with their customers) shall contain warranties, disclaimers, limitation of liability, and license terms which are no
1.2
2.2
less protective of Aladdin's rights than such equivalent provisions contained herein. In addition, you shall make it abundantly clear to your distributors and/or end users, that Aladdin is not and shall not, under any circumstances, be responsible or liable in any way for the software and software licenses contained in your computer programs which you merge with the Aladdin Software and distribute to your distributors and/or end users, including, without limitation, with respect to extending license terms and providing maintenance for any software elements and/or computer programs which are not the Aladdin Software. Aladdin expressly disclaims any responsibility and liability with respect to any computer programs, software elements, and/or hardware elements which are not and do not form part of the Aladdin product. 2.3 Limited Warranty. Aladdin warrants, for your benefit alone, that (i) the Software, when and as delivered to you, and for a period of three (3) months after the date of delivery to you, will perform in substantial compliance with the HASP SRM Guide, provided that it is used on the computer hardware and with the operating system for which it was designed; and (ii) that the HASP key, for a period of twelve (12) months after the date of delivery to you, will be substantially free from significant defects in materials and workmanship. Warranty Disclaimer. ALADDIN DOES NOT WARRANT THAT ANY OF ITS PRODUCT(S) WILL MEET YOUR REQUIRMENTS OR THAT THEIR OPERATION WILL BE UNINTERRUPTED OR ERROR-FREE. TO THE EXTENT ALLOWED BY LAW, ALADDIN EXPRESSLY DISCLAIMS ALL EXPRESS WARRANTIES NOT STATED HERE AND ALL IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. NO ALADDINS DEALER, DISTRIBUTOR, RESELLER, AGENT OR EMPLOYEE IS AUTHORIZED TO MAKE ANY MODIFICATIONS, EXTENSIONS, OR ADDITIONS TO THIS WARRANTY. If any modifications are made to the Software or to any other part of the Product by you during the warranty period; if the media and the HASP key is subjected to accident, abuse, or improper use; or if you violate any of the terms of this Agreement, then the warranty in Section 2.3 above, shall immediately be terminated. The warranty shall not apply if the Software is used on or in conjunction with hardware or program other than the unmodified version of hardware and program with which the Software was designed to be used as described in the HASP SRM Guide. Limitation of Remedies. In the event of a breach of the warranty set forth above, Aladdin's sole obligation, and your sole remedy shall be, at Aladdin's sole discretion: (i) to replace or repair the Product, or component thereof, that does not meet the foregoing limited warranty, free of charge; or (ii) to refund the price paid by you for the Product, or component thereof. Any replacement or repaired component will be warranted for the remainder of the original warranty period or 30 days, whichever is longer. Warranty claims must be made in writing during the warranty period and within seven (7) days of the observation of the defect accompanied by evidence satisfactory to Aladdin. All Products should be returned to the distributor from which they were purchased (if not purchased directly from Aladdin) and shall be shipped by the returning party with freight and insurance paid. The Product or component thereof must be returned with a copy of your receipt.
2.4
2.5

3. SECTION III -- TERMS APPLICABLE TO ALL GRANTS OF LICENSE 3.1 Extent of Grant and Prohibited Uses. Except as specifically permitted in Sections 2.1 and 2.2 above, you agree not to (i) use the Product in any manner beyond the scope of license purchased by you in accordance with your applicable purchase order; (ii) use, modify, merge or sub-license the Software or any other of Aladdins products except as expressly authorized in this Agreement and in the HASP SRM Guide; and (iii) sell, license (or sub-license), lease, assign, transfer, pledge, or share your rights under this License with/to anyone else; and (iv) modify, disassemble, decompile, reverse engineer, revise or enhance the Software or attempt to discover the Softwares source code; and (v) place the Software onto a server so that it is accessible via a public network; and (vi) use any back-up or archival copies of the Software (or allow someone else to use such copies) for any purpose other than to replace an original copy if it is destroyed or becomes defective. If you are a member of the European Union, this agreement does not affect your rights under any legislation implementing the EC Council Directive on the Legal Protection of Computer Programs. If you seek any information within the meaning of that Directive you should initially approach Aladdin. Intellectual Property. THIS IS A LICENSE AGREEMENT AND NOT AN AGREEMENT FOR SALE. The software component of Aladdins HASP Product, including any revisions, corrections, modifications, enhancements, updates and/or upgrades thereto, (hereinafter in whole or any part thereof defined as: Software), and the related documentation, ARE NOT FOR SALE and are and shall remain in Aladdins sole property. All intellectual property rights (including, without limitation, copyrights, patents, trade secrets, trademarks, etc.) evidenced by or embodied in and/or attached/connected/related to the Product, (including, without limitation, the Software code and the work product performed in accordance with Section II above) are and shall be owned solely by Aladdin. This License Agreement does not convey to you an interest in or to the Software but only a limited right of use revocable in accordance with the terms of this License Agreement. Nothing in this Agreement constitutes a waiver of Aladdins intellectual property rights under any law. Records & Audit. During the term of this End User License Agreement, you undertake to maintain records and reports with respect to all Product Activations and of the floating network seats consumed through your services (Records). Aladdin shall be entitled to audit your Records at any time upon prior written notice. Any such audit shall be performed during normal business hours. Termination. Without prejudice to any other rights, Aladdin may terminate this license upon the breach by you of any term hereof. Upon such termination by Aladdin, you agree to destroy, or return to Aladdin, the Product and the Documentation and all copies and portions thereof.
3.2
3.3
3.4

3.5
Limitation of Liability. Aladdins cumulative liability to you or any other party for any loss or damages resulting from any claims, demands, or actions arising out of or relating to this Agreement and/or the sue of the Product shall not exceed the license fee paid to Aladdin for the use of the Product/s that gave rise to the action or claim, and if no such Product/s is/are so applicable then Aladdin's liability shall not exceed the amount of license fees paid by You to Aladdin hereunder during the twelve (12) months period preceding the event. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, TORT, CONTRACT, OR OTHERWISE, SHALL ALADDIN OR ITS SUPPLIERS OR RESELLERS OR AGENTS BE LIABLE TO YOU OR ANY OTHER PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY TYPE INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, BUSINESS INTERRUPTION, COMPUTER FAILURE OR MALFUNCTION, LOSS OF BUSINESS PROFITS, LOSS OF BUSINESS INFORMATION, DAMAGES FOR PERSONAL INJURY OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF ALADDIN SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES, OR FOR ANY CLAIM BY ANY OTHER PARTY. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS LIMITATION AND EXCLUSION MAY NOT APPLY TO YOU. No other Warranties. Except and to the extent specifically provided herein, Aladdin makes no warranty or representation, either express or implied, with respect to its Products as, including their quality, performance, merchantability or fitness for a particular purpose. Export Controls. You acknowledge that the Product is subject to certain export control laws, rules, and/or regulations, including, without limitation, to the United States and/or Israeli export control laws, rules, and/or regulations, and you therefore agree that the Product will not be shipped, transferred, or exported into any country or used in any manner prohibited by applicable law. Governing Law & Jurisdiction. This Agreement shall be construed and governed in accordance with the laws of Israel (except for conflict of law provisions) and only the courts in Israel shall have jurisdiction in any conflict or dispute arising out of this Agreement. The application of the United Nations Convention of Contracts for the International Sale of Goods is expressly excluded. The failure of either party to enforce any rights granted hereunder or to take action against the other party in the event of any breach hereunder shall not be deemed a waiver by that party as to subsequent enforcement of rights or subsequent actions in the event of future breaches.
3.6
3.7
3.8

3.9 Third Party Software. The Product contains the Open SSL Toolkit which includes the OpenSSL software, as set forth in Exhibit A and the Original SSLeay software, as set forth in Exhibit B. Such third partys software is provided As Is and use of such software shall be governed by the terms and conditions as set forth in Exhibit A and Exhibit B. If the Product contains any software provided by third parties other than the software noted in Exhibit A and Exhibit B, such third partys software are provided As Is and shall be subject to the terms of the provisions and condition set forth in the agreements contained/attached to such software. In the event such agreements are not available, such third partys software are provided As Is without any warranty of any kind and this Agreement shall apply to all such third party software providers and third party software as if they were Aladdin and the Product respectively.
3.10 Miscellaneous. If the copy of the Product you received was accompanied by a printed or other form of hard-copy End User License Agreement whose terms vary from this Agreement, then the hard-copy End User License Agreement governs your use of the Product. This Agreement represents the complete agreement concerning this license and may be amended only by a writing executed by both parties. THE ACCEPTANCE OF ANY PURCHASE ORDER PLACED BY YOU, IS EXPRESSLY MADE CONDITIONAL ON YOUR ASSENT TO THE TERMS SET FORTH HEREIN, COMBINED WITH THE APPLICABLE LICENSE SCOPE AND TERMS, IF ANY, SET FORTH IN YOUR PURCHASE ORDER. If any provision of this Agreement is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. The failure of either party to enforce any rights granted hereunder or to take action against the other party in the event of any breach hereunder shall not be deemed a waiver by that party as to subsequent enforcement of rights or subsequent actions in the event of future breaches.
Exhibit A Open SSL License

A. Notices I. II. III. Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. All advertising materials mentioning features or use of this software must display the following acknowledgment: This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/) The names OpenSSL Toolkit and OpenSSL Project must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact openssl-core@openssl.org. Products derived from this software may not be called OpenSSL nor may OpenSSL appear in their names without prior written permission of the OpenSSL Project.
IV.
V.
VI.
VII. Redistributions of any form whatsoever must retain the following acknowledgment: This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). B. DISCLAIMER OF WARRANTY THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT ORITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISEDOF THE POSSIBILITY OF SUCH DAMAGE.
10
Exhibit B Original SSLeay License

A. Notices I. Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com). All rights reserved. II. This package is an SSL implementation written by Eric Young (eay@cryptsoft.com). III. The implementation was written so as to conform with Netscapes SSL. IV. This library is free for commercial and non-commercial use as long as the following conditions are adhered to. The following conditions apply to all code found in this distribution, be it the RC4, RSA, lhash, DES, etc., code; not just the SSL code. The SSL documentation included with this distribution is covered by the same copyright terms except that the holder is Tim Hudson (tjh@cryptsoft.com). V. Copyright remains Eric Young's, and as such any Copyright notices in the code are not to be removed. VI. If this package is used in a product, Eric Young should be given attribution as the author of the parts of the library used. VII. This can be in the form of a textual message at program startup or in documentation (online or textual) provided with the package. VIII. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. IX. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. X. All advertising materials mentioning features or use of this software must display the following acknowledgment: This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). XI. If you include any Windows specific code (or a derivative thereof) from the apps directory (application code) you must include an acknowledgement: This product includes software written by Tim Hudson (tjh@cryptsoft.com). B. DISCLAIMER OF WARRANTY. THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
11
Patents
Aladdin has a corporate policy of identifying and protecting its intellectual property. Aladdin Knowledge Systems currently has the following granted patents. US 7,249,266 US 7,065,652 US 6,748,541 US 6,285,985 US 6,272,636 US 6,363,356 US 6,044,469 EP 1001329 EP 1387235 DE 60122033 DE 50101184 IL 0130944 RU 2267155 There are equivalent patents in other jurisdictions, other patents are pending. For an updated list of granted patents, consult http://www.aladdin.com/about/patents.asp. US 7,225,336 US 7,065,650 US 6,554,621 US 6,189,097 US 6,434,532 US 6,009,401 US 6,334,214 EP 1122932 EP 1318451 DE 50207195 DE 50104035 IL 111499 US 7,191,325 US 7,047,368 US 6,763,399 US 5,898,777 US 6,334,213 US 6,243,692 US 6,898,555 EP 1353259 EP 1318451 DE 50302771 DE 50201237 US 7,149,928 US 7,013,483 US 5,359,495 US 6,073,256 US 6,009,525 US 6,055,503 US 4,658,093 EP 1318646 EP 1220075 DE 60207515 DE 50100101
12
Certifications
CE Compliance
The HASP product line complies with the CE EMC Directive and related standards*. HASP products are marked with the CE logo and a HASP CE conformity card is included in every shipment or upon demand. *EMC directive 89/336/EEC and related standards EN 55022, EN 50082-1.
FCC Compliance
FCC authorities have determined that HASP is not a Class B Computing Device Peripheral and therefore does not require FCC regulation.
UL Certification
The HASP product line successfully completed UL 94 Tests for Flammability of Plastic Materials for Parts in Devices and Appliances. HASP products comply with UL 1950 Safety of Information Technology Equipment regulations.
ISO 9001:2000 Certification

The HASP product line is designed and manufactured by Aladdin Knowledge Systems, Inc., an ISO 9001:2000 certified company. Aladdin's quality assurance system is approved by the International Organization for Standardization (ISO), ensuring that Aladdin products and customer service standards consistently meet specifications in order to provide outstanding customer satisfaction.
Certificate of Compliance
Upon request, Aladdin Knowledge Systems, Inc. will supply a Certificate of Compliance to any software developer who wishes to demonstrate that the HASP product line conforms to the specifications stated. Software developers can distribute this certificate to the end user along with their programs.
Table of Contents
Familiarizing Yourself with HASP SRM Vendor Suite ...................... 21
Contents of your HASP SRM Kit............................................................................. 21 HASP SRM Developer Kit................................................................................... 21 HASP SRM Starter Kit ........................................................................................ 22 About this Guide ...................................................................................................... 22 Obtaining Support.................................................................................................... 24 Training................................................................................................................ 24 Technical Support................................................................................................ 24
Part 1 Getting Started

1. Understanding HASP SRM Software Protection and Licensing .....27
Fundamentals of Protection .................................................................................... 28 What is Protection? ............................................................................................. 28 Major Protection Solutions ...................................................................................... 29 Hardware-based Solutions.................................................................................. 29 Software-based Solutions ................................................................................... 29 Comparative Benefits of Hardware-based and Software-based Solutions........ 30 Advantages of a Combined Solution .................................................................. 30 Fundamentals of Licensing ..................................................................................... 31 Flexible and Secure Licensing Solutions ................................................................ 32 Licensing Planning and Models .......................................................................... 32 Updating and Enforcing Usage Terms................................................................ 33 Principles of HASP SRM......................................................................................... 34 Protect OnceDeliver Many .............................................................................. 34 Cross-locking....................................................................................................... 34 Mixing and Matching Licenses and HASP SRM Protection Keys...................... 35
14
Table of Contents
Customizing Your Unique Solution ..........................................................................35 Personalized Vendor and Batch Codes ..............................................................36 Selecting the Best Key for Your Requirements...................................................37 HASP SRM Vendor Keys ....................................................................................37 End-User Keys.....................................................................................................38 HASP SRM Protection Process ..........................................................................41 Obtaining Additional Information about HASP SRM ...............................................42
2. HASP SRM Installation ...........................................................................43

Supported Platforms ................................................................................................43 HASP SRM Software Package ...............................................................................44 Installing the HASP SRM Vendor Suite Software on a Windows Machine ............45 Installation Directory Structure ............................................................................46 Installing HASP SRM Run-time Environment on a Mac Machine ..........................47 Installed Files.......................................................................................................48 Modifying the Behavior of the Daemons.............................................................49 Installing the HASP SRM Run-time Environment ...................................................52 HASPUserSetup.exe Utility.................................................................................52 haspdinst.exe Utility.............................................................................................52 Extracting Vendor Codes.........................................................................................53
Part 2 Protection
3. Protecting Software ................................................................................59
HASP SRM Protection.............................................................................................59 Elements of HASP SRM Protection ....................................................................60 Selecting a Protection Method ............................................................................63
4. HASP SRM Run-time API Protection....................................................67

Overview ..................................................................................................................67 Universal HASP SRM Run-time API...................................................................68 HASP SRM Run-time API Pre-requisites................................................................69 Learning the HASP SRM Run-time API ..................................................................71 HASP SRM ToolBox............................................................................................72 HASP SRM Run-time API Samples....................................................................73
Table of Contents
15
Implementation ........................................................................................................ 73 Planning your Requirements............................................................................... 73 HASP SRM Run-time API Workflow................................................................... 74 HASP SRM Run-time API Login Function.......................................................... 75 HASP SRM Run-time API Functionality.................................................................. 77 Function Groups.................................................................................................. 77
5. HASP SRM Envelope Protection ..........................................................81

Functionality............................................................................................................. 81 HASP SRM Envelope Pre-requisites...................................................................... 83 Running HASP SRM Envelope............................................................................... 83 Basic Protection Workflow .................................................................................. 83 Running HASP SRM Envelope from a Command-line ...................................... 85 HASP SRM Envelope Protection Parameters ........................................................ 86 Mandatory Parameters........................................................................................ 87 General Customizable Parameters..................................................................... 87 Protecting Win32 Programs .................................................................................... 89 Protected Program Behavior............................................................................... 89 Protection Attributes............................................................................................ 89 Accessing and Encrypting Data Files for Win32 Programs.................................... 90 Data File Handing................................................................................................ 91 Encrypting Data Files .......................................................................................... 92 Protecting .NET Assemblies.................................................................................... 94 .NET Considerations........................................................................................... 94 Global Features in .NET Assemblies.................................................................. 95 Method-level Protection ...................................................................................... 95 Code and Symbol Obfuscation in .NET Assemblies .............................................. 99
6. Protection Strategies............................................................................101
Overview................................................................................................................ 101 General Protection Guidelines .............................................................................. 102 Types of Attack and their HASP SRM Defense.................................................... 104
7. Working with the DataHASP Encryption Utility................................109

Introduction ............................................................................................................ 109 When to Encrypt Data Files .............................................................................. 110
16
Table of Contents
DataHASP Users............................................................................................... 110 HASP SRM Data File Handling......................................................................... 110 DataHASP Pre-requisites ...................................................................................... 111 Launching DataHASP ....................................................................................... 112 Supported Functionality..................................................................................... 112 Modifying Input .................................................................................................. 112
Part 3 Licensing
8. Introduction to HASP SRM Business Studio....................................115
HASP SRM Business Studio Overview................................................................. 115 HASP SRM Business Studio Major Workflows................................................. 116 HASP SRM Business Studio User Roles.............................................................. 119 Getting Started with HASP SRM Business Studio................................................120 Pre-requisites for the HASP SRM Administrator ..............................................120 HASP SRM Business Studio Window...............................................................122 Using the HASP SRM Business Studio Help....................................................123
9. Preparing Your HASP SRM Licensing Plan ......................................125

Licensing Overview................................................................................................126 Preparing Your Licensing Plan ..............................................................................126 Identifying Functional Components (Features).................................................128 Combining Features into Products....................................................................129 Choosing the Protection Level for Your Products..................................................130 HASP HL Key Protection and Activation...........................................................130 HASP SL Key Protection and Activation...........................................................131 Specifying the Protection Level for Individual Orders .......................................132 Designating Products for Trial or Grace Period Use .............................................132 Assigning License Terms to Features ...................................................................133 Specifying License Values for Individual Orders...............................................134 Utilizing HASP Memory .........................................................................................135 Using Your Licensing Plan with HASP SRM Business Studio..............................136
10. Implementing Your HASP SRM Licensing Plan................................137

License Planning in HASP SRM Business Studio ................................................138
Table of Contents
17
Managing Features................................................................................................ 139 Defining Features.............................................................................................. 139 Withdrawing a Feature...................................................................................... 140 Managing Products................................................................................................ 141 Defining New Products...................................................................................... 142 Defining Provisional Products........................................................................... 147 Product Status Values....................................................................................... 148 Duplicating a Product ........................................................................................ 148 Withdrawing a Product...................................................................................... 148 Maintaining Products and Licenses ...................................................................... 149 Managing Product Versions.............................................................................. 149 Canceling Product Licenses ............................................................................. 151
11. HASP SRM Orders, Production, and Development Tasks..............155

HASP SRM Order Processing and Production..................................................... 156 Managing Orders................................................................................................... 157 Defining Orders ................................................................................................. 158 Order Status Values .......................................................................................... 163 Processing C2V Information ............................................................................. 164 Order Processing and Production Examples.................................................... 164 Producing Orders .................................................................................................. 167 Producing HASP HL Key Orders...................................................................... 168 Producing Orders for Product Keys.................................................................. 169 Producing HASP Update Orders ...................................................................... 169 Performing Development-related Tasks................................................................ 170 Generating Bundles of Provisional Products.................................................... 170 Generating the HASP SRM Run-time Environment Installer ........................... 172 Exporting Definition Data .................................................................................. 172 Customizing and Branding RUS....................................................................... 173 Enabling Trial Use and Grace Periods.................................................................. 174 Example 1: Issuing a Provisional Product for Trial Use.................................... 174 Example 2: Issuing a Product for a Grace Period ............................................ 174
12. HASP SRM Administration and Customer Services .......................177

Administration Tasks.............................................................................................. 178
18
Table of Contents
Maintaining User Details....................................................................................179 Maintaining Batch Codes ..................................................................................180 Configuring System Settings.............................................................................181 Customer Services.................................................................................................182
13. HASP SRM Remote Update System...................................................183

RUS Overview .......................................................................................................183 RUS Workflow........................................................................................................184 Using RUS .............................................................................................................186 Instructions for Customers Using HASP SRM RUS.........................................186
Part 4 Distributing HASP SRM Software

14. Distributing HASP SRM with Your Software .....................................191
HASP SRM Software for End Users .....................................................................191 Protection-related Software...............................................................................192 Network Environment Management..................................................................192 Software for Updating Licenses ........................................................................192 Distributing HASP SRM Run-time Environment....................................................193 Distributing HASP SRM Run-time Environment for Windows..........................193 Windows Update ...............................................................................................194 Merge Modules..................................................................................................194 HASP SRM Run-time Environment Installer API..............................................196 Distributing HASP SRM Run-time Environment for Mac..................................197
15. HASP SRM Admin Control Center......................................................199

Introduction to Admin Control Center ....................................................................199 Launching Admin Control Center ..........................................................................200 Admin Control Center Interface .............................................................................200 Administrators Workflow .......................................................................................202 Configuration Considerations............................................................................202 Configuring Detachable License Definitions .....................................................205 Configuring Log File Output ..........................................................................205 Diagnostics ......................................................................................................205 Applying Basic Configuration Changes Globally...................................................206
Table of Contents
19
Customizing Admin Control Center Look and Feel .............................................. 206 Writing Templates.............................................................................................. 208 Configuring Admin Control Center to Use your Custom Template................... 211
Part 5 Appendices
A. Troubleshooting ....................................................................................215
Checklist ................................................................................................................ 216 Problems and Solutions ........................................................................................ 216
B. HASP SRM Glossary ............................................................................219 C. HASP SRM Run-time API Reference..................................................225

API Function Overview.......................................................................................... 226 hasp_datetime_to_hasptime()............................................................................... 228 hasp_decrypt()....................................................................................................... 230 hasp_detach()........................................................................................................ 232 hasp_encrypt()....................................................................................................... 234 hasp_free() ............................................................................................................ 236 hasp_get_rtc()........................................................................................................ 237 hasp_get_sessioninfo() ......................................................................................... 238 hasp_get_info()...................................................................................................... 240 hasp_get_size() ..................................................................................................... 242 hasp_hasptime_to_datetime()............................................................................... 244 hasp_login() ........................................................................................................... 246 hasp_login_scope() ............................................................................................... 248 hasp_logout()......................................................................................................... 250 hasp_read() ........................................................................................................... 251 hasp_update()........................................................................................................ 253 hasp_write() ........................................................................................................... 255 API Status Codes .................................................................................................. 257
Index ................................................................................................... 261
20
Table of Contents
Familiarizing Yourself with HASP SRM Vendor Suite

Thisfrontmatterconsolidatesvarioussnippetsofinformationrelated toHASP SRMVendorSuite.Itisrecommendedthatyoureviewthis informationtofamiliarizeyourselfwith:

ThecontentsofyourHASP SRMStarterorDeveloperkit TheinformationprovidedinthisGuide Howtoobtainadditionaltechnicalsupportfortheseproducts
Contents of your HASP SRM Kit

TwoHASP SRMkitsareavailableaspartoftheHASP SRMVendor SuitetheHASP SRMDeveloperKitenablesyoutoevaluate HASP SRMprotectionandlicensing;theHASP SRMStarterKit enablesyoutoapplyHASP SRMprotectionandlicensingtoyour software.
HASP SRM Developer Kit

TheHASP SRMDeveloperKitcontainsthesoftwareandhardware youneedtoevaluateHASP SRMprotectionandlicensing. The followingitemsareincluded:

HASP SRMVendorSuitesoftwareonasingleCDROM HASP HL Demokeystofacilitatetheevaluationprocess HASP SRMSoftwareProtectionandLicensingQuickStartcard
22

HASP SRMSoftwareProtectionandLicensingGuide(thisbook) HASP SRMSoftwareProtectionandLicensingTutorial HASP SRMBusiness StudioServerInstallationGuide
HASP SRM Starter Kit

TheHASP SRMStarterKitcontainsthesoftwareandhardwareyou needtoapplyHASP SRMprotectionandlicensing.Thefollowing itemsareincluded:

HASP SRMVendorSuitesoftwareonasingleCDROM HASP SRMVendorkeys: HASP SRMDeveloperkeyforapplyingprotection HASP SRM Masterkeyfordefiningandapplyinglicenseterms HASP SRMSoftwareProtectionandLicensingQuickStartcard HASP SRMSoftwareProtectionandLicensingGuide(thisbook) HASP SRMSoftwareProtectionandLicensingTutorial HASP SRMBusiness StudioServerInstallationGuide HASP HLkeysfordistributiontoyourcustomers,accordingto yourorder
About this Guide

Thisguideisdesignedtohelpsoftwarepublishersprotectandlicense theirsoftwareusingHASP SRM.Theguideprovidesbackground informationanddetailsabouthowHASP SRMcanbestserveyour protectionandlicensingrequirements. Theguideisdividedintofiveparts.
Part 1Getting Started IntroducesHASP SRM,presentsbasicprotectionandlicensing concepts,andleadsyouthroughtheprocessofconfiguringthe system.YoushouldreadthispartafteropeningyourHASP SRM DevelopersorStarterskit.
About this Guide
23
Part 2Protection ProvidesanindepthpresentationofHASP SRMprotection methods.Thispartincludesstrategiesformaximizingthe protectionofyoursoftwareusingHASP SRM.Thispartis specificallyforsoftwareengineerswhohavetheresponsibilityfor usingtheHASP SRMprotectionapplicationstoprotectsoftware. Part 3Licensing DiscussestheoptionsthatHASP SRMprovidestoenableyouto applyflexiblelicensingtermstoyoursoftwareandprovidescase studiesforyoutoexamine.Thispartisparticularlyrelevantto productandbusinessmanagerswhohavetomakedecisions abouthowtheirsoftwareislicensed.Thispartshouldalsoberead byoperationsstaffandothersinvolvedinproduction. Part 4Distributing HASP SRM Software DetailstheHASP SRMsoftwarethatcanbedeliveredtoendusers toensureoptimalperformanceofprotectedsoftware.Thispart alsodescribesthevariouswaysofeffectivelydeliveringthe HASP SRMsoftwarecomponents. Part 5Appendices Providesthefollowingsupplementaryinformation: Atroubleshootingsectionthatidentifiesvariousissuesthat youmayencounterandprovidessolutions Acomprehensiveglossarywithconciseexplanationsof HASP SRMterms TheHASP SRMRuntimeAPIreference,whichprovidesalist offunctionsandtheirparameters,andtheirreturnvalues
24
Obtaining Support
AladdinKnowledgeSystemshasbothinternationalofficesandmany localdistributorsprovidingsupportforHASP SRMvirtually wheneverandwhereverrequired.Tofindthenameofyournearest officeordistributor,gotothefollowingURL:
http://www.aladdin.com/how/how.asp?selectproduct=hasp&header_type=support
andenteryourlocalityintheappropriatefield.
Training
ForadditionalinformationandtrainingaboutHASP SRM implementationissues,contactourteamofinternationalconsultants attheURLprovidedabove.Theconsultantscanprovideyouwith tailoredtrainingsessionsonthefollowing:

IntegrationofHASP SRMintoyourproduct Analysisofthebestprotectionstrategyforyourapplications Assistanceinimplementationofyourprotectionandlicensing models
Technical Support
Youcandownloadupdates,executables,anddocumentationusing thefollowingURL:
http://www.aladdin.com/support/hasp.aspx.
YoucanalsocontactourTechnicalSupportteambyclickingthe Contact Technical SupportlinkonthesameWebpage.
Part 1 Getting Started

In this section:
Chapter 1: Understanding HASP SRM Software Protection and Licensing

Provides an overview of the concepts of software and intellectual property protection and licensing, discusses the primary protection solutions, and focuses on how HASP SRM provides a comprehensive solution to all your protection requirements.
Chapter 2: HASP SRM Installation

Describes the pre-requisites for installing HASP SRM, and explains how to install the HASP SRM Vendor Suite software. In addition, describes how to extract your confidential Vendor Code from your HASP SRM Vendor keys.
26
Chapter 1
Understanding HASP SRM Software Protection and Licensing

Thischapterprovidesanoverviewoftheconceptsofsoftwareand intellectualpropertyprotectionandlicensing,discussestheprimary protectionsolutions,andfocusesonhowHASP SRMprovidesa comprehensivesolutiontoallyourprotectionneeds. Werecommendthatyoufamiliarizeyourselfwiththeinformationin thischaptersothatyoucanmaximizethebenefitsofusingHASP SRM.
In this chapter:

Fundamentals of Protection Major Protection Solutions Fundamentals of Licensing Flexible and Secure Licensing Solutions Principles of HASP SRM Customizing Your Unique Solution
28
Fundamentals of Protection
Thissectionexaminesthenatureofprotection,andidentifiesthetwo typesofprotectionthatyouneedtoconsider.
What is Protection?
Protectionistheprocessofsecuringanapplicationorintellectualproperty byincorporatingautomatedandcustomizedsecuritystrategies. Protectionisachievedbyimplementingspecificsecuritystrategies, suchaswrappingyourapplicationinasecurityenvelope,and incorporatingvarioussecuritymeasureswithintheapplicationscode duringdevelopment.Thegreaterthenumberofsecuritymeasures incorporated,andthehighertheleveloftheircomplexity,themore secureyourapplicationbecomes. Itisnotsufficienttoprotectonlyyoursoftwareyoumustalso protectyourintellectualproperty.Yourprofessionalexpertiseandthe secretsthatyouuseindevelopingyoursoftware,forexample algorithms,mustalsobeprotected.
Copy Protection
Copyprotectionistheprocessofencryptingyoursoftwareand incorporatingvarioussecuritymeasuresthroughoutthecodeand bindingittoakeysothatitcanonlybeaccessedbyauthorizedusers whoareinpossessionofthekey.Themorecomplexthecopy protectionappliedtoyoursoftware,thelesslikelyitistobe compromised.
Intellectual Property Protection

Yourintellectualpropertyisthefoundationonwhichyourproducts aredeveloped.Intellectualpropertytheftissurprisinglyeasy.Every year,companiesreportthelossofproprietaryinformationand intellectualpropertyvaluedatmanybillionsofdollars. Thealgorithmsandothersecretinformationthatyouusetomake yourproductsuniqueandcompetitivemustbeprotectedagainst attemptstodiscovertheirsecrets,ortoapplyreverseengineeringto thesoftwarecode.
Major Protection Solutions
29
Major Protection Solutions

WithHASP SRM,theabilitytoprotectandlicenseyoursoftwareis facilitatedbytheuseofflexibleprotectionandlicensingtools, togetherwithaHASP SRMprotectionkeytowhichyoursoftwareis subsequentlybonded.Thesekeysmaybeeitherhardwarebasedor softwarebased.
Hardware-based Solutions
Inhardwarebasedsolutions,yousupplyanexternalhardwaredevice togetherwithyoursoftware.Thefunctioningofyoursoftwareis dependentonthedevicebeingconnectedtotheenduserscomputer. Atruntime,yoursoftwarecommunicateswiththehardwaredevice, andonlyfunctionscorrectlyifitreceivesanauthenticresponsefrom thedevice. HASP SRMprovidesavarietyofhardwaredevicesintheformof HASP HLkeys.YoucanselectthetypeofHASP HLkeythatbestsuits yourrequirements.FormoreinformationaboutHASP HLkeys,see HASP HLKeysonpage 38.
Software-based Solutions
Insoftwarebasedsolutions,followingtheinstallationofyoursoftware onanenduserscomputer,theprotectionandlicensingisbondedto thatspecificmachine.YoursoftwarewillonlyfunctionafteraProduct Keyhasbeenenteredbytheuser.Atruntime,theserverchecksthat thesoftwareisonthemachineonwhichitislicensedtorunandthatit isbeingusedinaccordancewiththeuserslicenseterms. HASP SRMprovidesarobustsoftwarebasedsolutionusingHASP SL keys.AHASP SLkeyresidesinthesecurestorageofaspecific computerandispatternedonthefunctionalityofaHASP HLkey. FormoreinformationaboutHASP SLkeys,seeHASP SLKeyson page 39.
30
Comparative Benefits of Hardware-based and Software-based Solutions

Strongprotectionandlicensingsecuritycanbeprovidedwitheither hardwareorsoftwarebasedsolutions.Whilemanyprotectionand licensingfeaturesarecommontobothoptions,eachalsooffers specificstrengthsthatmightbecomparativelylimitedintheother. Thefollowingtablehighlightsandcomparessomeoftheavailable benefitsofhardwareandsoftwarebasedsolutions,andtherelative strengthsofeachoption. Feature
Software and Intellectual Property protection Secure Licensing Trialware Portability Electronic Software Distribution Multiple Feature/Module Licensing
Hardwarebased
**** **** ** **** ** ***
Softwarebased
*** ** **** * **** ****
Advantages of a Combined Solution

AsshownintheComparativeBenefitsofHardwarebased and SoftwarebasedSolutionssectionabove,bothsolutionshavetheir relativestrengthsinprotectingandlicensingyoursoftware. Itisprobablethatyouutilizevariousstrategiesformarketing,selling, anddistributingyoursoftware.Forexample,thesestrategiesmay include:

Determiningthelevelofprotectionaccordingtothepriceofthe software Determiningthelevelofprotectionaccordingtomarketsegments, includingverticalmarkets
Fundamentals of Licensing Itislikelythatyourstrategieswillalsorequirethefollowing:

31
Theabilitytoturntrialwareintoafullyfunctionalversionusing hardwareorsoftwarebasedactivation TheabilitytosellsoftwareovertheInternet,protectedwitha hardwareorsoftwarebasedkey
HASP SRM Combined Solution

HASP SRMprovidestheindustrysfirstsoftwareDRMsolutionthat combineshardwarebasedandsoftwarebasedprotectionandlicensing. Thisinnovative,selfcontained,flexiblesystemenablesyouto:

Implementmultipleprotectionsolutions Definemultiplelicensemodelsaccordingtotherequirementsof yourmarket,andapplytheirusagetermsindependentlyofthe protectionprocess Selecthardwarebased(HASP HL)orsoftwarebased(HASP SL) protectionkeysindependentlyoftheprotectionprocess
Fundamentals of Licensing
Inadditiontoprotectingyoursoftwareandintellectualproperty,you needtoprotecttherevenuefromsalesofyourproduct.Youwantto ensurethatyoursoftwareisonlyavailabletotheappropriateusers, accordingtothetermsthatyoudefine.Thisprocessiscontrolledby licensing. Licensingprovidesyouwiththeflexibilitytoimplementyour businessstrategiesforyoursoftwaredistribution.Whenyoudefine thelicensingtermsonwhichyoursoftwareisdistributedorsold,you selectthetermsthatarecommerciallybeneficialtoyourcompany. Forexample,youmaydecidethatyouinitiallywanttodistributeyour softwarefreeofcharge,sothatuserscantryitbeforepurchasing. You willwanttoensurethatuserscanuseitforonlyalimitedtime beforeitmustbepurchased.
32
Understanding HASP SRM Software Protection and Licensing Alternatively,youmaypublishverycomplex,expensivesoftware. You maydecidetomakespecificcomponentsofthatsoftware availableforalowerprice,thusmakingpartsofitaccessibletousers whocannotaffordthefullyfeaturedversion.Suchadecisioncreates anadditionalrevenuesource. Toobtainthemaximumbenefitfromyourcompanyslicensing strategy,youneedasoftwarelicensingsystemthatprovidesyouwith theflexibilitytotailorlicensingtermstofityourbusinessstrategies, andtoadaptquicklytochangesinthemarketandinyourbusiness needs.Yourlicensingsystemmustalsobeabletoenforceyourdefined usagetermswithsecurelicensingmethods.
Flexible and Secure Licensing Solutions

HASP SRMgivesyoutheflexibilitytochooseandapplylicensing modelsandlicensetermsforyourprotectedsoftwareonthefly.This enablesyourcompanytoofferattractivesoftwarepackagesandto adaptrapidlytochangesincustomerpurchasingpreferences.
Licensing Planning and Models

Animportantstepinthedevelopmentofalicensingstrategyisthe preparationofalicensingplan.Businessdecisionmakersinan organization,suchasproductormarketingmanagers,define protectionandbusinessrules,andspecifythelicensingmodels requiredtomeetthecompanyssoftwaredistributionneeds. Alicensingmodelisthelogicbehindabusinesstransactionrelatingto licensing.Forexample,arentallicensemodelenablesyoutocharge fortheuseofsoftwareforaspecificperiodoftime. HASP SRMenablesyoutochoosefromavarietyofbuiltinlicensing models,andtocustomizeandbuildlicensingmodelsandsoftware usagetermstomeetyourcompanysindividualrequirements.
Flexible and Secure Licensing Solutions HASP SRMsupportsnumerousoutoftheboxlicensemodels,that canbeusedindividuallyorincombination,including:

33
Trialware(trybeforeyoubuy) Rental/Subscription Module/Featurebased FloatingUsage Timebased Executionbased
Youcaneasilydefinecustomlicensingmodelsandusagetermsusing thefunctionalityprovidedbyHASP SRM.Forexample,this functionalityenablesyoutoutilizesecurereadonlyandread/write memorystorage,flexiblecounters,andarealtimeclockincorporated intheHASP SRMprotectionkey. Theseparationoftheengineeringandlicensingprocessesembodied inHASP SRMmakesitpossibletomodifythecompanyslicensing strategyasnecessarywhencircumstanceschange,andtoimplement thesechangesquicklyandefficiently.
Updating and Enforcing Usage Terms

Whenimplementingalicensingplan,itisessentialtoensurethatthe softwareusagetermsdefinedintheplanaresecurelyappliedandthat licensesreachtheirlegitimateowners.Newlicenses,andchangesand extensionstolicensesthathavealreadybeendeployed,canbesubject totamperingifnotadequatelyprotected. HASP SRMappliesoptimalsecuritytotheenforcementofusage termsandlicenseextensions.Licenseextensionssenttoendusersare highlyprotected,andrequirethereturnofasecurereceipt.In addition,stateoftheartHASPtechnologypreventstamperingwith usageterms.
34
Principles of HASP SRM

Thestrength,uniqueness,andflexibilityofHASP SRMarebasedon twoprimaryprinciples:

ProtectOnceDeliverMany,whichistheconceptofseparatingthe HASP SRMengineeringandbusinessprocesses. CrossLocking,whichisthetechnologythatsupportsthe Protect OnceDeliverManyconcept,enablingaprotected applicationtoworkwithaHASP HLoraHASP SLkey.
Protect OnceDeliver Many

AttheheartofHASP SRMliestheProtect OnceDeliver Manyconcept. Protect OnceDeliver Many istheprocessofprotectingyoursoftware completelyindependentlyoftheprocessofdefiningsalesand licensingmodels.
Separation of Protection and Business Functions

Theengineeringprocessthatis,theprotectionofyoursoftwareis performedbyyoursoftwareengineersusingHASP SRMEnvelope, HASP SRMToolBoxandtheHASP SRMRuntimeAPIprotectiontools. Thebusinessprocessesthatis,softwarelicensingandselectionof theappropriateHASP SRMprotectionkeyareperformedby businessmanagementusingHASP SRMBusinessStudio. Theprotectionprocessesandthelicensingprocessesincluding selectionoftheappropriateHASP SRMprotectionkeytypeare performedcompletelyindependentlyofeachother.
Cross-locking
CrosslockingistheHASP SRMprocessthatenablesyoutochoosethe devicetowhichyourprotectedapplicationandlicensewillbelocked eithertoaHASP HLkeyor,viaaHASP SLkey,toaspecificcomputer. ThedecisionaboutthetypeofHASP SRMprotectionkeytowhich yoursoftwareislockedisdeterminedafterprotectionhasbeen implementedyouchoosetheoptionsthatbestsuityourcurrent businessstrategies.
Customizing Your Unique Solution
35
Mixing and Matching Licenses and HASP SRM Protection Keys

HASP SRMgivesyoucompleteflexibilitytochoosethecombination oflicenseandHASP SRMprotectionkeythatbestsuitsyourbusiness requirements.Thismeansthatyoudecidehowtobundleyour protection,licensinganddistributionrequirements. Youmaychoosetoreleaseprotectedsoftwareasadownloadable productwithaTrialwarelicensethat,afterpurchase,isactivatedwith aHASP SLkey.Additionally,youmaychoosetoshipthesame protectedsoftwarewithanetworklicensethatislockedtoaHASP HL key,andallowusersunlimitedaccesstoallfeatures. HASP SRMoffersyouanunprecedentednumberofpossibleoptions tocombinelicensesandHASP SRMprotectionkeys.

