Hi Roland,
Please refer to the below explanation:
When you plug-in your master key and introduce the same using Master Wizard, it downloads the vendor specific libraries to the machine. This includes the LicGen libraries required to create a license and also the Runtime libraries used to access the license.
These libraries can only be generated on the machine that has your master keys plugged in. Even if anyone gains access to the License Generation libraries, no new licenses can be generated without connecting the master key.
Hasp API, on the other hand, can do licence updates without Master key, it only need Vendor Code to log in
I think you are referring here to Runtime API's. Please confirm.
Runtime libraries are implemented within the application to use the license. This includes adding the vendor code string (from hvc file) to the code and referencing the libraries (dll or libs). In case of dynamic linking, the dll files from "...\Gemalto Sentinel\Sentinel LDK\API\Runtime" have to be bundled with the application.
If the user somehow gets access to the vendor code string embedded in your code then he can use it with these libraries to access the license. They cannot be used to update the license except writing any data in Read/Write memory of the license. This is a memory space provided to use as per your needs with any kind of data. With Runtime libraries, there is no was user can update and misuse the license like extending the license period etc.
As vendor code has to be embedded in the code, there is a risk that user may debug/decompile the application and get the string unless Envelope is used to protect the application. However, it would not have any risk for unauthorized usage of license.
Regards,
Ashish
Please refer to the below explanation:
When you plug-in your master key and introduce the same using Master Wizard, it downloads the vendor specific libraries to the machine. This includes the LicGen libraries required to create a license and also the Runtime libraries used to access the license.
These libraries can only be generated on the machine that has your master keys plugged in. Even if anyone gains access to the License Generation libraries, no new licenses can be generated without connecting the master key.
Hasp API, on the other hand, can do licence updates without Master key, it only need Vendor Code to log in
I think you are referring here to Runtime API's. Please confirm.
Runtime libraries are implemented within the application to use the license. This includes adding the vendor code string (from hvc file) to the code and referencing the libraries (dll or libs). In case of dynamic linking, the dll files from "...\Gemalto Sentinel\Sentinel LDK\API\Runtime" have to be bundled with the application.
If the user somehow gets access to the vendor code string embedded in your code then he can use it with these libraries to access the license. They cannot be used to update the license except writing any data in Read/Write memory of the license. This is a memory space provided to use as per your needs with any kind of data. With Runtime libraries, there is no was user can update and misuse the license like extending the license period etc.
As vendor code has to be embedded in the code, there is a risk that user may debug/decompile the application and get the string unless Envelope is used to protect the application. However, it would not have any risk for unauthorized usage of license.
Regards,
Ashish