HASP SRMprovidesyouwithavarietyofapplicationsand personalizeddevicesthatenableyoutocustomizeaprotectionand licensingsolutionthatisappropriatetoyourbusinessneeds:
HASP SRMEnvelopeenablesyoutowrapyoursoftwareina protectiveshieldatthetouchofabuttonwithouthavingto adjustyoursourcecode.Itestablishesalinkbetweenyour protectedsoftwareandaHASP SRMprotectionkey,eventhough theselectionofkeyisdeterminedatalatertime. HASP SRMToolBoxandtheHASP SRMRuntimeAPIenableyou toenhancetheprotectionofferedbyHASP SRMEnvelope,by incorporatingcomplexprotectionmechanismsintoyoursource code. HASP SRMBusinessStudioenablesyoutocreatelicensesandlock themtoHASP SRMprotectionkeys,towritespecificdatatothe memoryofaHASP SRMprotectionkey,andtoupdatelicenses alreadydeployedinthefield.Theseprocessesareperformed independentlyoftheprotectionprocess. CustomizedHASP SRMVendorkeysareusedinhousebyyour staff,togetherwithHASP SRMstateoftheartsecurity applications.
36
AselectionofHASP SRMprotectionkeysenableyoutomeetthe specificrequirementsofyourbusiness.YouruniqueHASP SRM protectionkeysensurethatyourapplicationswillonlyfunction whenthecorrectkey,suppliedbyyou,ispresent. Additionalapplicationsandutilitiesprovideadvancedsupport forthesekeyelementsofHASP SRMVendorSuite.
Personalized Vendor and Batch Codes

WhenyoupurchaseaHASP SRMStarterkitfromAladdin KnowledgeSystems,youareprovidedwithHASP SRMVendorkeys thatcontainuniqueVendorCodesthatarespecifictoyourcompany. ThecodesareusedbyHASP SRMtocommunicatewithyour HASP SRMprotectionkeys,andtodifferentiateyourkeysfromthose ofothersoftwarevendors.
Vendor Code
TheVendorCodeisauniqueconfidentialcodeassignedtoyouby AladdinKnowledgeSystemswhenyouplaceyourfirstorderfor HASP SRMprotectionkeys.ItisintegratedintoyourHASP SRM Vendorkeys.Whenyouareprotectingyoursoftwareandlicensesto HASP SRMprotectionkeysfordistribution,theVendorCodeis extractedfromyourHASPSRMVendorkeys.
Batch Code
ABatchCodeconsistsoffivecharactersthatrepresentyour companysuniqueVendorCode.WhenyouorderHASP SRM protectionkeysfromAladdin,youspecifyyourBatchCode,whichis thenwrittentothekeysbeforedispatch.Inordertoeasilyidentifythe batchtowhichaHASP HLkeybelongs,theBatchCodeiswrittenon theoutsideofeachkey.
37
Selecting the Best Key for Your Requirements

HASP SRMprotectionandlicensingarekeybased.Yoursoftwareis distributedwithuniqueactualand/orvirtualHASP SRMprotection keysthatyoucodeaccordingtoyourrequirements. Thereisastronginherentlinkbetweenaprotectedapplicationandits correspondingHASP SRMprotectionkey.Protectionisbasedon makingaccesstotheprotectedapplicationdependentonthepresence ofacorrectHASP SRMprotectionkey. Similarly,whenlicensingisimplementedusingHASP SRM,the operationofyoursoftwareisdependentonthepresenceofavalid licenseinaHASP SRMprotectionkey. AvarietyofHASP SRMprotectionkeysareavailabletoprovideyou withtheflexibilitytosellyoursoftwareinthewaysthataremost beneficialtoyourbusinessgoals.
HASP SRM Vendor Keys

WhenyoupurchaseHASP SRM,youareprovidedwithtwoHASP SRMVendorkeystheHASP SRM MasterkeyandtheHASP SRM Developerkey.Thesekeysenableyoutoapplyprotectiontoyour programs,programtheHASP SRMprotectionkeysthatyousendto yourendusers,andtospecifythelicensetermsunderwhichyour softwarecanbeused.
HASP SRM Developer Key

TheHASP SRMDeveloperkeyisusedbyyourprogrammersin conjunctionwiththeHASP SRMprotectiontoolstoprotectyour softwareanddatafiles.
HASP SRM Master Key

TheHASP SRM Masterkeyisusedbyyourproductionstafftocreate licensesandlockthemtoHASP SRMprotectionkeys,towritespecific datatothememoryofaHASP SRMprotectionkey,andtoupdate licensesalreadydeployedinthefield.TheHASP SRM Masterkeyis usedinconjunctionwithHASP SRMBusinessStudio.
38
End-User Keys
TwotypesofHASP SRMprotectionkeysareavailableHASP HL keys,whicharephysicalUSBkeysthatconnecttoacomputer,and HASP SLkeys,whicharevirtualkeysthatlockyoursoftwaretoa specificmachine.Yoursoftwareandtheuserlicenseislockedtothe HASP SRMprotectionkeythatyouselect. AllHASP HLkeyswiththeexceptionofHASP HLBasickeys containinternalread/writememory.Youcanusethememorytodo anyofthefollowing:

Controlaccesstospecificsoftwaremodulesand/orpackages Assignauniquecodetoeachsoftwareuser Storelicensesfromyourownlicensingschemes Savepasswords,programcode,programvariables,andotherdata
HASP SLkeysarepatternedonthefunctionalityofHASP HLkeys. However,thedataislocatedinthesecurestorageofthecomputeron whichtheHASP SLkeyresides.
HASP HL Keys
HASP HLkeysaredistributedwithyoursoftwaretoendusers.The keysconnecttotheenduserscomputers.AvarietyofHASP HLkeys areavailabletosuityourrequirements. HASP HLkeysofferthehighestlevelofsecurity.Inorderforauserto accessyoursoftware,andforittofunctioncorrectly,thekeymustbe accessiblebytheapplication.Furthermore,HASP SRMuses LicenseOnChiptechnologytoprotectHASP HLkeysagainstlicense tampering. HASP HLkeysalsohavetheadvantageofportability.Thismeansthat thekeycanbemovedfromonecomputertoanother.Softwaremay thereforebeinstalledonmultiplecomputersbutwillonlyrunifthe keyisconnectedandauthenticatedbythesoftware. ForinformationabouttheavailableHASP HLkeys,seeAvailable HASP SRMProtectionKeys,onpage 39.
39
HASP SL Keys
HASP SLkeysarevirtual,softwarebasedkeysthatresideinthe securestorageofaspecificcomputer.HASP SLkeysprovidethesame functionalityasHASP HLkeys,withoutrequiringphysical distribution. Afteryoursoftwareisinstalledonacomputer,theendusertypically entersaProductKeythatissent,viatheInternetorbyfiletransfer,to theHASP SRMBusiness StudioServer,togetherwiththefingerprint ofthemachine.HASP SRMBusinessStudiovalidatesthattheProduct Keyhasnotbeenusedtoactivatethesoftwareonmorethanthe permittednumberofmachinesasdeterminedbyyouthensends backtheHASP SLkey,whichisinstalledontheendusersmachine. Thisprocessisalsousedforupdatinglicenseterms. ForinformationabouttheattributesofHASP SLkeys,seeAvailable HASP SRMProtectionKeys,onpage 39.
Available HASP SRM Protection Keys

ThefollowingtableliststheavailableHASP SRMprotectionkeysand theirattributes.
Note:
Forfulltechnicalspecificationsofthekeys,refertotherelevant productdatasheet. HASP SRM Protection Key HASP HL Basic Description Supported Automatic Licensing and License Terms
Perpetual
Memory Available for Software Vendor
Hardware-based AES encryption for copy and IP protection. Hardware-based AES encryption for copy and IP protection. Supports automatic licensing for multiple applications/Features.
HASP HL Pro
Perpetual Feature-based Per-use Demo License terms determined
Read/write
112 bytes
ROM 112 bytes
by counters
40
Understanding HASP SRM Software Protection and Licensing Description Supported Automatic Licensing and License Terms
HASP SRM Protection Key HASP HL Max

Read/write 4 KB ROM 2 KB
Hardware-based AES encryption for copy and IP protection. Supports automatic licensing for multiple applications/Features. Hardware-based AES encryption for copy and IP protection. Supports automatic licensing for multiple applications/Features. Hardware-based AES encryption for copy and IP protection. Supports automatic licensing for multiple applications/Features. Contains internal real-time clock.
by counters
HASP HL Drive
Flash memory
512 MB/2 GB
by counters
HASP HL Time
Perpetual Feature-based Rental Subscription Demo License terms determined
by time and date of internal real-time clock

Perpetual Feature-based Floating Per-use Demo License terms determined Read/write 4 KB ROM 2 KB
HASP HL Net
Hardware-based AES encryption for copy and IP protection. Supports automatic licensing for multiple applications/Features.
by number of users and counters
Customizing Your Unique Solution HASP SRM Protection Key Description Supported Automatic Licensing and License Terms
Perpetual Feature-based Rental Subscription Floating Per-use Demo License terms determined
41

HASP HL NetTime Hardware-based AES
encryption for copy and IP protection. Supports automatic licensing for multiple applications/Features. Contains internal real-time clock.
by number of users and time and date of internal real-time clock
HASP SL
Software-based AES encryption for copy and IP protection. Supports automatic licensing for multiple applications/Features.
Perpetual Feature-based Rental Subscription Floating Per-use Demo Volume License terms determined
by number of users, counters, and time and date of system clock
HASP SRM Protection Process

Whenyouaredevelopingyoursoftware,yourengineersintegratea varietyofcallstodatastoredinthememoryoftheHASP SRM protectionkey.
42
Encryption and Decryption

HASP SRMencryptionanddecryptionarebasedontheAdvanced EncryptionStandard(AES)algorithm.Theencryptionsecretofthe algorithmisstoredintheHASP SRMprotectionkey.Toenhance security,allcommunicationbetweenanapplicationandaHASP SRM protectionkeyisrandomlyencrypted.Thisinhibitsemulationofa HASP SRMprotectionkey. Thefollowingdiagramillustrateshowencrypteddatainyour protectedsoftwareisdecryptedintheHASP SRMprotectionkeyand returnedunencryptedtothesoftware.
Obtaining Additional Information about HASP SRM

Thischapterhasprovidedanoverviewofthemajorconceptsand principlesofHASP SRM,andthecomprehensiveprotectionand licensingsolutionthatHASP SRMprovides. Theremainderofthisguideexplainsindetailhowyoucanbestuse themanyelementsofHASP SRMtomeetyourcompanyssoftware protection,licensing,anddistributionrequirements. AdditionalinformationisavailableintheHelpdocumentationforthe variousHASP SRMtools,andinadditionalHASP SRM documentationthatyoucandownloadusingthefollowingURL:
http://www.aladdin.com/support/hasp-srm/vendor.aspx.
Chapter 2
HASP SRM Installation

ThischapterdescribestheprerequisitesforinstallingHASP SRM, andexplainshowtoinstalltheHASP SRMVendorSuitesoftware. In addition,itdescribeshowtoextractyouruniqueVendorCodefrom yourHASP SRMVendorkeys.
In this chapter:

Supported Platforms HASP SRM Software Package Installing the HASP SRM Vendor Suite Software on a Windows Machine Installing HASP SRM Run-time Environment on a Mac Machine Installing the HASP SRM Run-time Environment Extracting Vendor Codes
Supported Platforms
ThissectionliststhesupportedplatformsforWindowsandMac operatingsystems. ThefollowingWindowsoperatingsystemsaresupported: HASP SRMRuntimeEnvironment:(32and64bit) Windows XP,WindowsServer2003,WindowsVista,and Windows 2008;andWindows XPEmbeddedandWindows 2000 (32bitonly) HASP SRMVendorTools:(32bitonly)Windows XPwith ServicePack 2,WindowsServer2003,andWindowsVista
44
HASP SRMBusinessStudioServer:(32and64bit) Windows XPwithServicePack 2,WindowsServer2003with ServicePack 1,andWindowsVista Database:SQLServer2005,andSQLServer2005ExpressEdition ThefollowingMacoperatingsystemsaresupported: HASP SRMRuntimeEnvironment:MacOSX10.4.x10.5.x
Note:
Currently,onlytheHASP SRMRuntimeEnvironmentis supportedforMacoperatingsystems.Thisenvironmentcanbe usedinconjunctionwithotherHASP SRMcomponentson Windowsbasedoperatingsystems.
HASP SRM Software Package

ThefollowingsoftwareisprovidedonyourHASP SRMinstallationCD:
HASP SRM Envelope Appliessecuritytoyoursoftwareexecutablefileswithina protectiveshield. HASP SRM ToolBox EnablesyoutofamiliarizeyourselfwiththeHASP SRMRuntime APIandtogeneratecodetoincludeinyoursoftwaressourcecode. HASP SRM Business Studio Aserverapplicationthatenablesyoutodefine,produceand updateyoursoftwarelicenses,andtoinitializememoryin HASP SRMprotectionkeys. HASP SRM Run-time API Samples Enablesyoutointegrateprotectionintoyourownsoftwareusing avarietyofprogramminglanguages. HASP SRM Run-time Environment TheHASP SRMRuntimeEnvironmentisthemainlinkbetweena HASP SRMprotectionkeyandtheprotectedapplicationfollowingits deploymentatacustomerssite.EndusersmusthavetheRuntime Environmentinstalledinordertoruntheprotectedapplication. YoucanalsointegratetheHASP SRMRuntimeEnvironment Installerintotheinstallationofyourprotectedapplication.
Installing the HASP SRM Vendor Suite Software on a Windows Machine
45
HASP SRM Run-time API TheHASP SRMRuntimeAPIenablesyoutoprotectyour applicationbyinsertingcallstotheHASP SRMprotectionkey throughoutyoursourcecode. TherootdirectoryontheHASP SRMinstallationCDisdivided accordingtooperatingsystems,andeachsystemfoldercontainsa Samplefolderthatprovidessamplesforvariouscompilersand programminglanguages:Eachsampleincludes: Librariesthatmustbelinkedtoyourapplication AsampleapplicationthatdemonstratestheuseoftheAPI HASP SRM Admin Control Center HASP SRMAdminControlCenterisacustomizable,Webbased, enduserutilitythatenablescentralizedadministrationof HASP LicenseManagersandHASP SRMprotectionkeys. UseHASP SRMAdminControlCentertomonitorlicensesand sessionswhenaprotectedapplicationisoperating,andtomanage detachablelicenses.
Installing the HASP SRM Vendor Suite Software on a Windows Machine

FollowtheinstructionsbelowtoinstallHASP SRMonamachinewith aWindowsoperatingsystem. To install HASP SRM: 1. 2. 3. 4. EnsurethatyouhavenoHASP SRMVendorkeysorHASP HL keysconnectedtoyourmachine. InserttheHASP SRMInstallationCDintoyourCDROMdrive. The HASP SRMSetupWizardautomaticallystarts. FollowtheonscreeninstructionstoinstallthecontentsoftheCD. IfyouareusingHASP HLkeys,connectthekey.
46
HASP SRM Installation 5. EnsurethattheHASP SRM Masterkeyisconnectedtothemachine onwhichtheHASP SRMBusiness StudioServerisinstalled.
Note:
Ifforanyreasontheinstallationdoesnotstartautomatically,run setup.exefromtheWindowsdirectoryontheCD.
Default HASP SRM User Name and Password

ThedefaultloginusernameandpasswordforHASP SRM Vendor Suiteapplications,isHASP.
Installation Directory Structure

WhenHASP SRMisinstalledonyourcomputer,threemain directoriesareinstalled,asfollows:
\Documents and Settings\[logged_in_user_name]\My Documents\ Aladdin\HASP SRM[version]\directory,asdetailedinHASP SRMSub
HASP SRMprogramfilesareplacedinfoldersunderthe \Program Files\Aladdin\HASP SRM\directory,asdetailedinHASP SRM Subfoldersonpage 47 FilesthataregeneratedusingHASP SRMapplicationswillbe locatedinfoldersunderthe foldersonpage 47 ThisincludesfilessuchasVendorCodes;HASP SRMEnvelope Projects,andprotectedapplications;C2VandV2Cfiles;generated APIsandsamples;andsoon. Note:ForWindowsVistausers,thedirectorypathis
\Users\[logged_in_user_name]\Documents\Aladdin\HASP SRM[version]\
\Documents and Settings\[logged_in_user_name]\Application Data\ Aladdin\HASP SRM[version]\VendorTools\VendorSuite directory,asdetailedin
HASP SRMToolBoxtemplateswillbelocatedinfoldersunderthe HASP SRMSubfoldersonpage 47 Note:ForWindowsVistausers,thedirectorypathis

\Users\[logged_in_user_name]\AppData\Roaming\Aladdin\HASP SRM[version]\
Installing HASP SRM Run-time Environment on a Mac Machine
47
HASP SRM Sub-folders

Dependingonthedirectoryselected,thefollowingfoldersmaybe availableundertheHASP SRMfolder:

API:ContainstheAPIlibraries Docs:Containsadigitalversionofthisguideplussupplementary
documentationforusingHASP SRM. Redistribute:Containsthesoftwaretobedeployedattheendusers site.Foradditionalinformation,seeHASP SRMSoftwareforEnd Usersonpage 191. Runtime Environment:ContainstheHASP SRMRuntimedrivers.For additionalinformation,seethefollowingsection. Samples:Containssampleapplicationsforvariousprogramming languagesandinterfaces. VendorCodes:ContainstheBatchCodesthatrepresentyour confidentialVendorCodeforyourHASP SRMprotectionkeys. VendorTools:ContainsHASP SRMVendorSuiteandrelatedutilities.
Note:
Thesetupstructuredescribedabovemirrorsthesetupofthe HASP SRMinstallationCDundertheWindows/Installeddirectory.

FollowtheinstructionsbelowtoinstalltheHASP SRMRuntime Environment onamachinewithaMacoperatingsystem. To install HASP SRM: 1. 2. 3. 4. InserttheHASP SRMInstallationCDintoyourCDROMdrive. In/Volumes/HASP SRM RTE Installer/Mac/Redistribution,doubleclick HASP SRM RTE Installer.dmg. Whenthediskimageismounted,doubleclickHASP SRM Run-time Environment Install.Theinstallerwizardislaunched. Followtheinstructionsoftheinstallerwizarduntiltheinstallation iscomplete.
48
Post-installation Check
Beforeyouusethedaemons,checkthatthefollowingitemshavebeen correctlyinstalled:

Ensurethattheaksusbdandhasplmddaemonsarelocatedinthe /usr/libexec/ directory. ForMacOSX10.3.x,ensurethattwostartupfilesthatensurethe daemonisactivatedfollowinginstallationrebootarelocatedin the/Library/StartupItems/Aladdin/volume. ForMacOSX10.4.xandlater,ensurethatthefollowingfilesare installed /Library/LaunchDaemons/com.aladdin.aksusbd.plistand

/Library/LaunchDaemons/com.aladdin.hasplmd.plist
Ifinstallationwasmadeusingtheinstallationwizard,ensurethat theoriginalpackagewascopiedto/Library/Receipts/HASP SRM RTE Installer.pkg.
Installed Files
Afteryouruntheinstallation,thefollowingfilesarelocatedonyour harddrive. WhenusingMacOSX10.4.x,orlater,theinstallerautomatically selectstherecommendedstartupmechanismfortheoperating system.Ifanolderversionofthemechanismisdetected,oldfileswill becleaned. Thefollowingfilesarecommonlyinstalled: OS X Version
All supported versions
Installed Files

/usr/libexec/aksusbd(supportforHASP HLkeys) /usr/libexec/hasplmd(HASP LicenseManager
daemon)
/Library/Receipts/HASP SRM RTE Installer.pkg.Thefileis createdbyInstaller.app(default) /Library/LaunchDaemons/com.aladdin.aksusbd.plist Library/LaunchDaemons/com.aladdin.hasplmd.plist /Library/StartupItems/Aladdin/Aladdin /Library/StartupItems/Aladdin/Startuparameters.plist
OS X 4.x and OS X 5 OS X 3.9 and lower
49
Followingsuccessfulinstallation,theHASP SRMRuntime Environmentisautomaticallystarted.ThefirsttimethattheRuntime Environmentstarts,hasplmdcreatesconfigurationfilesin /private/etc/hasplm/.
Modifying the Behavior of the Daemons

Behaviorofthedaemonscanbemodified.Modificationrequiresfour steps:

Terminatingthedaemons Makingtherequiredmodifications Testingthemodifications Savingthemodifications
To stop the daemons: 1. IfyouareusingMacOSX10.3.9,orearlier: a. EnsurethatyouhaveAdministratorprivileges. b. Launch/Applications/Utilities/ActivityMonitor. c. e. Selecttheall processesview. SelectaksusbdfromthelistandclickTerminate. d. SelecthasplmdfromthelistandclickTerminate. Thedaemonsstoprunning. IfyouareusingMacOSX10.4.x,orlater: a. EnsurethatyouhaveAdministratorprivileges. b. Launch/Applications/Utilities/Terminal. c. Typesudo launchctl unload com.aladdin.hasplmd.plist andconfirm. Typesudo launchctl unload com.aladdin.aksusbd.plist andconfirm. Ifprompted,reenteryourAdministratorpassword.
d. Whenprompted,enteryourAdministratorpassword. e. f.
Thedaemonsstoprunning.
50
Switches for Modifying Daemon Behavior

Thefollowingcommandlineswitchescanbeusedtomodifythe behavioroftheaksusbdandhasplmddaemons. Daemon
Both Both Both
Command
-f -h, --help -l <level>
Description
Forces the daemon to work in the foreground. Required for launchd startup. Displays a list of available commands Specifies the level of log messages. The values are: 0 - Errors only 1 - Normal 2 - Verbose 3 - Ultra verbose Displays aksusbd and API versions Specifies the delay after connecting a HASP HL key, before it can be accessed the first time Specifies the length of the work queue (default 64) Specifies the permission bits for the special socket file. Default is 666 (access for all users) Starts the HASP License Manager daemon Launches daemon with owner as user to enhance security
Both aksusbd aksusbd aksusbd hasplmd hasplmd
v -d <milliseconds> -q <entries> -u <mask> -s, -start -u <user>
To start the daemons to test your changes: 1. 2. Openashellwindowusing/Applications/Utilities/Terminal. Startaksusbd(withyourmodificationsincluded)bytyping sudo /usr/libexec/aksusbdatthecommandlineprompt.
Note:
Ensurethatyoudonotincludethe-fswitch. EnteryourAdministratorpasswordwhenprompted.
Installing HASP SRM Run-time Environment on a Mac Machine 3. Starthasplmd(withyourmodificationsincluded)bytyping sudo /usr/libexec/hasplmd -satthecommandlineprompt. The-sswitchisrequiredtostartthelocalHASP License Manager.
51
Note:
Ensurethatyoudonotincludethe-f switch. Themodificationswillbeignoredatthenextcomputerstartup. To save your modifications: 1. DependingontheMacoperatingsystemthatyouareusing,do oneofthefollowing: a. IfyouareusingMacOSX10.3.9,orearlier,addyour modificationstotheshellscriptlocatedinthe /Library/StartupItems/Aladdin/volume. Ensurethatthe-fswitchisnotincludedineitherdaemon. b. IfyouareusingMacOSX10.4.x,orlater,eitheredittheXML sourceusingatexteditor,orusethe/Developer/Applications/Utilities/ Property List Editor(partoftheXcodeDeveloperTools)todothe following:
Addthemodificationsforaksusbdto Addthemodificationsforhasplmdto
/Library/LaunchDaemons/com.aladdin.aksusbd.plist
/Library/LaunchDaemons/com.aladdin.hasplmd.plist Ensurethatthe-fswitchisincludedinbothdaemons.
52
Installing the HASP SRM Run-time Environment

TheHASP SRMRuntimeEnvironmentis installedautomatically whenyouinstallHASP SRMVendor Suite.Youcanalsoinstallthe HASP SRMRuntimeEnvironmentseparatelyusingthe haspdinst.exeortheHASPUserSetup.exeapplications.These applicationsarelocatedinthe \Program Files\Aladdin\HASP SRM\Redistribute\Runtime Environment directoryofyour HASP SRMinstallationCD. Thehaspdinst.exeandHASPUserSetup.exeutilitiesrecognizethe operatingsysteminuseandinstallthecorrectdriverfilestothe requiredlocation.
Note:
AdministratorprivilegesarerequiredtoinstalltheHASP SRM RuntimeEnvironment.
HASPUserSetup.exe Utility
HASPUserSetup.exeisaGUIbasedinstallationprogramto
\Program Files\Aladdin\HASP SRM\\Redistribute\Runtime Environment\Setup.
independentlyinstalltheHASP SRMRuntimeEnvironment. Followinginstallation,thefileislocatedin
Tolaunchtheutility,doubleclickHASPUserSetup.exeandfollowthe onscreeninstructions.
haspdinst.exe Utility
haspdinst.exeisacommandlineutilitythatinstallstheHASP SRM
\Program Files\Aladdin\HASP SRM\Redistribute\Runtime Environment\cmd Install.
RuntimeEnvironment.Followinginstallation,thefileislocatedin
To install the HASP SRM Run-time Environment:
Typehaspdinst -iinthecommandline.Amessageisdisplayed informingyouthattheHASP SRMRuntimeEnvironmentwas successfullyinstalled.
Extracting Vendor Codes
53
To remove the HASP SRM Run-time Environment:
Typehaspdinst -rinthecommandline.Amessageisdisplayed informingyouthattheHASP SRMRuntimeEnvironmentwas successfullyremoved.
To upgrade the HASP SRM Run-time Environment:
Typehaspdinst -iinthecommandline.Thehaspdinst.exe utilityautomaticallymanagestheupgradeprocess.Amessageis displayedinformingyouthattheHASP SRMRuntime Environmentwassuccessfullyinstalled.
Additional Haspdinst Utility Commands

Thefollowingtablelistsadditionalcommandsthatcanbeexecuted usingthehaspdinst.exeutility. Command
-info -h and -? -kp -cm -fr
Description
Displays the installation status Displays a list of the available commands Enables the installation program to kill all processes accessing the drivers Sets the installation program to only display critical messages (e.g. instructions to reboot) Sets the installation program to remove driver by force, or removes the HASP SRM Run-time Environment, leaving the drivers in a nonfunctioning state Sets the installation program to ignore other running Windows processes Sets program to display no messages
-fi -nomsg
Extracting Vendor Codes

WhenyouorderHASP SRMprotectionkeysfromAladdin,youare assignedauniqueBatchCode.IfyouhaveorderedHASP HLkeys, theywillarrivetogetherwithyourHASP SRMVendorkeys.
54
HASP SRM Installation TheHASP SRMVendorkeyscontainyouruniqueVendorCodeand otherimportantinformationthatisrequiredwhenusingHASP SRM toprotectandlicensesoftware.FormoreinformationaboutBatch Codes,seePersonalizedVendorandBatchCodesonpage 36. To extract Vendor Code information from the HASP SRM Vendor keys: 1. ConnectyourHASP SRMDeveloperkeytoyourcomputer,and verifythattheHASP SRM Masterkeyisconnectedtothemachine whereHASP SRMBusiness StudioServerisinstalled. StartHASP SRMEnvelopeorHASP SRMToolBox.Afteryoulog intotheapplication,theapplicationdetectsthenewHASP SRM VendorkeyandlaunchestheHASP SRMMasterHASPWizard. Alternatively,in\Program Files\Aladdin\HASP SRM\VendorTools\VendorSuite, doubleclickmasterhasp.exe.TheMasterHASPWizardlaunches, detects,andlistsallnewHASP SRMVendorkeys. EnteranameforthefileinwhichtheVendorCodeinformation willbesaved.ItisrecommendedthatyoustorealltheVendor CodesintheVendorCodesfolder.OnmostWindowsinstallations,the directoryislocatedin:
\Documents and Settings\[logged_in_user_name]\My Documents\ Aladdin\HASP SRM[version]\VendorCodes
2.
3.
4.
Bydefault,theHASP SRMVendorSuiteapplicationssearchthis directoryfortheVendorCode. IntheSpecifyAPISettingswindowofthewizard,selectthe librariesforwhichyouwanttogenerateAPIs.Ifyouwantto mergeAPIsofmultipleBatchCodesintoasinglelibrary,click Advanced.YoucanmergeuptofourAPIstoasinglelibrary.When youmergeAPIs,individuallibrariesaregeneratedinadditionto themergedones. ThegeneratedAPIsarelocatedinthefollowingdirectories,as appropriate:
\Documents and Settings\[logged_in_user_name]\My Documents\ Aladdin\HASP SRM[version]\API\Runtime\C \Documents and Settings\[logged_in_user_name]\My Documents\ Aladdin\HASP SRM[version]\API\Runtime\COM \Documents and Settings\[logged_in_user_name]\My Documents\ Aladdin\HASP SRM[version]\API\Runtime\CPP \Documents and Settings\[logged_in_user_name]\My Documents\ Aladdin\HASP SRM[version]\API\Runtime\DotNet
Extracting Vendor Codes 5. 6.
55
Followtheremaininginstructionsinthewizardtointroducethe keyintoHASP SRMandextractyourVendorCode. Bydefault,yourVendorCodeinformationissavedonthe Business StudioServer,andinthisdirectory:

Thenameofthefileis[Batch Code].hvc.Forexample,ifyour BatchCodeisW3FLY,thefilenamewillbeW3FLY.hvc.(TheBatch CodeisarepresentationofyourconfidentialVendorCode.)Your HASP SRMVendorkeysandallyourHASP HLkeysarelabeled withyourBatchCode. Bydefault,HASP SRMVendorSuiteapplicationssearchthe VendorCodesfolderforyourVendorCodeinformation.
56
Part 2 Protection
In this section:
Chapter 3: Protecting Software

Provides an overview of HASP SRM software protection, including its fundamental elements, a summary of how it works, and an introduction to HASP SRM protection methods.
Chapter 4: HASP SRM Run-time API Protection

Provides an overview of the HASP SRM Run-time API, details the pre-requisites for using the API, introduces the HASP SRM ToolBox application and describes the functionality of the API.
Chapter 5: HASP SRM Envelope Protection

Provides an overview of software protection using HASP SRM Envelope, details the pre-requisites for using the application, and describes its functionality. In addition, it describes the HASP SRM Envelope protection parameters and how to encrypt data files.
Chapter 6: Protection Strategies

Outlines strategies for maximizing HASP SRM protection, including best practices and optimizing the use of the HASP SRM Run-time API and HASP SRM Envelope.
Chapter 7: Working with the DataHASP Encryption Utility

Describes data file protection using the DataHASP utility. It includes information about who should encrypt data files and when they should be encrypted.
58
Chapter 3
Protecting Software
ThischapterprovidesanoverviewofHASP SRMsoftwareprotection, includingitsfundamentalelements,asummaryofhowitworks,and anintroductiontoHASP SRMprotectionmethods.
In this chapter:
HASP SRM Protection
HASP SRM Protection

HASP SRMisaninnovative,advancedsolutionforprotecting softwareagainstillegalorunauthorizeduse.Thesolutiondeters illegalaccessandexecutionofprotectedapplications. AdeployedHASP SRMprotectedprogramrequiresaccesstoa specificHASP SRMprotectionkeyinordertorun.Theprotected programqueriestheHASP SRMprotectionkeyforpredefined information.IftheHASP SRMprotectionkeyisnotpresent,orthe informationreturnedisincorrect,theprogramdoesnotexecute,or stopsfunctioning. AfteryouhaveselectedaHASP SRMprotectionmethod, implementationisstraightforward.Regardlessoftheselected protectionstrategy,protectedprogramsonlyworkcorrectlyiftheycan accesstheinformationstoredinaspecificHASP SRMprotectionkey.
60
Protecting Software
Elements of HASP SRM Protection

TheHASP SRMprotectionsystemisbasedonthefollowing:

Protectingprogramsanddatafiles IdentifyingtheHASP SRMprotectionkey AESencryption Confidentialprotectionparameters UtilizingHASPmemory Antidebuggingandreverseengineeringmeasures
Protecting Programs and Data Files

HASP SRMprovidestwoprimaryprotectionmethods:

HASP SRMEnvelope HASP SRMRuntimeAPI
Whenyouprotectyoursoftwareusingeitherofthesemethods,you areessentiallyforminganinherentlinkbetweentheprotected applicationandaspecificHASP SRMprotectionkey.
What can be Protected

HASP SRMenablesyoutoprotectavarietyofapplicationsanddata files.Youcanapplyprotectiondirectlyto:

Compiledexecutables,DLLsand .NETassemblies Specificfunctionalitiesorentireprograms.HASP SRMprotectsall levelsofsoftwarefromfunctionleveltoentireprograms Sensitivedataandintellectualproperty
Alltheaboveareprotectedagainstanyattemptatreverse engineering. Foradditionalinformationabouttheavailableprotectionparameter options,seeHASP SRMRuntimeAPIProtectiononpage 67; HASP SRMEnvelopeProtectiononpage 81;andWorkingwiththe DataHASPEncryptionUtilityonpage 109.
HASP SRM Protection
61
Identifying the HASP SRM Software Protection Key

TheHASP SRMprotectionkey,ortobemoreprecisetheintelligence containedwithintheHASP SRMprotectionkeyistheprimary componentoftheHASP SRMprotectionsystem. ThemainfactorgoverningHASP SRMprotectioniswhethera deployedprogramcanidentifyandaccesstheintelligencecontained inaspecificHASP SRMprotectionkeyatruntime.Thisfactoris unambiguoustheHASP SRMprotectionkeyiseitheravailableornot! Regardlessoftheprotectionmethodadopted,protectedprograms onlyfunctionwhentheycanaccesstherequiredinformation containedinaspecificHASP SRMprotectionkey. HASP SRMprotectionkeys,andtheirintelligencecannotbecloned toreplicatethelinkbetweenthemandtheprotectedprogram.
AES Encryption
Aprotectedprogramreliesontheintelligenceinthememoryofa specificHASP SRMprotectionkeyinordertofunction.Inadditionto thechecksfortheHASP SRMprotectionkey,datacanbeencrypted anddecryptedusingtheintelligenceavailableintheHASP SRM protectionkey.
AES Encryption and Decryption

TheencryptionengineintheHASP SRMprotectionkeyisbasedon theAESalgorithm.HASP SRMencryptionusesasetofconfidential 128bitencryptionkeysthatremainintheHASP SRMprotectionkey. Yourprotectionschemesshouldalwaysinvolvegreatersophistication thanmerelyconfirmingthepresenceoftherequiredHASP SRM protectionkey.However,verifyingtherequiredHASP SRMprotection keythroughdataencryptionanddecryptionrequiresforward planning.First,encrypteddatamustbeavailable.Thisdatamustthen besenttotheHASP SRMprotectionkey,whereitisdecrypted.
62
Protecting Software Ifthedataiscorrect,theHASP SRMprotectionkeyisconsideredtobe present.Thisprotectionisgraphicallyillustratedthefollowing figure.Foradditionalinformation,seeTimeFunctionsonpage 79.
Encryption/Decryption of Data
Confidential Protection Parameters

Theessenceofsoftwareprotectionisconfidentiality.Withoutconfidential elements,anysoftwaresecuritysystemisvulnerabletoattack.
Vendor Code
EachHASP SRMcustomerisassignedauniqueVendorCodethatmust bekeptconfidential.TheVendorCodeformsanintegralpartofthe protectionparametersthatconstitutetheinherentlinkbetweenthe protectedprogramsandtheHASP SRMprotectionkey.However,the VendorCodeisonlypartofthelink.Thecodeonitsownis insufficienttopreventillegaluseofthesoftware.Itmerelyprovides theprotectedsoftwarewithaccesstotheHASP SRMprotectionkey anditsresources. AllHASP SRMprotectionapplicationsrequiretheVendorCode.For informationonhowtoaccessthecode,seeExtractingtheVendorCode fromHASP SRMVendorKeysonpage 70.
HASP SRM Protection
63
Utilizing HASP Memory

TheHASPmemoryonHASP SRMprotectionkeyscanbeutilized (readandwrite)asacomponentoftheprotectionschemeforthe software.ConfidentialdatacanbestoredintheHASPmemory, includingsnippetsofprogramcode,customername,oranyother data. UsethememoryeditorsincludedinHASP SRMToolBoxtoreador writedataintheHASPmemory.Foradditionalinformation,see MemoryFunctionsonpage 78.
Anti-Debugging and Reverse Engineering Measures

HASP SRMprotectsintellectualpropertyandprovidesthe functionalitytocombatantidebuggingandreverseengineering. Antidebuggingandreverseengineeringusuallytrytounravelthe protectionschemeofprotectedsoftwarebytracingacompiled applicationtoitssourcecode.HASP SRMEnvelopeimplements contingencymeasurestowardoffsuchattacksandpreventhackers fromuncoveringalgorithmsusedinsideprotectedsoftware.
Selecting a Protection Method

HASP SRMofferstwosoftwareprotectionmethods;HASP SRM RuntimeAPIandHASP SRMEnvelope.Bothmethodsestablishan inherentlinkbetweentheprotectedsoftwareandtheintelligence containedinaspecificHASP SRMprotectionkey. Whenselectingaprotectionmethod,thefollowingissuesmustbe considered:

WhattheHASP SRMprotectionkeyshouldprotect HowtheHASP SRMprotectionparametersarebestapplied Whetherthetimerequiredtoimplementthesolutionisacritical factor Whetherflexibilityinimplementingtheprotectionschemeis important
Theseissuesarediscussedinthefollowingsections.
64
Protecting Software
What to Protect
WhenprotectingsoftwarewithHASP SRM,therearevariousoptions forapplyingprotection.HASP SRMRuntimeAPIisusedtoprotect thesoftwarebeforeitiscompiled.Protectioncanalsobeappliedafter thesoftwareiscompiledusingHASP SRMEnvelope.Youcanchoose whethertoapplyprotectiontoanentireprogram,asubprogram,or simplytoaFeature. YoumayopttouseeithertheHASP SRMRuntimeAPIorthe HASP SRMEnvelopeprotectionmethod,orboth,dependingonyour specificrequirements.Usethefollowingtabletodeterminewhich methodbestmeetsyourspecificrequirements. HASP SRM Envelope
Quick, automatic protection process
HASP SRM Run-time API

Manual implementation of calls to
that shields your software

Define specific protection
HASP SRM Run-time API

Controlled process ensuring maximum
parameters for your programs

No source code required Anti-debugging and reverse
engineering measures provided
security. The strength of protection is proportional to the degree to which the HASP SRM Run-time APIs functionality is invested in implementation.
Source code must be available Maximum flexibility
Importance of Control over the Protection Scheme

WhenapplyingprotectionusingHASP SRMRuntimeAPI,you controltheentireprotectionprocess.Youdeterminewhenthe protectedprogramqueriestheHASP SRMprotectionkey,andhowit shouldbehaveindifferentscenarios.WithHASP SRMEnvelope, compiledprogramsarewrappedwithrandomprotectionparameters. IfyourunHASP SRMEnvelopetwicetoprotectthesameprogram, twodifferentoutputfilesareproducedwithdifferentprotective modulesandshields.
HASP SRM Protection
65
Significance of the Time Factor

WhenahighprotectionlevelisspecifiedinHASP SRMEnvelope,file sizeincreasesandtheprotectedapplicationtakeslongertolaunch. Considerthisfactorwhenyouaredecidingontheprotectionlevel settingsthatyouchoose.Aimfortheoptimalbalancebetween protectionlevelandlaunchtime.
How to Apply Protection

WhenusingtheHASP SRMRuntimeAPI,protectionisintegratedat thesourcecodelevelinacarefullyconsideredmanner.Youdetermine whereinthesourcecodetoplacecallstotheHASP SRMRuntimeAPI. HASP SRMEnvelopeoffersanautomated,speediermethodof protectingsoftware.Youdefinesettingsforprotectionparametersthat areappliedtoprotectedprograms.
66
Protecting Software
Chapter 4
HASP SRM Run-time API Protection

ThischapterdescribestheHASP SRMRuntimeAPIprotection method.
In this chapter:

Overview HASP SRM Run-time API Pre-requisites Learning the HASP SRM Run-time API Implementation HASP SRM Run-time API Functionality
Overview
TheHASP SRMRuntimeapplicationprogramminginterface(API)is arobustmethodofsoftwareprotection,thestrengthofwhichis whollydependentonitsimplementation. TheextenttowhichthefunctionalityaffordedbytheHASP SRM RuntimeAPIisutilized,determinestheoveralllevelofsoftware security.TofullyutilizetheprotectionofferedbytheHASP SRM RuntimeAPI,strivetomaximizethecomplexityandsophisticationof yourimplementation. Itisessentialthat,beforeprotectingyourapplication,youarefamiliar withtheoverallfunctionalityoftheHASP SRMRuntimeAPI.
68
HASP SRM Run-time API Protection TheHASP SRMRuntimeAPIReferenceonpage 225detailsthe functionsthatcomprisetheHASP SRMRuntimeAPI.Seethis referenceforinformationonspecificfunctions. ToprotectyoursoftwareusingtheHASP SRMRuntimeAPI,you insertcallstoaHASP SRMprotectionkeythroughoutyour applicationssourcecode.Youcanaddcallstoyourapplicationthat checkforthepresenceofaHASP SRMprotectionkeyatanypoint duringruntime,andyoucandesignateresponsestothesechecks. For example,iftherequiredHASP SRMprotectionkeyisnotfound, youmightspecifythattheprotectedapplicationsuspendorterminate itself. YourapplicationcanalsocheckthememoryofaHASP SRM protectionkeyforspecificdata.Inaddition,youcanusethe HASP SRMRuntimeAPItoencryptordecryptdata. Tofacilitateaspeedylearningcurve,werecommendthatyou familiarizeyourselfwithandtestspecificHASP SRMRuntimeAPI functionsusingHASP SRMToolBox.HASP SRMToolBoxisaGUI basedapplicationthatinterfaceswiththeHASP SRMRuntimeAPI. Foradditionalinformation,seeLearningtheHASP SRMRuntimeAPI onpage 71. HASP SRMalsoincludesHASP SRMRuntimeAPIsamplefoldersfor specificcompilers.EachHASP SRMinterfaceincludesasample applicationdemonstratingAPIusageandaspecificheaderfile.The sampleapplicationsarelocatedintheSamplesfolderintheWindows directoriesontheHASP SRMinstallationCD.
Universal HASP SRMRun-time API

TheHASP SRMRuntimeAPIisauniversalAPIthatworkswithall HASP SRMprotectionkeys.HASP SRMRuntimeAPI implementationandusageisindependentoftheHASP SRM protectionkeyyouuse. UtilizationoftheHASP SRMRuntimeAPIisindependentofthe accessmodeusedtosearchforaspecificHASP SRMprotectionkey. ThesameHASP SRMRuntimeAPIfunctionsareusedtoenable programsaccesstoremoteHASP SRMprotectionkeys,or HASP SRMprotectionkeysthatarepresentlocally.
HASP SRM Run-time API Pre-requisites
69
HASP SRM Run-time API Pre-requisites

YoumustinstalltheHASP SRMRuntimeEnvironmenttoenablethe RuntimeAPI.Foradditionalinformation,seeInstallingthe HASP SRMVendorSuiteSoftwareonaWindowsMachineonpage 45.
Vendor Code
ItisnecessarytoprovidetheVendorCodeinordertoaccessa HASP SRMprotectionkeyanditsresources,includingmemory. VendorCodesareusuallystoredintheVendorCodesfolder.Onmost Windowsinstallations,thedirectoryislocatedat:
IntheHASP SRMDeveloperKit,customersareprovidedwith HASP HL DemokeysthatworkwiththeDEMOMAVendorCode. ThisVendorCodecanbeusedtoapplyprotectionwiththe HASP SRMRuntimeAPI.
Note:
DonotdistributesoftwareprotectedwithaHASP HL Demokey.This HASP SRMprotectionkeyisonlyforevaluationpurposes. ThefirsttimeyouorderHASP SRMprotectionkeys,youalsoreceive twoHASP SRMVendorkeysaHASP SRMDeveloperkeyanda HASP SRM Masterkeythatcontainyourcompanysunique confidentialVendorCode.TheHASP SRMDeveloperkeyisusedby engineersforaddingprotectiontoyoursoftware.The HASP SRM Masterkeyisusedforproducinglicensesandorders. HASP SRMVendorSuiteapplications(HASP SRMEnvelope, HASP SRMToolBox,andHASP SRMBusinessStudio)mustrecognize andhaveaccesstotheuniqueVendorCodethatwasassignedtoyou whenyourfirstorderwassuppliedbyAladdinKnowledgeSystems. TheVendorCodeisstoredinsideyourHASP SRMVendorkeys. HASP SRMVendorkeysareintroducedusingtheMasterHASP Wizard,asdescribedinthefollowingsection.
Note:
IfyouhavealreadyintroducedyourHASP SRMDeveloperkey,itis notusuallynecessarytoreintroduceit.
70
Extracting the Vendor Code from HASP SRM Vendor Keys

YouneedtoextracttheVendorCodefromyourHASP SRMVendor keyssothattheHASP SRMsystemwillrecognizeitwhenyouare workingwithanyoftheVendor Suiteapplications. DependingonyourHASP SRMconfiguration,ifyoulauncha HASP SRMVendorSuiteapplication,andyouhaveconnectedanew HASP SRMVendorkeytoyourcomputer,theMasterHASPWizard willlaunchautomatically.Alternatively,usethefollowingprocedure toextracttheinformation. To extract the Vendor Code: 1. ConnecttheHASP SRMVendorkey(eitherHASP SRM Master keyorHASP SRMDeveloperkey)thatyouwanttointroduceinto theHASP SRMsystemtoyourcomputer. In\Program Files\Aladdin\HASP SRM\VendorTools\VendorSuite,doubleclick masterhasp.exe.TheLogontoHASP SRMwindowisdisplayed. Entertheusernameandpasswordofauserwithadministrative privileges.TheMasterHASPWizardlaunchesanddetectsand listsallnewHASP SRMVendorkeys. EnteranameforthefileinwhichtheVendorCodeinformation willbesaved.ItisrecommendedthatyoustorealltheVendor CodesintheVendorCodesfolder.OnmostWindowsinstallations, thedirectoryislocatedin:
2. 3.
4.
5.
Bydefault,theHASP SRMVendorSuiteapplicationssearchthis directoryfortheVendorCode. IntheSpecifyAPISettingswindowofthewizard,selectthe librariesforwhichyouwanttogenerateAPIs.Ifyouwanttomerge APIsofmultipleBatchCodesintoasinglelibrary,clickAdvanced. YoucanmergeuptofourAPIstoasinglelibrary.Whenyoumerge APIs,individuallibrariesaregeneratedinadditiontothemerged ones. ThegeneratedAPIsarelocatedinthefollowingdirectories,as appropriate:
\Documents and Settings\[logged_in_user_name]\My Documents\ Aladdin\HASP SRM[version]\API\Runtime\C \Documents and Settings\[logged_in_user_name]\My Documents\
Learning the HASP SRM Run-time API

Aladdin\HASP SRM[version]\API\Runtime\COM \Documents and Settings\[logged_in_user_name]\My Documents\ Aladdin\HASP SRM[version]\API\Runtime\CPP \Documents and Settings\[logged_in_user_name]\My Documents\ Aladdin\HASP SRM[version]\API\Runtime\DotNet
71
6.
Followtheremaininginstructionsinthewizardtointroducethe keyintoHASP SRMandextractyourVendorCode. By default, your Vendor Code information is saved on the Business Studio Server, and in this directory:
Thenameofthefileis[Batch Code].hvc.Forexample,ifyour BatchCodeisW3FLY,thefilenamewillbeW3FLY.hvc.(TheBatch CodeisarepresentationofyourconfidentialVendorCode.)Your HASP SRMVendorkeysandallyourHASP HLkeysarelabeled withyourBatchCode. Bydefault,allHASP SRMVendorSuiteapplicationssearchthe VendorCodesfolderforyourVendorCodeinformation.
Learning the HASP SRM Run-time API

ThearetwocomponentsofHASP SRMthatenableyoutostudyhow theHASP SRMRuntimeAPIworks,anditsrangeofcapabilities.
HASP SRMToolBox:Autilitywithagraphicuserinterfacethat ispartofHASP SRMVendorSuite.Foradditionalinformation, seeHASP SRMToolBoxonpage 72. HASP SRMRuntimeAPISamples:Asetofexamplesfor implementingtheHASP SRMRuntimeAPI.Foradditional information,seeHASP SRMRuntimeAPISamplesonpage 73.
72
HASP SRM ToolBox

HASP SRMToolBoxisaninteractiveinterfacetotheHASP SRM RuntimeAPI.YouexecutecallstotheHASP SRMRuntimeAPIvia HASP SRMToolBoxthatarethenrelayedtoaHASP SRMprotectionkey. TouseHASP SRMToolBoxyoumusthaveaHASP SRMDeveloper keyandavalidVendorCodesothatyoucanaccessHASP SRM protectionkeys.TheprogramisactivatedfromHASP SRMVendor Suite.ForspecificinformationonhowtouseHASP SRMToolBox,see theapplicationsHelpdocumentation.
API-related Functionality
HASP SRMToolBoxactslikeatutorialfortheHASP SRMRuntime API.Itsfunctionalityenablesyouto:
Display the source code generated for each function call This generatedsourcecodecanbecopiedandpastedintoyour applicationsourcecode. Evaluate manual implementation of the HASP SRM Run-time API Every HASP SRMRuntimeAPIfunctionincludedinHASP SRM ToolBoxisdisplayedonaseparatescreen.Toexecuteafunction call,youprovidespecificinformationrelatedtotheselected function. Transfer memory buffers to the AES encryption engine in a HASP SRM protection key Theprogramcanalsobeusedtodecryptdatabuffers. Create multiple programming language interfaces for the HASP SRM Run-time API.
Implementation
73
HASP SRM Run-time API Samples

Sampleapplicationsareprovidedtodemonstratehowtoimplement HASP SRMRuntimeAPIprotectioninyoursourcecode.The samplesdemonstratehowtheAPIfunctionswork. YourHASP SRMinstallationcontainsfoldersforvariousinterfaces andcompilers.EachfolderincludestherequisiteAPIlibraries,a headerfileandasampleapplication.TheHASP HL Demokey markedDEMOMAmustbeconnectedtoyourcomputerwhen usingthesampleapplications.
Note:
SeetheAladdinWebsiteandtheHASP SRMInstallationCDfor informationonavailablesamplesforspecificprogramming languages.
Implementation
Thissectiondescribesthepreimplementationissuesyoushould consider,andtheworkflowforimplementingtheHASP SRM RuntimeAPI.Italsoprovidesanoverviewofhowtologintoandout ofasession.
Planning your Requirements

BeforeimplementingtheHASP SRMRuntimeAPI,thefollowing preliminaryissuesshouldbeconsidered.
Whatdoyouwanttoprotect?Thismayseemobviousbutitis crucialindecidingwheretoplacethecallstotheHASP SRM protectionkey.Typically,youwouldwanttoverifythepresence oftheHASP SRMprotectionkeyatstartup.However,youcan alsoidentifycertainaspectsofthesoftwaretoprotect,andapply yourHASP SRMRuntimeAPIcallsaccordingly.
Note:
FeatureprotectionishandledthroughtheFeatureIDparameter. Foradditionalinformation,seehasp_login_scope()onpage 248.
74
Willencrypteddatabeincludedinmyimplementationscheme? Ifyouplantouseencrypteddataatruntime,useHASP SRM ToolBoxtoencryptthedata.Inserttheencrypteddatawhen implementingtheHASP SRMRuntimeAPI.Thedatais decryptedatruntimebytheHASP SRMprotectionkey. IsdatagoingtobestoredintheHASP SRMprotectionkey memory? IfthesoftwareisprotectedbyaHASP SRMprotectionkeywith memoryfunctionality,sensitivedatacanbestoredinthe HASP SRMprotectionkey.TheHASP SRMRuntimeAPIenables accesstoReadorWritetoHASP SRMprotectionkeymemory. Use HASP SRMToolBoxtowritedatabufferstoHASP SRM protectionkeymemory.
HASP SRM Run-time API Workflow

Afterplanningwhatdataisgoingtobeprotectedandhowthat protectionwillbeapplied,youarereadytoprotectyourapplication withtheHASP SRMRuntimeAPI. TherecommendedworkflowforimplementingtheHASP SRM RuntimeAPIisasfollows: 1. 2. Studythecodeofthesampleapplicationcorrespondingtoyour developmentenvironment. Inyourapplicationsourcecode,insertalogincalltothe HASP SRMprotectionkey.Asuccessfulloginestablishesalogin session.Theloginsessionhasitsownuniquehandleidentifier.
Note:
Thesessionidentifierisselfgeneratedandappliestoasingle loginsession.Foradditionalinformation,seehasp_login_scope()on page 248. 3. Afteraloginsessionisestablished,youcanuseotherHASP SRM RuntimeAPIfunctionstocommunicatewiththeHASP SRM protectionkey.Forexample,youcanusethehasp_decrypt functiontodecryptimportantdatausedbyyourapplication. You canalsoreaddatastoredintheHASP SRMprotectionkey memory,settimestamps,andsoon. UsingtheoutputgeneratedinStep3,checkforpotential mismatchesandnotifytheuseraccordingly.
4.
Implementation 5. 6. Repeatsteps24throughoutthecode. Compilethesourcecode.
75
Note:
Afteryouhavecompiledthesourcecode,useHASP SRM Envelopetoaddanextralayerofprotectiontoyoursoftware. This processalsopreventsreverseengineeringofprotectedcode.
HASP SRM Run-time API Login Function

TheloginfunctionisthegatewaytoHASP SRMRuntimeAPI implementation.Youmustopenasuccessfulloginsessiontosearch forandcommunicatewithaHASP SRMprotectionkey.Tologintoa HASP SRMprotectionkey,youneedtoprovideaFeatureIDanda validVendorCode. IftheHASP SRMprotectionkeyisnotaccessiblebythecomputer,an errormessageisdisplayed.Anerrormessageisalsodisplayedifthe declaredVendorCodeisnotvalidforadetectedHASP SRM protectionkey.
HASP SRM Login Operation Summary
76
Login Options
WhenusingHASP SRMRuntimeAPIimplementation,logincallsare notdependentonspecificHASP SRMprotectionkeys.However, whenperforminglogincallsyoumustspecifywhatitisthatyouare actuallylogginginto.Whenlogginginyoumustdeclare:

IfyouareloggingintoadefaultoraspecificFeature HowtosearchfortheHASP SRMprotectionkey Howthelogincountershouldbehandled WhethertoenableordisableconnectiontotheHASP SRM protectionkeyviaaterminalserver
Declaring Feature IDs

YoucaneitherlogintoaspecificFeature,ortothedefaultFeature storedintheHASP SRMprotectionkey.ThedefaultFeatureisassigned FeatureID 0. WhenloggingintoalicensedFeature,theprotectedapplicationnot onlychecksforthepresenceoftheHASP SRMprotectionkey,italso checksthetermsofthelicensecontainedinthatkey.Ifthelicenseis valid,theFeatureisenabled.
Controlling Login Calls

Additionalaspectsofalogincallcanbecontrolledwhen implementingtheHASP SRMRuntimeAPI,asfollows:

Searchoptions Logincounter Terminalserverdetection EnablingaccesstoHASP HLv.1.xkeys
Search Options
Thedefaultsearchsettingenablesaprotectedapplicationtosearch boththelocalcomputerandthenetworkfortherequiredHASP SRM protectionkey.YoucanlimittheHASP SRMprotectionkeysearch option,asfollows:

SearchonlythelocalPCforaHASP SRMprotectionkey SearchonlythenetworkforaconnectedHASP SRMprotection key
HASP SRM Run-time API Functionality
77
Login Counter
Bydefault,whenaHASP SRMlicenseisaccessedinaHASP HL Net key,licenseusageisdeterminedperworkstation.Youcanoverride thisconditionsothatlicenseusageiscountedperprocess.This impliesthatthelicensecounterisdecrementedperprocess.
Access to Legacy Memory on HASP HL Key

Bydefault,theHASP SRMsystemdoesnotenableaccesstothelegacy memoryonHASP HLkeys.Tooverridethisrestriction,selecttheAllow access to HASP HL v.1.xcheckboxintheHASP SRMToolBoxSettings window.
Note:
EveryHASP SRMprotectionkeyloginsessionmustbeterminated withacorrespondinglogoutcall.

TheextentoftheprotectionaffordedbytheHASP SRMRuntimeAPI isdependentonthewaythatitisimplemented.CallstoaHASP SRM protectionkeythatareinsertedinthesourcecodecontrolaccesstothe applicationatruntime. ThissectiondescribestheHASP SRMRuntimeAPIoptionsthatare availableafterasuccessfulloginsessionisestablished.Foradetailed discussionabouthowtooptimizeyourHASP SRMRuntimeAPI implementation,seeChapter 6,ProtectionStrategies.Fora demonstrationofhowtheHASP SRMRuntimeAPIworks,use HASP SRMToolBox.Allfunctionalitydescribedinthissectionis detailedintheHASP SRMRuntimeAPIReferenceonpage 225.
Function Groups
HASP SRMRuntimeAPIfunctionsarecategorizedintofivegroups, basedoncommonfunctionalityandlinkage.

Sessionfunctions Encryption/Decryptionfunctions
78

Memoryfunctions Timefunctions Managementfunctions
Session Functions
Asessioniscreatedbyexecutingasuccessfullogincalltoalicense residinginaspecificHASP SRMprotectionkey.Formoreinformation aboutloggingin,seeLoginOptionsonpage 76.Attheendofasession, usethelogoutfunctiontoclosethesession.
Encryption Functions
YoucanencryptordecryptdatabuffersusingtheAESbased encryptionengineintheHASP SRMprotectionkey.Theencryption engineusessymmetricencryption.Thismeansthatthesame encryptionkeyisusedlatertodecryptthedatabuffer.
Memory Functions
Usethememorytostoredatatobeusedbytheapplicationat runtime,andinformationthatcanbeusedlatertoverifyandidentify anenduser.Controlofaccesstosensitivedataformsanintegralpart ofyourprotectionscheme. TheHASP SRMRuntimeAPIcanbeusedto:

ReaddatabuffersstoredintheHASP SRMprotectionkey memory WritedatabufferstotheHASP SRMprotectionkeymemory
Thesizeofthedatabuffersisrestrictedbythememoryavailableinthe specificHASP SRMprotectionkeytype.AvailableHASP SRM ProtectionKeysonpage 39liststhememorycapacityavailableforeach HASP SRMprotectionkeytype.
79
Time Functions
IfyouareusingaHASP HL TimekeyorHASP HL NetTimekey,the HASP SRMRuntimeAPIcanbeusedtoaccesstherealtimeclockin thekey.Thisfunctionalityenablesyoutoreadthetime.Twodateand timeconversionfunctionsareincludedintheHASP SRMRuntime API.
Management Functions
TheHASP SRMRuntimeAPIincludesfunctionsthatenableyouto retrieveinformationonthesystemcomponents,thecurrentlogin session,thestatusofadeployedHASP SRMprotectionkey,and licenseupdates. ThedetachfunctionenablesyoutodetachProductsandtheirlicenses fromapoolofnetworklicenseswhenusingHASP SLkeys. Youcanalsousetheupdatefunctiontoinstallupdates.Youdonot needtobeloggedintoasessioninordertoperformthisfunction.For additionalinformation,seehasp_update()onpage 253.Thisfunctionis themainfacilitatorofHASP SRMRemoteUpdateSystem.
80
Chapter 5
HASP SRM Envelope Protection

ThischapterdescribessoftwareprotectionusingHASP SRMEnvelope.
In this chapter:

Functionality HASP SRM Envelope Pre-requisites Running HASP SRM Envelope HASP SRM Envelope Protection Parameters Protecting Win32 Programs Accessing and Encrypting Data Files for Win32 Programs Protecting .NET Assemblies Code and Symbol Obfuscation in .NET Assemblies
Functionality
HASP SRMEnvelopeisawrappingapplicationthatprotectsyour applicationswithasecureshield.Thisapplicationoffersadvanced protectionfeaturestoenhancetheoveralllevelofsecurityofyour software. HASP SRMEnvelopeprotectsbothWin32and .NETexecutablesand DLLs,providingameanstocounteractreverseengineeringandother antidebuggingmeasures.
82
HASP SRM Envelope Protection ByusingHASP SRMEnvelopetoprotectyoursoftware,youestablish alinkbetweentheprotectedsoftwareandaHASP SRMprotection key.Thislinkisbrokenwhenevertheprotectedsoftwarecannot accesstherequiredHASP SRMprotectionkey. ImplementingHASP SRMEnvelopeprotectionisthefastestwaytosecure yoursoftwarewithoutrequiringaccesstoyoursoftwaresourcecode. HASP SRMEnvelopeisoperatedusingagraphicaluserinterface. The userinterfaceenablesyouto:

ProtectWin32and .NETexecutablesandDLLfiles Enhancetheprotectionof .NETassembliesbydefining Methodlevelprotection Defineavarietyofglobalprotectionparametersforyourprogram SpecifyaVendorCodetoauthenticatethepresenceofaspecific HASP SRMprotectionkey Customizetheruntimemessagesthatwillbedisplayedtoend usersrunningprotectedprograms
InadditiontolinkingprotectedprogramstoaspecificHASP SRM protectionkey,HASP SRMEnvelopewrapstheapplicationfilewith numerousprotectionlayersthatarerandomlyassembled.
Note:
Therandommultilayerwrappingofprotectedapplicationsby HASP SRMEnvelopeensuresthatimplementedprotectionstrategies differfromoneprotectedprogramtoanother.
HASP SRM Envelope Pre-requisites
83
HASP SRM Envelope Pre-requisites

TouseHASP SRMEnvelope,allofthefollowingcomponentsmustbe installedonyoursystem:

HASP SRMRuntimeEnvironment HASP SRMVendorSuite AvalidVendorCodestoredintheVendorCodesfolder. For additionalinformation,seeExtractingtheVendorCodefrom HASP SRMVendorKeysonpage 70 dfcrypt.exe,ifyouareplanningtoencryptdatafilesbymeansof acommandline TheWin32or .NETexecutablesorDLLsthatyouwanttoprotect Ifyouareprotecting .NETassemblies, .NETFramework2.0,orlater
Running HASP SRM Envelope

IntheStartmenu,selectAladdin > HASP SRM > Vendor Suite.Fromthe HASP SRMVendorSuiteprogramselectionscreen,launch HASP SRMEnvelope.
Basic Protection Workflow

Thissectionprovidesaworkflowthatdescribestheelementsof protectingapplicationsusingHASP SRMEnvelope.Additional informationaboutspecificproceduresisprovidedintheHASP SRM EnvelopeHelpdocumentation. 1. 2. 3. 4. LaunchHASP SRMEnvelopefromHASP SRMVendorSuite. AddtheWin32programor .NETassemblyyouwanttoprotectto theproject. Defineprotectionparametersfortheprotectedprogram. Protecttheprogram.
84
HASP SRM Envelope Protection 5. Distributetheprotectedsoftwaretogetherwithyourencrypted HASP SRMprotectionkeys.
Note:
HASP SRMEnvelopedoesnotaffectthefilesbeingprotected. However,youmustdesignateaseparateoutputfolderforthe protectedapplicationinordertodistinguishbetweensource (unprotected)andoutput(protected)files. HASP SRMEnvelopeprotectioninvolvestheapplicationofprotection parametersthatarecontrolledbytheenginesrunningHASP SRM Envelope.Youapplytheseparameterstoanunprotectedsource. HASP SRMEnvelopedoesnotaffecttheoriginalfilesorthewaya protectedapplicationactuallyworks.Theonlymodificationisthat useraccessisconditionalonthepresenceofarequiredHASP SRM protectionkey.IftheHASP SRMprotectionkeyispresent,the protectedfileruns. ThelogicofHASP SRMEnvelopeprotectionisillustratedinthe followingdiagram.NotethattheoriginalfilecanbeaWin32 executableorDLL,ora .NETassemblyexecutableorDLL.
HASP SRM Envelope Operation
Note:
Toensurethehighestlevelofsecurityforyoursoftware,HASP SRM Enveloperemovesdebuggingdatafromtheprogramsthatitis protecting.
Running HASP SRM Envelope
85
Running HASP SRM Envelope from a Command-line

HASP SRMEnvelopecanbeinitiatedusingacommandlineprompt. Thisisusefulwhenrunningautomatedprocessesthatdonotrequirea graphicalinterface.
Note:
ThecommandlineversionofHASP SRMEnvelopeisprimarilyused forautomatedprocesses.Beforerunningthecommandlineutility, createandsaveprotectionprojectstogetherwiththeirconfiguration filesusingenvelope.exe. ToaccessthecommandlineversionofHASP SRMEnvelope,goto
\Program Files\Aladdin\HASP SRM\VendorTools\VendorSuite\envelope.com
TostartthecommandlineversionofHASP SRMEnvelope,type ENVELOPEinthecommandline.
Command-line Options
ThefollowingparametersareavailableforusewiththeHASP SRM Envelopecommandlineversion: Command
-h /--help
Description
Displays the list of command-line parameters. Press Enter to return to the command-line console. The command-line utility uses the specified project as input data for the application-wrapping processall the files included in the project are protected. The command-line version starts the GUI version with the specified project running as the current project. Specifies the access code for the connected HASP Vendor key. This switch is only required if an access code has been specified using the MasterHASP wizard.
-p /--protect <project>
<project>
-a / -accesscode <code><project>
86
HASP SRM Envelope Protection Parameters

AfteryourprogramhasbeenincludedinaHASP SRMproject, protectioncanbeperformedeffortlessly,basedonthedefault HASP SRMEnvelopesettings.Inaddition,youcandefineand calibratearangeofprotectionparametersthataffecttheattributesand behavioroftheprotectedprogram. HASP SRMEnvelopecustomizableparametersaredisplayedonthree separateinputscreens:

ProtectionDetailsscreen AdvancedProtectiondialogbox ProtectionTemplateSettings
AllparametersaredetailedintheHASP SRMEnvelopeHelp documentation. ThissectionprovidesanoverviewoftheHASP SRMEnvelope protectionsettingsthatarecommontobothWin32programs and .NETassemblies.Mandatoryparametersthatarerequiredin ordertoprotectaprogramaredescribeinMandatoryParameterson page 87.OtherparametersthatarecommontobothWin32programs and .NETassembliesaredescribedinGeneralCustomizableParameters onpage 87. HASP SRMEnvelopealsoprovidessettingsthatarespecifictothe typeofprogramprotected.Foradditionalinformationaboutsettings forWin32programs,seeProtectingWin32Programsonpage 89,and AccessingandEncryptingDataFilesforWin32Programsonpage 90. For additionalinformationaboutsettingsfor .NETassemblies,see Protecting .NETAssembliesonpage 94,andCodeandSymbolObfuscation in .NETAssembliesonpage 99.
HASP SRM Envelope Protection Parameters
87
Mandatory Parameters
Thefollowinginformationmustbeprovidedinordertoprotect softwareusingHASP SRMEnvelope:
Inputfilelocation:Youmustspecifythelocationoftheprogram thatyouwanttoprotect.Bydefault,thisisthedirectoryfrom whichyouaddedtheprogramtotheproject. Outputfilelocation:Youmustspecifythedirectorywherethe protectedoutputwillbesaved.Bydefault,thedirectoryis

\Documents and Settings\[logged_in_user_name]\My Documents\ Aladdin\HASP SRM[version]\VendorTools\VendorSuite\Protected
VendorCode:YoumustprovideavalidVendorCodeinorderto accessaHASP SRMprotectionkey.Oninitialactivationof HASP SRMEnvelope,thedefaultVendorCodeisspecifiedas DEMOMA.SelectyourVendorCodeintheHASP SRMProfile screen.
Thisinformationissufficienttoprotectaprogram.
General Customizable Parameters

Thecustomizableparametersdescribedinthissectionareidenticalfor Win32programsand .NETassemblies.
Feature ID:YoucanselectauniqueFeaturetoprotectyour program.ForadditionalinformationaboutFeatures,seeUsing FeaturestoProtectProgramsonpage 88. HASPsearchmode:Youcandeterminewhereaprotected programsearchesfortheHASP SRMprotectionkey.For additionalinformation,seeSearchingforaHASP SRMProtection Keyonpage 88.
88
Searching for a HASP SRM Protection Key

HASP SRMEnvelopeenablesyoutodeterminewhereaprotected applicationsearchesforarequiredHASP SRMprotectionkey. Thefollowingoptionsareavailable:
Localandremote:Theprotectedapplicationfirstsearchesthe localmachineforarequiredHASP SRMprotectionkey(default), andthenthenetwork. Localonly:Theprotectedapplicationsearchesonlythelocal computerforarequiredHASP SRMprotectionkey. Remoteonly:Theprotectedapplicationsearchesonlythe networkforarequiredHASP SRMprotectionkey.
Using Features to Protect Programs

AFeatureisanidentifiablefunctionalityofasoftwareapplication. Featuresmayusedtoidentifyentireapplications,softwaremodules, .NETmethodsoraspecificfunctionalitysuchasPrint,SaveorDraw. EachFeatureisassigneduniqueidentifiercalledaFeature ID.The defaultFeature IDinHASP SRMEnvelopeisFeature ID 0. ForadditionalinformationonFeaturesandlicensing,seeIdentifying FunctionalComponents(Features)onpage 128andManagingFeatureson page 139. WhenyouprotectaWin32programwithHASP SRMEnvelope,you specifyasingleFeature IDfortheentireexecutable.Ifyouwishto applyuniqueFeaturestoseparatecomponentsorfunctionalities,you mustusetheHASP SRMRuntimeAPI.Foradditionalinformation, seeHASP SRMRuntimeAPIProtectiononpage 67. Whenyouprotecta .NETassemblywithHASP SRMEnvelope,you havetheflexibilitytospecifyFeaturesattwolevels:
AglobalFeaturethatrelatestotheentire .NETassembly.For additionalinformation,seeGlobalFeaturesin .NETAssemblieson page 95. MethodspecificFeatures.Foradditionalinformation,seeMethod specificFeaturesandParametersin .NETAssembliesonpage 97. Atruntime,aprotected .NETassemblysearchesforallFeaturesin theHASP SRMprotectionkey.
Protecting Win32 Programs
89
Protecting Win32 Programs

WhenyouprotectaWin32programwithHASP SRMEnvelope,you candetermineprotectionattributesandaspectsofthebehaviorofthe protectedprogram.
Protected Program Behavior

HASP SRMEnvelopeenablesyoutodefinethefollowingadditional propertiesforWin32programs:
ThefrequencyatwhichrandomqueriesaresenttoaHASP SRM protectionkey.Thesequeriescompriserandomencryptionand decryptionprocedures. Thetimeintervalbetweenchecksforthepresenceofarequired HASP SRMprotectionkey. Whethersupportforprogramsthatrequireoverlaystoexecute correctlyshouldbeenabled. Thelengthoftimethattheprotectedapplicationwaitsforthe HASP SRMRuntimeEnvironmenttoload.
Protection Attributes
YoucandefinespecificsecurityattributesforprotectedWin32 programsincludingparametersfor:
Detectionofbothsystemanduserleveldebuggingmeasures.You canactivatemeasurestobeundertakenbytheHASP SRMsystemto blockpotentialattacksintendedtounderminetheprotectionscheme.
90
Definingthenumberofprotectivemodulelayersthatare wrappedaroundaprotectedapplication.Possiblevaluesrange from1to50.Thedefaultsettingis12.
Note:
Increasingthenumberofprotectivemodulesincreasesthestartup timeforaprotectedapplication,andtheresultantfilesize.Thereis alsoatradeoffbetweenencryptionlevelandprotectedfilesize andstartupspeed.Ahigherencryptionlevelcausesaslower startup,andincreasesthesizeoftheprotectedapplication.
SpecifyingthefrequencyofHASP SRMprotectionkeyaccessfor encryption.Theparametercontrolsthecompactnessofthe HASP SRMprotectionkeycallsmadebytheprotected application.AnEncryption Levelsliderisprovidedtospecifythe frequencyofHASP SRMprotectionkeyaccessforencryption.
Accessing and Encrypting Data Files for Win32 Programs

IfyourprotectedWin32programaccessesseparatedatafiles,youcan useHASP SRMtoprotectthesefiles,inadditiontoenvelopeprotection oftheprogramitself,asfollows:
Youcancontrolifandwhentheprotectedprogramaccessessuch datafiles.Foradditionalinformation,seeDataFileHandingon page 91. YoucanapplyHASP SRMencryptiontothedatafiles.For additionalinformation,seeEncryptingDataFilesonpage 92.
Accessing and Encrypting Data Files for Win32 Programs
91
Data File Handing

YourprotectedWin32programmayrequireaccesstodatafilesduring runtime.HASP SRMEnvelopeenablesyoutocontroltheaccessof datafilesbytheprotectedsoftware.HASP SRMEnvelopeoffersthe followingcontrolmechanisms:
Datafilters:Youcandeterminewhatfiletypescanbeaccessedat runtimebytheprotectedsoftware.Youcanalsodeterminewhat filestoexclude. Dataencryptionkeys:Eightprintablecharactersusedtocreatean encryptionkeyforencryptinganddecryptingdatafiles.
Note:
Usethesameencryptionkeywhenmultipleapplicationsaccess thesamedocumentset. HASP SRMEnvelopeincludesthedatafiltersandencryptionkey informationaspartoftheprotectionschemeappliedtotheprotected application.TheencryptionofdatafilesishandledbytheDataHASP utility.Foradditionalinformation,seeWorkingwiththeDataHASP EncryptionUtilityonpage 109.Alternatively,youcanuseacommand lineutility.Foradditionalinformation,seeUsingdfcrypt.exeonpage 92.
Setting Data File Filters

HASP SRMEnvelopeenablesyoutocreatefilefiltersforprotected Win32programs.Filefiltersdeterminewhichdatafilesanddatafile typescanworkinconjunctionwithprotectedprograms.Foradditional information,seetheHelpdocumentation.
Run-time User Support

Youcancustomizeruntimemessagesforenduserswhoareusing applicationsprotectedbyHASP SRMEnvelope.HASP SRMEnvelope includesasetofmessagecodes.Eachcodeismappedtoacorresponding messagethatisdisplayedatruntimeoftheprotectedapplication. Inaddition,youcanchoosetodisplayamessageforendusersduring startupofaprotectedapplicationthatexplainstheremaybedelays duetorequireddatadecryption.
92
Encrypting Data Files

Win32programsprotectedwithHASP SRMEnvelopecanaccess encrypteddatafilesthataredefinedbydatafiltersanduseaspecific encryptionkey.HASP SRMEnvelopeitselfdoesnotencryptdatafiles. However,youcanencryptdatafilesusingtheDataHASPinterface,or youcanusethedfcrypt.execommandlineutility.Foradditional informationaboutusingtheDataHASPinterface,seeWorkingwiththe DataHASPEncryptionUtilityonpage 109.
Using dfcrypt.exe
InsteadofusingtheDataHASPutility,youcanuseacommandlineto encryptdatafiles.Thedfcrypt.exeutilitygeneratesdatafilesthatcan beprocessedbyexecutablesprotectedbyHASP SRMEnvelope. The commandlineutilityrequiresaspecificsetofinputparametersto function.Aftertheseparametershavebeenappliedtoadefinedsetof datafiles,theencryptedfilescanbeaccessedbyHASP SRMEnvelope. Thefollowingfigureillustratestheworkflowfordatafilehandling usingdfcrypt.exe.Afterdatafilesareencrypted,applications protectedwithHASP SRMEnvelopecandecryptandaccessthefiles. Thisisonlypossibleif,atprotectiontime,youspecifytheencryption keyinHASP SRMEnvelope.
Data File Handling with dfcrypt.exe
Accessing and Encrypting Data Files for Win32 Programs Tousedfcrypt.exe,specifythefollowing:

93
Acommandswitch Alistofsourcefilesanddirectories Adestinationfortheencryptedoutput
Whenspecifyingmultiplesourcefilesoradirectory,thedestination inputspecifiedmustbeanexistingdirectory. Thefollowingformatmustbeusedtoinputparameters:

dfcrypt<option> source destination
Forexample:
dfcrypt -c:demoma.hvc -k:4873Asdb data.txt data_crypt.txt
Available dfcrypt.exe Commands

Thefollowingtableliststheavailabledfcrypt.execommands. Command
-e, --encrypt -d, --decrypt -c, --vcf:<file> -k, --key:<key>
Action
Encrypts data, available by default Decrypts data Specifies a Vendor Code file (mandatory) Specifies an encryption key to be used to encrypt data files. Must contain 8 printable characters. (mandatory) Overwrites destination files Enables recursive handling of subdirectories Displays the help screen, listing dfcrypt.exe commands Suppresses output by excluding copyright information and the progress indicator. Only error messages are displayed. This is particularly useful in Makefile integration.
-o, --overwrite -r, --recursive -h, --help
-q, --quiet
94
Protecting .NET Assemblies

HASP SRMEnvelopeprovidessignificantflexibilitywhenprotecting .NETassemblies.Inadditiontoglobalprotectionsettingsthatyou specifyusingtheProtection DetailsandProtection Template Settings functionalities,youcanalsospecifyMethodlevelprotection,by definingindividualmethodsinthe .NETassembly. Fordetailsabouttheprerequisitesforprotectinga .NETassembly, andotherconsiderationstotakeintoaccount,see.NETConsiderations onpage 94. Whenyouprotecta .NETassemblywithHASP SRMEnvelope,you specifyaglobalFeaturethatprotectstheentireassembly.Foradditional information,seeGlobalFeaturesin .NETAssembliesonpage 95. InadditiontotheglobalFeature,youcandefineFeaturesfor individualmethods.Youcanalsodefineothermethodspecific parameters.Foradditionalinformation,seeMethodspecificFeatures andParametersin .NETAssembliesonpage 97. Youcanalsoapplydifferentlevelsofobfuscationtoyour .NETassembly. Foradditionalinformation,seeCodeandSymbolObfuscationin .NET Assembliesonpage 99.
.NET Considerations
Whenprotecting .NETassemblies,considerthefollowingissues:
Youmustprotectyourassembliesinadevelopmentenvironment. HASP SRMEnveloperequireslibrariesthatarenotpartofthe .NET framework,butareincludedinthedevelopmentenvironment. HASP SRMEnvelopefor .NETrequiresaccesstoallassemblies andtheirdependencies. HASP SRMEnvelopebreaksthestrongnamesignatureofsigned assemblies.YoucanchoosetoresigntheassemblyinHASP SRM Envelope,aspartoftheprotectionprocess. Whenyouprotecta .NETFramework 1.xassembly,the HASP SRMEnvelopeoutputisinFramework 2.0,requiring Framework 2.0tobeinstalledontheendusermachine.
Protecting .NET Assemblies
95
Afteryouhaveprotecteda .NETassembly,theassemblyrequires aHASP SRMDLLtofunctionatruntime.Usehaspdnert.dllfor programsthatrunon32bitoperatingsystemsand haspdnert_x64.dll forprogramsthatrunon64bitoperating systems. YoucannotuseHASP SRMEnvelopefor .NETtoprotect individualdatafiles.
Global Features in .NET Assemblies

Whenyouprotecta .NETassemblywithHASP SRMEnvelope,you specifyaglobalFeaturethatprotectstheentireprogram.Thepointin timeatwhichtheprotected .NETassemblylogsintotheglobal Featuredependsonwhetheryouareprotectinganexecutableora DLL,asfollows:

.NETexecutabletheprogramlogsintotheglobalFeatureatthe executableentrypoint .NETDLLtheprogramlogsintotheglobalFeaturethefirst timeamethodselectedforprotectioniscalled.Foradditional informationaboutselectingmethodsforprotection,see Selecting .NETMethodsforProtectiononpage 96.
Method-level Protection
Whenyouselecta .NETassemblyforprotection,HASP SRM EnvelopeautomaticallydeterminestheProtection typethatwillprovide thebestprotectionforyourprogram,dependingonwhetheryouare protectinganexecutableoraDLL.TheProtection typedeterminesthe methodsthatareavailableforindividualprotection.
Note:
ItisrecommendedthatyoudonotchangetheautomaticProtection type settings. Thissectiondescribeshowyouselectindividualmethodsandthe behaviorofdifferentmethodtypes,inadditiontotheparametersyou canselectforthemethods.
96
Selecting .NET Methods for Protection

WARNING!
IfyouchoosetoassignseparateFeatureIDsforindividualmethods, youmustensurethatyourapplicationcodecanonlycalltheFeature IDsforthosemethodsforwhichavalidlicensehasbeeninstalledina HASPprotectionkey. IfmethodsthatdonothaveavalidlicenseinaHASPprotectionkey arecalled,itwillcauseHASPSRMEnvelopetogenerateanerrorloop thatcanonlybestoppedbyinstallingavalidlicense. The .NETassemblyisdisplayedintheProtectionDetailsscreen,inthe Methods selected for protectionlist.Thelistdisplaysclassconstructorsand methods,inatreelayoutthatmimicsthestructureofthe .NET assembly. Itemsinthelistareidentifiedbyiconsthatindicatethemethodtype, andbytheclassormethodname.Methodsignaturesaredisplayedas atooltips. Theiconsforthemethodtypesaredescribedinthefollowingtable: Icon Method type
Class constructor
Description
The class constructor icon represents all .ctor methods for this class. Instance, static and entry point methods included in the class are nested under the class constructor.
Note:
Underlying .ctor methods are not displayed in the list as
separate methods
If a class does not include a .ctor method, the class
constructor name is displayed, but the item cannot be selected. This does not affect nested methods, which can still be protected individually.
Protection or settings defined for a class constructor do
not affect nested methods
Protecting .NET Assemblies Icon Method type

Instance method Entry point Static method
97
Description
A method that does not include a static modifier The entry point for a .NET executable A method that includes a static modifier
Whenthecheckboxtotheleftofamethodisselected,thatmethodis selectedforHASP SRMEnvelopeprotection.Bydefault,all protectableitemsareselected.
Note:
Selectingorclearingthecheckboxofahigherlevelitemdoesnot affectnesteditems.Forexample,ifyouclearthecheckboxofa classconstructor,methodsnestedunderitremainselected. Whenamethodnameisgrayedout,itcannotbeselectedfor protection IftheProtection typeisWin32 Shell only,youcannotprotectindividual methodsinthat .NETassembly ADLLcannotbeprotectedwhenthecheckboxesforallitemsin thelisthavebeencleared
Method-specific Features and Parameters in .NET Assemblies

YoucanuseHASP SRMEnvelopetodefineseparateFeature IDsfor individualmethodsinyour .NETassembly.Thisenablesyouto:

MakeuseoftheseparateencryptionkeyinherentineachFeature toprovideenhancedsecurityforindividualmethods Determinehowoftentheprotectedprogramlogsintoan individualmethod
Atruntime,theprotectedprogramsearchesforallrelevantFeature IDs intheHASP SRMprotectionkey.
98
HASP SRM Envelope Protection Youcandeterminehowoftentheprotectedprogramlogsintoeach Feature IDintheHASP SRMprotectionkeyandperformsdecryption usingthatFeature IDbyspecifyingtheFrequencyforspecificmethods.
Note:

YoucanonlyspecifytheFeature ID andFrequencyformethodsthat havebeenselectedforprotection IftheProtection typeisWin32 Shell only,youcannotspecifyaFeature ID orFrequencyforindividualmethods YoucanselectmultiplemethodsandspecifythesameFeature ID andFrequencyforallselecteditems
TheavailableFrequency optionsaredescribedinthefollowingtable: Frequency Type Once per program (Default) Description

A check is performed the first time a method using the Feature ID indicated for that method is called, regardless of the number of methods that share the same Feature ID across the program. A check is performed when the method is run, once for each Feature ID within the same class.
If the same Feature ID is also assigned to the class
Once per class instance
constructor, the check is performed the first time the .ctor method is run.
If the same Feature ID is used in other classes, the check
is performed separately for each class.
Note: The Once per class instance frequency is available

only for Instance methods.
Every time
A check is performed every time the method is called
Recommendations:

UsetheOnce per Application defaultsetting.TheOnce per Instanceand Every timesettingsmayslowtheperformanceofyourprogram. Ifacounterbasedlicenseisbeingdefined,usetheEvery timesetting onlyforthemethodthatdetermineslicensing,asthecounteris decrementedeverytimethemethodiscalled.
Code and Symbol Obfuscation in .NET Assemblies
99
Code and Symbol Obfuscation in .NET Assemblies

Obfuscationistheprocessofturningmeaningfulstringsintorandom stringsoflettersornumbers.UsingHASP SRM,youcanapply obfuscationasanantireverseengineeringsecuritymeasure. Bydefault,allsymbolnamesintheprotected .NETassemblyare obfuscatedaspartoftheprotectionprocess.In addition,youcan choosetoobfuscatetheentirecodeofaselectedmethod.Sincecode obfuscationmayslowtheperformanceofyourprogram,itisnot selectedbydefault. YoucanapplyCodeobfuscationtoamethodregardlessofwhetherit isselectedforprotectionintheMethods selected for protectionlist.
100 HASP SRM Envelope Protection
Chapter 6
Protection Strategies
Chapter Title
HASP SRMprovidesthebesthardwareandsoftwaretoolsavailablein themarkettoday.ThecontributionthatHASP SRMcanmaketo protectingyoursoftwareandintellectualpropertyhasalreadybeen welldocumentedinthepreviouschapters.However,itisthestrength andsophisticationofthestrategiesthatyouemployinpartnership withHASP SRMthatwilltrulymaximizeyoursoftwareprotection.
In this chapter:

Overview General Protection Guidelines Types of Attack and their HASP SRM Defense
Overview
Parallelwithadvancesinsoftwareandsoftwaresecurity development,softwarecrackersaredevelopingmoresophisticated meansofdeconstructingsoftwareprotectionmeasuresinorderto duplicateanddistributeillegalcopiesofunlicensedsoftwareandto reverseengineercodeinordertostealintellectualproperty. Tomaintaintherightstoyourrevenuestream,itisessentialthatyou remainvigilantaboutthestrategiesofyourenemies,andthatyou continuallyandwiselyimplementthelatestandstrongesttechniques forprotectingyoursoftware.
102 Protection Strategies Thedegreeofinvestmentthatyoumakeinlimitingtheabilityof softwarecrackerstoillegallyaccessyoursoftwarewilldependona numberofconsiderations,including:

Thevalueofyoursoftware Thehistoryofpreviouscrackingattemptsrelatedtoyoursoftware Thegeographicalregioninwhichyoursoftwarewillbe distributed Thetargetmarketforyoursoftware(forexample,whetheritis intendedtobesoldtoindividualconsumers,smalloffice/home officeusers,orenterpriseusers)
Thereisnosoftwareprotectionthatisabsolutelyuncrackable. However,ifyouconstantlyimplementuptodatestrategiesusingthe strongestsoftwareprotectionmethods,yousignificantlydecrease yourvulnerabilitytosuchattacks. Thischapterdescribesgeneralprotectionstrategiesforsoftware vendors.Itthenoutlinessomeofthemethodsthatsoftwarecrackers employinordertoidentifyandnegatesoftwareprotectionand security,andrecommendsHASP SRM measuresthatyoucanuseto enhanceyoursoftwaresecurity. Inadditiontotheinformationdescribedinthismanual,ourteamof AladdinConsultantsprovidespersonalizedassistancein strengtheningsoftwaresecurityandprotection.Theycanprovide helponawiderangeofissues,includingadditionalprotection strategiesandimplementationtechniques. ForinformationonconsultationservicesofferedbyAladdin KnowledgeSystems,contactyourlocalAladdinrepresentative.
General Protection Guidelines

Thefollowingguidelinesshouldbefollowed,regardlessofthe softwareprotectionstrategiesbeingimplemented. AladdinKnowledgeSystemsthoroughlyandconstantlyinvestigates potentialandactualthreatstosoftwaresecurity,andHASP SRMis continuouslybeingupdatedtocountersuchthreatsbeforetheycan compromisethesecurityofyoursoftware.
General Protection Guidelines
103
Use the Most Up-to-date Protection Software

Protectionsoftwareupdatesgenerallyincludeenhancementsto counterthemostrecentthreats.Alwayscheckforandusethemost recentversionofHASP SRMprotectionsoftwarethatisavailable.The latestsoftwarecanbedownloadedfromtheAladdinWebsite,at http://www.aladdin.com/support/hasp-srm/vendor.aspx.
Constantly Re-evaluate Protection Strategies

Frequentlyconsiderwhatprotectionstrategiesyoucanupgradeor enhancetoprovidestrongersecurityforyoursoftware.
Use Evolving Strategies to Prevent Predictability

Varythestrategiesthatyouimplementbetweenyoursoftware releases.Ifasoftwarecrackerisabletodetectapatterntoyour protectionstrategies,thestrategiescanmoreeasilybenegatedor evaded.
Vary Behavior when Cracking Attempt is Detected

Whenacrackingattemptisdetected(forexample,throughusinga checksumdescribedlaterinthechapter),delaythereactivebehavior ofyoursoftware,thusbreakingthelogicalconnectionbetween causeandeffect.Delayedreactionconfusesasoftwarecrackerby obscuringthelinkbetweenthecrackingattemptandthenegative reactionofthesoftwaretothatattempt. Behaviorsuchasimpairingprogramfunctionalitywhenacracking attemptisdetectedcanbeveryeffective.Additionalbehaviorscould includecausingtheprogramtocrash,overwritingdatafiles,or deliberatelycausingtheprogramtobecomeinaccurate,causingthe programtobecomeundependable.
104 Protection Strategies
Types of Attack and their HASP SRM Defense

Itisimportanttoknowyourenemy.Whenyouarewellinformed aboutthetypesofattacksthatasoftwarecrackermaymake,youwill bebestabletodeviseandimplementstrategiesthatlimitorprevent theirsuccess. Thissectiondescribestheelementsofsomeofthemorecommon attacksthatsoftwarecrackersuse,andrefersyoutospecific HASP SRM strategiesthatyoucanimplementtocountersuchattacks.
Patching Executables and DLLs

Asoftwarecrackerdisassemblesand/ordebugsEXEorDLLfilesto findprotectedcode.Theactualfileisthenpatchedinordertomodify runtimeflow,ortoremovecallsinthecode. Commonly,thesoftwarecrackersendsasmall,standalonepatch executablethattheenduserrunsinordertopatchyoursoftware.
HASP SRM Solution

Themorefilesthatareprotected,thelongerittakesasoftwarecracker toremoveprotection.YoucanprotectmultipleexecutableandDLL filesusingHASP SRMEnvelope.YoucanalsousetheDataHASP featureofHASP SRMEnvelopetoencryptandprotectdatafiles.
Modifying Key Memory

Licensingdataisnormallystoredinthememoryofasoftware protectionkey.Asoftwarecrackerattemptstoaccessthekeymemory inordertomodifythelicensingterms.Forexample,adepleted executionbasedlicensemightbechangedtoaperpetuallicense,ora featurethathasnotbeenpaidformightbeenabled.
105
HASP SRM Solution

InthecontextofHASP SRM,Readonlymemory(ROM)isasegment ofthememorythatcancontaindatathattheprotectionapplication canaccess,butcannotoverwrite.HASP SRMkeyscontaintwoROM segments,oneofwhichcontainsHASP SRMFeaturebasedlicenses. Thesecondsegmentprovidesanareainwhichvendorcustomized datacanbestored.Thesesegmentscanonlybeupdatedusingremote updates. HASP SRMautomaticFeaturebasedlicensesutilizereadonly memoryofHASP SRMprotectionkeys.Thevarietyofavailable licensesaresufficientforalmostanylicensingmodel. YoucancustomizeyourownlicensesandstilluseaROMsegmentin aHASP SRMprotectionkeysmemory.Notehoweverthatlicenses thathavebeencustomizedmustremainstatic(forexample,such licensescannotincludeadecrementingnumberofexecutions). Foradditionalinformationaboutlicensingmodels,seethedocument GainingaCompetitiveEdgewithHASP SRMLicensing.
Emulating Protection Keys

Toemulatethesoftwareofaprotectionkeymanufacturer,asoftware crackercreatesanapplicationthatreplayspreviouslyrecordedcalls, asifanactualprotectionkeyisreturningthecalls. Limitedfunctionalityemulatorsonlyrecordandreplaycalls.Full functionalityemulatorsalsoemulatethekey,includingitsencryption. Asoftwarecrackerrequiresaccesstotheencryptionkeytocreatea fullfunctionalityemulator. Thereareseveralplacesinwhichemulatorscanreside.Primarily,they areattempttoreplacethedriver.
HASP SRM Solution

HASP SRMprovidesasecurechannelbetweenanapplicationandthe HASP HLkey.Datathatpassesbetweentheprotectedapplicationand thekeyisencrypted.Takingadvantageofthesecurechannel functionalitybetweenyourapplicationandaHASP HLkeyprovides youwiththestrongestpossibleprotection. Adifferentencryptionkeyisusedineverysession.Thismeansthat someonerecordingdatapassingthroughthesecurechannelcannot replaythedata,sincetheencryptionkeyusedtoencryptthedatawill differfromthatusedtodecryptthedata.
Using Terminal Servers and Terminal Service Solutions

Whenusingtheterminalserversofsomeoperatingsystems,itmight bepossibleforanenduserwithalocallyconnectedprotectionkeyto enablesoftwareonmultipleconcurrentterminals.
HASP SRM Solution

TheHASP SRMprotectionincludesmechanismstodetermineifa protectedapplicationisrunningonaterminalserver.Ifsucha scenarioisdetected,andthelicenseisonalocalprotectionkey,the programwillnotfunction,subjecttovendoroverrides.Ifthelicenseis onanetworkkey,oneoftheconcurrentlicenseswillbeconsumed, subjecttovendoroverrides.
Cloning Hardware Keys

Thesoftwarecrackerreverseengineersahardwareprotectionkey, thencreatesduplicates.
HASP SRM Solution

HASP HLkeysareeachuniqueandhavetheirownID.Keysthatare inthesamebatchandbehaveidenticallyareeachuniquelyencrypted, thekeyscontrollerandmemoryformingauniquepair.Thismeans thatifthememoryofoneHASP HLkeyiscopiedtoanother HASP HLkey,thesecondkeywillnotfunction.
107
Clock Tampering
Clocktamperingrelatestoeitherthesystemclockofthemachineon whichtheprotectedsoftwareisrunning,ortoarealtimeclock containedinkeys.Thesoftwarecrackerresetsthetimetoenable extended,unlicenseduseofthesoftware.
HASP SRM Solution

UseeithertheHASP HL TimeorHASP HL NetTimekeyswhen implementingtimebasedlicensesforyoursoftware.Neithertheclock itself,orthelicensewhichisstoredinreadonlymemory,canbe modified.
Additional HASP SRM-specific Strategies

Thissectiondescribesadditionalgeneralprotectionstrategiesthatare availabletousersofHASP SRM.
Use Both the HASP SRM Run-time API and HASP SRM Envelope
MaximizesecuritybyusingtheHASP SRMRuntimeAPIto implementcallstoaHASP SRMprotectionkey,andprotectthe applicationwithHASP SRMEnvelope.Usingoneprotectionmethod doesnotprecludetheuseoftheother.
Insert Multiple Calls in your Code

Insertingmanycalls,throughoutthecode,totheHASP SRM protectionkeyinordertocheckthepresenceofthekey,andbinding datafromthekeywiththesoftwarefunctionality,frustratesthose attemptingtocrackyoursoftware.Multiplecallsincreasethe difficultyintracingaprotectionscheme. Youcanalsoaddobstaclestoapotentialsoftwarecrackersprogress byencryptingdatathathasnobearingontheapplication.Similarly, youcandivertattentionbygeneratingnoisethroughrandom numbergenerators,timevalues,intermediateresultsofcalculations, andothermechanismsthatdonotleadtomeaningfulresultsor actions.
Encrypt/Decrypt Data with a HASP SRM Protection Key

Encryptionanddecryptionprocessesareperformedinsidea HASP SRMprotectionkey,wellbeyondthereachofanydebugging utility. EncryptingdatawiththeHASP SRMAESbasedencryptionengine considerablyenhancessoftwaresecurity.Byencryptingdatausedby yourapplication,thedecryptionprocessdependsonboththe presenceofaHASP SRMprotectionkeyanditsinternalintelligence. ByimplementingaHASP SRMRuntimeAPIschemeinwhichdatais decryptedbyaHASP SRMprotectionkey,theassociationbetween theprotectedapplicationandtheHASP SRMprotectionkeycannot easilyberemoved.Crackingthesoftwarealsonecessitatesthe softwarecrackerdecryptingthedata.
Use a Checksum to Verify Integrity of Executable Files

Comparethevalueintheexecutablefilewithachecksumstoredin HASP SRMprotectionkeymemory.Ifthetwovaluesarenotequal, youcanassumethatsomeonehasattemptedtomodifythefiles. Repeatthischeckinvariousplacesinthecode,varyingitineachplace tomakeitmoredifficultforasoftwarecrackertodetect.
Chapter 7
Working with the DataHASP Encryption Utility

ThechapterdescribesdatafileprotectionusingtheDataHASPutility.
In this chapter:

Introduction DataHASP Pre-requisites
Introduction
TheHASP SRMEnvelopeDataHASPencryptionutilityenhancesthe defaultHASP SRMEnvelopeprotectionbyinjectingaprotected programwiththeabilitytoencryptanddecryptspecifieddatafiles. Decryptionandencryptioncanbeappliedtofilesthathavebeen preencrypted,andtonewfilescreatedbyyourprotectedapplication. Decryptionoccurswhenadatafileisopenedandencryptionoccurs whenadatafileissaved. TheabilitytoimplementDataHASPfunctionalityisenabledwhenthe executablefileisbeingprotectedusingHASP SRMEnvelope.The typesoffilesthataretobeencryptedanddecryptedarealsospecified atthesametime.
Note:
ItisimportantthatyouuseDataHASPtopreencryptanydatafiles thatyouintendtodistributewithyourprotectedprogram.
110
When to Encrypt Data Files

Protectyourdatafilesif:
Youwanttomaximizeyoursoftwaressecurity.Whenyour softwareisbeingprotected,consideraddinganotherlayerof securitybyprotectingthosedatafilesthatareaccessedbyyour software. Youwanttoprotectyourintellectualproperty.Yourdatafiles representyourinvestments,soitisworthwhilepreventingyour intellectualpropertyfrombeingexposedwithoutprotection.
DataHASP Users
Anyoneinvolvedintheproductionormaintenanceofdatafilesforyour protectedsoftwareshoulduseDataHASP.Thiscouldincludepeoplein rolessuchasgraphicartists,informationdevelopers,oraccountants.
HASP SRM Data File Handling

DataHASPgeneratesdatafilesthatcanbeprocessedbyprograms protectedbyHASP SRMEnvelope.Afteraspecificsetofdatafileshas beenencrypted,thosefilescanbeaccessedbyHASP SRMEnvelope. Thefollowingfigureillustratestheactionsrelatedtoencryptingdata filesthattakeplacebetweenHASP SRMEnvelopeandDataHASP. Afterdatafilesareencrypted,thosefilescanonlybeaccessedand decryptedbyapplicationsprotectedwithHASP SRMEnvelope.
DataHASP Pre-requisites
111
Operative Interaction between HASP SRM Envelope and DataHASP
DataHASP Pre-requisites
InordertouseDataHASP,youmusthavethefollowingcomponents installed.Inaddition,youneedtoknowthelocationofthe appropriateHASP SRMEnvelopeproject,andthefilesthatyouwant toencrypt.
HASP SRMprotectionkeys:EnsurethattheHASP SRM protectionkeythatisusedtoprotecttheprogramisaccessible whenprotectingdata. Whileencryptionanddecryptionofdataisperformedinthe protecteddevicedriver,theHASP SRMprotectionkeygenerates theencryptionkey.Thismethodensuresmaximumprotection whilemaintainingthehighperformancethatisrequiredwhen largevolumesofdataaredecrypted. RuntimeEnvironment:BeforeusingtheDataHASPutility, ensurethattheappropriateruntimeenvironmentisinstalledon yourmachine. Input:TouseDataHASPcorrectly,thefollowingmustbereadily availableinknowndirectories: AsavedHASP SRMEnvelopeprojectcontainingaprogram orprogramswithenableddatafilters Datafilesyouwanttoencrypt.Thesefilesmustsatisfythefile filtersspecifiedfortheprogram(s)
112
Launching DataHASP
YoucanlaunchDataHASPdirectlyfromHASP SRMEnvelopeafter youhavedefineddatafilters.Alternatively,youcanclickthe datahasp.exefile,locatedinthefollowingdirectoryonyoursystem:
\Program Files\Aladdin\HASP SRM\VendorTools\VendorSuite
Supported Functionality
TheDataHASPutilityhasaconvenientlydesignedinterfacethat managesallaspectsofdataencryptionprojects.Theinterfaceenables youto:

OpenHASP SRMEnvelopeprojectsandlisttheprogramsthey contain EditexistingDataHASPprojects Addfilesordirectoriesfordataencryption Encryptdatafilesanddirectoriesforspecificprogramsprotected byHASP SRMEnvelope Viewandsaveencryptionprocesslogs AccessallHASP SRMVendorSuiteapplicationsandtheAladdin Website
Modifying Input
Datafilesaresubjecttoregularmodification.DataHASPsdesign anticipatestherequirementtoregularlyupdatedatafilecontent.After youhaveencryptedmodifieddatafiles,theycanonlybeaccessedifa specificHASP SRMprotectionkeyisdetected.
Part 3 Licensing
In this section:
Chapter 8: Introduction to HASP SRM Business Studio

Provides an overview of HASP SRM Business Studio and the major processes it facilitates, lists its pre-requisites, and explains how to use the application.
Chapter 9: Preparing Your HASP SRM Licensing Plan

Outlines the importance of licensing your software products, describes the licensing options provided by HASP SRM, and explains how to prepare a licensing plan for use with HASP SRM Business Studio.
Chapter 10: Implementing Your HASP SRM Licensing Plan

Describes how to use HASP SRM Business Studio to define and manage the Features and Products included in your HASP SRM licensing plan, and how to maintain Products and licenses as circumstances change.
Chapter 11: HASP SRM Orders, Production, and Development Tasks

Describes how to use HASP SRM Business Studio to manage and produce orders, and to perform additional development-related tasks.
Chapter 12: HASP SRM Administration and Customer Services

Describes how to use HASP SRM Business Studio to define HASP SRM user details, maintain Batch Codes, configure system settings, perform manual Product activation and maintain customer data.
Chapter 13: HASP SRM Remote Update System

Describes the HASP SRM Remote Update System (RUS) utility and explains how to use RUS to remotely update license data in deployed HASP SRM protection keys.
114
Chapter 8
Introduction to HASP SRM Business Studio

ThischapterprovidesanoverviewofHASP SRMBusinessStudioand themajorprocessesitfacilitates.Italsodescribestheuserrolesand theirfunctionsinHASP SRMBusinessStudio,listsitsprerequisites, andexplainshowtostartusingtheapplication.
In this chapter:

HASP SRM Business Studio Overview HASP SRM Business Studio User Roles Getting Started with HASP SRM Business Studio
Note:
ThischapterprovideshighlevelinformationonHASP SRMBusiness Studioprocesses.Fordetailedpracticalinstructionsforusingeach functioninHASP SRMBusinessStudio,seetheHASP SRMBusiness StudioHelpdocumentation.
HASP SRM Business Studio Overview

HASP SRMBusinessStudioisapowerfulrolebasedapplication designedtomanagethebusinessactivitiesrequiredtoimplementand maintainHASP SRMinyourorganization. HASP SRMBusinessStudiostreamlinesthemajorworkflowsinthe licensinglifecycleofaprotectedsoftwareapplication,fromthe momentitisdeveloped,throughitspackaging,marketing,selling, andordertaking,toitsdistributionandupgrading.
116
Introduction to HASP SRM Business Studio HASP SRMseparatesthesoftwareprotectionprocess(implemented withHASP SRMRuntimeAPIorHASP SRMEnvelope)fromthe licensingandproductionprocesses(implementedwithHASPSRM BusinessStudio),enablingyoutomodifyyourcompanyslicensing strategyasnecessarywhencircumstanceschange,andtoimplement thesechangesquicklyandefficiently.
HASP SRM Business Studio Major Workflows

HASP SRMBusinessStudiocomprisestwomajorcomponentsthe BusinessStudioclientapplicationandtheBusiness StudioServer. Togethertheyhandlethreemajorworkflows:licenseplanning,order processingandproduction,andsoftwareactivation.
License Planning
BeforestartingtouseHASP SRMBusinessStudio,itisrecommended thatbusinessdecisionmakersinyourorganization,suchasproduct ormarketingmanagers,preparealicensingplanbasedonthe companyslicensingstrategy. Thelicensingplanidentifieseachindividualfunctionalcomponentin yoursoftwareapplicationsthatcanbeindependentlycontrolledbya license.InHASP SRM,thesecomponentsarereferredtoasFeatures. A Featuremaybeanentireapplication,amodule,oraspecific functionalitysuchasPrint,SaveorDraw.Over64,000Featurescanbe definedusingHASPSRMBusinessStudio. Inaddition,thelicensingplancanincludetheProductsthatyour companywantstoselland/ordistributeforevaluation.InHASP SRM, aProductisacollectionofoneormorelicensedFeaturesthatcanbe soldordistributedasanitem. Aftercompletingthelicensingplan,theFeaturesandProductscanbe definedinHASP SRMBusinessStudio.Theoutputofthisprocessisa repositoryofProductsthatarestoredintheHASP SRM Business StudioServerdatabasereadyforcustomerorders.
Note:
Youcanmakesubsequentchangestoyourlicensingplanandlicense modelsatanytime,addingFeaturesandProductsasrequired.
HASP SRM Business Studio Overview
117
Foradditionalinformationonpreparingalicensingplanforusewith HASP SRM,seeChapter 9,PreparingYourHASP SRMLicensingPlan. ForadditionalinformationondefiningFeaturesandProductsin HASP SRMBusinessStudio,seeChapter 10,ImplementingYour HASP SRMLicensing Plan.
Order Processing and Production

Staffinyourorganizationsordersdepartmentreceiveandfulfil orders.AnorderisarequestforHASP SRMitems,andcanbeoneof thefollowing:

ArequestforProductstobesuppliedwithoneormore HASP SRMprotectionkeys AHASPUpdatethatspecifieschangestobemadetothelicense termsand/ordatastoredinHASP SRMprotectionkeysthathave alreadybeendeployed
Orderprocessingpersonnelprocesstheorderdetailsusing HASP SRMBusinessStudio.ThelicensetermsofeachFeatureinthe orderedProductsmaybespecifiedwhentheProductisdefined,or whentheorderisprocessed. Whenallthedetailsofanorderhavebeendefined,theordercanbe produced.TheProductdetails,includingthelicensetermsand memorydata,arestoredinthespecifiedHASP SRMprotectionkeys attheproductionstageorwhentheProductisactivated,andcanbe updatedafterthekeyshavebeendeployed. Foradditionalinformationonprocessingandproducingordersin HASP SRMBusinessStudio,seeChapter 11,HASP SRMOrders, Production,and DevelopmentTasks.
118
Introduction to HASP SRM Business Studio
Software Activation and Online Updates

Productactivationandonlineupdatesareperformedbymeansofthe HASP SRMBusinessStudioServerwhenyoursoftwareisattheend userssite.
Product Activation with HASP SL Keys

WithHASP SLkeys,thesoftwareisonlyactivatedandusableafterthe followingstepsarecompleted: 1. 2. 3. AProductKeyisproducedinHASP SRMBusinessStudioand suppliedtotheenduser. TheendusersendstheProductKeytotheHASP SRM Business StudioServerforvalidation. AHASP SLkeywithlicensetermsissentbackandinstalledon theenduserscomputer.
Online Updates
Onlineupdatescanbeimplementedinthefollowingways: TheHASPUpdateinformationisstoredontheHASP SRM Business StudioServerforuseinsoftwarethatyouprovideto yourendusers.Theupdateisthenimplementedaspartofthe end usersinstallationprocess. AfilethatcontainstheHASPUpdateinformationisgenerated andsenttotheenduser.Thisfilecanthenbeusedwiththe HASP SRMRemoteUpdateSystem(RUS)utilitytoensuresecure, remoteupdatingofthedeployedHASP SRMprotectionkeys. ForadditionalinformationonRUS,seeChapter 13,HASP SRM RemoteUpdateSystem. AreceiptcanbegeneratedwhenaHASPUpdateisprocessed,to verifythattheupdatehasbeenapplied.
HASP SRM Business Studio User Roles
119
HASP SRM Business Studio User Roles

HASP SRMBusinessStudioisarolebasedapplication.Thefunctions andtasksthatyoucanperformaredeterminedbytheuserroles assignedtoyoubytheHASP SRMAdministrator,asdetailedinthe followingtable. Role
Product Management
Available Tasks
Define and manage Features and Products
For more info, see

Chapter 9 Preparing Your HASP SRM Licensing Plan Chapter 10 Implementing Your HASP SRM Licensing Plan Chapter 11HASP SRM Orders, Production, and Development Tasks Chapter 11HASP SRM Orders, Production, and Development Tasks Chapter 12HASP SRM Administration and Customer Services Chapter 11HASP SRM Orders, Production, and Development Tasks Chapter 12HASP SRM Administration and Customer Services
Order Management
Define, and manage customer orders; check in Customer-to-Vendor files and HASP SRM key data View and produce customer orders View and edit customer details; perform manual Product activation Perform development-related tasks, such as generating the HASP SRM Run-time Environment installer HASP SRM administration functions, including defining users and their roles, configuring system settings, and managing Batch Codes
Production
Customer Services
Development
Administration
120 Introduction to HASP SRM Business Studio
Getting Started with HASP SRM Business Studio

BeforeyoustarttouseHASP SRMBusinessStudio,ensurethat:

HASP SRMVendorSuiteisinstalledonyourmachine YouhavereceivedaHASP SRMusernameandpasswordfrom yourHASP SRMsystemadministrator
AfteryouhaveloggedintoHASP SRMBusinessStudio,youcan changetheHASP SRMpasswordthatyoureceivedtoapasswordof yourownchoice.Foradditionalinformationonchangingyour password,seetheHASP SRMBusinessStudioHelpdocumentation.
Note:
HASP SRMpasswordsarecasesensitive,soensurethatyouuse uppercaseandlowercaseletterscorrectlywhenyoutypeyour password.
Pre-requisites for the HASP SRM Administrator

IfyouareperformingadministrationfunctionsforHASP SRMinyour organization,itisessentialthatyoucheckthefollowingrequirements beforeyou(orotherusers)starttouseHASP SRMBusinessStudio:
AvalidconnectiontotheHASP SRMBusiness StudioServermust exist.For additionalinformationoninstallingtheHASP SRM Business StudioServer,seetheHASP SRMBusiness StudioServer InstallationGuide. YoumusthaveaHASP SRM Masterkeythatcontainsyourlicense forHASP SRMandyourcompanysspecificVendorCode.If not previouslyintroduced,theHASP SRM Masterkeyisintroduced duringtheHASP SRMBusiness StudioServerinstallationprocess.
121
TheHASP SRM Masterkeymustremainconnectedtothe HASP SRMBusiness StudioServermachineinordertoenableyou toperformHASP SRMBusinessStudiofunctions.Ifthe HASP SRMBusiness StudioServerisinstalledonmorethanone servermachine,eachservermusthaveaseparate HASP SRM Masterkeylocallyconnected.
Note:
IfyouareevaluatingHASP SRMBusinessStudio,youcanusethe DEMOMABatchCodeprovided,whichdoesnotrequirea HASP SRM Masterkey.
Youmustdefineusernames,passwords,roles,andbatchaccess foreachHASP SRMBusinessStudiouser,andalsoforyourself. Foradditionalinformation,seeMaintainingUserDetailson page 179. AdefaultusernameandpasswordisprovidedwithHASP SRM toenableyoutologintoHASP SRMBusinessStudioasthe HASP SRMAdministrator.Thedefaultusernameandpassword isHASP. ForadditionalinformationontheHASP SRMadministrationtasks andoptionsinHASP SRMBusinessStudio,seeAdministrationTasks onpage 178.
HASP SRM Business Studio Window

Whenyoulogin,theHASP SRMBusinessStudiolaunchscreenis displayedinthemainpaneoftheHASP SRMBusinessStudio window.
OntheleftistheHASP SRMBusinessStudiofunctionpane.Thispane displaysthefunctiongroupsavailableforyouruse,dependingonthe userrolesassignedtoyou. Whenyouclickoneofthefunctionsinthefunctionpane,thewindow forthatfunctionisdisplayedinthemainpane.Thiswindowcontains: Informationrelevanttothefunctionyouselected Ataskpaneontherightsideofthewindow,containingtasksthat youcanperformwithintheselectedfunction Forexample,ifyouclickManage Features,theManageFeatureswindow isdisplayed.DetailsofcurrentlydefinedFeaturesaredisplayedinthe mainwindow.Thetaskpaneliststhetasksthatcanbeperformed, suchasdefininganewFeature,openinganexistingFeature,deleting aFeature,andsoon. Manyofthefunctionwindowsprovidefilterand/orsearchfieldsto enableyoutoquicklylocaterequireddata.
123
Using the HASP SRM Business Studio Help

DetailedinstructionsforusingeachfunctionandtaskinHASP SRM BusinessStudioareprovidedintheHASP SRMBusinessStudioHelp documentation. To open the HASP SRM Business Studio Help:
FromtheHelpmenuintheHASP SRMBusinessStudiowindow, selectHASP SRM Business StudioHelp.TheHASP SRMBusinessStudio Helpdocumentationisdisplayed. ToopenthecontextsensitiveHelpforthecurrenttaskorfunction, presstheF1keyorclickHelpinanyHASP SRMBusinessStudio windowordialogbox.TheHelptopicassociatedwiththecurrent taskorfunctionisdisplayed.
Chapter 9
Preparing Your HASP SRM Licensing Plan

BeforeyoustarttouseHASP SRMBusinessStudioinyour organization,youmaywanttoprepareadetailedlicensingplanfor usewithHASP SRM.Althoughitisrecommendedthatyoupreparea licensingplan,itisnotaprerequisiteforusingHASP SRMBusiness Studio.Licensingdecisionscanbeimplementedorvariedonthefly. Thischapteroutlinestheimportanceoflicensingyoursoftware products,describesthelicensingoptionsprovidedbyHASP SRM, andsuggestshowyoumightprepareadetailedlicensingplanforuse withHASP SRMBusinessStudio.
In this chapter:

Licensing Overview Preparing Your Licensing Plan Choosing the Protection Level for Your Products Designating Products for Trial or Grace Period Use Assigning License Terms to Features Utilizing HASP Memory Using Your Licensing Plan with HASP SRM Business Studio
Note:
ThischapterprovideshighlevelinformationaboutHASP SRM licensingoptions.Fordetailedpracticalinstructionsforimplementing thelicensingoptionsinHASP SRMBusinessStudio,seethe HASP SRMBusinessStudioHelpdocumentation.
126 Preparing Your HASP SRM Licensing Plan
Licensing Overview
Part2ofthisGuide,Protection,explainedindetailhowtoprotectyour softwareandintellectualproperty.Inadditiontoprotectingthese valuableassets,itisessentialthatyouprotectyourcompanysrevenue byensuringthatyoursoftwareisavailableonlytotheappropriate users,accordingtothetermsthatyoudefine.Thisprocessis controlledbylicensing. Licensingprovidesyouwiththeflexibilitytoimplementyour businessstrategiesforthesaleanddistributionofyoursoftware products.Youdefinethelicensingtermswithwhichyoursoftwareis distributedorsoldaccordingtoyourdecisionsaboutwhatis commerciallybeneficialtoyourcompany. Forexample,youmaydecidethatyouinitiallywanttodistributeyour softwarefreeofcharge,sothatuserscantryitbeforepurchasing. You willwanttoensurethatuserscanuseitforonlyalimitedtime beforeitmustbepurchased. Alternatively,youmaypublishverycomplex,expensivesoftware. You maydecidetomakespecificcomponentsofthatsoftware availableforalowerprice,thusmakingpartsofitaccessibletousers whocannotaffordthefullyfeaturedversion. HASP SRMsversatilityenablesyoutoimplementawidevarietyof licensingmodels.RefertotheGainingaCompetitiveEdgewith HASP SRMLicensingguideforanoverviewofthemanymodelsyou canapplytoyoursoftwareofferings.
Preparing Your Licensing Plan

Ausefulstepinthedevelopmentofalicensingstrategyisthe preparationofalicensingplan.Businessdecisionmakersinyour organization,suchasproductmanagersormarketingmanagers, defineprotectionandbusinessrules,andspecifythelicensingmodels requiredtomeetyourcompanysbusinessneeds. Alicensingmodelisthelogicbehindabusinessdecisionrelatingtothe wayaProductislicensed.Forexample,arentallicensemodelenables youtochargefortheuseofsoftwareforaspecificperiodoftime.
Preparing Your Licensing Plan HASP SRMenablesyoutochoosefromavarietyofoutofthebox licensingmodels,including:

127
Trialware(trybeforeyoubuy) Rental/Subscription Modulebased Featurebased Floatingusers Timebased Executionbased
Youcandefineadditionallicensingmodelsandsoftwareusageterms tomeetyourcompanysindividualrequirements. Itisrecommendedthatyoupreparealicensingplanbeforeyoustart touseHASP SRMtostreamlinetheimplementationofyour companyslicensingstrategy.YourHASP SRMlicensingplanshould bebasedonthedetailedlicensingrequirementsthatyoudefineforall theprotectedsoftwareapplicationstobesoldbyyourcompany, and/ordistributedfortrialuse. TheprocessofpreparingaHASP SRMlicensingplancanincludethe followingsteps: 1. 2. 3. 4. Analyzingalltherelevantsoftwareapplicationsandidentifying eachfunctionalcomponentthatcanbelicensedindividually. Combiningthesecomponentsintolicensedentitiesthatcanbe offeredtocustomers. DecidingwhichHASP SRMprotectionkeysyouwanttosupply withyoursoftwareapplications. Specifyingthedetailedlicensingtermstobeapplied,accordingto yourlicensingstrategy.
Theoutputofsuchaprocessisacomprehensivelicensingplanthat canbeimplementedusingHASPSRMBusinessStudio.
Note:
Youcanmakesubsequentchangestoyourlicensingplanandlicense modelsatanytime.
Identifying Functional Components (Features)

Therecommendedfirststepinevaluatingandplanningyourlicensing requirementsinvolvesanalyzingyoursoftwareapplicationsand identifyingtheirfunctionalcomponents.Mostapplicationscanbe segmentedintoanumberofdistinctfunctionalcomponents.In HASP SRM,thesecomponentsarereferredtoasFeatures. EachindividualFeatureisanidentifiablefunctionalityofasoftware applicationthatcanbeindependentlycontrolledbyalicense. In HASP SRM,aFeaturemaybeanentireapplication,amoduleora specificfunctionalitysuchasPrint,SaveorDraw.
Example: Specifying Features

Scenario:TheProductManagerofHighQualitySoftwareLtd.
(HQ Software),acompanyprovidingdesignsoftwareforthe constructionindustry,identifiesthespecificfunctionalcomponents thatthecompanywantstolicense,andassignsaFeaturenametoeach component. Thefollowingtableliststhedefinedfunctionalcomponentsandthe Featurenamesassignedtoeachcomponent: Functional Component

Drawing design plans Viewing design plans Saving projects Printing designs Printing predefined reports Generating tailored reports
Feature
DRAW VIEW SAVE PRINT DESIGNS PRINT REPORTS REPORT GENERATOR
Preparing Your Licensing Plan
129
Combining Features into Products

AfteryouhaveidentifiedandlistedalltheindividualFeaturesto license,youcandefinethedifferentcombinationsoflicensedFeatures thatyourcompanywantstosell. InHASP SRM,acollectionofoneormorelicensedFeaturesthatcan besoldasanitemisreferredtoasaProduct.Productscandifferfrom eachother,notjustintheFeaturesthattheycontain,butalsointhe licensetermsspecifiedforeachFeature. YourlicensingplancancontainthenamesofalltheProductsthatyour companywantstoselland/ordistributeforevaluation,andthe FeaturesthateachProductincludes. InHASP SRM,youhavefullcontroloverthespecificProductsyou define,theFeaturestheyinclude,andthelicensetermsassignedto eachFeatureineachProduct.
Example: Defining Products

Scenario:TheHQ SoftwareProductManagerdecidestodefineatrial
Productintendedfordistributiontocustomerswhowanttoevaluate theirsoftware.ThisProduct,HQ Design Demo,includesonlytheVIEW andPRINTDESIGNSFeatures. Inaddition,thecompanydefines:
AProductintendedforsmallofficecustomers,HQ Design Lite, offeringtheFeaturesincludedinHQ Design Demo,withtheaddition ofDRAWandSAVE AProducttargetedtowardslargercustomers,HQ Design Pro,that offersallavailableFeatures
Note:
TheREPORTGENERATORFeaturehasnotyetbeenfullydeveloped andisnotcurrentlyincludedintheHQ Design Pro Product.ThisFeature isplannedforafuturerelease.
Choosing the Protection Level for Your Products

YourchoiceoftheHASP SRMprotectionkeystobedistributed togetherwithyourlicensedsoftwarereflectsthelevelofprotection youwishtoapplyandthewayyouintendtocontroltheuseofor accesstoeachProduct. TwotypesofHASP SRMprotectionkeysareavailable:
HASP HL keys:Thehardwarebasedprotectionandlicensing
componentofHASP SRMthatprovidesthesafestandstrongest levelofprotection.Foradditionalinformation,seeHASP HLKeys onpage 38. HASP SL keys:Thesoftwarebasedprotectionandlicensing componentofHASP SRMvirtualHASP HLkeys.Foradditional information,seeHASP SLKeysonpage 39.
YoursoftwareandtheuserlicensearebothlockedtotheHASP SRM protectionkeythatyouselect. WhenyoudefinetheProductsforinclusioninyourlicensingplan, youalsoselectwhichHASP SRMlockingtypetoassigntoeach Product.Thelockingtypedeterminesthelevelofprotectionforeach Product,asfollows:

HASP HL locking only:hardwarebasedlevelofprotection HASP SL locking only: softwarebasedlevelofprotection HASP HL or HASP SL locking:softwarebasedlevelofprotection
HASP HL Key Protection and Activation

AProductthatisprotectedwithaHASP HLkeycanbeactivatedonly aftertheenduserreceivesaHASP HLkeycontainingthelicense termsfortheProductandconnectsthekeytothecomputer.
Choosing the Protection Level for Your Products
131
Benefits of HASP HL Key Protection

HASP HLkeyprotectionprovidesthestrongestlevelofprotection againstpiracy.Thecorrectfunctionalityofthesoftwaredependson theinternallogicoftheHASP HLkey,whichisvirtuallytamper proof. Inaddition,HASP HLkeyprotection:

Offersthestrongestenforcementforlicenseterms,whichare storedandprotectedinsidetheHASP HLkey Enablesportabilitythesoftwarecanbeusedonanycomputerto whichtheHASP HLkeyisconnected DoesnotrequireInternetconnectionforactivationoftheProduct
HASP SL Key Protection and Activation

AProductthatisprotectedwithaHASP SLkeycanbeactivatedonly afterthefollowingstepshavebeencompleted: 1. 2. 3. 4. AProductKey,consistingofastringofcharacters,isgeneratedin HASP SRMBusinessStudioandsuppliedtotheenduser. TheenduserreturnstheProductKeyasproofofpurchase. TheProductKeyissenttotheHASP SRMBusiness StudioServer forverification. AHASP SLkeywithlicensetermsissentbackandinstalledon theenduserscomputer.
Benefits of HASP SL Key Protection

WithHASP SLkeyprotection:

Productactivationisinstantaneous.Enduserscanimmediately startusingthesoftwarewithitsfullylicensedfunctionality. Theactivationprocessforendusersisconvenientand transparent. Theonlineconnectionwithenduserscanenableuserregistration datatobecollectedandusedformarketingpurposes. WhenusinganetworklicensethatislockedtoaHASP SLkey, youcanspecifythatalicensecanbedetachedfromthenetwork andattachedtoaremoterecipientmachine.
Specifying the Protection Level for Individual Orders

HASP SRMgivesyoutheflexibilitytochoosetheHASP SRM protectionkeysforaProductoraccordingtotherequirementsofeach individualorder. Ifyouprefernottospecifytheprotectionlevelinadvance,youcan assigntheHASP HL or HASP SLlockingtypetoaProduct.Withthislocking type,thedecisiononwhichtypeofHASP SRMprotectionkeyistobe shippedwiththeProductismadewheneachorderisprocessed. AProductthatisassignedtheHASP HL or HASP SLlockingtypecanbe senttotheenduserwitheitheraHASP HLkeyoraHASP SLkey.
WARNING!
AProductthatcanbedistributedwithbothHASP HLkeysand HASP SLkeysisalwayssuppliedwiththeHASP SLkeylevelof protection,evenwhenitisshippedwithHASP HLkeys.
Designating Products for Trial or Grace Period Use

HASP SRMenablesyoutocreate,protect,anddistributesecuretrialware versionsofyoursoftware.Youcaninviteuserstodownloadyourtrial softwarefromnetworks,toshareitwithotherusers,andtogiveitaway totheirfriendsorcolleagues.Endusersthenhavetheoptiontopurchase yoursoftwareandtoturntheirtrialcopyofintoafullyfunctionalversion byactivatingitwithaHASP SRMprotectionkey. YoucanalsouseHASP SRMtodefinegraceperiodsforyoursoftware. Duringthegraceperiod,andevenafteractivation,enduserscanpass copiesoftheirpurchasedsoftwaretoasmanyfriendsastheywish. Whenafriendinstallsthesoftware,itautomaticallyrevertstoa limitedtrialversionfortheentiregraceperiod.Afterthegraceperiod expires,thesoftwarecannolongerrununtilitisactivatedwitha HASP SRMprotectionkey. HASP SRMenablesyoutodefinetrialandgraceperiodsforsoftware protectedwithanytypeofHASP SRMprotectionkey. Forexample,softwareprotectedwithHASP HLkeyscanbe purchasedanddeliveredovertheInternetwhiletheHASP HLkeys areshipped,andenduserscanstartusingthesoftwarewhilewaiting forthearrivaloftheirkey.
Assigning License Terms to Features
133
Similarly,enduserswhopurchaseandinstallasoftwareapplication canuseitfora30daygraceperiodwithoutactivatingit.Duringthis graceperiod,theycanactivatethesoftwareremotelyandreceivea HASP SLkey,afterwhichthesoftwarewillrunaccordingtothe purchasedlicensetermsstoredinthekeys.Ifthegraceperiodexpires andthesoftwarehasnotbeenactivated,itwillstoprunninguntil activatedbytheenduser. InHASP SRM,aProductthatisintendedfordistributionastrialwareor foruseduringagraceperiodisreferredtoasaProvisionalProduct. HASP SRMlockingtypesarenotapplicabletoProvisionalProducts, sincetheseProductsaredistributedwithoutHASP SRMprotectionkeys. YourlicensingplancanincludealltheProvisionalProductstobe offeredbyyourorganization.
Assigning License Terms to Features

HASP SRMenablesyoutoassignindividuallicensetermstoeach FeatureineachProductthatyoudefine.YoucanalsodefineProducts thatincludethesameFeatures,butwithdifferentlicenseterms.Such decisionsarebasedonthecommercialrequirementsofyour organization,andonthelicensemodelsthatyouchoosetoimplement. YoucancontrolFeatureusagethroughthelicensebyspecifyingthe licensetypetobeapplied.Youcanchooseoneofthefollowinglicense type:

Perpetual:Indicatesthatthelicensecanbeusedanunlimited
numberoftimesforanunlimitedperiodoftime. Expiration Date:Specifiesthedateonwhichthelicenseexpires. Executions:Specifiesthemaximumnumberoftimesthatthe Featurecanbeused. Time Period:Specifiesthenumberofdaysuntilthelicenseexpires, fromthedateoffirstuse.
AfteryouselectthetypeoflicensetoapplytoeachFeatureina Product,youcanspecifyitsvalue,forexample,thenumberoftimes thataFeaturecanbeused.
134 Preparing Your HASP SRM Licensing Plan IftheFeatureisintendedtobeusedonanetworkorremotedesktop, youcanalsospecifythenumberofconcurrentinstancesallowed,and youcanspecifyhowconcurrentinstancesaretobecountedforthe purposeofthelicense.Inaddition,iftheFeaturewillbeusedin ProductsthatarelockedtoHASP SLkeys,youcanspecifythatthe Featureanditslicensemaybetemporarilydetachedfromthenetwork forattachmenttoaremoterecipientmachine.
Specifying License Values for Individual Orders

HASP SRMoffersyoumaximumflexibilitywithregardtolicense terms,enablingyoutosupplythesameProducttodifferentcustomers withdifferentlicensetermvalues. Youdonothavetospecifyinadvancetheexactvaluesforthelicense typeorthenumberofconcurrentinstancesforeachFeatureinthe Product.WheneachorderfortheProductisprocessed,theperson processingtheorderdefinesthevaluesrequiredforthatspecific order.
Example: Specifying License Terms and Protection Levels

Scenario:TheHQ SoftwareProductManagerdecidestospecifythe
followinglicensetermsforitsthreeProducts:

Atrialperiodof30daysforthePRINTandVIEWFeaturesinits HQ Design Demo Product AlowcostannualrentallicensefortheDRAWandSAVE FeaturesintheHQ Design Lite Product,withunlimitedusageforthe PRINTandVIEWFeatures Amorecostly,fullyfeaturedlicensefortheHQ Design Pro Product thatspecifiesunlimitedusageforallFeatures
HQ Design DemoisdefinedasaProvisionalProduct,toenableittobe distributedfreelyforevaluation HQ Design LiteissuppliedwithHASP SLkeyprotection,enabling electronicdistribution HQ Design ProissuppliedwithHASP HLkeyprotection,for maximumsecurity
ThefollowingprotectionlevelsaredefinedforeachoftheProducts:

135
ThefollowingtablesummarizesthethreeProducts,theirprotection levels,andtheirlicensedFeatures: Product:

Protection Level: License Model: Feature DRAW VIEW SAVE PRINT DESIGNS PRINT REPORTS REPORT GENERATOR 30 days 30 days Expires after 1 year Unlimited Expires after 1 year Unlimited Unlimited Unlimited Unlimited Unlimited Unlimited Not yet available
HQ Design Demo
Provisional Trial
HQ Design Lite
HASP SL keys Rental
HQ Design Pro
HASP HL keys Unlimited

AllHASP SRMprotectionkeyswiththeexceptionofHASP HL Basic keyscontaininternalreadonlyandread/writememory,orsecure storage.Youcandefinespecificsegmentsformemorydataandchoose whetherthedataisaddedwhenyoucreateaProductorwhenan orderisbeingprocessed. Youcanusethememory,forexample,to:

Storelicensesfromyourownlicensingschemes Savepasswords,programcode,programvariables,andotherdata
MemorydatacanbedefinedforeachProduct.Thecontentsofthe memoryaretransferredtothesecurestorageoftheselected HASP SRMprotectionkeystogetherwiththeFeatures,licenseterms andotherdatadefinedfortheProduct. Youcanaddanyspecificdatathatisrequiredtobestoredinmemory foreachProducttoyourlicensingplan.
Using Your Licensing Plan with HASP SRM Business Studio

YourlicensingplancanbeimplementedusingHASP SRMBusiness Studio.Asyourlicensingrequirementschange,youcanrevisethe licensingplanandensurethatthechangesareimplementedusing HASP SRMBusinessStudio.YourlicensedProductscanbeeasilyand securelyupdatedasrequired,aftertheyhavebeendeployedto customers. Foradditionalinformationonimplementingandmaintainingyour licensingplan,seeChapter 10,ImplementingYourHASP SRM Licensing Plan. HASP SRMoffersyoutheflexibilitytoupdateyourlicensingstrategy asnecessary,andtoadaptrapidlytochangesinthemarket,inyour companysbusinessstrategy,orincustomerpurchasingpreferences.
Chapter 10
Implementing Your HASP SRM Licensing Plan

ThischapterisintendedforHASP SRMBusinessStudiouserswho areassignedtheProduct Managementrole.Itdescribeshowtouse HASP SRMBusinessStudiotodefineandmanageFeaturesand ProductsinHASP SRM,andtomaintainProductsandlicensesas circumstanceschange. ForinformationonpreparingalicensingplanandonHASP SRM licensingoptions,seeChapter 9,PreparingYourHASP SRMLicensing Plan. ForanoverviewofHASP SRMBusinessStudioandforinformation onstartingtousetheapplication,seeChapter 8,Introductionto HASP SRMBusinessStudio.
In this chapter:

License Planning in HASP SRM Business Studio Managing Features Managing Products Maintaining Products and Licenses
Note:
Thischapterprovideshighlevelinformationonlicenseplanningand definitionprocesses.Fordetailedpracticalinstructionsforusingeach functioninBusinessStudio,seetheHASP SRMBusinessStudioHelp documentation.
138 Implementing Your HASP SRM Licensing Plan
License Planning in HASP SRM Business Studio

BeforeyoustarttouseHASP SRMBusinessStudioforlicense planning,itissuggestedthatyoupreparealicensingplan.For additionalinformation,seeChapter 9,PreparingYourHASP SRM LicensingPlan. WhenyoustartHASP SRMBusinessStudio,youhaveaccesstothe LicensingPlangroupoffunctions,including:

ManagingFeatures ManagingProducts
Note:
AllHASP SRMFeaturesandProductsareassociatedwitha HASP SRMBatchCode.ForadditionalinformationonBatchCode, seePersonalizedVendorandBatchCodesonpage 36.
Managing Features
139
Managing Features
WhenyouselecttheManage FeaturesfunctionintheHASP SRM BusinessStudiowindow,youcanviewthedetailsofalldefined FeaturesassociatedwiththeselectedBatchCode.Youcanperformthe followingtasksusingtheManage FeaturesfunctioninHASP SRM BusinessStudio:

DefineFeatures WithdrawFeaturesfromuse
Defining Features
Ifyouhavepreparedalicensingplan,thefirststageinits implementationistouseHASP SRMBusinessStudiotodefineallthe Featuresthatyoulistedintheplan. BeforeyoubegintodefineFeatures,ensurethatyouhavethe followinginformationavailableforeachnewFeature:

TheBatchCodeassociatedwiththeFeature AFeatureNamethatisuniqueintheselectedbatch(mandatory). The maximumlengthforaFeatureNameis50characters. Afreetextdescriptionthatprovidesadditionalinformationabout theFeature(optional) TheIDnumberthatyouwanttoassigntotheFeature(optional). TheIDmustbeuniqueintheselectedbatch.ThesameFeature ID maybeusedinmorethanonebatch.
AfteryouhavedefinedaFeature,anduntiltheFeatureisincludedina Product,youcanchangethesepropertiesinHASP SRMBusinessStudio. AftertheFeaturehasbeenincludedinoneormoreProducts,youcan opentheFeaturetoviewitsdetails,butyoucannotchangethem.
Note:
LicensetermsareFeaturespecificinHASP SRM.However,theyarenot definedaspartoftheFeatureproperties.ThelicensetermsforaFeature arespecifiedwhentheFeatureisaddedtoaProduct,orwhenthe Productisaddedtoanorder.ThisisbecausethesameFeaturemaybe includedinanumberofProducts,andthelicensetermsfortheFeature mayvaryaccordingtotherequirementsoftheProductoroftheorder.
Feature Identification
Bydefault,HASP SRMBusinessStudiogeneratesauniqueFeature IDfor eachnewFeature.Youcanassignyourownnumericidentifiertothe Feature,forexample,tomaintainconsistencywithexistingFeaturedata. TheFeature IDthatyouspecifymustbeuniqueintheselectedbatch.
Transferring Feature Definitions For Development Use

AfteryouhavedefinedtheFeaturesforaselectedbatch,users authorizedtoperformDevelopmenttaskscantransfertheFeature datatoafilethatcanbeusedfordevelopmentandprotection purposes.FormoreinformationontransferringFeaturedefinitions, seeExportingDefinitionDataonpage 172.
Feature Status Values

WhenaFeatureisfirstdefined,itsstatusis Ready.Thisstatusindicates thattheFeatureisavailableforuseinProducts.TheFeaturedetails canbechangeduntilitisincludedinaProduct,andifrequired,the Featurecanbedeleted. AfteraFeaturehasbeenselectedforuseinaProduct,itsstatus changestoIn use.ThisstatusindicatesthattheFeatureisavailablefor useinadditionalProducts,buttheFeaturedetailscannotbechanged anditcannotbedeleted. IfaFeaturehasbeenusedinatleastoneProductandissubsequently withdrawnfromuse,itsstatuschangestoObsolete.
Withdrawing a Feature
Atsomestage,youmaywanttowithdrawaselectedFeaturefromuse andspecifythatitcannolongerbeincludedinProducts,forexample, ifthefunctionalcomponentassociatedwiththeFeatureisbeing replacedbyamoresophisticatedcomponent. IftheFeaturehasnotbeenincludedinanyProduct,youcandeleteit. AFeaturecannotbedeletedonceithasbeenincludedinatleastone Product.Youcan,however,withdrawtheFeaturefromuseby markingitasObsolete. AnObsoleteFeaturecannotbeaddedtoProducts,butitsdetailsare maintainedinHASP SRMBusinessStudiofortrackingpurposes,and itcontinuestobefunctionalinexistingProducts.
Managing Products
141
Managing Products
WhenyouselecttheManage ProductsfunctionintheHASP SRM BusinessStudiowindow,youcanviewthedetailsofalldefined ProductsassociatedwiththeselectedBatchCode.
YoucanperformthefollowingtasksusingtheManage Productsfunction inHASP SRMBusinessStudio:

DefinenewBaseProducts DefinenewProvisionalProducts DuplicateexistingProducts DefinenewModificationProducts DefineCancellationProducts

OpenaProduct EditaProduct WithdrawProductsfromuse DeleteaProduct
Note:
YoucannoteditordeleteaProductthathasalreadybeenincludedin anorder(withtheIn Use status).
Defining New Products

BeforeyoustarttodefinethenewProductsinyourlicensingplan, ensurethatyouhavethefollowinginformationavailableforeach Product:

TheBatchCodeassociatedwiththeProduct AProductNamethatidentifiestheProductandisuniqueinthe selectedbatch(mandatory).ThemaximumlengthforaProduct Nameis50characters. Afreetextdescriptionthatprovidesadditionalinformationabout theProduct,forexample,thefunctionalityitincludes(optional) ProductreferenceinformationthatcanidentifytheProductina differentsystem,forexample,aproductcodeinyourcompanys ERPsystem(optional) Thelevelofprotection(lockingtype)thatyouwanttoapplytothe Product TheFeaturestobeincludedintheProduct ThelicensetermsforeachFeaturetobeincludedintheProduct ThedatatobestoredinthememoryassociatedwiththeProduct
AfteraProducthasbeendefined,itcanbeincludedinorders. For additionalinformationonprocessingorders,seeDefiningOrders onpage 158. UntiltheProductisincludedinanorder,youcanchangetheProduct properties,Features,andmemorycontentsinHASP SRMBusiness Studio.AftertheProducthasbeenincludedinatleastoneorder,you canopentheProducttoviewitsdetails.However,youcannotmake anychanges.
Managing Products
143
TheonlychangesthatcanbemadeafteraProductisincludedinan orderarethoserelatedtolicensingtermsandmemorydatathathave beenpreviouslyspecifiedasdefinableatordertime,andthese changesaremadewhentheorderisbeingprocessed.
Product Types
ThebasicunitonwhichallProductsarebuiltistheBaseProduct.A BaseProductcancontainalltheProductattributessuchasFeatures, licensingdataandmemoryandcanbeusedasaProductthatyou offerforsale,and/orasashellonwhichotherProducttypesare built. YoucandefineProvisionalProductsforuseduringagraceperiodoras trialware.ThepropertiesforProvisionalProductsarenotidenticalto thoseforstandardProducts.Foradditionalinformation,seeDefining ProvisionalProductsonpage 147. YoucancreateDuplicateProducts,whichineffectcopyandpaste existingProductdetailsintoanewProduct.Foradditional information,seeDuplicatingaProductonpage 148. YoucanalsodefineModificationProductsandCancellationProductsto caterforchangesinyourProductrangeandinyourcustomers requirements.Foradditionalinformation,seeMaintainingProductsand Licensesonpage 149.
Selecting the Locking Type for the Product

WhenyoudefineaProduct,youmustselectalockingtype. The lockingtypedetermines:

ThelevelofprotectionfortheProduct ThetypeofHASP SRMprotectionkeysthatcanbeshippedwith theProduct ThewaythattheProductcanbeactivated
144 Implementing Your HASP SRM Licensing Plan Thelockingtypeoptionsare:
HASP HL locking only: TheProductreceivesthehighestlevelof
protectionandcanbeshippedandactivatedwithHASP HLkeys only.ForadditionalinformationonHASP HLlocking,see HASP HLKeyProtectionandActivationonpage 130. HASP SL locking only:TheProductcanbeshippedandactivatedwith HASP SLkeysonly.ForadditionalinformationonHASP SL locking,seeHASP SLKeyProtectionandActivationonpage 131. HASP HL or HASP SL locking: ThedecisiononthetypeofHASP SRM protectionkeytobeshippedwiththeProductismadewheneach orderisprocessed.
WARNING!
AProductthatcanbedistributedwithbothHASP HLkeysand HASP SLkeysisalwayssuppliedwiththeHASP SLkeylevelof protection,evenwhenitisshippedwithHASP HLkeys. ThedefaultlockingtypecanbespecifiedusingtheSystemSettings function.
Managing Products
145
Specifying the License Terms for the Features in the Product

WhenyouincludeaFeatureinaProduct,thefollowingdefaultlicense termsareassigned:

License type:Perpetual Number of concurrent instances:Unlimited
InordertospecifytherequiredlicensetermsfortheFeature,youcan:
Selectadifferentlicensetype: ExpirationDate Executions Time Period Assignavaluefortheselectedlicensetype: Theexpirationdate Thenumberofexecutions Thenumberofdaysuntilthelicenseexpires,fromthedateof firstuse
IftheFeatureisintendedtobeusedonanetwork,virtualmachine,or remotedesktop,youcanspecifythenumberofconcurrentinstances allowed,andyoucanselecthowconcurrentinstancesarecounted:

Station:Eachloginrequestforasinglemachineiscountedasan
instance(default) Login:Eachloginrequestiscountedasaninstance Process:Eachloginrequestforasingleprocessiscountedasan instance
IftheFeatureisinaProductthatwillbelockedtoaHASP SLkey,and isdefinedtobeusedonanetwork,youcanspecifythatthelicenseis allowedtobetemporarilydetachedfromthenetworkpool.This meansthatthelicensecanlaterbeattachedtoaremoterecipient machinethatisnotconnectedtothenetwork,toenableausertowork offline.
146 Implementing Your HASP SRM Licensing Plan Ifrequired,youcanspecifythatauserworkinginRemoteDesktop (terminalmachine)modecanaccessthelicense.Similarly,youcan specifythatthelicenseforaFeatureinaProductthatwillbelockedto aHASP SLkeycanbeenabledtorunonaVirtualMachine.
WARNING!
Alicensethathasbeenenabledtorunonavirtualmachinecanbe activeonanyvirtualmachine,withoutlicensecontrol. Youcanleavethevalueforthelicensetypeundefinedatthisstage, andspecifythattheexactvaluewillbedefinedwheneachorderfor theProductisprocessed. Similarly,youcanspecifythatthenumberofconcurrentinstanceswill bedefinedwhenanorderfortheProductisprocessed.
Note:
TheabovelicensetermoptionsdonotapplytoProvisionalProducts. Foradditionalinformation,seeDefiningProvisionalProductson page 147.
Defining HASP SRM Memory Data

WhenyoudefineaProductinHASP SRMBusinessStudio,youcandefine thelayoutandcontentsofthememorydataassociatedwiththeProduct. Youcandefineareas(segments)inmemoryandenterdataintothem asrequired.Youcanalsospecifythatdataisenteredinoneormoreof thememorysegmentsatordertime.Youcanselectdifferentcolorsfor eachsegmenttomakeiteasytoidentifythem,andyoucanredefine thedataandthelayoutasrequired.
Managing Products
147
Youcanselectthememorytypeforeachsegmentthatyoudefine, accordingtothetypeandpurposeofthedatayouwanttostore: Read/Write Memory:Datathatcanbeupdatedwhenthedeployed, protectedprogramisrunning,suchasdynamicvaluesforcounters, orinformationretrievedduringinteractionwiththeuser. Read-Only Memory:Datathatcanbereadwhentheprotected programisrunningbutcannotbechanged,suchastheProduct versionnumber,texttobeusedinaWelcomemessage,fixed thresholdvaluesforcounters,andsoon.
Note:
Youcanuseeitherorbothtypesofmemorytostoreandcontrol licensesfromyourownlicensingschemes. Thedatadefinedinmemoryiswrittentothesecurestorageofthe HASP SRMprotectionkeystogetherwiththeFeatures,licenseterms andotherdatadefinedfortheProduct.
Defining Provisional Products

YoucandefineProvisionalProductsthatcanbedistributedforuse duringagraceperiodorastrialware. ThepropertiesofaProvisionalProductaresimilartothosefora standardProduct,withthefollowingexceptions:
Locking Type:ProvisionalProductsdonotrequirealockingtype,
sincetheycanbeactivatedandusedforalimitedperiodwithout a HASP SRMprotectionkey. License Terms:EachFeatureinaProvisionalProductis automaticallyassignedaTime Periodvalueof30days.Thisvalue canbechangedtoavaluewiththerangeof190days. ForadditionalinformationonthepurposeanduseofProvisional Products,seeDesignatingProductsforTrialorGracePeriodUseonpage 132. ProvisionalProductsarenotavailableforinclusionincustomer orders.UsersauthorizedtoperformDevelopmenttaskscanbundle ProvisionalProductsfordistribution.Foradditionalinformation,see GeneratingBundlesofProvisionalProductsonpage 170.
Product Status Values

WhenaProductisfirstdefined,itsstatusisReady.Thisstatusindicates thattheProductisavailabletobeincludedinorders.TheProduct detailscanbechangeduntilitisincludedinanorder,andifrequired, theProductcanbedeleted.
In use.ThisstatusindicatesthattheProductisavailableforusein
AfteraProducthasbeenincludedinanorder,itsstatuschangesto
additionalorders,buttheProductdetailscannotbechangedandit cannotbedeleted. IfaProducthasbeenincludedinanorderandissubsequently withdrawnfromuse,itsstatuschangestoObsolete.
Duplicating a Product
AfteryouhavedefinedaProduct,youcaneasilydefineadditional Productswithsimilardetails,usingtheDuplicate Productoptionin HASP SRMBusinessStudio.ThisoptioncreatesanewProductusing thedefinedproperties,Features,andmemorycontentsoftheoriginal Product,andenablesyoutomakeanychangesyourequire,withthe exceptionofchangingtheBaseProductortheProductlockingtype.
Note:
IfyouduplicateaBaseProduct,youcangiveitanewname.
Withdrawing a Product
Atsomestage,youmaywanttowithdrawaselectedProductfrom useandspecifythatitcannolongerbeincludedinorders,for example,ifitisbeingreplacedbyanupdatedversion. IftheProducthasnotbeenincludedinanyorder,youcandeleteit. A Productcannotbedeletedonceitisincludedinatleastoneorder.You can,however,withdrawtheProductfromusebymarkingitasObsolete. AnObsoleteProductcannotbeaddedtoorders,butitsdetailsare maintainedinHASP SRMBusinessStudiofortrackingpurposes,andit continuestobefunctionalwhenalreadyattheenduserssite.
Maintaining Products and Licenses
149

AfteryouhavedefinedtheinitialFeaturesandProducts,youcanuse theLicensingPlanoptionsinHASP SRMBusinessStudiotocaterfor changingcircumstances,suchasthereleaseofnewsoftwareversions andchangesincustomerrequirements. HASP SRMBusinessStudioenablesyoutomaintainyourlicensing planbydefiningnewFeaturesandProductsasrequired.Inaddition, youcanuseHASP SRMBusinessStudioto:

ManageProductversions CancelProductlicenses
Managing Product Versions

Afteryouhaveimplementedyourinitiallicensingplan,youneedto continuetoreviewandupdateittocaterforchangesinyour companyssoftwareapplications,incustomerdemand,inthemarket, andsoon.Forexample:
Yourcompanydevelopsanenhancedversionofanexisting Productandyouwanttoofferthenewversionsforsaleinsteadof (orinadditionto)theoriginalProducts. Youwanttoofferyourexistingcustomerstheopportunityto replacetheircurrentversionofaProductwithanupgraded versionthathasadditionalFeatures. Feedbackfromyourcustomersindicatesthattheywantto purchaseaspecificProductwithdifferentlicensetermsthanyou arecurrentlyoffering.
Incircumstancessuchasthese,sinceyoucannotchangetheproperties ofanexistingProductafterithasbeenordered,youcandefinea ModificationProductbasedontheBaseProduct. AModificationProductisamodifiedversionofanexistingProduct, containingchangessuchas:

Asoftwareupgrade Extendedlicenseterms AddedorremovedFeatures
150 Implementing Your HASP SRM Licensing Plan YoucandefineseveralModificationProductsforthesameBase Product,withdifferentFeatures,memoryand/orlicenseterms.
Note:
YoucanalsodefineModificationProductsbasedonanexisting ModificationProduct.
Defining a Modification Product

BeforeyoustarttodefineaModificationProduct,ensurethatyou havethefollowinginformationavailable:

ThenameoftheProductthatisbeingmodified TheBatchCodeassociatedwiththeProductthatisbeingmodified AProductNamethatidentifiestheModificationProductandis uniqueintheselectedbatch(mandatory).Themaximumlength foraProductNameis50characters. Adescription(freetext)thatprovidesadditionalinformation abouttheModificationProduct,forexample,thechangesit includes(optional) Thedetailsoftherequiredchanges,includingFeaturestobe addedorremoved,and/ormemoryandlicensetermupdates
Specifying License Terms and Memory for a Modification Product

InordertochangethelicensetermsforeachFeatureinthe ModificationProduct,youcan:

Changethevalueforthelicensetypebyaddingorsubtracting daysornumberofexecutions Changethesettingsforconcurrentinstances,ifappropriate Overwritethelicensetermsincludingselectinganewlicensetype Changememorysegmentsordata Cancelthelicense
Youcanleavethelicensetypevalueandtheconcurrentinstances settingsunchangedatthisstage,andspecifythattheywillbechanged wheneachindividualorderfortheModificationProductisprocessed.
151
Example: Defining a Modification Product

Scenario:WhentheProductManagerofHQ Softwareoriginally definedtheHQ Design ProProduct(intheexampleonpage 134),the
REPORTGENERATORFeaturewasnotyetavailable. ThisFeaturehasnowbeendeveloped,tested,andprotected,andhas beenincludedinanenhancedversionofHQ Design Pro (v.2.0).This versionoftheProductisreadyforsaletonewcustomers,andcanalso beissuedtocustomerswhoholdcurrentlicenses. Accordingly,theProductManagerforHQ SoftwaredefinesaModification ProductfortheHQ Design ProProduct,namedHQ Design Prov.2.0. WhentheModificationProductisdefined,theREPORTGENERATOR FeatureisaddedtotheProduct,withthesamelicensetermsasforthe otherFeatures.
Issuing Modification Products

ModificationProductscanbeincludedinordersinthesamewayas theoriginalProducts. Forexample,iftheModificationProductisintendedtoreplacethe ProductinHASP SRMprotectionkeysthathavealreadybeen deployed,itcanbeincludedinaHASPUpdateorder.WhentheHASP Updateisapplied,thedatafortheModificationProductisaddedto thedatafortheoriginalProductintheHASP SRMprotectionkeys. Foradditionalinformationondefiningandproducingorders,see Chapter 11,HASP SRMOrders,Production,and DevelopmentTasks.
Canceling Product Licenses

Incertaincircumstances,itmaybenecessarytocancelthelicense termsforoneormoreFeaturesinaProductthathasbeendeliveredto acustomer,forexample:

Torevokeadeployedlicense TocancelthelicenseforaProductthathasbeenreturnedbefore itslicensetermshaveexpired ToremovethelicenseforaProductfromaspecifiedcomputer,so thatitcanbetransferredtoanothercomputer
152 Implementing Your HASP SRM Licensing Plan ACancellationProductcanbedefinedfortheProduct,withvaluesthat cancelpreviouslicenseterms.ThisCancellationProductcanbeused wheneverthelicensetermsoftheoriginalProductneedtobecancelled. Theprocessofcancelingthelicensetermsofaspecificinstanceofa Productcanincludethefollowingstages: 1. WhentheoriginalProductneedstobecancelled,aCustomerto Vendor(C2Vfile)isrequestedfromthecustomer,containingthe requiredlicenseinformation. 2. AnorderfortheCancellationProductisdefinedandproduced. 3. IftheProductlicenseisbeingmovedtoanothercomputer,aneworder fortheoriginalProductisproducedwiththeappropriatedetails. 4. Thechangedlicenseinformationissenttothecustomer. 5. Anacknowledgementreceiptisreturnedbythecustomerwhen thechangehasbeenimplemented. ForadditionalinformationonC2Vfilesandondefiningand producingorders,seeChapter 11,HASP SRMOrders,Production, and DevelopmentTasks.
Defining a Cancellation Product

BeforeyoustarttodefineaCancellationProduct,ensurethatyouhave thefollowinginformationavailable:

ThenameoftheProducttobecancelled TheBatchCodeassociatedwiththeProducttobecancelled AProductNamethatidentifiestheCancellationProductandis uniqueintheselectedbatch(mandatory).Themaximumlength foraProductNameis50characters. Adescription(freetext)thatprovidesadditionalinformation abouttheCancellationProduct,forexample,thereasonitis required(optional) TheFeaturestobecancelled
Specifying License Terms or Memory for a Cancellation Product

TheoptionsfordefiningthelicensetermsforaCancellationProduct areexactlythesameasforaModificationProduct.Foradditional information,seeSpecifyingLicenseTermsandMemoryforaModification Productonpage 150.
153
Example: Canceling a License

Scenario:Anewcustomer,TOPConstruction,purchasedaoneyear rentallicensefortheHQ Design LiteProduct.Afterthreemonths,the
customerwantstocancelthelicenseandreceivearefund. HQ SoftwaredefinesaCancellationProductfortheHQ Design Lite Product,withthelicensetermscancelledforalltheFeaturesinthe Product.ThisCancellationProductisonlydefinedonceitcan subsequentlybeusedwheneverrequiredinsimilarcircumstances. TOP ConstructionisaskedtosendaCustomertoVendor(C2V)file. ThefileisreceivedandprocessedinHASP SRMBusinessStudio. AHASPUpdateorderisdefinedandproducedfortheHQ Design Lite CancellationProduct.TheresultingVendortoCustomer(V2C)file containingthechangedlicensedetailsissenttoTOPConstruction. TOP ConstructionappliestheV2Cfile,thengeneratesandreturnsa C2Vfile,confirmingthatthelicensecancellationhasbeenapplied. HQ Softwarethenissuesarefund. ForadditionalinformationonC2VandV2Cfiles,andondefiningand producingorders,seeChapter 11,HASP SRMOrders,Production, and DevelopmentTasks.
Chapter 11
HASP SRM Orders, Production, and Development Tasks

ThefirstpartofthischapterisintendedforusersassignedtheOrder ManagementandProductionrolesinHASP SRM.It describeshowtouse HASP SRMBusinessStudiotomanageandproduceorders.
Developmentrole.ItdescribeshowtouseHASP SRMBusinessStudioto
Thefinalpartofthischapterisintendedforusersassignedthe
performdevelopmentrelatedtasks,includinggeneratingbundlesof ProvisionalProductsandHASP SRMRuntimeEnvironmentinstaller files,andexportingdefinitionfiles. ForanoverviewofHASP SRMBusinessStudioandforinformation onstartingtousetheapplication,seeChapter 8,Introductionto HASP SRMBusinessStudio.
In this chapter:

HASP SRM Order Processing and Production Managing Orders Producing Orders Performing Development-related Tasks Enabling Trial Use and Grace Periods
Note:
Thischapterprovideshighlevelinformationontheordermanagement, production,anddevelopmentrelatedprocessesinHASP SRMBusiness Studio.Fordetailedpracticalinstructionsforusingeachfunction,see theHASP SRMBusinessStudioHelpdocumentation.
156 HASP SRM Orders, Production, and Development Tasks
HASP SRM Order Processing and Production

AnorderisarequestforHASP SRMitems,andcanbeoneofthe following:

ArequestforProductstobesuppliedwithoneormore HASP SRMprotectionkeys AHASPUpdatethatspecifieschangestobemadetothelicense termsand/ordatastoredinHASP SRMprotectionkeysthathave alreadybeendeployed
AfterFeaturesandProductshavebeendefinedinHASP SRM BusinessStudio,orderscanbeprocessedandproducedusingthe Productiongroupoffunctions,including:

ManagingOrders ProducingOrders PerformingDevelopmentrelatedTasks
Managing Orders
157
ThespecificHASP SRMBusinessStudiofunctionsyoucanaccessin theProductiongroupoffunctionsdependontheroleassignedtoyou, asfollows:
IfyouhavebeenassignedtheOrder Management role,youhave accesstoboththeOrderManagementandtheCustomerServices functions IfyouhavebeenassignedtheProductionrole,youhaveaccessonly totheOrderProductionfunctions IfyouhavebeenassignedtheDevelopmentrole,youhaveaccess onlytotheDevelopmentTasksfunctions
Managing Orders
ThissectionisintendedforusersassignedtheOrder Managementrole. WhenyouselecttheManage OrdersfunctionintheHASP SRMBusiness Studiowindow,youcanviewthedetailsofallcustomerorders associatedwiththeselectedBatchCode.
Note:
ForadditionalinformationonBatchCodes,seePersonalizedVendorand BatchCodesonpage 36. YoucanperformthefollowingtasksusingtheManage Ordersfunction:

Definenewcustomers Defineorders Deleteorders ProcessCustomertoVendor(C2V)information
Defining Orders
BeforeyoustarttodefineanorderforacustomerinHASP SRM BusinessStudio,ensurethatyouhavethefollowinginformation available:

Detailsofthecustomerwhoplacedtheorder(optional) TheProductstobeincludedintheorder Therequiredvaluesforanylicensetermsthathavenotyetbeen specifiedfortheProductsintheorder Theproductionrequirements,accordingtotheordertype: OrderforHASP HLkeys OrderforProductKeys OrderforHASPUpdate Additionalorderinformation(optional)
Note:
HASP SRMBusinessStudiogeneratesauniqueOrderIDforeachnew order.
Defining the Customer for the Order

WhenyoudefinetheorderinHASP SRMBusinessStudio,youcan specifythecustomerwhoplacedtheorder.Youcansearchforan existingcustomer,usingthecustomernameorotheridentifying details,oryoucandefineanewcustomer.Youcanalsoeditthedetails ofanexistingcustomer.HASP SRMgeneratesauniqueCustomerID foreachnewcustomer.
Note:
YoucanalsodefineanewcustomerusingtheCustomerServices function.
Managing Orders
159
Including Products in the Order

AnordercancontainoneormoreProducts.AllHASP SRMProducts areassociatedwithaHASP SRMBatchCode.Youmustspecifythe BatchCodeinordertobeabletoselecttheProductstobeincludedin theorder.
Note:
ProvisionalProducts(Productsdefinedforuseduringagraceperiod orastrialware)arenotavailableforinclusioninorders.The processof generatingfilescontainingProvisionalProductsisaDevelopment task.Foradditionalinformation,seeGeneratingBundlesofProvisional Productsonpage 170. EachProductisassignedalockingtypewhenitisdefined.Thelocking typedeterminesthelevelofHASP SRMprotectionandthetypeof HASP SRMprotectionkeythatcanbesuppliedwiththeProduct. ThelockingtypeassignedtoaProductmaydeterminethetypeof orderthatcanbeproduced:
ProductsdefinedwiththeHASP HL onlylockingtypecanbe includedinordersforHASP HLkeys,ProductKeys,orforHASP Updates. ProductsdefinedwiththeHASP SL only lockingtypecanbe includedonlyinordersforProductKeysorforHASPUpdates. ProductsdefinedwiththeHASP HL and HASP SL lockingtypecanbe includedinordersforHASP HLkeys,ProductKeys,orforHASP Updates
YoucannotaddaProductdefinedwiththeHASP HL onlylockingtype andanotherProductdefinedwiththeHASP SL only lockingtypetothe sameorder. Foradditionalinformationonlockingtypes,seeChoosingtheProtection LevelforYourProductsonpage 130.
Specifying License Term Values

WhenaProductisinitiallydefinedinHASP SRMBusinessStudio,the exactlicensetermvaluesforeachFeaturecanbeleftunspecified.This enablesyoutoincludethesameProductindifferentorderswith differentlicensetermvalues. Inthiscase,thelicensevaluesmustbespecifiedwheneachorderfor theProductisprocessed. Youmayberequiredtospecifyoneormoreofthefollowinglicense termvaluesforFeatureswhenprocessinganorder:

Thedateonwhichthelicenseexpires ThemaximumnumberoftimesthattheFeaturecanbeused Thenumberofdaysuntilthelicenseexpires
Youmayalsoberequiredtospecifythenumberofconcurrent instancesforoneormoreFeatures.Thisvaluespecifiesthenumberof instancesofsimultaneoususagethatthelicenseallowsonthe customersnetwork.Concurrentinstancesmayrelatetothenetwork, processes,ormachines. Anordercanbeproducedonlyafterthelicensetermvalueshavebeen specifiedforalltheFeaturesineveryProductincludedintheorder.
Specifying Memory Data

WhenaProductisinitiallydefinedinHASPSRMBusinessStudio, memorydatacanbeleftunspecified.Thisenablesyoutocustomize memorydataforeachProductatordertime.Forexample,customer specificmemorydatacanbeaddedtotheProductwhenanorderis beingprocessed.
Specifying an Order for HASP HL Keys

WhenanorderforHASP HLkeysisproduced,theorderedProducts areprogrammed(burned)ononeormoreHASP HLkeystobe shippedtothecustomer.ForadditionalinformationonHASP HL keys,seeHASP HLKeysonpage 38. Whenyoudefinetheorder,youmustspecifythetotalnumberof HASP HLkeystobeproducedfortheorder.
Managing Orders
161
Specifying an Order for Product Keys

AProductKeybasedorderenablesyoutoproduceHASP SLkeys. TheorderedProductsareassociatedwithoneormoreHASP SRM ProductKeys.AProductKeyisastringofcharactersgeneratedby HASP SRMBusinessStudioandstoredinafilefordeliverytothe customer. AftertheenduserreceivestheProductKeyandreturnsitasproofof purchase,theHASP SRMBusiness StudioSerververifiestheProduct KeyandproducesaHASP SRMprotectionkey.TheHASP SRM protectionkeyisthensentbackwiththelicensetermsandinstalledon theenduserscomputer,enablingtheProducttobeactivated. WhenyoudefineaProductKeybasedorder,youmustspecifythe followinginformation:

ThenumberofProductKeystobeproducedfortheorder ThenumberofactivationsallowedforeachProductKey.Thisis thenumberofmachinesonwhicheachProductKeycanbeused.
Note:
BeforeaHASP SLkeycanbeusedonanend userscomputer,a ProvisionalProductmusthavebeeninstalledonthecomputer. When theProvisionalProductisinstalled,itinitializestheHASP SRM RuntimeEnvironment,whichisrequiredforcommunication betweentheHASP SLkeyandthesoftware. TheprocessofgeneratingfilescontainingProvisionalProductsisa Developmenttask.Foradditionalinformation,seeGeneratingBundles ofProvisionalProductsonpage 170.
Specifying a HASP Update Order

AHASPUpdateorderspecifieschangestobemadetothelicense terms,Products,and/ordatastoredinHASP SRMprotectionkeysthat havealreadybeendeployedtoendusers.AHASPUpdatecanbe appliedremotelytoHASP HLkeysorHASP SLkeys,eitherusingthe HASP SRMRuntimeAPIbycallingthehasp_updatefunction,orby usingtheHASP SRMRemoteUpdateSystemutility. WhentheHASPUpdateorderisproduced,afilecontainingthe detailsofthechangesisgeneratedforeachHASP SRMprotectionkey tobeupdated.Thisfilecanbeoneofthefollowing:

Anexecutablefile(EXE)thatcanbedeliveredtoendusersforuse asinstructedbyyourcompany AVendortoCustomer(V2C)filethatenduserscanprocessusing theHASP SRMRemoteUpdateSystem(RUS)utility
ForadditionalinformationonRUS,seeChapter 13,HASP SRM RemoteUpdateSystem. AreceiptcanbegeneratedduringtheHASPUpdateprocess,enabling youtoverifythattheupdatehasbeenapplied. WhenyoudefineaHASPUpdateorder,youmustspecifythetotal numberofHASP SRMprotectionkeystobeupdatedasaresultofthis order.YoumayalsoneedtoselectthespecificHASP SRMprotection keystobeupdated.
Locating the HASP SRM Protection Keys to Update

WhenyoudefineaHASPUpdateorder,youmayneedtoselectthe specificHASP SRMprotectionkeystobeupdated.Forexample,the ordermaybeforanorganizationwith100HASP SRMprotection keys,andthisorderisrequiredtoupdatethekeysforonly10specific users. InHASP SRMBusinessStudio,youcan:

DisplayalistofthecustomersHASP SRMprotectionkeys Viewthecontentsofeachkey Selectthekeystobeupdated
Note:
YoucannotselectmoreHASP SRMprotectionkeysthanthetotal numberofkeysspecifiedintheOrder DetailsareaintheProduction Orderdialogbox.
Managing Orders
163
Optional Order Information

Youcanaddthefollowingoptionalinformationtotheorder:
Orderreferenceinformationthatcanidentifytheorderina differentsystem,forexample,anordernumberinyour companysERPsystem. Aprioritylevel,toindicatetheurgencyoftheorderfor productionpurposes.ThedefaultisPriorityC. Afreetextcommentthatprovidesadditionalinformationabout theorder.
Adding the Order to the Production Queue

Afteryouhavespecifiedallthenecessaryinformationforanorder, youcanproduceitimmediatelyoraddittotheproductionqueue. The queueisalistofallordersawaitingproduction. Ordersintheproductionqueuecanbeselectedforproduction accordingtothecriteriadeterminedbyyourorganization. HASP SRMBusinessStudioenablesyoutoputonholdanyorders thathavenotbeencompletelydefined,withoutlosingtheinformation thatyoumayhavealreadyspecified.Youcanopentheorderand continuetodefinetheorderdetailswhenconvenient.
Order Status Values

Whenanorderisfirstdefined,itsstatusisOn Hold.Thisstatusindicates thattheorderisnotyetintheproductionqueue.Theorderdetailscan bechanged,andifrequired,theordercanbedeleted. Whenanorderisintheproductionqueue,itsstatuschangestoReady. Thisstatusindicatesthattheorderisawaitingproduction.Thedetails ofaReadyordercannotbechanged.However,itcanbedeleted. Aftertheproductionofanorderhasbeencompleted,itsstatus changestoComplete,orinthecaseofHASP SRMProductKeys,Product Keys generated.
Processing C2V Information

C2Vfilescontainprotectedinformationaboutthelicensetermsand datastoredindeployedHASP SRMprotectionkeys.Theydonot containprivatecustomerinformation. C2VfilescanbegeneratedusingtheHASP SRMRemoteUpdate System(RUS)utility.ForadditionalinformationonRUS,see Chapter 13,HASP SRMRemoteUpdateSystem. C2VinformationstoredinHASP HLkeysandinC2Vfilescanbe retrievedforuseinconnectionwithHASPUpdateorders. WhenaC2VfileorHASP HLkeyisreceivedfromacustomer,you mustcheckintheinformation,inordertomakethedatainthefileor keyavailabletoHASP SRMBusinessStudio.Theprocessofchecking intheC2VinformationstoresthedatasecurelyontheHASP SRM Business StudioServer,andenablesyoutoviewsomeofthe information. WhenyoucheckinaC2Vfile,youcanviewtheidentifying informationfortheHASP SRMprotectionkeysassociatedwiththe file,includingtheBatchCode,IDandkeytype.Youcanalsoviewthe Productdetailscontainedinthefile.WhenyoucheckinaHASP HL key,youcanviewsimilarinformation.
Formatting a HASP HL Key

YoucanformataHASP HLkeytomakeitavailableforreuse.The processofformattingaHASPHLkeydeletesanyordersthathave beendefinedforthekeybutnotyetproduced.ItalsoproducesaV2C filethatcontainsHASPUpdateinformationtobeappliedtothekey usingRUS.ApplyingtheHASPUpdateerasesalllicenseandmemory datastoredinthekey.
Order Processing and Production Examples

Intheexamplesinthissection,HQ Softwaredefinesthefollowing ordersforitscustomers: 1. 2. 3. OrderforHASP HLkeys OrderforProductKeys(HASP SLkeys) HASPUpdateorder
Managing Orders
165
Order Example 1: Order for HASP HL Keys

Scenario:Anewcustomer,ABC Design,orderstheHQ Design ProProduct
fromHQ Softwarewithalicensefor20users. SincetheHQ Design ProProductisdefinedwithHASP HLkey protection,thedetailsforthisorderaredefinedasfollows:

Customer: ABC Design Product:HQ Design Pro Order type:HASP HL keys Number of keys:20
Whenthisorderisproduced,theHQ Design Pro Productlicenseis programmedon20 HASP HLkeys,whicharethenshippedtothe customer.
Order Example 2: Order for Product Keys (HASP SL Keys)

Scenario:OnMarch15,2007,anothercustomer,JLOptics,ordersthe HQ Design LiteProduct,withalicenseforuseontwocomputers.
TheHQ Design Lite ProductisdefinedwithHASP SLkeyprotectionand anannualrentallicense.Inordertoensurethatthecustomerenjoysa fullyearslicenseduse,theexpirationdateneedstobespecifiedwhen theorderisplaced. Thedetailsforthisorderaredefinedasfollows: Customer: JL Optics Product:HQ Design Lite Expiration date for DRAW and SAVE:March 15, 2008 Order type:Product Key-based Number of Product Keys:1 Number of Activations per Product Key:2
Note:
ThisexampleassumesthatJLOpticshasinstalledandusedthe HQ Design Demo ProvisionalProductonthetwocomputersbefore orderingtheHQ Design LiteProduct.Asaresult,theHASP SRM RuntimeEnvironmentforHASP SLhasalreadybeeninitializedon thosecomputers. Whenthisorderisproduced,afileisgeneratedcontainingaProduct Key.HQ SoftwaresendsthisfiletoJLOpticsbyemail.
166 HASP SRM Orders, Production, and Development Tasks TwoendusersatJLOpticsopenthefileandentertheProductKeyas requiredontheHQ SoftwareWebsite.TheHQ Softwarecustomer interfaceapplicationsendstheProductKeytotheHASP SRM Business StudioServer,whichverifiestheProductKeyandreturnsa HASP SLkeytothecustomer. TheHASP SLkeyisinstalledonthetwocomputersatJL Opticswith thelicenseinformation,andtheHQ Design LiteProductcanbeactivated underthetermsofthelicense.
Order Example 3: Order for HASP Update

Scenario:HQ SoftwareinformsABC Designthatanewversionof HQ Design Pro hasbeenreleased,containingtheREPORTGENERATOR
Feature,andthatanupgradeisavailableforpurchase.ABC Design orderstheenhancedProductforfiveofits20users.

HQ Design Pro v.2.0,readyforinclusionincustomerorders.
HQ SoftwarehasdefinedaModificationProductforthenewversion,
BeforedefiningtheHASPUpdateorder,HQ Softwareneedsto receiveC2VfilesforthefiveHASP HLkeystobeupdated. ABC DesignusesRUStogeneratetherequiredC2Vfilesandsends themtoHQ Software. AftertheC2Vfileshavebeenreceivedandcheckedin,HQ Software definesaHASPUpdateorderfortheModificationProduct. Thedetailsforthisorderaredefinedasfollows:

Customer: ABC Design Product:HQ Design Pro v2.0 Order type:HASP Update Number of HASP SRM protection keys to be updated:5.
Duringtheorderdefinitionprocess,thefiveHASP HLkeystobe updatedareselectedfromallthekeysissuedtoABC Design, accordingtotheC2V filesreceived. Whenthisorderisproduced,aV2Cfileisgeneratedforeachselected HASP HLkeyandsenttothecustomer. TheselectedfiveendusersinstalltheupdateontheirHASP HLkeys, usingRUS.Theyarethenabletoactivatetheupgradedversionof HQ Design Proandtogeneratetailoredreports.
Producing Orders
167
Producing Orders
ThissectionisintendedforHASP SRMBusinessStudiousers assignedtheOrder ManagementorProductionrole. WhenyouselecttheProduce OrdersfunctioninHASP SRMBusiness Studio,youcanviewthedetailsofallordersawaitingproduction.
YoucanperformthefollowingtasksusingtheProduce Ordersfunction:

ProduceOrders ViewOrders
Note:
IfyouhavebeenassignedtheOrder Managementrole,youcanchooseto produceanorderimmediatelyafteryoufinishdefiningit.
168 HASP SRM Orders, Production, and Development Tasks Theprocessofproducinganorderisdeterminedbythetypeoforder:

OrderforHASP HLkeys OrderforProductKeys(forusewithHASP SL) OrderforHASPUpdate
Whileproducinganyorder,youcanopentheorderandviewitsdetails.
Producing HASP HL Key Orders

BeforeyoustarttoproduceanorderforHASP HLkeys,HASP SRM BusinessStudioenablesyoutopreparetheappropriateHASP HL keystousefortheorder,bydisplaying:

TheHASP HLkeytypesthatarevalidfortheorder ThenumberofHASP HLkeystobeproduced,asspecifiedinthe order
HASP SRMBusinessStudiodetermineswhichHASP HLkeysare validfortheorderaccordingtoanumberoffactors,including:

ThelicensetermsdefinedfortheFeaturesintheProducts includedintheorder ThedatadefinedinmemoryforeachProduct Thespacerequiredonthekeytoaccommodatetheorder
Forexample,ifthelicensetermsforaProductintheorderarebased onanumberofdaysoranexpirydate,theordercanbeproducedonly onHASP HLkeyswithdateandtimemonitoringcapabilities,suchas HASP HLTime. Similarly,ifthelicensetermsforaProductintheorderspecifya numberofconcurrentinstancesinanetworkenvironment,theorder canbeproducedonlyonHASP HLkeyswithnetworkmonitoring capabilities,suchasHASP HL Net. ForadditionalinformationaboutHASP HLkeytypesandtheir capabilities,seeAvailableHASP SRMProtectionKeysonpage 39.
Producing Orders
169
Producing Orders for Product Keys

WhenyouproduceanorderforProductKeys,aTXTfileisgenerated containingtheProductKeys. Beforeyougeneratethefile,youmustspecifyitsrequiredlocation,or acceptthedefaultlocation.Thefileissavedintheformat Product_Keys_[order ID].txt. Afterthefilehasbeengenerated,theProductKeysareavailablefor use.Forexample,theycanbesenttocustomersbyEmail,printedon thecoverofaCD,andsoon.
Producing HASP Update Orders

TheorderproductionprocessgeneratesafilecontainingtheHASP UpdateinformationforeachHASP SRMprotectionkeytobe updated.Afterthefileshavebeengenerated,theycanbesenttothe customer. Beforeyougeneratethefile,youmustselecttherequiredlocationand thetypeoffilestobegeneratedfordeliverytoendusers:

VendortoCustomer(V2C)filesthatcanbeprocessedusingthe HASP SRMRemoteUpdateSystem(RUS)utility Executablefiles(EXE)thatcontainV2Cdataandcanbeusedas instructedbyyourcompany
ForadditionalinformationonRUS,seeChapter 13,HASP SRM RemoteUpdateSystem.
Note:
AdefaultfilelocationforV2Cfilesmayhavebeenspecifiedbythe HASP SRMAdministrator.
Performing Development-related Tasks

ThissectionisintendedforusersassignedtheDevelopment role. WhenyouselecttheDevelopment Tasks functionintheHASP SRM BusinessStudiowindow,youcanviewalistofalldevelopment relatedactivitiesthathavebeenperformedfortheselectedBatch Code. Themostrecentactivitiesaredisplayedatthetopofthelist. Youcanperformthefollowingdevelopmentrelatedactivitiesin HASP SRMBusinessStudio:

GeneratebundlesofProvisionalProducts Exportdatadefinitionstoafile CustomizetheHASP SRMRemoteUpdateSystem(RUS)utility GenerateacustomizedHASP SRMRuntimeEnvironment(RTE) installerfile
Generating Bundles of Provisional Products

WhenaProductisdefinedinHASP SRMBusinessStudio,itcanbe specifiedas aProvisionalProductfordistributionastrialwareorfor useduringagraceperiod. BundlesofoneormoreProvisionalProductscanbeshippedforuse forarestrictedperiodoftime,(currentlymaximum90days).
Note:
Softwarethathasbeensuppliedwithatriallicenseorforagrace periodcanbeactivatedafteravalidlicenseispurchased,witheithera HASP HLkeyoraHASP SLkey. ForadditionalinformationonthepurposeanduseofProvisional Products,seeDesignatingProductsforTrialorGracePeriodUseon page 132.
Performing Development-related Tasks
171
TheprocessofgeneratingabundleofProvisionalProductsinvolves:

SelectingtheProvisionalProductstobeincludedinthebundle ProducingafilecontainingtheProvisionalProductlicenseand VendorDLL.Thisfilecanbe: AnEXEfilecontainingV2Cdata AV2CfilethatcanbeusedwiththeHASP SRMRUSutility. ForadditionalinformationonRUS,seeChapter 13, HASP SRMRemoteUpdateSystem.
Theoutputfilefromthisprocessmustbeinstalledoneachendusers machineinorderto:

CreateaninitialHASP SRMRuntimeEnvironmentthatenables yourprotectedsoftwaretocommunicatewithHASP SLkeys Enableatrialwareorgraceperiodlicense
Note:
WhenabundleofProvisionalProductsisinstalledonanendusers computer,aprovisionalHASPIDisgenerated.Thisisreplacedbya HASP SRMprotectionkey IDwhenafullylicensedProductis installedonthatcomputer. Tosimplifytheinstallationprocessatenduserssites,itis recommendedthatyougenerateaHASP SRMRuntimeEnvironment installerexecutable.You canembedtheRuntimeEnvironment installerinyoursoftwaresetuptocreateareadytorunHASP SRM protectedandlicensedapplication. InordertogenerateaHASP SRMRuntimeEnvironmentinstaller executable,youneedtospecifytheV2Cfilegeneratedwhena ProvisionalProductbundleisproduced.AnEXEfilecontainingV2C datacannotbeusedtogenerateaHASP SRMRuntimeEnvironment installer.
Generating the HASP SRMRun-time EnvironmentInstaller

YoucangenerateaHASP SRMRuntimeEnvironmentinstallerthat simplifiestheinstallationprocessatenduserssites,forProvisional ProductsandforProductstobeusedwithHASP SLkeyprotection. TheinputtothisprocessisaV2Cfilethatcontainsyourvendor specificdata.ForProvisionalProducts,theV2Cfilealsocontainsthe ProvisionalProductbundledata. Theoutputcanbeoneofthefollowing:

AnexecutablefilethatcreatesaRuntimeEnvironment commandlineinstaller ADLLthatcanbeusedwiththeHASP SRMRuntime EnvironmentinstallerAPI
YoucanembedtheHASP SRMRuntimeEnvironmentinstallerin yoursoftwaresetuptocreateareadytorunHASP SRMprotected andlicensedapplication.
Generating a HASP SRM Run-time Environment installer for Running a Product with a Detachable License
Inorderforarecipientmachinetorunanapplicationusinga detachedlicense,theHASPSRMRuntimeEnvironmentandvendor librariesmustbeinstalled.Thisconditionisachievedbycreatinga RuntimeEnvironmentInstallerthatautomaticallyinstallsthese components.Foradditionalinformation,refertoWorkingwith DetachableLicensesintheHASPSRMBusinessStudioHelp documentation.
Exporting Definition Data

YoucanexportdataaboutFeatures,Products,vendors,andother informationinvariousfileformats.Thisinformationcanthenbeused fordevelopment,protectionbackup,andotherpurposes.Youcanalso exportmetadataforuseinAdminControlCenter.
Performing Development-related Tasks YoucanusetheExport Definitionsfunctiontoproducethefollowing outputfiletypes:

173
MetadatainAdminControlCenterformat FeaturesandProductsinaCstyleheaderfile FeaturesandProductsinaCPPstyleheaderfile FeaturesandProductsinXMLformat FeaturesinCSVformat
Forexamplesoftheoutputfilecontents,seetheHASP SRMBusiness StudioHelpdocumentation. BeforeyouexporttheFeatures,youmustselecttherequiredBatch Code,specifytherequiredfiletype,anddefinethenameandlocationfor thefile. AsyoursoftwaredevelopsandadditionalFeaturesaredefined,you canusetheExport Definitionsfunctionwheneveryouwanttoretrievethe datadefinitionsfromHASP SRMBusinessStudio.
Customizing and Branding RUS

RUSisautilitythatcanbedistributedtoenduserstoenablesecure, remoteupdatingofthelicenseandmemorydataofHASP SRM protectionkeysaftertheyhavebeendeployed. EndusersmayopentheRUSutilitytogenerateaC2Vfile,orby launchingaV2CorEXEfilecontainingalicenseupdate. BeforeyoudistributeRUS,youmustcustomizeitwiththeBatchCode associatedwiththeHASP SRMprotectionkeysthatyouhave deployedtoyourendusers,inordertoenablethemtogenerateC2V files,ortoprocessfilescontainingV2Cinformation. Inaddition,youcanbrandthetextthatisdisplayedtoanenduser whenRUSisopened.Forexample,youmaywanttodisplayyour companynameandinformationaboutyoursoftware. TheRUS BrandingoptioninHASP SRMBusinessStudioenablesyouto associatetheRUSutilitywiththeselectedBatchCode.Youcanalso usethesimpleHTMLeditorprovidedtoenter,format,andpreview thetexttobedisplayedinRUS. Itisrecommendedthatyoudistributeyourprotectedsoftwarewitha customizedandbrandedversionofRUS. ForadditionalinformationonRUS,seeChapter 13,HASP SRM RemoteUpdateSystem.
Enabling Trial Use and Grace Periods

Thissectionprovidesexamplesthatdemonstratetheuseof ProvisionalProducts:

TodistributeaProductforuseonatrialbasisforalimitedperiod ToenableuseofalicensedProductduringagraceperiod
Example 1: Issuing a Provisional Product for Trial Use

Scenario:HQ SoftwaredecidestooffervisitorstotheirWebsitethe optionofdownloadingandusingtheirHQ Design DemoProductfor
30 days. Whentheoriginallicensingplandefinitionswereimplemented,the HQ Design DemoProductwasdefinedasaProvisionalProduct. ThelicensetermsforthetwoFeatureswereautomaticallysetto Time Period withavalueof30days. ThesoftwaredeveloperatHQ Softwaredefinesabundleof ProvisionalProductsthatcontainstheHQ Design DemoProduct,and generatesthebundleasaV2Cfile. AHASP SRMRuntimeEnvironmentinstalleristhengeneratedasan EXEfile,usingthisV2Cfileasinput. TheHQ SoftwareWebmasteraddstheEXEtotheWebsite,with downloadinstructionsforpotentialtrialusers.
Example 2: Issuing a Product for a Grace Period

Scenario:Anewcustomer,XYZConstruction,haspurchaseda50user licensefortheHQ Design ProProduct,whichisavailableonlywith
HASP HLkeyprotection.TheHASP HLkeysarebeingpreparedand shipped,butmeanwhilethecustomerwantstostartusingtheHQ Design ProProductimmediately.
Enabling Trial Use and Grace Periods
175
HQ SoftwareneedstoenableXYZConstructiontoactivateanduse theHQ Design ProProductduringagraceperiod,untiltheHASP HL keysarriveandaredistributedtotheendusers. Forthispurpose,aversionoftheHQ Design ProProductisdefinedasa ProvisionalProduct,withtheProductnameHQ Design Pro Grace.The PRINTREPORTSFeatureisremovedfromthisversion.Thelicense termsfortheremainingfourFeaturesareautomaticallysetto Time Period withavalueof30days. AbundleofProvisionalProductsisdefinedcontainingtheHQ Design Pro GraceProduct,andgeneratedasaV2Cfile. AHASP SRMRuntimeEnvironmentinstalleristhengeneratedasan EXEfile,usingthisV2Cfileasinput. TheEXEfileissenttothecustomer,fordistributiontotheendusers. EnduserscanruntheEXE,whichinstallstheHASP SRMRuntime EnvironmentandtheHQ Design Pro Grace Productontheircomputers. Theycanthenusetheprogramfor30daysuntiltheyreceivetheir HASP HLkeysandcanactivatethefullProduct.
Chapter 12
HASP SRM Administration and Customer Services

Thefirstpartofthischapterisintendedforusersauthorizedto performHASP SRMAdministrationtasks.Itdescribeshowtouse HASP SRMBusinessStudiotodefineHASP SRMuserdetails, maintainBatchCodes,andconfiguresystemsettings. Thesecondpartofthischapterisintendedforusersauthorizedto performHASP SRMCustomerServicestasks.Itdescribeshowtouse HASP SRMBusinessStudiotoviewandeditcustomerdetails,andto performmanualProductactivationforcustomers. ForanoverviewofHASP SRMBusinessStudioandforinformation onstartingtousetheapplication,seeChapter 8,Introductionto HASP SRMBusinessStudio.
In this chapter:

Administration Tasks Customer Services
Note:
ThischapterprovideshighlevelinformationontheAdministration andCustomerServicesprocessesinHASP SRMBusinessStudio.For detailedpracticalinstructionsforusingeachfunctioninHASP SRM BusinessStudio,seetheHASP SRMBusinessStudioHelp documentation.
178 HASP SRM Administration and Customer Services
Administration Tasks
AfteryoufirstinstallHASP SRMBusinessStudioinyour organization,youcanlogintoHASP SRMusingthedefaultuser nameandpassword(HASP)providedforyourusebyAladdin KnowledgeSystems.Bydefault,thisuserisauthorizedtoperformall tasksinHASP SRMBusinessStudio,includingAdministrationtasks. AfterloggingintoHASP SRMBusinessStudiothefirsttime,itis recommendedthatyouselecttheUsersfunctionandchangeyouruser passwordassoonaspossible.Ifyouwant,youcanchangetheroles assignedtoyou,butitisimportantthatyouretaintheAdministration roleorassignthisroletoanotheruser. InordertobeabletouseHASP SRMwithyourcompanyspecific BatchCodes,youmustfirstintroducetheHASP SRM Masterkeys providedforyourusebyAladdinKnowledgeSystems. ForadditionalinformationonHASP SRMVendorkeys,see PersonalizedVendorandBatchCodesonpage 36. ForadditionalinformationonintroducingHASP SRMVendorkeys, seeMaintainingBatchCodesonpage 180. ToensureyouruninterrupteduseofHASP SRM,HASP SRMBusiness Studiosendsautomaticemailreminderspromptingyoutorenew yourHASP SRMBusiness StudioServerlicensepriortoitsexpiry. You canspecifytheemailrecipientstowhomyouwantremindersto besent,andwhenyouwantthereminderstobeginbeingsent.For additionalinformation,refertotheHASP SRMBusinessStudioHelp documentation.
Note:
IfyouareevaluatingHASP SRMBusinessStudio,youcanusethe providedDEMOMABatchCode,whichdoesnotrequirea HASP SRM Masterkey. YoucannowdefineadditionalHASP SRMusersinyourcompany, includingassigningtheuserstheappropriaterolesandauthorizing accesstobatches.Foradditionalinformation,seeMaintainingUser Detailsonpage 179.
179
YoucanalsoviewthesystemsettingsforHASP SRMBusinessStudio, andifrequired,changethemtomeetyourcompanysrequirements. Foradditionalinformation,seeConfiguringSystemSettingson page 181.
Note:
Nonadministratoruserscanchangethesesettingsfortheirownuse.
Maintaining User Details

WhenyouselecttheUsersfunctioninHASP SRMBusinessStudio,you canviewthedetailsofallcurrentlydefinedHASP SRMusers. YoucanperformthefollowingtasksusingtheUsersfunctionin HASP SRMBusinessStudio:

DefineHASP SRMusers Changeuserdetailsandpasswords Preventuseraccess
Defining HASP SRM Users

BeforeyoustarttodefineHASP SRMusers,ensurethatyouhavethe followinginformationavailableforeachnewuser:

Theusernametobeassignedtotheuserforthepurposeof loggingintoHASP SRM Thefullnameoftheuser(optional) Thepasswordtobeassignedtotheuser
Note:
Userscanchangetheirownpasswordsafterlogginginto HASP SRMBusinessStudio.

Thebatchesthattheuserisauthorizedtoaccess Therolestoassigntotheuser.Foradditionalinformationonthe functionsauthorizedforeachrole,seeHASP SRMBusinessStudio UserRolesonpage 119.
Changing User Details and Passwords

Afteryouhavedefinedauser,youcanchangeanyoftheusersdetails excepttheusername. Userscanchangetheirownpasswords.However,ifnecessary,you canchangethepasswordforauserwithoutknowingthecurrent password.Thisisusefulintheeventthattheuserhaslostorforgotten his/herpassword.
Preventing User Access

Incertaincircumstances,youmaywanttopreventauserfromlogging intoHASP SRM.Iftheuserhasleftthecompany,forexample,orwill nolongerbeusingHASP SRM,youcandeletetheuserdetails. IfyouwanttopreventauserfromaccessingHASP SRMtemporarily, withoutdeletingtheirdetails,youcaneditthedetailsandspecifythat theusersaccessisblocked.Theuserwillbeunabletologinto HASP SRMuntilyouchangetheusersdetailstoactive.
Maintaining Batch Codes

WhenyouselecttheBatch CodesfunctioninHASP SRMBusiness Studio,youcanviewthedetailsofallavailablebatches. YoucanperformthefollowingtasksusingtheBatch Codesfunctionin HASP SRMBusinessStudio:

IntroduceHASP SRMVendorkeys EditthedescriptivepropertiesofBatchCodes
181
Introducing HASP SRM Vendor Keys

TheHASP SRM Masterkey(s)foryourorganizationareintroducedas partoftheHASP SRMBusiness StudioServerinstallationprocess. YoumusthaveaseparateHASP SRM Masterkeyconnectedtoeach serveronwhichHASP SRMBusiness StudioServerisinstalled. YoucanintroduceotherHASP SRMVendorkeysHASP SRM Master keysorHASP SRMDeveloperkeysinordertoenableBatchCodes forusewithHASP SRMapplications. WhenyouintroduceaHASP SRMVendorkey,youcanselectthe librariesforwhichyouwanttogenerateAPIs.Youmayhavethe optiontomergetheAPIsofmultipleBatchCodesintoasinglelibrary.
Editing Batch Code Properties

Youcanchangethenameanddescriptionofaselectedbatchas required.YoucannotchangetheBatchCodeitself.
Configuring System Settings

YoucanconfigurethefollowingHASP SRMsettingsusingthe System SettingsfunctioninHASP SRMBusinessStudio.Thesesettings affectallHASP SRMusers:
Connection details:Bydefault,thedetailsoftheportandserverused
forthepreviouslogintoHASP SRMareretainedandarereused forthenextlogin.Ifotherportsand/orserverswereusedtologin, theycanbeselectedfromalist.Youcanchoosenottoretainthe connectiondetails. Connection history:Youcanchoosetodeletealldetailsofprevious connectionsspecifiedatlogin.

Default locking type:YoucanselectwhichLocking Typeoptionwillbe
displayedasthedefaultwhenaProductisdefined. File locations:Youcanspecifythedefaultlocationforfilesofthe followingtypes: C2V files:Thesefilescontaincustomertovendorinformation andaregeneratedbytheenduserwiththeHASP SRM RemoteUpdateSystem(RUS)utility.Foradditional information,seeProcessingC2VInformationonpage 164. V2C files:Thesefilescontainvendortocustomerinformation relatedtoordersforHASPUpdates.Foradditional information,seeSpecifyingaHASPUpdateOrderonpage 162. Vendor Code files:ThesefilescontainVendorCodeinformation. ForadditionalinformationonHASP SRMVendorkeysand codes,seePersonalizedVendorandBatchCodesonpage 36. Export files:Thesefilescontaindefinitiondetailsexportedfor variouspurposes.Foradditionalinformation,seeExporting DefinitionDataonpage 172.
Customer Services
IfyouhavebeenassignedtheCustomer Servicesrole,youcanviewalist ofdefinedcustomersandyoucaneditthedetailsforaselected customer. IfacustomerisunableforanyreasontoactivateaProductremotely, youcanactivatetheProductmanuallyforthecustomer,usingthe ProductKeyandaCustomertoVendor(C2V)fileforthecustomers HASP SRMprotectionkey. TheoutputofthemanualactivationprocessisaVendortoCustomer (V2C)filethatcanbesenttothecustomer.Youcanrequestthatthe customerreturnsaC2VfiletoconfirmthattheProducthasbeen activated. ForadditionalinformationonC2Vfiles,seeProcessingC2VInformation onpage 164.
Chapter 13
HASP SRM Remote Update System

ThischapterdescribestheHASP SRMRemoteUpdateSystem(RUS) utilityandexplainshowtouseRUStoupdatelicensedataremotely fordeployedHASP SRMprotectionkeys.
Note:
YoucanalsoapplyupdatestodeployedHASP SRMprotectionkeys usingtheHASP SRMRuntimeAPI,bycallingthehasp_update function.Foradditionalinformation,seetheHASP SRMRuntime APIHelpdocumentation.
In this chapter:

RUS Overview RUS Workflow Using RUS
RUS Overview
RUSisanadvancedutilitythatenablessecure,remoteupdatingofthe licenseandmemorydataofHASP SRMprotectionkeysafterthey havebeendeployed.AspartofthebasicconceptunderlyingHASP SRM, RUSfacilitatesongoinglicensingwellafterprotectionhasbeen implemented.ForadditionalinformationonHASP SRMconcepts,see ProtectOnceDeliverManyonpage 34. RUSprovidesasimpleandsecuremethodofupdatingyourlicenses remotely,afteryouhavedeliveredyourprotectedsoftwaretogether withtheHASP SRMprotectionkeys.Yousimplyneedtoupdatethe licenseanddeliverupdatefilestoyourcustomers.
184 HASP SRM Remote Update System RUSenablesyoutoreceiveinformationonthecurrentstatusof HASP SRMlicensesatyourcustomerssites,andtosecurelyextendor reducethefunctionalityoftheselicenses,withoutrecallingthe HASP SRMprotectionkeys.
Note:
AllHASP SRMprotectionkeysexcepttheHASP HL Basickeycanbe updatedusingRUS. RUSisanexecutableutility(hasprus.exe)thatcanbedistributedto enduserswithyoursoftware. ItisimportantthatyoucustomizeRUSwiththeBatchCode associatedwiththeHASP SRMprotectionkeysthatyouproducefor yourcustomers,beforeyoudistributetheexecutabletothem.For additionalinformationonBatchCodes,seePersonalizedVendorand BatchCodesonpage 36. YoucanuseHASP SRMBusinessStudiotocustomizeRUSwiththe requiredBatchCode,andalsotobrandtheGUItodisplayyour vendorspecificinformationtoendusers.Foradditionalinformation, seeCustomizingandBrandingRUSonpage 173.
RUS Workflow
WhenyoudeliveryourProductstoacustomer,youcanincludea customizedversionofRUSwiththeinstallationpackage.Youcanalso includetheinstructionsforusingRUS. Whenalicenseupdateisrequired,youhavetheoptionofeither retrievingcustomerlicensinginformationfromtheBusiness Studio Server,orofrequestingthatacustomerproducesandsendsyoua CustomertoVendor(C2V)filesfortheHASP SRMprotectionkeysto beupdated.C2Vfileshavea.c2vextensionandcontaininformationon thelicensingandmemorycontentoftheHASP SRMprotectionkeys. WhenyoureceiveC2Vfilesfromacustomer,youchecktheminusing HASP SRMBusinessStudio.Foradditionalinformation,see ProcessingC2VInformationonpage 164.
RUS Workflow
185
RegardlessofwhetheryouobtainthedatafromtheBusiness Studio Server,orintheformofaC2Vfilefromyourcustomer,thecollected dataenablesyoutoproduceanupdatemostsuitedtothecustomers needs.Atnopointinthisworkflowisitnecessarytoreconfigure securityorprotectionatthecustomerssite. YoudefinetherequestedlicenseupdatesinHASP SRMBusiness StudioasHASPUpdateordersfordeliverytothecustomer.Formore informationondefiningHASPUpdateorders,seeSpecifyingaHASP UpdateOrderonpage 162. TheprocessofproducingaHASPUpdateordergeneratesafilefor eachHASP SRMprotectionkeytobeupdated.Thiscanbeeithera VendortoCustomer(V2C)fileoranexecutablethatcontainsthe licenseupdatedata.FormoreinformationontheHASPUpdateorder productionprocess,seeProducingHASPUpdateOrdersonpage 169. Theoutputfileisthendeliveredtotheenduser,whoeitherrunsthe executableasinstructedbyyou,orusesRUStoapplythelicense updatedatacontainedintheV2Cfile. YoucanspecifyintheV2Cfilewhetheranupdateconfirmationis requiredtobereturnedtoyou,toenableyoutoverifythattheupdate hasbeenapplied.
Example: Using RUS for License Updates

Scenario:OneofHQ Softwarescustomers,ABC Design,hasordered theupgradedversionofHQ Design ProthatcontainsthenewREPORT GENERATORFeature,forfiveofits20HQ Design Pro users.The
customerisaskedtosendC2Vfilescontainingdetailsofthefive deployedHASP HLkeystobeupdated. ABC DesignusesRUStogeneratetheC2Vfilesandsendsthemto HQ Software.Thesefilescontainthecurrentstatusofthelicenseon thespecificHASP HLkeys. HQ SoftwarechecksintheC2Vfiles,definesaHASPUpdateorderfor theHQ Design Pro v.2.0 ModificationProduct,andproducesalicense updatecontainedinfiveV2Cfiles.Foradditionalinformationonthis exampleorder,seeOrderExample3:OrderforHASPUpdateon page 162. TheV2CfilesaresentbyemailtoABC Design.Eachofthefiveend usersappliestheupdatetotheirHASP HLkeyusingRUS,and returnsaC2Vfilecontainingaconfirmationreceipt.
186 HASP SRM Remote Update System
Using RUS
TheRUSwindowconsistsofthefollowingtabs:
Collect Key Status Information:Theparametersinthistabareusedto
collectinformationonthecurrentstatusofthelicensesinthe HASP SRMprotectionkey.Theenduserspecifiesanameand locationforthegeneratedC2Vfile.IfmorethanoneHASP SRM protectionkeyisinstalled,theuserselectstherequiredkey. No privatecustomerdataisincludedintheC2Vfile. Apply License Update:Theparametersinthistabareusedtoapplya V2CfileandupdatelicensesinaHASP SRMprotectionkey.
Instructions for Customers Using HASP SRM RUS

Thefollowingsectionscontaininformationandinstructionsthatyou cancustomizeandsendtoyourcustomers.
Instructions for Using HASP SRM RUS

IfyouareusingRUSwithaHASP HLkey,(hardwarebasedkey)you mustconnectthekeybeforeperformingeitherofthefollowing procedures.RUSautomaticallylocatesanyHASP SLkeys(software basedkeys)installedonyourcomputer.
Collecting HASP SRM Protection Key License Data

YoucanuseHASP SRMRUStoproduceaCustomertoVendor(C2V) filecontaininginformationonthecurrentstatusofthelicensesinyour HASP SRMprotectionkeys.Youcanthensendthisfileinorderto receivealicenseupdate. To retrieve the current license information from a HASP SRM protection key: 1. 2. 3. 4. Launch HASP SRMRUS(hasprus.exe). ClicktheCollect Key Status Informationtab. ClickCollect Information.TheSavekeystatusaswindowisdisplayed. SpecifythedirectorywhereyouwanttostoretheC2Vfile.Entera filenameandclickSave.
Using RUS 5.
187
6.
IfmorethanoneHASP SRMprotectionkeyislocated,alistofthe keysisdisplayed.Selecttherequiredkey,ordisconnectthekeys thatarenotrequired,andclickRepeat. TheC2VfilefortheHASP SRMprotectionkeyisgeneratedand savedintherequiredlocation.Thefilecannowbesentfor processingtoproduceanupdate.
Applying an Update
YoucanalsouseHASP SRMRUStoapplyanupdatetothelicenses storedinyourHASP SRMprotectionkeys. To update the licenses in HASP SRM protection keys: 1. LaunchRUS(hasprus.exe)ordoubleclicktheVendortoCustomer (V2C)filethatyouhavereceivedcontainingtheupdatedata.
Note:
Ifyouhavereceivedanupdateasanexecutable,doubleclickthe fileanditwillautomaticallylaunchRUS. 2. 3. 4. 5. ClicktheApply License Updatetab.(Thismightbetheonlytabdisplayed.) IftheUpdate file fieldisempty,browsetothedirectorywherethe updatefile(.v2cfile)islocatedandselectthefile. ClickApply Updatetoapplythenewlicensedatatothedeployed HASP SRMprotectionkey. Youmaybepromptedthatareceipthasbeenproducedtoconfirmthe update.Sendthisreceiptfiletothesoftwarevendorforprocessing.
188 HASP SRM Remote Update System
Part 4 Distributing HASP SRM Software

In this section:
Chapter 14: Distributing HASP SRM with Your Software

Describes options for distributing required software to your end users.
Chapter 15: HASP SRM Admin Control Center

Describes the configuration and management functionality of HASP SRM Admin Control Center, an end-user utility that enables centralized administration of HASP License Managers and HASP SRM protection keys.
190
Chapter 14
Distributing HASP SRM with Your Software

Thischapterintroducesoptionsfordistributingrequiredsoftwareto yourendusers.
In this chapter:

HASP SRM Software for End Users Distributing HASP SRM Run-time Environment
HASP SRM Software for End Users

EveryHASP SRMinstallationincludessoftwarethatyouneedto distributetoyourendusers.Thissoftwaremustbeinstalledatyour customerssitetoensurethatyourprotectedandlicensedsoftware functionscorrectly.
Note:
Youdonotneedtodistributeallthesoftwarecoveredinthischapter.
192 Distributing HASP SRM with Your Software
Protection-related Software
Themostimportantsoftwarethatmustbeinstalledatyourcustomers siteistheHASP SRMRuntimeEnvironment,andthereareanumber ofwaysinwhichthiscanbeachieved.Thisapplicationisrequiredto enableHASP SRMprotectionkeystorunandcommunicatewiththe protectedapplication.Foradditionalinformation,seeDistributing HASP SRMRuntimeEnvironmentonpage 193. Ifyouaredistributingaprotected.NETassembly,youmustalso distributehaspdnert.dllforprogramsthatrunon32bitoperating systemsandhaspdnert_x64.dll forprogramsthatrunona64bit operatingsystems.ThesenativeWindowsDLLsenablea protected .NETassemblytocommunicatewiththeHASP SRM protectionkey
Network Environment Management

Yourenduserscanmanagetheirnetworklicensesonlineusing HASP SRMAdminControlCenter.Ensurethatyousendthemthe URLforaccessingthisapplication.Foradditionalinformation,see Chapter 15,HASP SRMAdminControlCenter.
Software for Updating Licenses

HASP SRMRemoteUpdateSystemisdistributedwhenremotely updatinglicensesindeployedHASP SRMprotectionkeys.For additionalinformationonthisutility,seeChapter 13,HASP SRM RemoteUpdateSystem.
Distributing HASP SRM Run-time Environment
193

HASP SRMRuntimeEnvironmentenablesyourprotectedsoftware torunbycommunicatingwithHASP SRMprotectionkeys.The followingsectionsdescribethevariousoptionsavailablefor distributingtheHASP SRMRuntimeEnvironmenttoyourendusers.
Note:
ForinformationaboutdistributingtheHASP SRMRuntime EnvironmentforMacoperatingsystems,seeDistributingHASP SRM RuntimeEnvironmentforMaconpage 197.
Distributing HASP SRM Run-time Environment for Windows

HASP SRMRuntimeEnvironmentdistributionoptionsforWindows operatingsystemsarelistedbelow.
UseWindowsUpdatetodownloadtheHASP SRMRuntime Environment.Internetconnectionisrequiredforeitherofthese processes. IntegrateinstallationoftheHASP SRMRuntimeEnvironment intoyourapplicationsinstallerusingthetwooptionsbelow: Mergemodules HASP SRMRuntimeEnvironmentInstallationAPI DelivereitherofthefollowingHASP SRMRuntimeEnvironment installationutilitiestoyourendusers: HASPUserSetup.exe:AGUIbasedinstaller haspdinst.exe:Acommandlineutility
Windows Update
IfyourendusersarerunningtheprotectedsoftwareonWindowsXP orWindows2003platforms,andcanaccesstheInternet,theysimply needtoconnectaHASP SRMprotectionkeyontheirmachines.The HASP SRMRuntimeEnvironmentiscertifiedbyMicrosoftandis, therefore,automaticallydownloadedfromtheMicrosoftUpdatesite. WhenyourendusersconnectaHASP SRMprotectionkey: 1. 2. 3. Thesysteminformsthemthatanewcomponenthasbeen detected. TheHASP SRMRuntimeEnvironmentisautomaticallyinstalled. TheLEDontheHASP SRMprotectionkeylightsup,indicating thattheinstallationprocessiscomplete.
Merge Modules
TheHASP SRMRuntimeEnvironmentinstallationisavailableasthe haspds.msmmergemodule.Youcanusethemergemoduleto seamlesslyintegratetheHASP SRMRuntimeEnvironment installationinyourMSIinstallation.Mergemodulesdelivershared WindowsInstallercomponents,code,files,resources,registryentries andsetuplogicinasingle,compositefile.
Note:
Thehaspds.msmmergemodulecannotberunasastandaloneapplication. Ahaspds.msmintegratedwithyourMSIinstallercopiesthe haspds_windows.dll intotheWin32systemdirectoryoftheendusers computer.Thehaspds_windows.dlliscalledbytheMSImoduleto installoruninstalltheHASP SRMRuntimeEnvironment. ThebenefitsofusingtheHASP SRMinstallationmergemodulesina singleunifiedMSIinstallerinclude:

Providingenduserswithasingle,compoundfileforyour applicationthatincludestheHASP SRMinstallation. InstallationselfrepairprovidedbyreusingtheMSIinstaller
Distributing HASP SRM Run-time Environment Followinginstallation,thehaspds.msmmergemoduleislocatedin

\Program Files\Aladdin\HASP SRM\API\RuntimeInstall\MSI
195
Asamplemergemoduleisprovidedin
\Program Files\Aladdin\HASP SRM\Samples\RuntimeInstall\MSI
Implementation Checklist
BeforeimplementingHASP SRMmergemodulesintoyourinstaller, reviewthefollowingchecklist:
Endusersrequireadministratorrightsinordertosuccessfully executetheRuntimeEnvironmentinstallation.Ensurethatthisis accountedforinyourinstallationscripts. HASP SRMmergemodulesrequireWindowsInstaller version 2.0,orlater. OpenprocessesthatrequiretheHASP SRMruntimeshouldnot runinthebackgroundwheninstallingtheRuntime Environment. Refertothe haspds.msmsampleforMSIforademonstrationof HASP SRMmergemodulesinaction.
Implementation
ImplementationofHASP SRMmergemodulesisastraightforward processthatsimplyrequiresyoutoaddthe.msmfilecontainingthe RuntimeEnvironmentinstallationtoyourMSIcompliantinstaller setup.AfteryouhavecreatedyourMSIinstaller,thewrappedfilewill automaticallyincludetheHASP SRMinstallationmergemodule.
Sample Merge Module

AsampleinstallercontainingtheHASP SRMmergemoduleis providedandshouldbereviewedbeforeimplementingthe haspds.msmmergemoduleintoyourowninstaller. ThesampleinstallerisafullMSIinstallercontainingtheHASP SRM RuntimeEnvironmentinstallationmergemoduleandtherequired sharedlibrariesforinstallingtheRuntimeEnvironment. Thesampleinstallerdoesthefollowing:
Verifiesthattheuserhastherequisiteadministratorrightsto installtheHASP SRMRuntimeEnvironment
StopsarunningHASPLicenseManagerservicebeforethe RuntimeEnvironmentisinstalled,andrestartstheserviceafter theinstallationiscomplete. InstallsorremovesHASP SRMRuntimeEnvironment
HASP SRM Run-time Environment Installer API

UsetheHASP SRMRuntimeEnvironmentinstallerAPItointegrate theinstallationprocessintoyourcustomsetupapplication.For additionalinformation,seetheseparatehelpfileinthe \Program Files\Aladdin\HASP SRM\API\RuntimeInstall\ directory.
haspdinst.exe
haspdinst.exeisacommandlineutilitythatinstallstheHASP SRM
\Program Files\Aladdin\HASP SRM\Redistribute\Runtime Environment\cmd Install.Youcan
RuntimeEnvironment.Followinginstallation,thefileislocatedin distributethisstandaloneapplicationtoyourendusers. To install the HASP SRM Run-time Environment:
Atthecommandlineprompt,typehaspdinst -i. Foradditionalinformation,seehaspdinst.exeUtilityonpage 52.
HASPUserSetup.exe
HASPUserSetup.exeisaGUIbasedinstallationprogramto
independentlyinstalltheHASP SRMRuntimeEnvironment. Followinginstallation,thefileislocatedin \Program Files\Aladdin\HASP SRM\Redistribute\Runtime Environment\Setup. ThiseasytouseprogramhasanintuitiveGUIbasedwizard.After yourendusersrunthefile,theyshouldfollowtheonscreen instructionstocompletetheRuntimeEnvironmentinstallation.
197
Distributing HASP SRM Run-time Environment for Mac

DistributetheHASP SRMdaemonsaksusbd and hasplmdtoend usersrunningprotectedandlicensedapplicationsonMac OS X platforms. AlltheHASP SRMsoftwareforMacthatisrequiredfordistribution toendusersisprovidedintheMacOS\Redistribute\directoryonyour HASP SRMinstallationCD.
Options for Distributing the HASP SRM Daemons

Thesoftwarerequiredtodistributethedaemonsisprovidedinthe MacOS\Redistribute\directoryontheHASP SRMinstallationCD. MultipleoptionsareavailablefordistributingtheMacdaemonsto endusers.Thefollowingtwooptionsaredescribed:

InstallerDistributionUsingaMultipackager InstallerScripts
Installation Using a Multi-packager

Theinstallationpackagecanbeintegratedintoanymultipackage installerthatincludestheinstallationforyourownapplication. IncludetheHASP SRM RTE Installer.pkginthempkg. To locate the HASP SRM RTE Installer.pkg: IntheMacOS\Redistribute\directory,doubleclickHASP SRM RTE Installer.dmg.Thefileopens. 2. RightclicktheHASP SRM Runtime Environment iconandselectShow Original.The.PackageswindowopensandHASP SRM RTE Installer.pkg isdisplayed. Foradditionalinformation,seethe welcome.rtffileprovidedinthe MacOS\Redistribute\directory. 1.
Installer Scripts
Installationscriptsareprovidedin/MacOS/RedistributeontheHASP SRM installationCD.OpenthedirectoryanddoubleclickHASP SRM RTE Installer Scripts.dmg.AnewvolumenamedHASP SRM RTE Installer Scripts ismountedonyourdesktop.Thevolumecontainsdinstanddunstfiles andthepayload/directory.
198 Distributing HASP SRM with Your Software Youcancopythefilesinthevolumeandintegratetheminyour customizedinstaller.Thescriptsarenotconfigurable. Foradditionalinformationonusingthescripts,seetheReadMe.htmlfile providedintheHASP SRM RTE Installer Scriptsvolume.
Chapter 15
HASP SRM Admin Control Center

HASP SRMAdminControlCenterisacustomizable,Webbased, enduserutilitythatenablescentralizedadministrationof HASP LicenseManagersandHASP SRMprotectionkeys.This chapterdescribestheconfigurationandmanagementfunctionality. Thischapterincludesthefollowingtopics:

Introduction to Admin Control Center Launching Admin Control Center Administrators Workflow Customizing Admin Control Center Look and Feel
Introduction to Admin Control Center

AdminControlCenterisdesignedtoprovideyourenduserssystem administratorwiththemeansofmanagingtheuseofyourlicensed softwarebymembersoftheorganization.Ithasbeenengineeredina waythatprovidesbothflexibilityandcustomizability,makingita usefuladdontoyourHASP SRMprotectedandlicensedsoftware. FollowingaresomeofthebenefitsofAdminControlCenter:
Webbased,meaningthatitcanbeeasilyaccessedfromanyWeb browser.Theadministratordoesnothavetobephysicallypresent atyourenduserssiteinordertomanagethesoftwarelicenses. Crossplatformcapable,enablingittobeusedonanyplatformon whichabrowserisavailable.
200 HASP SRM Admin Control Center
Fullycustomizable,enablingyoutochangethedisplayed information,appearanceandbehaviorsothatitwillintegrate seamlesslyintootherapplications,corporatestyles,andsoon. Easytouse,meaningthatitcanbeusedwithminimal configuration.Inaddition,theGUIisintuitive,enablingthe administratortomanagelicenseswithouttheneedforasteep learningcurve. Enablesconfigurationandcontroloflicensesinanetwork.
Launching Admin Control Center

AdminControlCenterisinstalledaspartoftheHASP SRMRuntime Environmentdriverinstallationprocess. AdminControlCenterislaunchedbytyping
http://<machine_name or ip_address>:1947intheaddressfieldof thebrowser.IfyouareaccessingtheHASP LicenseManagerresiding onyourownmachine,typehttp://localhost:1947.
Admin Control Center Interface

WhenyoulaunchHASP SRMAdminControlCenter,theWeb interfacedisplaysanumberofAdministrationOptionsontheleftof thepage.ThecontextsensitiveHelpdocument,whichformspartof HASP SRMAdminControlCenter,providesinformationaboutthe fieldsforeachoption.NotethattheoptionsrelatetotheLicense ManageronthemachinewhosenameorIPaddressisinthetitlebar ofAdminControlCenter.Thefollowingoptionsareavailable:
HASPKeysenablesyoutoidentifywhichHASP SRMprotection keysarecurrentlypresentonthenetwork,includinglocally connectedkeys. ProductsenablesyoutoviewalistofalltheBaseProducts availableonallHASPLicenseManagers(localandnetwork).In addition,whenaProductcontainsFeatureswithdetachable licensesyoucanseethenumberoflicensesfortheProductthat arecurrentlyavailabletobedetachedfromthenetworkandthe maximumdurationforwhichtheymaybedetached.Thisoption alsoenablesyoutoaccesstheDetach/Extendfunctions.
Admin Control Center Interface
201
FeaturesenablesyoutoviewalistoftheFeaturesthatarelicensed ineachoftheHASP SRMprotectionkeysthatarecurrently presentonthenetwork,includinglocallyconnectedkeys.In addition,youcanseetheconditionsofthelicense,andthecurrent activityrelatedtoeachFeature. Sessionslistsallthesessionsofclientsonthelocalmachine,and thoseremotelyloggedintoHASP LicenseManageronthelocal machine.Youcanviewsessiondataandterminatesessions. Update/Attachenablesyoutoupdateexistinglicensesona HASP SRMprotectionkeyinthefieldand,inthecaseofHASP SL keys,toattachadetachablelicensetoarecipientmachine.Italso enablesyoutoapplyidentificationdetailsofanofflinerecipient machinetoahostmachineinordertocreateafileforadetachable license. AccessLogenablesyoutoviewahistoryoflogentriesforthe serveronwhichHASP LicenseManagerisrunning. Configurationenablesyoutospecifycertainoperatingsettingsfor HASP SRMAdminControlCenterrunningontheconnected machine.Youcansetparametersrelatingtouseraccess,accessto remoteHASP LicenseManagers,andaccessfromremoteclients. Inaddition,youcancustomizelogtemplatefilesintermsofthe datatheyreturn. Diagnosticsenablesyoutoviewoperatinginformationforthe HASPLicenseManagertowhichyouarecurrentlyloggedin,to assistindiagnosingproblems.YoucangeneratereportsinHTML format.Thisoptionalsoenablesyoutoviewmiscellaneousdata relatingtotheuseoftheserveronwhichHASP LicenseManager isrunning. HelpdisplaystheHelpdocumentationforHASP SRMAdmin ControlCenter.ContextsensitiveHelpisavailablewithineachof thefunctionsdescribedabove,byclickingtheHelplinkatthe bottomofthepage. AboutprovidesinformationabouttheversionofHASP License Manager,andalinktotheAladdinKnowledgeSystemsWebsite.
Administrators Workflow
WhenyoufirstlaunchAdminControlCenter,theutilityis preconfiguredtorunautomatically.However,youmaywantto customizeittoyourrequirementsandtospecifyusersandtheiraccess permissions,andaccesspermissionsbetweenremotemachinesand localservers.ChangestotheconfigurationofAdminControlCenter aremadeintheConfigurationtaboftheapplication. Thebasicconfigurationchangesthatyoucanmakeinclude:

Specifyinganameforthelocalmachine EnablingaccessfromremotemachinestotheAdminControl Centeronthismachine Settingthedisplayrefreshtime Defininghowmanyrowsofdatawillbedisplayedonapage Specifyingthelogsthataretobecreatedandtheircontent,and customizinginformationthatwillbedisplayedinthelog SettinganAdminpassword Usersandtheiraccessprivileges AccessparameterstoremoteHASP LicenseManagers AccessprivilegesfromremoteclientmachinestoaHASP License Manageronthecurrentmachine
Followingtheconfigurationsetup,youcandefine:

Configuration Considerations
BeforeyoumakecertainconfigurationchangestoAdminControl Center,itisrecommendedthatyouconsidertheirimplications.This sectionprovidesaguidetoassistyouinthisprocess.
Basic Settings
ShouldyouchoosetohaveAdminControlCentercreateanaccesslog, considerthescopeoftheinformationthatyouwantrecordedinthelog. Itispossibletocustomizethelogtemplatetodefinewhatinformation youwantthelogtorecord.
203
Customizing Log Parameters

Youcanspecifythedatathatisdisplayedinalogfilebyeditingthe logparameters. AccesstheEditLogParameterspagebyclickingEdit Log Parametersin theBasic SettingstaboftheConfigurationpage. TheEditLogParameterspagecomprisestwofields.Theupperfield displaystheparametersofthecurrenttemplate.TheAvailable tags for log fieldlistsallthetagsandtheirdescriptions.Byselectingatagand clickingAdd,thetagisappendedtothetextintheupperfield. ThedefaultlogparametersareusedthefirsttimethatAdminControl Centerislaunchedandwillalsobeusedifanemptytemplateis submitted.Thedefaulttemplateis:
{timestamp} {clientaddr}:{clientport} {clientid} {method} {url} {function} ({functionparams} result ({statuscode}){newline}
Youcanresetyourlogparameterstothefactorydefaultbyclicking Set DefaultsintheEditLogParameterspage.Thedefaultlogparameters willalsobeusedifthereisnodataintheupperfieldoftheEditLog Templatepage.
Managing Access to HASP License Managers

ManagingAccesstoHASP LicenseManagersisperformedintheUsers andAccess from Remote ClientstabsintheConfigurationpage.The followingparagraphsdiscusstheissuesthatyouneedtoconsider whensettingtheseparameters.
Users
Theuserrestrictionsthatyoudefineareevaluatedintheorderin whichtheyarespecified,andtheevaluationprocessstopswhenthe firstmatchisfound.Youthereforeneedtotakecarethatthe restrictionsarelistedinanorderthatsatisfiesthislogic. Thevalueallow=all@allisimplicitlyaddedtotheendofthelist. Accordingtothelogicjustdescribed,ifthisvaluewasatthebeginning ofthelist,allsubsequentrestrictionvalueswouldbeignored. Additionalinformationaboutdefiningrestrictionvaluesisprovided intherelevantHelppageinAdminControlCenter.
Access from Remote Clients

Whenyoudefinecriteriarelatingtotheremotemachinesthatcan accessHASP LicenseManageronthecurrentmachine,youneedto defineaccessrestrictions.Theremoteclientaccessrestrictionsthatyou defineareevaluatedintheorderinwhichtheyarespecified,andthe evaluationprocessstopswhenthefirstmatchisfound.Youtherefore needtotakecarethattherestrictionsarelistedinanorderthat satisfiesthislogic. Thevalueallow=allisimplicitlyaddedtotheendofthelist. Accordingtothelogicjustdescribed,ifthisvaluewasatthebeginning ofthelist,allsubsequentrestrictionvalueswouldbeignored. Additionalinformationaboutdefiningremoteclientaccessrestriction valuesisprovidedintherelevantHelppageinAdminControlCenter.
Searching for License Managers

ManagingthelocationstosearchforHASP LicenseManagersis performedintheAccess to Remote License Managertabinthe Configurationpage.Thefollowingparagraphdiscussestheissuesthat youneedtoconsiderwhensettingtheseparameters.
Access to Remote License Managers

Whenyoudefinecriteriarelatingtothemachinesthatmaybe searchedforHASP LicenseManager,youcanchooseto:

Enableabroadcastthatsearchesallmachinesonthelocal network SearchthedefaultlocalgroupinanIPv6subnet Restrictthesearchtospecificmachines.Inthiscase,itisnecessary tospecifyeachmachinethatmaybesearchedbyspecifying eitheritsnameoritsIPaddress.
205
Configuring Detachable License Definitions

InHASPSRMBusinessStudio,itispossibletoflagnetworkbased licensesforFeaturesinProductsthatwillbelockedtoHASP SLkeys asbeingdetachable.ThismeansthattheProducthastheabilitytobe temporarilydetachedfromanetworklicensepoolandtobeattached toaremoterecipientmachineforaspecificperiodoftime.Attheend ofthedetachmentperiod,thelicenseisautomaticallyrestoredtothe networkpool.Ausercanextendadetachedlicensepriortoitsexpiry date. IntheDetachable License taboftheConfigurationpage,youcanenable thisfunctionalityandspecifycriteriarelatingtothenumberoflicenses thatmaybedetachedfromthenetworkpool,togetherwiththe maximumperiodforwhichthelicensesmaybedetached.Youcan specifyglobalsettingsforallProducts,orclickthePer-Product Settings buttontocustomizesettingsforindividualProducts.Globalsettings willalsoaffectanyProductsforwhichindividualsettingshavenot beenspecified.
Configuring Log File Output

Youcanspecifytheinformationthatyouwanttobedisplayedinyour logfilesfromtheBasicSettingstabintheConfigurationpage.When youclicktheEdit Log Parametersbutton,theEditLogParameterstab opensandalltagsthatcanbeusedtoconfiguretheoutputlogsare displayed,togetherwiththeirdescriptions. ThedefaultlogparametersareusedthefirsttimethatAdminControl Centerislaunchedandwillalsobeusedifanemptytemplateis submitted.Thedefaulttemplateis:
{timestamp} {clientaddr}:{clientport} {clientid} {method} {url} {function} ({functionparams} result ({statuscode}){newline}
Diagnostics
TheDiagnosticspageenablesyoutoviewandextractoperating informationfortheHASP LicenseManagertowhichyouarecurrently loggedin,toassistindiagnosingproblems.Youcangenerate diagnosticsreportsinHTMLformat.
206 HASP SRM Admin Control Center Occasionally,itisnecessarytocreateafilecontainingthemachine identitydetailsofaremoterecipientmachine.Thisinformationis requiredinorderforahostmachinetoidentifywhichmachinea detachedlicensewillbeattachedto.TheDiagnosticspageenablesyou tocreatethisfileforthelocalmachineonwhichAdminControl CenterisrunningbyusingtheCreate ID Filebutton. AdditionalinformationaboutthedataprovidedintheDiagnostics pageisavailableintherelevantHelppageinAdminControlCenter.
Applying Basic Configuration Changes Globally

YoucanmakeconfigurationchangestoAdminControlCenter,and deploythemtomultiplemachinesonthenetwork,asfollows: 1. Maketherequiredchangesononemachine,usingthe configurationpageofAdminControlCenter.Thechangesare savedinthehasplm.inifile. Locatethehasplm.ini fileusingoneofthefollowingmethods: Readthefullpathnameofhasplm.ini,whichislocatedatthe bottomoftheConfigurationpage.TheHASPbasedirectoryis thedirectoryinwhichthehasplm.inifileresides. IfyouareusingWindowsinalanguageotherthanEnglish, locatethedirectoryinwhichthecommonfilesarestored. (In EnglishWindows,theCommonFilesfolder). Copyhasplm.inianduseittooverwritehasplm.inionallthe othermachinesonthenetwork.
2.
3.
Customizing Admin Control Center Look and Feel

Youcanchangethelanguage,displayedinformation,appearance,and behaviorofAdminControlCentersothatitwillintegrateintoother applications,yourorganizationscorporatestyles,andsoon. TheAdminControlCenterGUIiscomprisedofHTML,GIF,andother files,whicharelocatedinsidetheexecutable(EXE)filehasplms.exe. Whenyouimplementadditionaltemplatesets,youmustaddthemto afixeddirectorystructureundertheHASPbasedirectory.
Customizing Admin Control Center Look and Feel To create a directory for a custom template: 1.
207
CreateadirectorynamedtemplatesinsidetheHASPbase directory. TheHASPbasedirectoryislocatedintheAladdinshareddirectory /Aladdin Shared/HASP insideacommonfilesdirectory.Determinethe preciselocationofthisdirectoryonyoursystemasfollows: OpenAdminControlCenteronyourlocalmachine (http://127.0.0.1:1947).UnderAdministrationOptions,click Configuration.Readthefullpathnameofhasplm.ini,whichis locatedatthebottomofthepage.TheHASPbasedirectoryis thedirectoryinwhichthehasplm.inifileresides. Ifthefolderisempty,clickSubmit.Thebasepathofhasplm.ini isupdatedatthebottomoftheConfigurationpage. Add\Aladdin Shared\HASP\templates\<your_template_name>tothe directory.Forexample,usinganEnglishversionofWindowsXP, thefullpathis
C:\Program Files\Common Files\ Aladdin Shared\HASP\templates\<your_template_name>
2.
Note:

Youcancreatemultipletemplatesinsideyourtemplates directory. EachtimeHASP LicenseManagerislaunched,the applicationreadsthefilesinallthedirectories(except.bak files).Toexpeditethelaunchtime,itisrecommendedthatyou keepthedirectoriesfreeofunrequiredfiles. Afteryouhavemodifiedatemplate,youmustrestart HASP LicenseManagerforthechangestotakeeffect.
3.
Toverifyyourcustomizedtemplate,fromabrowseronyourlocal machine,openhttp://127.0.0.1:1947/<your_template_name>.
Writing Templates
AtemplateisanASCIItextfile(maybeHTML,butalsoXML,CSV, andsoon)thatcontainsplaceholders(tags)forvariablesthatare insertedbytheHASP LicenseManagerwhenarequestismadevia HTTP. Inaddition,thefilemaycontainblocktagsthatsurroundablockof textandtags,andgenerallyiteratealist(ofHASP SRMprotection keys,Features,sessions,andsoon).Forexample,
{tagname}repeatingblock{/tagname}
Theplaceholdersarewrittenas{placeholdername}.Foracomplete listofavailableplaceholdernames,theirdescriptionandusage,see tagxref.txtin

\Program Files\Aladdin\HASP SRM\Docs\Manuals & Tutorials\ Admin Control Center Customization\templates.
Notalltagsworkineverycontext,andsomewillhavedifferentvalues dependingonhowtheyareused.Forexample,when{logincount}is usedinaglobalcontext,itreturnsthetotallogincountfortheserver. Whenlogincountisusedinside{devicelist}{/devicelist},itreturns thelogincountforthecurrentlyselectedHASP SRMprotectionkey. If logincountisusedinside{featurelist}{/featurelist},itreturns thelogincountforthecurrentlyselectedFeature. Aspecialincludetagisavailable{#include "filename.ext"}that willreturnthecontentsofaspecificfileinsteadofavalue.Includes (includedfiles)mustnotbenested,andmustnotincludeapath(meaning thatincludedfilesmustresideinthesamedirectoryasthetemplate). Ifatabledisplayedinabrowserpagereturns*** illegal tag: xxx ***, thetagiseitherunrecognized,orisillegalinthecurrentcontext. InJavaScript,{placeholders}arereplaced.Touseanopeningcurly bracket{,withoutitbeingreplacedorgeneratinganillegaltagerror, ensurethatawhitespace(space,CR,LF,ortab)followsthecurly bracket.Inthiscase,itwillbepassedwithoutmodification. Tooutputsomethingsuchas{this}withoutitbeingparsed,usethe HTMLnotationforacurlybracket{this}. Foradditionalassistance,refertothesampletemplatesin
\Program Files\Aladdin\HASP SRM\Docs\Manuals & Tutorials\ Admin Control Center Customization\templates.
209
Default Templates and Samples

Threesetsoftemplatesourcecodeareprovided:
sampleprovidesaverysimpleexampleofhowtousetemplates
andtags. csvprovidesanexampleforgeneratingacommaseparated(.csv) fileforimportingtoaspreadsheetordatabase,orforprocessing byyourownprogram.ItproducesaCSVlistofallavailable Features. enisthecompleteEnglishlanguageversionofAdminControl Center,asincludedintheHASP LicenseManagerapplication (hasplms.exe).ThetemplateusesAJAXtechnologiestoincrease easeofuse.Fortranslations,orcreatingaspecificcorporate identity,usethistemplatesetasastartingpoint. YoucanalsoincorporatesomeoralloftheHASP SRMAdminControl CenterfunctionalityintoyourownWebapplication,possiblywiththe useof(i)frames,andsoon.
Sample CSV Output

ThissectionprovidesasampleCSVoutput.Suchoutputisusefulfor importingthedataintospreadsheets,databases,andsoon. Usingatemplatesuchas:
c:\>type templates\csv\features.txt {featurelist}{index}, {hhlid}, {featureid}, "{local}", "{concurrtext}", {priority}, {fileid}, {filetag}, {logincount}, {loginlimit}, {sessioncount} {/featurelist}
Thefollowingoutputisproduced:
c:\>wget http://10.24.2.23:1947/csv/features.txt -Of.txt & type f.txt --17:23:44-- http://10.24.2.23:1947/csv/features.txt `f.txt' Connecting to 10.24.2.23:1947... connected! HTTP request sent, awaiting response... 200 OK Length: 1,411 [text/plain] 1, 0x335918F1, 0x00000000, "local", "L", 0, 0xFFCB, 0x0B, 0, 0, 0 2, 0x335918F1, 0x0000BEEF, "local", "LNS", 0, 0x1234, 0x0C, 0, 7, 0

3, 0x335918F1, 0x00001357, "local", "L", 0, 0xABCD, 0x0B, 0, 0, 0 4, 0x335918F1, 0x000CAFF1, "local", "L", 0, 0xCAF1, 0x0B, 0, 0, 0 5, 0x335918F1, 0x000CAFF2, "local", "L", 0, 0xCAF2, 0x0B, 0, 0, 0 6, 0x335918F1, 0x000000A1, "local", "LNS", 0, 0xCAF3, 0x0C, 1, 7, 4 7, 0x335918F1, 0x000000A2, "local", "LNS", 0, 0xCAF4, 0x0C, 0, 7, 0 8, 0x335918F1, 0x0000BEEF, "local", "LNS", 0, 0x1235, 0x0C, 0, 7, 0 9, 0x335918F1, 0x0000BEEF, "local", "LNS", 0, 0x1236, 0x0C, 0, 7, 0 10, 0x335918F1, 0x0000BEEF, "local", "LNS", 0, 0x1237, 0x0C, 0, 7, 0 11, 0x335918F1, 0x0000BEEF, "local", "LNS", 0, 0x1238, 0x0C, 0, 7, 0 12, 0x389C1FAB, 0x00000000, "local", "L", 0, 0xFFCB, 0x0B, 0, 0, 0 13, 0x389C1FAB, 0x00012345, "local", "LNS", 0, 0xAFFE, 0x0C, 0, 7, 0 14, 0x389C1FAB, 0x00055779, "local", "L", 0, 0xBEEF, 0x0B, 0, 0, 0 15, 0x33C90F7A, 0x00011223, "10.24.2.17", "LNS", 0, 0xAFFE, 0x0C, 0, 7, 0 16, 0x33C90F7A, 0x00097531, "10.24.2.17", "LNS", 0, 0x1234, 0x0C, 0, 7, 0 17, 0x33C90F7A, 0x00002FAC, "10.24.2.17", "LNS", 0, 0xCAF2, 0x0C, 0, 7, 0 18, 0x33C90F7A, 0x000AFFEE, "10.24.2.17", "LNS", 0, 0xCAF5, 0x0C, 0, 7, 0 19, 0x33C90F7A, 0x000DFEED, "10.24.2.17", "LNS", 0, 0xCAF9, 0x0C, 0, 7, 0 20, 0x33C90F7A, 0x000FFE01, "10.24.2.17", "LNS", 0, 0x00A1, 0x0C, 0, 7, 0
211
Configuring Admin Control Center to Use your Custom Template

Afteryouhavecreatedyourtemplate,youwanttobesurethatAdmin ControlCenterloadsyourcustomizedsettingswheneveritlaunches. Bydefault,whenyouenterhttp://[servername]:1947 inyourbrowser,the internalfactorydefaulttemplatesareused.TheURLisredirectedto http://[servername]:1947/_int_/index.html._int_denotestheinternaldirectory.Ifyou replace_int_withsample,thetemplatesfromthesampledirectoryare used. To direct Admin Control Center to Use your Custom Template: 1. 2. OpenAdminControlCenterinyourbrowser.Bydefault,the applicationopensatthethisURL:
http://[servername]:1947/_int_/index.html IntheURL,replace_int_ withthenameofthecustomtemplateyou
wishtouse. 3. CreateashortcuttotheaddressofAdminControlCenterwith yourtemplate. Usingthisprocess,multiplebrowserwindowscanusemultiple templatessimultaneously.
URL Redirections Using HTTP 302

FollowingisalistofsampleURLstowhichthebrowserisredirected whenaspecificURLisentered. Notethatyoudonotrequirethisinformationfortranslationorsimple layoutchangesinyourtemplate.However,itisrequiredifyouare changingthelogicofAdminControlCenter,forexamplebyaddingor removingpages,ormergingAdminControlCenterfunctionsinto anotherapplication.
URL Entered
[server name]:1947 Provides a shortcut to the main Admin Control Center page [server name]:1947/corporate.html Automatically switches to the internal template. (_ini_) is set when no template has been specified [server name]:1947/csv/devices.txt Doesnt change because the template (csv) and file name are specified [server name]:1947/sample Automatically redirects to the index.html file when no file name has been specified
URL Displayed
[server name]:1947/_int_/index.html
[server name]:1947/_int_/corporate.html
[server name]:1947/csv/devices.txt
[server name]:1947/sample/index.html
Note:
ItissufficienttotypeonlytheURLofHASP SRMAdminControl Center,itautomaticallyredirectstotheindexpage.
Part 5 Appendices
In this section:
Appendix A: Troubleshooting
Provides a checklist to help you solve some of the most common problems that your customers might encounter when using the HASP HLkeys. Also includes a list of specific problems you or your customers may experience, together with the solutions.
Appendix B: HASP SRM Glossary

Provides a glossary of HASP SRM-related terminology.
Appendix C: HASP SRM Run-time API Reference

Provides an overview of the functions that comprise the HASP SRM Run-time API. Also includes structural declarations and detailed information on individual HASP SRM Run-time API functions, and a summary and description of all API return codes.
214
Appendix A
Troubleshooting
Thefirstpartofthisappendixprovidesachecklisttohelpyousolve someofthemostcommonproblemsthatyourcustomersmight encounterwhenusingtheHASP HLkeys.Thesecondpartlists specificproblemsyouoryourcustomersmayexperience,together withthesolutions. HASP HLkeysconformtothehigheststandardsofqualityassurance. However,likeanyotherPCperipheraldevice,aHASP HLkeymight notoperateoncertainPCconfigurationsbecauseoffaultyequipment orimproperinstallation.Thisappendixcanhelpyouinsucha situation. Inadditiontotheinformationinthisappendix,youcanaccessthe AladdinKnowledgeBaseat:
http://www.aladdin.com/kb2
TheKnowledgeBasecontainsacomprehensivelistingofsolutionsto generalandspecificproblems. Toavoidpotentialdifficulties,ensureyouareusingcurrent HASP SRMsoftwareversions.ContactyourlocalAladdin representativeforthelatestupdates,orvisitAladdinsinternational downloadspageat:http://www.aladdin.com/download
216 Troubleshooting
Checklist
Ifacustomerreportsaproblem,checkthefollowing:

Whatthereturnederrorcodeormessagesays.Foradditional information,seeAPIStatusCodesonpage 257. WhetheraHASP HLkeyisconnectedcorrectlytotheUSBport Whetheryourcustomershardwareortheoperatingsystem indicatestechnicalmalfunction,suchasdevicemanager collisions,systemevents,bootlogfailures,andsoon WhetherHASP SRMAdminControlCentercanaccessthe HASP HLkey. Whethertheproblemoccurswhentheprotectedapplicationruns onanotherPCofthesamemodel
Problems and Solutions

Problem Solution
HASP HL key drivers do not install. Are older HASP HL key drivers installed on the machine? Uninstall the older driver using the installer corresponding to the older driver version. For additional information, see the HASP HL key driver documentation. After the older drivers are removed, install the HASP HL drivers. For additional information, see Installing the HASP SRM Run-time Environment on page 52.
Problem Solution
You receive an error message when using haspdinst.exe to install the HASP HL key driver under Windows 2000/XP/2003/Vista. Review the haspdinst.exe installation instructions. For additional information, see haspdinst.exe Utility on page 52. Alternatively, try to install the drivers using the HASPUserSetup.exe. For additional information, see HASPUserSetup.exe Utility on page 52.
Problems and Solutions Problem Solution

The protected application cannot find a HASP HL key.
217
Does the HASP HL key LED light up? If not, this could be for one of the following
reasons: 1. The key is not connected properly to the USB port. Disconnect, then reconnect after a few seconds. If the LED lights, the application should be able to access the key. 2. The required HASP HL key drivers are not installed. If you are running HASP SRM on a Windows platform, check for an entry for HASP SRM in the Device Manager utility. If there is no entry, you must install the drivers using one of the methods in Installing the HASP SRM Run-time Environment on page 52. 3. Check if the USB port is functioning correctly. Disconnect all other USB devices from their respective ports. Connect the HASP HL key to a different USB port. Try using a different USB device in the port from which the HASP HL key was not accessible.
Open the Windows Services window and check that HASP License Manager is
running.
Check that the Batch Code on the HASP HL key matches the Batch Code of the
protected application.
Problem Solution
The application takes a long time to find the HASP SRM protection key on a large network. It is recommended that you customize the search mechanism. Use Admin Control Center configuration to specify a search criteria, and to define the server addresses to be searched. By doing so, the Admin Control Center searches for the HASP SRM protection key at a specific address, which is much faster. You receive an error message indicating that HASP License Manager was not found. The error message might be for one of the following reasons:
HASP License Manager was not loaded. Try restarting HASP License Manager in
Problem Solution
the Windows Services window.

There is a communication error with the machine on which the HASP SRM
protection key is located. If you repeatedly receive the error message, try using a different search mechanism.
218 Troubleshooting
Problem Solution
You cannot add files when using the DataHASP utility. The problem may occur for one of the following reasons:
You are attempting to add a list that includes problematic files. Remove all
problematic files, that are marked in red in the File list.

You are attempting to add a file that is outside the scope of the filters defined in
HASP SRM Envelope. You must protect your software again using the new file filter settings. For additional information about working with the DataHASP utility, see Working with the DataHASP Encryption Utility on page 109.
Problem Solution
When using DataHASP, you receive a message that no data filters were defined for a program in a HASP SRM Envelope project. The problem cannot be solved using the DataHASP utility. You need to use HASP SRM Envelope to protect your software again, and to specify file filter settings.
Appendix B
HASP SRM Glossary

Activation counter AES Anti-debugging API call history API samples Background checks Backward compatibility
Licensing element indicating the number of times a Feature, licensed using HASP SRM, can be run Advanced Encryption Standard (AES) algorithm that is the basis for the HASP SRM encryption and decryption Measures applied by the HASP SRM system to block potential attacks intended to undermine the protection scheme Log of all calls to the HASP SRM Run-time API executed using HASP SRM ToolBox Sample applications that utilize the HASP SRM Run-time API. A learning tool used for implementing the HASP SRM Run-time API. Random checks executed by protected applications for a required HASP SRM protection key Ability to share data or commands with applications protected with earlier HASP versions. HASP SRM backward compatibility includes the ability to read and write data, set real-time clocks, and process other legacy' commands. An original Product that has been created from scratch from which other Products may be created. All Modification Products, Provisional Products and Cancellation Products are created from Base Products. Unique character string that represents a Vendor Code. Used in defining Features, Products and orders. It is also used for ordering HASP SRM protection keys. With HASP HL keys, the code is printed on the HASP HL key label. Customer-to-Vendor file. A file sent by the customer to the vendor, containing data about deployed HASP SRM protection keys.
Base Product
Batch Code
C2V file
220 HASP SRM Glossary Cancellation Product

A Product that cancels the licensing details of another Product. Can be used to revoke a deployed license, or to remove a license from a specified computer so that it can be transferred to another computer. Indicates that protection can be applied to both HASP HL and HASP SL keys Utility for protecting data files that are accessed by programs protected by HASP SRM Envelope Process of decrypting data that has been encrypted Feature that is always available in a HASP SRM protection key. It requires no configuration. Batch Code used for evaluation purposes with any HASP SRM application. Its corresponding Vendor Code is available in the VendorCodes folder of your HASP SRM installation. See DEMOMA Temporarily remove a license from a network pool on a host machine for attachment to a remote recipient machine Translation of data into a confidential code. To read an encrypted file, you must have the correct encryption engine for decrypting the file. Encryption engine in a HASP SRM protection keybased on the AES algorithm Key used for encrypting a data file used with HASP SRM Envelope Number of iterations that the HASP SRM Envelope executes with the HASP SRM protection key for each interaction See HASP SRM Envelope Defined default protection settings and other project-related data Date after which a protected program or Feature stops running An identifiable functionality of a software application that can be independently controlled by a license. In HASP SRM, a Feature may be an entire application, a module or a specific functionality such as Print, Save or Draw. Unique identifier for a HASP SRM-protected Feature Defines the files that are exposed to on-the-fly file encryption
Cross-locking DataHASP Decryption Default Feature DEMOMA
Demo Vendor Code Detach Encryption Encryption engine Encryption key Encryption level Envelope Envelope template Expiration date Feature
Feature ID File filter
221 Grace period H2R file Handle HASP HL Basic key HASP HL Demo key HASP HL Drive
An initial period of time during which a Product can be used without a HASP SRM protection key. See also Provisional Product. Host-to-Recipient file that contains one or more detached Products and their licenses for temporary attachment to a recipient machine Unique identifier for accessing the context of a HASP SRM login session Standard HASP HL local key that is used to protect software, and has a perpetual license. It does not have any memory functionality. Sample HASP HL key provided for evaluating HASP SRM protection and licensing software. Always has the Batch Code DEMOMA. A HASP HL key that combines the copy-protection and licensing capabilities of the HASP HL Max key with the convenience of a mass storage drive The hardware-based protection and licensing component of HASP SRM. One of the HASP SRM protection key types. HASP HL local key with large storage capacity HASP HL network key HASP HL network key with a real-time clock HASP HL local key with moderate storage capacity HASP HL local key with a real-time clock Unique identity number for a HASP SRM protection key Acts as a server and monitors concurrent usage according to the licenses stored in a HASP HL Net key The software-based protection and licensing component of HASP SRMa virtual HASP HL key Software protection and licensing system Customizable, Web-based, end-user utility that enables centralized administration of HASP License Managers and HASP SRM protection keys
HASP HL key HASP HL Max key HASP HL Net key HASP HL NetTime key HASP HL Pro key HASP HL Time key HASP ID Number HASP License Manager HASP SL key HASP SRM HASP SRM Admin Control Center
222 HASP SRM Glossary HASP SRM Business Studio

Role-based application used to generate licenses and lock them to HASP SRM protection keys, write specific data to the memory of a HASP SRM protection key, and update licenses already deployed in the field A vendor-specific HASP HL key containing the confidential codes assigned by Aladdin Knowledge Systems. The key is used by the software engineers when protecting programs using HASP SRM. Kit containing software, hardware and documentation for evaluating the HASP SRM system Application that wraps an application in a protective shield, ensuring that the protected application cannot run unless a specified HASP SRM protection key is accessible by the program A vendor-specific HASP HL key containing the confidential codes assigned by Aladdin Knowledge Systems. The key is connected to the HASP SRM Business Studio Server. HASP HL keys and HASP SL keys Enables licenses in deployed HASP SRM protection keys to be securely, remotely updated, or the contents of the keys to be modified. See also C2V file and V2C file Interface for inserting calls to a HASP SRM protection key System component that enables communication between a protected program and a HASP SRM protection key HASP SRM GUI application designed to facilitate software engineers use of the HASP SRM Run-time API and to generate source code File containing update information for deployed HASP SRM protection keys. See also V2C file The HASP SRM Master key and HASP SRM Developer key that contain your confidential and unique Vendor Codes. These keys enable you to apply protection to your programs, program the HASP SRM protection keys that you send to your end users, and to specify the license terms under which your software can be used. See HASP SRM protection key
HASP SRM Developer key HASP SRM Developer Kit HASP SRM Envelope
HASP SRM Master key
HASP SRM protection keys HASP SRM Remote Update System (RUS) HASP SRM Run-time API HASP SRM Run-time Environment HASP SRM ToolBox HASP Update
HASP SRM Vendor keys
Key
223 License License Manager License terms Locking type Memory data
Digital permit stored in a HASP SRM protection key See HASP License Manager Detailed conditions contained in a license Determines the level of protection for a Product, according to the type of HASP SRM protection key supplied with the Product Data, such as passwords, values used by the software, and so on, that is specified in memory and transferred to the secure storage of the HASP SRM protection key A modified version of an existing Product A request for Products or HASP Updates to be shipped to a customer A sellable item that contains one or more Features, and/or data defined in memory for secure storage A string generated by HASP SRM Business Studio and supplied to the end user for use as proof of purchase for Product Activation or Update Activation A Product that can be used as trialware, or during a grace period. Provisional Products do not require a locking type, since they can be activated and used for a limited period without a HASP SRM protection key. The implementation of an order for Products or HASP Updates The concept of separation between engineering and business processes, on which HASP SRM is designed Clock available in the HASP HL Time key and HASP HL NetTime key Remote machine to which a license that has been detached from a network pool on a host machine is temporarily attached Software attacks intended to unravel the algorithms and execution flow of a target program by tracing the compiled program to its source code. HASP SRM Envelope protection implements contingency measures to repel such attacks and prevent hackers from discovering algorithms used inside protected software. See HASP SRM Remote Update System Error or status message returned by the HASP SRM system
Modification Product Order Product Product Key
Provisional Product
Production Protect Once Deliver Many Real-time Clock (RTC) Recipient machine Reverse Engineering
RUS Status code
224 HASP SRM Glossary Trialware

Software that can be distributed without a HASP SRM protection key for end-user evaluation during a limited time period. See also Provisional Product. Coordinated Universal Timethe standard time common to every place in the world Vendor-to-Customer file that contains HASP Update data for delivery to end users. This data can include detailed changes to the license terms and/or data to be stored in the end users' HASP SRM protection keys. A confidential, vendor-unique string containing vendor-specific secrets that enables access to the vendor-specific HASP SRM protection keys.
UTC V2C file
Vendor Code
Appendix C
HASP SRM Run-time API Reference

Thisappendixisdividedintothreesections:

OverviewofthefunctionsthatcomprisetheHASP SRMRuntime API Structuraldeclarationsanddetailedinformationonindividual HASP SRMRuntimeAPIfunctions SummaryanddescriptionofallAPIreturncodes
HASP SRM ToolBox

UseHASP SRMToolBoxtoassistyoutofullyunderstandthe functionalityofeachAPIcall,useHASP SRMToolBox.Thistool enablesyouto:

Testfunctioncalls Understandtherequiredparameters Anticipatereturnvalues.
HASP SRMToolBoxispartoftheHASP SRMVendorSuite.
API Samples
EachHASP SRMinstallationincludesAPIsamplesforvarious programminglanguages.UsethesesamplestointegrateHASP SRM protectionintoyourowncode. EverysamplefolderincludesaHASP SRMheaderfile.Refertothe AladdinKnowledgeSystemsWebsiteandtheHASP SRMinstallation CDforinformationonavailablesampleprogramsforspecific programminglanguages.
226 HASP SRM Run-time API Reference
API Function Overview

TheHASP SRMRuntimeAPIfunctionsinthisreferenceapplytothe C programminglanguageinterface.Theinformationforeachfunction includesthefollowing:

Name:Thefunctionname,asspecifiedintheClanguageinterface. Description:Abriefdescriptionofthemainpurposeofthefunction. Syntax:ThespecificfunctiondeclarationintheCprogramming
language. Parameters:Theparametersforthefunction. Returns:Allthepossiblereturnsassociatedwiththeexecutionof thefunction. Usage Notes:Detailedinformationonhowtousethefunction.
Note:
TheinformationinthisAppendixiswrittenfortheHASP SRM RuntimeAPI.If youareusinganolderversionoftheHASP API, refertotheappropriateAPIdocumentationfortheversionthatyou areusing.YoucandownloadtherelevantdocumentfromtheAladdin KnowledgeSystemsWebsite. ThefollowingtableliststheavailableHASP SRMRuntimeAPI functions. Function
hasp_datetime_to_hasptime() hasp_decrypt() hasp_detach
Description
Converts a date and time value to hasptime Decrypts a buffer using the AES encryption algorithm Detaches a Product and its license from a HASP SL key, according to customizable parameters Encrypts a buffer using the AES encryption algorithm Releases allocated memory resources Reads the current time from a HASP HL Time or HASP HL NetTime key Retrieves information regarding a session context
hasp_encrypt() hasp_free() hasp_get_rtc()
hasp_get_sessioninfo()
API Function Overview Function

hasp_get_info()
227
Description
Retrieves information according to customizable search parameters, and presents it according to customizable formats Retrieves the byte size of a memory file from a HASP SRM protection key Converts a time value into a date and time Logs in to a Feature, establishing a session context Retrieves login information according to customizable search parameters Logs out from a context or session Reads the memory of a HASP SRM protection key Writes an update for a HASP license Writes to the memory of a HASP SRM protection key
hasp_get_size()
hasp_hasptime_to_datetime() hasp_login() hasp_login_scope()
hasp_logout() hasp_read() hasp_update() hasp_write()
hasp_datetime_to_hasptime()
Description
Convertsadateandtimevaluetohasptime(thenumberofelapsed secondssince01/01/1970).
Syntax
hasp_status_t HASP_CALLCONV hasp_datetime_to_hasptime( unsigned int unsigned int unsigned int unsigned int unsigned int unsigned int hasp_time_t * ) day, month, year, hour, minute, second, time
Parameters
day month year hour minute second time
Input for day value (range 1-31) Input for month value (range 1-12) Input for year value (range 1970+) Input for hour value (range 0-23) Input for minute value (range 0-59) Input for second value (range 0-59) Pointer to the resulting time value
Return Values
HASP_STATUS_OK HASP_INV_TIME
Request was successfully completed Passed time value is outside the supported value range
229
Usage Notes
Theconverteddateandtimevaluereflectsthenumberofelapsed secondssinceJanuary1,1970.Thisconversionfunctionisusedin conjunctionwiththeAPIfunctionsthatsetorretrievevaluesforthe realtimeclock(RTC)intheHASP HLTime,HASP HLNetTimeand HASP SLkeys.
Related Topics

hasp_encrypt() hasp_hasptime_to_datetime()
hasp_decrypt()
Description
Reversestheoperationofthehasp_encrypt()functionappliedona databuffer,returningthedatatoitsunencryptedstate.
Syntax
hasp_status_t HASP_CALLCONV hasp_decrypt( hasp_handle_t handle, void * buffer, hasp_size_t length )
Parameters
handle buffer length
Handle for the session Pointer to the buffer to be decrypted Size (in bytes) of the buffer to be decrypted16 bytes minimum required
Return Values
HASP_STATUS_OK HASP_INV_HND HASP_DEVICE_ERR HASP_TIME_ERR HASP_TOO_SHORT HASP_SCHAN_ERR HASP_ENC_NOT_SUPP
Request was successfully completed Invalid input handle Input/output error in HASP SL secure storage, OR, in the case of a HASP HL key, USB communication error System time has been tampered with Encryption data length is too short Communications error in secure channel Hardware does not support encryption type
hasp_decrypt()
HASP_BROKEN_SESSION HASP_LOCAL_COMM_ERR HASP_REMOTE_COMM_ERR
231
Session was interrupted Communication error occurred between the application and the local HASP License Manager Communication error occurred between the local and remote HASP License Managers
Usage Notes
DecryptsdatausingtheencryptionengineintheHASPSRM protectionkey.ThespecificsessionhandledetermineswhichHASP SRMprotectionkeyandwhichFeatureIDencryptsthedatabuffer. TheencryptionkeyremainsintheHASPSRMprotectionkey.Ifthe decryptionfails,thedatabufferisnotmodified.
Related Topics
hasp_encrypt()
hasp_detach()
Description
DetachesaProductanditslicensefromaHASPSLkey,accordingto customizableparameters.AllFeaturesandmemoryfilesthatbelong totheProductaredetached.Youdonotneedtobeloggedintoa Featureinordertousethisfunction.
Syntax
hasp_status_t HASP_CALLCONV hasp_detach( const char *detach_action, const char *scope, hasp_vendor_code_t vc const char *recipient char **info )
Parameters
detach_action scope
Operation parameters, in XML format Search parameters for the Product that is to be detached. For more information, refer to the Scope XML Tags in the XML Tags section of the HASP SRM Run-time API Reference in the Help documentation. Pointer to the Vendor Code Definition in XML format of the recipient machine to which the detached Product and its license will be attached. Use either hasp_get_info() or hasp_get_sessioninfo(), together with the HASP_RECIPIENT specifier, to retrieve the recipient information. For more information, refer to the XML Tags section of the HASP SRM Run-time API Reference in the Help documentation. Pointer to the information that is retrieved as XML text. This information is a V2C, which can then be installed on the recipient machine using the hasp_update function. Use the hasp_free function to release the pointer after use.
vc recipent
info
hasp_detach()
233
Return Values
HASP_STATUS_OK HASP_INV_DETACH_ACTION HASP_INV_RECIPIENT HASP_TOO_MANY PRODUCTS HASP_INV_PRODUCT HASP_INSUF_MEMORY HASP_DEVICE_ERROR
Request was successfully completed Invalid XML detach_action parameter Invalid XML recipient parameter
hasp_detach scope does not specify a unique
Product Invalid Product information System out of memory Input/output error occurred in secure storage area of HASP SL key OR In the case of a HASP HL key, USB communication error occurred Communication error occurred between the application and the local HASP HASP License Manager Communication error occurred between the local and remote HASP License Managers
HASP_LOCAL_COMM_ERROR HASP_REMOTE_COMM_ERROR
Usage Notes The requisite Vendor Codes are stored in a VendorCodes directory in the system. You cannot run the function without the correct Vendor Codes being available. Related Topics

hasp_get_info() hasp_get_sessioninfo()
Additional information is also available in the XML Tags section of the HASP SRM Run-time API Reference in the Help documentation.
hasp_encrypt()
Description
EncryptsabufferusingtheAESencryptionalgorithm.
Syntax
hasp_status_t HASP_CALLCONV hasp_encrypt( hasp_handle_t handle, void * buffer, hasp_size_t length )
Parameters
handle buffer length
Handle for the session Pointer to the buffer to be encrypted Size (in bytes) of the buffer to be encrypted16 bytes minimum required
Return Values
HASP_STATUS_OK HASP_INV_HND HASP_DEVICE_ERR HASP_TIME_ERR HASP_TOO_SHORT HASP_SCHAN_ERR HASP_ENC_NOT_SUPP HASP_HASP_NOT_FOUND HASP_LOCAL_COMM_ERR HASP_REMOTE_COMM_ERR
Request was successfully completed Invalid input handle Input/output error in HASP SL secure storage, OR, in the case of a HASP HL key, USB communication error System time has been tampered with Encryption data length is too short Communications error in secure channel Hardware does not support encryption type Required HASP key not found Communication error occurred between the application and the local HASP License Manager Communication error occurred between the local and remote HASP License Managers
hasp_encrypt()
235
Usage Notes
EncodesdatausingtheencryptionengineintheHASP SRM protectionkey.The specifiedsessionhandledetermineswhich HASP SRMprotectionkeyperformstheencryptionofthedatabuffer. TheencryptionkeyremainsintheHASP SRMprotectionkey.Ifthe encodingoperationfails,thedatatargetedforencryptionisnot affected.Todecodethedatabuffer,usethehasp_decrypt()function.
Related Topics
hasp_decrypt()
hasp_free()
Description
ReleasesmemoryresourcesutilizedbyotherAPIfunctions.
Syntax
void HASP_CALLCONV hasp_free(char * info)
Parameters
info
Pointer to the memory resources to be released
Usage Notes
UsedonlyinCcodetoreleasememoryresourcesallocatedtostoring retrieveddatafromAPIcallsusingthehasp_get_sessioninfo()and hasp_update()functions.Thefunctionhasnoreturnvalues.
Related Topics

hasp_get_sessioninfo() hasp_update()
hasp_get_rtc()
237
hasp_get_rtc()
Description
ReadsthecurrenttimefromaHASP HL TimeorHASP HL NetTimekey.
Syntax
hasp_status_t HASP_CALLCONV hasp_get_rtc( hasp_handle_t hasp_time_t * ) handle, time
Parameters
handle time
Handle for the session Pointer to the current time
Return Values
HASP_STATUS_OK HASP_INV_HND HASP_HASP_NOT_FOUND HASP_NO_BATTERY_POWER HASP_NO_TIME HASP_LOCAL_COMM_ERR HASP_REMOTE_COMM_ERR
Request was successfully completed Invalid input handle Required HASP SRM protection key not found Real-time clock has run out of power Real-time clock is not available Communication error occurred between the application and the local HASP License Manager Communication error occurred between the local and remote HASP License Managers
Usage Notes
Primarilyusedtoobtainreliabletimestampsthatareindependentof thesystemclock.Timevaluesarereturnedasthenumberofseconds thathaveelapsedsinceJan.0119700:00hoursUTC.Usethe hasp_hasptime_to_datetime()functiontoconverttheoutputtoUTC format.ThisfunctionreadstheHASP HL Netkeyand HASP HL NetTimekeytime,nottheexpirationdatetime.
Description
Retrievesinformationregardingasessioncontext.
Syntax
hasp_status_t HASP_CALLCONV hasp_get_sessioninfo( hasp_handle_t handle, char * format, char ** info )
Parameters
handle format
Handle for the session XML definition for the type of output data structure. There are three format options: 1. HASP_KEYINFO: For retrieving information on the HASP SRM protection key. 2. HASP_SESSIONINFO: For retrieving information on the session. 3. HASP_UPDATEINFO: For retrieving information on a license update usually contained in a C2V file. The retrieved information includes information on update counters, licenses and memory images currently available in a deployed HASP SRM protection key. For more information, refer to the XML Tags section of the HASP SRM Run-time API Reference in the Help documentation.
info
Pointer to the information which is retrieved as XML text
Return Values
HASP_STATUS_OK HASP_HASP_NOT_FOUND HASP_INV_HND HASP_INV_FORMAT
Request was successfully completed HASP SRM protection key is no longer available Invalid input handle Unrecognized format
HASP_INSUF_MEM HASP_BROKEN_SESSION HASP_LOCAL_COMM_ERR
239
Out of memory Session has been interrupted Communication error occurred between the application and the local HASP License Manager Communication error occurred between the local and remote HASP License Managers Input/output error in HASP SL secure storage, OR, in the case of a HASP HL key, USB communication error System time has been tampered with
HASP_REMOTE_COMM_ERR
HASP_DEVICE_ERR
HASP_TIME_ERR
Usage Notes
WhenusingtheHASP_UPDATEINFOparameter,theHASP SRM protectionkeymustbeaccessiblebythelocalmachine. Theretrievedsessioninformationappliesto:
AdeployedHASP SRMprotectionkey Thecurrentoraspecificloginsession Alicenseupdate Thisfunctionallocatesmemoryfortheinformationitretrieves. To releaseallocatedmemoryresources,usethehasp_free()function. To convertareturnedtimevaluetothecurrentdateandtime,usethe hasp_hasptime_to_datetime()function.
Related Topics

hasp_free() hasp_get_info()
hasp_get_info()
Description
Retrievesinformationaboutsystemcomponents,accordingto customizablesearchparameters,andpresentsitaccordingto customizableformats.
Syntax
hasp_status_t HASP_CALLCONV hasp_get_info( char * scope, char * format, hasp_vendor_code_t vendor code, char ** info )
Parameters
scope
Definition of the data that is to be searched. For more information, refer to the Scope XML Tags in the XML Tags section of the HASP SRM Run-time API Reference in the Help documentation. Definition of the format in which the data is to be displayed. For more information, refer to the Scope XML Tags in the XML Tags section of the HASP SRM Run-time API Reference in the Help documentation. Pointer to the Vendor Code Pointer to the information that is retrieved
format
vendor code info
Return Values
HASP_STATUS_OK HASP_INV_FORMAT HASP_INV_SCOPE HASP_INSUF_MEM
Request was successfully completed Unrecognized format Unrecognized scope Out of memory
hasp_get_info()
HASP_BROKEN_SESSION HASP_LOCAL_COMM_ERR
241
Session has been interrupted Communication error has occurred between the application and the local HASP License Manager Communication error has occurred between the local and remote HASP License Managers Input/output error in HASP SL secure storage, OR, in the case of a HASP HL key, USB communication error Invalid Vendor Code Vendor Code not recognized by API Scope string too long (maximum length 32 KB)
HASP_DEVICE_ERR
HASP_INV_VCODE HASP_UNKNOWN_VCODE HASP_INVALID_PARAMETER
Usage Notes
YoudonotneedtobeloggedintoHASP VendorSuiteinordertouse thisfunction. Thisfunctionisusedtospecifyconditionsaboutwheretosearchfor information.Inaddition,itenablesyoutospecifyconditionsaboutthe formatinwhichtheretrievedinformationispresented.Ifretrieved informationisappropriatelyformatted,itcanbeusedasatemplatein thehasp_login_scope()function. TherequisiteVendorCodesarestoredinaVendorCodesfolderinyour system.WithoutthecorrectVendorCode,thefunctioncallcannot succeed.
Related Topics

hasp_get_sessioninfo() hasp_free()
hasp_get_size()
Description
RetrievesthebytesizeofamemoryfilefromaHASP SRMprotection key.
Syntax
hasp_status_t HASP_CALLCONV hasp_get_size( hasp_handle_t hasp_fileid_t hasp_size_t * ) handle, fileid, size
Parameters
handle fileid
Handle for the session Identifier for the file that is to be queried. Possible values are FILEID_RO or FILEID_RW for read only or read/write. Pointer to the resulting file size
size
Return Values
HASP_STATUS_OK HASP_INV_HND HASP_INV_FILEID HASP_TIME_ERR HASP_HASP_NOT_FOUND HASP_LOCAL_COMM_ERR
Request was successfully completed Invalid input handle Unrecognized file identifier System time has been tampered with HASP SRM protection key is no longer available Communication error occurred between the application and the local HASP License Manager Communication error occurred between the local and remote HASP License Managers
hasp_get_size()
243
Usage Notes
ThisfunctionisusedtodeterminethefilesizeoftheHASP SRM protectionkeymemory.Thefilesizeenablesyoutodeterminethe largestpossiblebytesizeoffset.Thisinformationisusefulwhen readingorwritingtothememoryofaHASP SRMprotectionkey. The firstbyteinafilehastheindex0.
Related Topics

hasp_read() hasp_write()
hasp_hasptime_to_datetime()
Description
Convertsatimevalue(elapsedsecondssinceJanuary 1,1970)intoa dateandtime.
Syntax
hasp_status_t HASP_CALLCONV hasp_hasptime_to_datetime( hasp_time_t unsigned int unsigned int unsigned int unsigned int unsigned int unsigned int ) time, * day, * month, * year, * hour, * minute, * second
Parameters
time day month year hour minute second
Pointer for placing time value Pointer for day value Pointer for month value Pointer for year value Pointer for hour value Pointer for minute value Pointer for second value
Return Values
HASP_STATUS_OK HASP_INV_TIME
Request was successfully completed Passed time value is outside the supported value range
hasp_hasptime_to_datetime()
245
Usage Notes
AllvaluesarebasedonCoordinatedUniversalTime(UTC). The converteddateandtimevaluereflectsthenumberofelapsed secondssinceJan.1,1970.Thisconversionfunctionisusedin conjunctionwiththeAPIfunctionsthatsetorretrievevaluesforthe realtimeclock(RTC)intheHASP HL TimeandHASP HL NetTime keys.
Related Topics
hasp_login()
Description
LogsintoaFeatureandtherebyestablishesasessioncontext.
Syntax
hasp_status_t HASP_CALLCONV hasp_login( hasp_feature_t feature_id, hasp_vendor_code_t vendor_code, hasp_handle_t * handle )
Parameters
feature id vendor code handle
Unique identifier for a specific Feature stored in a HASP SRM protection key. Pointer to the Vendor Code Pointer to the session handle
Return Values
HASP_HASP_NOT_FOUND HASP_STATUS_OK HASP_FEATURE_NOT_FOUND HASP_FEATURE_TYPE_NOT_IMPL HASP_TMOF HASP_INSUF_MEM HASP_INV_VCODE HASP_NO_DRIVER HASP_NO_VLIB HASP_INV_VLIB HASP_OLD_DRIVER HASP_UNKNOWN_VCODE
Required HASP SRM protection key not found Request was successfully completed Cannot find requested Feature Requested Feature type not available Too many open sessions Out of memory Invalid Vendor Code Driver not installed Vendor library cannot be found Vendor library cannot be loaded Old driver installed Vendor Code not recognized by the API
hasp_login()
HASP_FEATURE_EXPIRED HASP_TOO_MANY_USERS HASP_OLD_LM HASP_DEVICE_ERR HASP_TIME_ERR HASP_TS_DETECTED HASP_HARDWARE_MODIFIED
247
Feature has expired Too many HASP SRM protection keys currently connected HASP License Manager version out of date Input/output error in HASP SL secure storage, OR, in the case of a HASP HL key, USB communication error System time has been tampered with Program is running remotely on a Terminal Server HASP SL key incompatible with machine hardware. HASP SL key locked to different hardware. OR In the case of a V2C file, conflict between HASP SL key data and machine hardware data. HASP SL key locked to different hardware. Communication error occurred between the application and the local HASP License Manager Communication error occurred between the local and remote HASP License Managers Vendor library too old
HASP_LOCAL_COMM_ERR HASP_REMOTE_COMM_ERR
HASP_OLD_VLIB
Usage Notes
ThisfunctionestablishesacontexttoaHASP SRMprotectionkey containingalicensefortherequestedFeature ID. WhenthedefaultFeature ID 0isused,theAPIsearchesonlyforthe HASP SRMprotectionkeyandignoresthelicensinginformation specifiedinthekey. TherequisiteVendorCodesarestoredinaVendorCodesfolderinyour system.WithoutthecorrectVendorCode,thefunctioncallcannot succeed.Youcanopenupto512simultaneousloginsessions.
Related Topics

hasp_logout() hasp_login_scope()
hasp_login_scope()
Description
LogsintoaFunctiontoestablishasession,accordingtopredefined searchparameters.
Syntax
hasp_status_t HASP_CALLCONV hasp_login_scope( hasp_feature_t featureid, char * scope hasp_vendor_code_t vendor_code, hasp_handle_t * handle )
Parameters
feature id scope
Unique identifier for a specific Feature stored in a HASP SRM software protection key. Definition of the data that is to be searched for the licenses. For more information, refer to the XML Tags section of the HASP SRM Run-time API Reference in the Help documentation. Pointer to the Vendor Code Pointer to the session handle
vendor code handle
Return Values
HASP_STATUS_OK HASP_FEATURE_NOT_FOUND HASP_SCOPE_RESULTS_EMPTY HASP_HASP_NOT_FOUND HASP_TMOF HASP_INSUF_MEM HASP_INV_VCODE HASP_NO_DRIVER
Request was successfully completed Requested Feature no longer available Unable to locate a Feature matching the scope HASP SRM protection key is no longer available Too many open sessions System out of memory Invalid Vendor Code passed Required driver not installed
hasp_login_scope()
HASP_OLD_DRIVER HASP_UNKNOWN_VCODE HASP_INVALID_PARAMETER HASP_LOCAL_COMM_ERR HASP_REMOTE_COMM_ERR HASP_FEATURE_EXPIRED HASP_TOO_MANY_USERS HASP_OLD_LM HASP_DEVICE_ERR HASP_TIME_ERR HASP_FEATURE_TYPE_NOT_IMPL HASP_INV_SCOPE HASP_NO_VLIB HASP_INV_VLIB
249
Installed driver too old to execute function Vendor Code not recognized by API Scope string too long (max. length 32 KB) Communication error between application and local HASP License Manager Communication error between local and remote HASP License Managers Feature has expired Too many users currently connected HASP License Manager too old Input/output error in HASP SL secure storage, OR, in the case of a HASP HL key, USB communication error System time has been tampered with Requested Feature type not implemented XML specification invalid Vendor library cannot be found Vendor library cannot be loaded Vendor library too old
HASP_OLD_VLIB
Usage Notes
Thisfunctionisusedtospecifyconditionsthatspecifywherelogin informationistobesearchedfor. TherequisiteVendorCodesarestoredinaVendorCodesfolderinyour system.WithoutthecorrectVendorCode,thefunctioncallcannot succeed.Youcanopenupto512simultaneousloginsessions.
Related Topics

hasp_get_info() hasp_get_sessioninfo() hasp_login() hasp_logout()
hasp_logout()
Description
Logsoutfromacontextorsession.
Syntax
hasp_status_t HASP_CALLCONV hasp_logout( hasp_handle_t ) handle
Parameters
handle
Handle for the session being terminated
Return Values
HASP_STATUS_OK HASP_INV_HND HASP_LOCAL_COMM_ERR
Request was successfully completed Invalid input handle Communication error occurred between the application and the local HASP License Manager Communication error occurred between the local and remote HASP License Managers
Usage Notes
UsethisfunctiontoendaconnectiontoanAPIobject.Oncelogged outfromasession,allmemoryallocatedforthesessionisreleased. TheconnectiontotheHASP LicenseManagerclosesiftheloggedout connectionwasthelastAPIsession.
Related Topics

hasp_login() hasp_login_scope()
hasp_read()
251
hasp_read()
Description
ReadsthememoryofaHASP SRMprotectionkey.
Syntax
hasp_status_t HASP_CALLCONV hasp_read ( hasp_handle_t handle, hasp_fileid_t fileid, hasp_size_t offset, hasp_size_t length, void * buffer )
Parameters
handle fileid
Handle for the session Identifier for the file that is to be queried. Possible values are FILEID_RO or FILEID_RW for read only or read/write. Byte offset for the file Number of bytes to be read from the file Pointer to the retrieved data
offset length buffer
Return Values
HASP_STATUS_OK HASP_INV_HND HASP_BROKEN_SESSION HASP_INV_FILEID HASP_SCHAN_ERR HASP_MEM_RANGE
Request was successfully completed Invalid input handle Session has been interrupted Unrecognized file identifier Communication error in secure channel Out of memory

HASP_DEVICE_ERR
Input/output error in HASP SL secure storage, OR, in the case of a HASP HL key, USB communication error System time has been tampered with HASP SRM protection key not found Communication error occurred between the application and the local HASP License Manager Communication error occurred between the local and remote HASP License Managers
HASP_TIME_ERR HASP_HASP_NOT_FOUND HASP_LOCAL_COMM_ERR
Usage Notes
Usethehasp_get_size()functiontodeterminethesizeofthefileyou wanttoread.
Related Topics

hasp_get_size() hasp_write()
hasp_update()
253
hasp_update()
Description
WritesanupdateforaHASP SRMlicense.
Syntax
hasp_status_t HASP_CALLCONV hasp_update ( char * update_data, char ** ack_data )
Parameters
update_data ack_data
Pointer to the complete update data Pointer to a buffer to retrieve the acknowledge data
Return Values
HASP_INV_UPDATE_DATA HASP_INV_UPDATE_OBJ HASP_NO_ACK_SPACE HASP_KEYID_NOT_FOUND HASP_INV_UPDATE_NOTSUPP HASP_UNKNOWN_ALG HASP_INV_UPDATE_CNTR HASP_TOO_MANY_KEYS HASP_INV_SIG HASP_LOCAL_COMM_ERR HASP_DEVICE_ERR
Required XML tags not found, OR contents in binary data missing or invalid Binary data does not contain an update Acknowledge data requested by the update, however the ack_data input parameter is NULL HASP SRM license to be updated not found Update not supported by the HASP SRM protection key Unknown algorithm used in V2C file Update counter is set incorrectly Too many HASP SRM protection keys currently connected Signature verification failed Communication error occurred between the application and the local HASP License Manager Input/output error in HASP SL secure storage, OR, in the case of a HASP HL key, USB communication error

HASP_TIME_ERR HASP_UPDATE_TOO_OLD
System time has been tampered with Trying to install a V2C file with an update counter that is out of sequence with the update counter in the HASP SRM protection key. The values of the update counter in the file are lower than those in the HASP SRM protection key. Trying to install a V2C file with an update counter that is out of sequence with the update counter in the HASP SRM protection key. The first value in the file is more than 1 greater than the value in the HASP SRM protection key. HASP SL key incompatible with machine hardware. HASP SL key locked to different hardware. OR In the case of a V2C file, conflict between HASP SL key data and machine hardware data. HASP SL key locked to different hardware. Communication error occurred between the application and the local HASP License Manager
HASP_UPDATE_TOO_NEW
HASP_HARDWARE_MODIFIED
HASP_LOCAL_COMM_ERR
Usage Notes
Thisfunctionwritesupdateinformation.NotethattheHASP SRM protectionkeymustbeaccessiblebythelocalmachine. Theupdatecodecontainsallnecessarydatatoperformtheupdateon thedeployedHASP SRMprotectionkeyincluding: 1. 2. 3. Wheretheupdatedinformationistobewritten ThenecessaryaccessdataVendorCode Theactualupdateinformation
Thefunctionreturnsanacknowledgementcodethatis signed/encryptedbytheupdate.Thecodeisevidencethatanupdate hasbeenappliedtoalicense.Memoryfortheacknowledgedatais allocatedbytheAPIandmustbereleasedusing hasp_free(). ThisfunctionisanextensionofthemainHASP SRMRuntimeAPI andisutilizedbytheHASP SRMRemoteUpdateSystemutilityto updateHASP SRMprotectionkeylicenses.
Related Topics
hasp_free()
hasp_write()
255
hasp_write()
Description
WritestothememoryofaHASP SRMprotectionkey.
Syntax
hasp_status_t HASP_CALLCONV hasp_write( hasp_handle_t handle, hasp_fileid_t fileid, hasp_size_t offset, hasp_size_t length, void * buffer )
Parameters
handle fileid offset length buffer
Handle for the session Identifier for the file to write. Possible value is FILEID_RW for read/write. Byte offset for the file Number of bytes to be written to the file Pointer to the retrieved data
Return Values
HASP_STATUS_OK HASP_INV_HND HASP_BROKEN_SESSION HASP_INV_FILEID HASP_SCHAN_ERR HASP_MEM_RANGE HASP_TIME_ERR
Request was successfully completed Invalid input handle Session has been interrupted Unrecognized file identifier Communications error in secure channel Out of memory System time has been tampered with

HASP_DEVICE_ERR
Input/output error in HASP SL secure storage, OR, in the case of a HASP HL key, USB communication error Access to Feature is denied Required HASP SRM protection key not found Communication error occurred between the application and the local HASP License Manager
HASP_ACCESS_DENIED HASP_HASP_NOT_FOUND HASP_LOCAL_COMM_ERR
Related Topics

hasp_get_size() hasp_read()
API Status Codes
257
API Status Codes

Thissectionprovidesalistofpossiblereturncodesrelatedtothe operationoftheHASP SRMRuntimeAPIfunctions,anda descriptionoftheirmeanings. No
0 1 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
Status Code
HASP_STATUS_OK HASP_MEM_RANGE HASP_INSUF_MEM HASP_TMOF HASP_ACCESS_DENIED HASP_INCOMPAT_FEATURE HASP_HASP_NOT_FOUND HASP_TOO_SHORT HASP_INV_HND HASP_INV_FILEID HASP_OLD_DRIVER HASP_NO_TIME HASP_SYS_ERROR HASP_NO_DRIVER HASP_INV_FORMAT HASP_REQ_NOT_SUPP HASP_INV_UPDATE_OBJ HASP_KEYID_NOT_FOUND HASP_INV_UPDATE_DATA HASP_INV_UPDATE_NOTSUPP HASP_INV_UPDATE_CNTR
Description
Request successfully completed Request exceeds the HASP SRM protection key memory range System out of memory Too many open sessions Access to Feature denied Legacy decryption function cannot work on the Feature HASP SRM protection key no longer available Encrypted/decrypted data length too short to execute function call Invalid handle passed to function Specified File ID not recognized by API Installed driver too old to execute function Real-time clock (rtc) not available Generic error from host system call Required driver not installed Unrecognized file format for update Unable to execute function in this context Binary data passed to function does not contain an update HASP SRM license you requested to update not found Required XML tags not found. Contents in binary data are missing or invalid. Update request not supported by HASP SRM protection key Update counter not set correctly
258 HASP SRM Run-time API Reference No

22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43
Status Code
HASP_INV_VCODE HASP_ENC_NOT_SUPP HASP_INV_TIME HASP_NO_BATTERY_POWER HASP_NO_ACK_SPACE HASP_TS_DETECTED
Description
Invalid Vendor Code passed HASP SRM protection key does not support encryption type Passed time value outside supported value range Real-time clock battery out of power Acknowledge data requested by the update ack_data parameter is NULL Program running remotely on a terminal server Unknown algorithm used in V2C file Signature verification operation failed Requested Feature no longer available Access log not enabled Communication error between program and local HASP License Manager Vendor Code not recognized by API Invalid XML specification Invalid XML scope Too many HASP SRM protection keys currently connected Too many users currently connected Session has been interrupted Communication error between local and remote HASP License Managers Feature expired HASP License Manager version too old Input/output error occurred in secure storage area of HASP SL key OR In the case of a HASP HL key, USB communication error occurred Update installation not permitted
HASP_FEATURE_TYPE_NOT_IMPL Requested Feature type not implemented HASP_UNKNOWN_ALG HASP_INV_SIG HASP_FEATURE_NOT_FOUND HASP_NO_LOG HASP_LOCAL_COMM_ERROR HASP_UNKNOWN_VCODE HASP_INV_SPEC HASP_INV_SCOPE HASP_TOO_MANY_KEYS HASP_TOO_MANY_USERS HASP_BROKEN_SESSION HASP_REMOTE_COMM_ERROR HASP_FEATURE_EXPIRED HASP_OLD_LM HASP_DEVICE_ERR
44
HASP_UPDATE_BLOCKED
API Status Codes No

45 46 47 48 49 50 52
259
Status Code
HASP_TIME_ERR HASP_SCHAN_ERR HASP_STORAGE_CORRUPT HASP_NO_VLIB HASP_INV_LIB HASP_SCOPE_RESULTS_EMPTY HASP_HARDWARE_MODIFIED
Description
System time has been tampered with Communication error occurred in secure channel Corrupt data exists in secure storage area of HASP SRM protection key Unable to find Vendor library Unable to load Vendor library Unable to locate any Feature matching scope HASP SL key incompatible with machine hardware. HASP SL key locked to different hardware. OR In the case of a V2C file, conflict between HASP SL key data and machine hardware data. HASP SL key locked to different hardware. Login denied because of user restrictions Trying to install a V2C file with an update counter that is out of sequence with update counter in the HASP SRM protection key. Values of update counter in file are lower than those in HASP SRM protection key. Trying to install a V2C file with an update counter that is out of sequence with the update counter in the HASP SRM protection key. First value in file is more than 1 greater than value in HASP SRM protection key Vendor library too old Unable to locate dynamic library for API Dynamic library for API is invalid Object incorrectly initialized Scope string too long (max. length 32 KB) Logging in twice to same object Logging out twice from same object Incorrect use of system or platform Requested Feature type not implemented Internal error occurred in API
53 54
HASP_USER_DENIED HASP_UPDATE_TOO_OLD
55
HASP_UPDATE_TOO_NEW
56 400 401 500 501 502 503 525 698 699
HASP_OLD_VLIB
HASP_NO_API_DYLIB HASP_INVALID_API_DYLIB HASP_INVALID_OBJECT HASP_INVALID_PARAMETER HASP_ALREADY_LOGGED_IN HASP_ALREADY_LOGGED_OUT HASP_OPERATION_FAILED HASP_NOT_IMPL HASP_INT_ERR
Index
Symbols
.NETassemblies considerations 94 globalFeature 95 Methodlevelprotection 95 methodspecificsettings 97 obfuscation 99 protecting 94 APIlibraries generating 54, 70 merging 54, 70 Attacks clocktampering 107 cloninghardwarekeys 106 defenseagainst 104 emulatingprotectionkeys 105 modifyingkeymemory 104 patchingexecutables 104 usingterminalservers 106
A
ActivatingProducts 161 about 118 manually 182 withHASP HLkeys 130, 144 withHASP SLkeys 131, 144 AdminControlCenter about 199 administratorsworkflow 202 configuration 202 interface 200 launching 200 Administration functions 120 role 119, 178 tasks 178 AESdecryption, SeeDecryption AESencryption, SeeEncryption
B
BaseProduct 143 BatchCodes about 36 DEMOMA 121, 178 forFeatures 139 fororders 157 forProducts 142 forRUS 173, 184 HASP SRMuseraccess 179 introducinginHASP SRM 178 maintaining 180 BrandingRUS 173, 184 Bundles, SeeProvisionalProducts
262 Index
BusinessStudio about 115 evaluating 121, 178 roles 119 window 122 BusinessStudioServer, SeeServer
D
Datafiles dfcrypt.exeencryption 92 encrypting 92 handling 91 DataHASP about 109 encryptingdatafiles 110 functionality 112 prerequisites 111 Decryption 61 about 42 Default lockingtype 144, 182 password 178 username 178 DEMOMA BatchCode 121, 178 Developerkey, SeeVendorkeys Developerkit 21 Development activities 170 functions 170 role 119, 157, 170 Distributing RUS 173 SeeEndusersoftware DLLforRuntimeEnvironment installer 172 Duplicating Products 148
C
C2V checkinginfiles 164 dataforcancellation 152 datainfiles 164 datainkeys 164 generatingfiles 164, 173, 184 storingdataonserver 164 viewingdata 164 Cancelinglicenses 152 CancellationProducts about 152 defining 152 example 153 CheckinginC2Vfiles 164 Comparingprotectionsolutions 30 Concurrentinstances changingsettings 150 counting 145 licenseterms 145 networkenvironment 145 perorder 146, 160 Connectiondetails 181 Crosslocking 34 CustomerServices function 157 role 119, 182 Customers CustomerID 158 defining 158 locating 158 orders 158 CustomizingRUS 173, 184
E
Encryption 61 about 42 datafiles 92 DataHASP 109 dfcrypt.exe 92
Index
Endusersoftware haspdinst.exe 196 HASPUserSetup.exe 196 mergemodules 194 Envelope .NETconsiderations 94 customizableparameters 87 Encryptingdatafiles 92 functionality 81 mandatoryparameters 87 prerequisites 83 protecting.NETassemblies 94 protectingWin32programs 89 runningfromcommandline 85 usingFeatures 88 workflow 83 Examples definingFeatures 128 definingProducts 129 graceperiod 174 licensecancellation 153 licenseterms 134 ModificationProduct 151 orderforHASP HLkeys 165 orderforHASP Update 166 orderforProductKeys 165 orderusingHASP SL 165 protectionlevels 134 ProvisionalProducts 174 remoteupdatewithRUS 185 trialuse 174 EXEfile Protecting,SeeEnvelope RuntimeEnvironmentinstaller 172 withV2Cdata 171, 185 Export AdminControlCenterformat 173 CPPstyleheader 173 Cstyleheader 173 CSVformat 173 Featuredata 140 XMLformat 173
263
F
Features about 116 BatchCodes 139 defining 139 detachablelicenses 145 example 128 exporting 140 FeatureID 140 Featurename 139 identifying 128 inEnvelope 88 inProducts 129, 142 licenseterms 133 statusvalues 140 transferringdata 140 withdrawing 140 Files C2V 152, 164 defaultlocations 182 EXEwithV2Cdata 162, 169, 171 Export 140 ProductKeys 161, 169 Protecting,SeeEnvelope ProvisionalProducts 171 RuntimeEnvironmentEXE 172 RuntimeEnvironmentinstallerDLL 172 V2C 162, 169, 171 FormattingHASPHLkeys 164
G
Graceperiods about 132 example 174 ProvisionalProducts 147
264 Index
H
HASPmemory, SeeMemory HASPsearchmode 88 HASPUpdates implementing 118 HASP HLkeys formatting 164 orderexample 165 orders 160, 168 Productactivation 130, 144 protection 130, 144 updatinglicenseswithRUS 186 HASP SLkeys orderexample 165 orders 161 Productactivation 131, 144, 161 protection 131, 144 RuntimeEnvironment 161, 171 updatinglicenseswithRUS 186 HASP SRMBusinessStudio, SeeBusinessStudio HASP SRMDeveloperkey, SeeVendorkeys HASP SRMEnvelope, SeeEnvelope HASP SRMMasterkey, SeeVendorkeys HASP SRMprotectionkeys, SeeProtectionkeys HASP SRMRemoteUpdateSystem, SeeRUS HASP SRMRuntimeEnvironment, SeeRuntimeEnvironment 193 HASP SRMRuntime API, SeeRuntime API HASP SRMToolBox, SeeToolBox HASP SRMusers, SeeUsers(HASP SRM) HASP SRMVendorkeys, SeeVendorkeys HASP Updates
about 162 applyingremotely 162 applyingwithRUS 185 locatingkeys 162 orderexample 166 orders 162 receipt 162 RUSexample 185 haspdinst.exe 196 HASPUserSetup.exe 196
I
ID customer 158 Feature 140 order 158 Installing ProvisionalProducts 171 RuntimeEnvironment 171 Server 120 IntroducingVendorkeys 120, 181
K
Key, SeeProtectionkeys SeeVendorkeys
L
Licenseterms about 133 assigningvalues 145 canceling 151152 concurrentinstances 145 example 134 ModificationProducts 150 networkaccess 145 remotedesktopusers 146 remoteupdates 162 revoking 151 selectinglicensetype 145
Index
specifying 145 transferring 151 updating 162 valuesperorder 146, 160 virtualmachine 146 Licensetypes about 133 assigningvalues 145 selecting 145 valuesperorder 146 Licensing about 126 fundamentals 31 models 126 planning 32, 116, 126 solutions 32 LicensingPlanfunctions 138 Locatingkeysforupdate 162 LockingHASP SRMusers 180 Lockingtypes about 130 default 144, 182 HASP HLonly 130, 144 HASP HLorHASP SL 132, 144 HASP SLonly 131, 144 Productsinorders 159 selecting 143 Mergemodules 194 ModificationProducts about 149 defining 150 example 151 licenseterms 150
265
N
Network accesstolicense 145 concurrentinstances 145
O
Obfuscationin.NETassemblies 99 ObsoleteProduct 148 OrderManagement functions 157 role 119, 157, 167 Orders about 117 customers 158 defining 158 examples 164 forHASP HLkeys 160, 168 forHASP SLkeys 161 forHASP Updates 162 forProductKeys 161, 169 holding 163 inproductionqueue 163 includingProducts 159 OrderID 158 priority 163 producing 168 Productlockingtypes 159 referencedata 163 savingdata 163 statusvalues 163
M
Mac distributingRuntimeEnvironment 197 installingRuntimeEnvironment 47 Masterkey, SeeVendorkeys MasterHASPWizard 70 Memory about 135 defining 146 read/write 135, 147 readonly 135, 147 storingdata 147 utilizing 63
266 Index
P
Passwords(HASP SRM) assigningtousers 180 changing 120 default 178 receiving 120 Productactivation 161 manual 182 withHASP HLkeys 130, 144 withHASP SLkeys 131, 144 ProductKeys about 161 files 161, 169 orderexample 165 orders 161, 169 Productactivation 182 proofofpurchase 161 serververification 161 usewithHASP SL 161 ProductManagementrole 119, 137 Production functions 156 ordersforHASP HLkeys 168 ordersforProductKeys 169 ordersinqueue 163 role 119, 157, 167 Products about 116 activation 118 BaseProduct 143 BatchCodes 142 CancellationProducts 152 defining 142 duplicating 148 example 129 grace,SeeProvisionalProducts inorders 159 includingFeatures 129, 142 lockingtypes 130, 143 memory 146 ModificationProducts 149 ObsoleteProducts 148 Productname 142
ProvisionalProducts 147 referencedata 142 statusvalues 148 trial,SeeProvisionalProducts types 143 withdrawing 148 ProtectOnceDeliverMany 34 Protection againstcopying 28 API,SeeRuntimeAPI attacktypes 104 DataHASP 109 defenseagainstattacks 104 elements 60 Encrypting/DecryptingwithHASP SRMprotectionkey 108 encryptionanddecryption 42 fundamentals 28, 102 insertingmultiplecalls 107 intellectualproperty 28 Methodlevel 95 options 64 programsanddatafiles 60 selectingmethod 63 solutions 29 solutions,combined 31 solutions,comparison 30 usingchecksumverification 108 usingRuntimeAPIandEnvelope 107 Protectionkeys attributes 39 fororders 159 HASP HLkeys 38 HASP SLkeys 39 locatingforupdate 162 locking 130 memory 147 searchingfor 88 selecting 37 updating 162
Index
Protectionlevels example 134 HASP HLkeys 130, 144 HASP SLkeys 131, 144 perorder 132, 144 ProvisionalProducts 174 defining 147 description 133, 170 example 174 generatingbundles 171 generatingV2Cfile 172 inorders 159 installing 161, 171 keyID 171 licenseterms 147, 171 outputfiles 171 properties 147 vendorlibrary 171
267
R
Remotedesktop accesstolicense 146 RemoteUpdateSystem, SeeRUS Roles Administration 119, 178 CustomerServices 119, 182 Development 119, 157, 170 forHASP SRMusers 179 OrderManagement 119, 157 ProductManagement 119 Production 119, 157 RTE, SeeRuntimeEnvironment RuntimeAPI about 67 functionality 77 loginfunction 75 planningrequirements 73 prerequisites 69 samples 73 ToolBox 72 workflow 74
RuntimeEnvironment commandlineinstaller 172 distributingforMac 197 distributingtoendusers 193 EXEfile 172 generatinginstaller 171172 initializing 161 installerAPI 172 installerDLL 172 Macinstallation 47 updating 194 RUS applyingHASP Updates 185 BatchCode 173, 184 branding 173, 184 customizing 173, 184 description 173, 183 distributing 173, 184 example 185 executable 184 generatingC2Vfiles 173, 184 instructionsforendusers 186 processingV2Cfiles 162, 169, 185 withHASP HLkeys 186 withHASP SLkeys 186
S
Server connectingMasterkey 120121 installing 120 storingC2Vdata 164 verifyingProductKeys 161 Solutions combinedprotection 31 customizing 35 protection 29 protection,comparison 30 Starterkit 22 Statusvalues Features 140 orders 163 Products 148
268 Index
Support technical 24 training 24 Systemsettings 181 VendorCode about 36 extracting 53, 70 MasterHASPWizard 53, 70 Vendorkeys Developerkey 37 extractingVendorCode 70 introducing 120, 181 Masterkey 37 Vendorlibrary 171 VendorSuite 120 VendortoCustomerfile, SeeV2C Virtualmachine accesstolicense 146
T
Technicalspecifications 39 ToolBox about 72 encryptingdata 74 Trialware about 132 example 174 ProvisionalProducts 147
U
Updates, SeeHASP Updates Updatingdeployedkeys 162 Userroles, SeeRoles Users(HASP SRM) accesstobatches 179 defaultusername 178 defining 179 locking 180 passwords 120, 180 preventingaccess 180 roles 179 usernames 120, 179 viewingdetails 179
W
Win32programs behaviorofprotectedprograms 89 datafileprotection 90 Withdrawing Features 140 Products 148
V
V2C datainEXE 162 defaultfilelocation 169 fileforProvisionalProducts 171 generatingfiles 162, 169, 185 inputtoRuntimeEnvironment 172 launchingfiles 173 processingwithRUS 162, 169

WWW Guide HASP SRM

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

WWW Guide HASP SRM

Uploaded by

Copyright:

Available Formats

#1 Choice of Software Developers Worldwide Since 2002

Software Protection and Licensing Guide

Copyrights and Trademarks

Aladdin Knowledge Systems HASP Product End User License Agreement

Aladdin Knowledge Systems HASP Product End User License Agreement

Software Protection and Licensing Guide

Aladdin Knowledge Systems HASP Product End User License Agreement

Software Protection and Licensing Guide

Aladdin Knowledge Systems HASP Product End User License Agreement

Software Protection and Licensing Guide

Aladdin Knowledge Systems HASP Product End User License Agreement

Exhibit A Open SSL License

Software Protection and Licensing Guide

Exhibit B Original SSLeay License

Aladdin Knowledge Systems HASP Product End User License Agreement

Software Protection and Licensing Guide

ISO 9001:2000 Certification

Part 1 Getting Started

2. HASP SRM Installation ...........................................................................43

4. HASP SRM Run-time API Protection....................................................67

5. HASP SRM Envelope Protection ..........................................................81

7. Working with the DataHASP Encryption Utility................................109

9. Preparing Your HASP SRM Licensing Plan ......................................125

10. Implementing Your HASP SRM Licensing Plan................................137

11. HASP SRM Orders, Production, and Development Tasks..............155

12. HASP SRM Administration and Customer Services .......................177

13. HASP SRM Remote Update System...................................................183

Part 4 Distributing HASP SRM Software

15. HASP SRM Admin Control Center......................................................199

B. HASP SRM Glossary ............................................................................219 C. HASP SRM Run-time API Reference..................................................225

Index ................................................................................................... 261

Familiarizing Yourself with HASP SRM Vendor Suite

ThecontentsofyourHASP SRMStarterorDeveloperkit TheinformationprovidedinthisGuide Howtoobtainadditionaltechnicalsupportfortheseproducts

Contents of your HASP SRM Kit

HASP SRM Developer Kit

HASP SRMVendorSuitesoftwareonasingleCDROM HASP HL Demokeystofacilitatetheevaluationprocess HASP SRMSoftwareProtectionandLicensingQuickStartcard

Familiarizing Yourself with HASP SRM Vendor Suite

HASP SRMSoftwareProtectionandLicensingGuide(thisbook) HASP SRMSoftwareProtectionandLicensingTutorial HASP SRMBusiness StudioServerInstallationGuide

HASP SRM Starter Kit

About this Guide

Part 1Getting Started IntroducesHASP SRM,presentsbasicprotectionandlicensing concepts,andleadsyouthroughtheprocessofconfiguringthe system.YoushouldreadthispartafteropeningyourHASP SRM DevelopersorStarterskit.

About this Guide

Familiarizing Yourself with HASP SRM Vendor Suite

IntegrationofHASP SRMintoyourproduct Analysisofthebestprotectionstrategyforyourapplications Assistanceinimplementationofyourprotectionandlicensing models

YoucanalsocontactourTechnicalSupportteambyclickingthe Contact Technical SupportlinkonthesameWebpage.

Part 1 Getting Started

Chapter 1: Understanding HASP SRM Software Protection and Licensing

Chapter 2: HASP SRM Installation

Understanding HASP SRM Software Protection and Licensing

Understanding HASP SRM Software Protection and Licensing

Intellectual Property Protection

Major Protection Solutions

Major Protection Solutions

Understanding HASP SRM Software Protection and Licensing

Comparative Benefits of Hardware-based and Software-based Solutions

Advantages of a Combined Solution

Determiningthelevelofprotectionaccordingtothepriceofthe software Determiningthelevelofprotectionaccordingtomarketsegments, includingverticalmarkets

Fundamentals of Licensing Itislikelythatyourstrategieswillalsorequirethefollowing:

Theabilitytoturntrialwareintoafullyfunctionalversionusing hardwareorsoftwarebasedactivation TheabilitytosellsoftwareovertheInternet,protectedwitha hardwareorsoftwarebasedkey

HASP SRM Combined Solution

Implementmultipleprotectionsolutions Definemultiplelicensemodelsaccordingtotherequirementsof yourmarket,andapplytheirusagetermsindependentlyofthe protectionprocess Selecthardwarebased(HASP HL)orsoftwarebased(HASP SL) protectionkeysindependentlyoftheprotectionprocess

Flexible and Secure Licensing Solutions