Sentinel LDK Software for End Users
Every Sentinel LDK installation includes software that you need to distribute to your end users. This software must be installed at your customer’s site to ensure that your protected and licensed software functions correctly.
Sentinel LDK Run-time Environment
In many instances, the Sentinel LDK Run-time Environment must be installed on the computer of each end user who will use the protected application so that the application can communicate with the Sentinel protection key. For network licenses, the Run-time Environment is required on the computer where the network license is located. For information on when the Run-time Environment is required, see Situations That Require Sentinel LDK Run-time Environment.
There are a number of ways in which the Run-time Environment can be installed. For more information, see Distributing Sentinel LDK Run-time Environment.
Software for Sentinel HL Licenses
No Sentinel LDK software is required specifically for protected applications that are licensed with Sentinel HL (Driverless configuration) keys. However, other Sentinel LDK software may be required as described in this section.
Other HL keys may require the Run-time Environment. For more information, see Situations That Require Sentinel LDK Run-time Environment.
Software for Protected Applications Under Windows
Thales recommends that, under Windows, you include the External License Manager with all protected applications. For more information, see Types of License Managers.
Software for Sentinel HL Licenses Under Linux Intel
For an application licensed with a standalone Sentinel HL (Driverless configuration) key, you can optionally install the Sentinel LDK Run-time Environment installer for Linux on the machine where the protected application executes.
>If you install the Run-time Environment, all required files are already deployed. For the list of files installed by the Run-time Environment installer, see the Sentinel LDK Installation Guide.
>If you do not install the Run-time Environment, you must manually copy the file /Linux/Redistribute/Runtimeless/80-hasp.rules into the /etc/udev/rules.d on the machine where the protected application executes. This sets the permissions to allow any user to access the Sentinel HL Driverless USB device. (Under Linux, by default only superusers have access to USB devices.)
NOTE An administrator account is require to copy this file.
Software for Protected .NET Applications Under Linux Intel
To support the Envelope runtime for .NET applications:
>Copy the complete protected application folder (including Linux runtime file: libhaspdnert_x86_64.so) to the target machine.
>Copy the LDK Run-time API libraries (libhasp_linux_x86_64_demo.so) to one of the following directories:
•To one of the directories specified in the LD_LIBRARY_PATH variable.
•To /var/hasplm, /usr/local/lib, or /usr/lib64.
Software for Sentinel HL Licenses Under Linux ARM
For an application that is licensed with a standalone Sentinel HL (Driverless configuration) key: Copy the file /Linux/Redistribute/Runtimeless/80-hasp.rules into the /etc/udev/rules.d directory on the machine where the protected application executes. This operation is normally performed by the Run-time Environment installer for Linux. However, if the Run-time Environment is not installed, the file must be copied manually.
NOTE If the Linux distribution supports udev, and the 80-hasp.rules file is copied as described above, Sentinel Licensing API uses udev to access USB devices. Otherwise, the Licensing API uses sysfs.
udev allows both root and regular users to access USB devices. sysfs allows only root to access USB devices.
However, in some Linux ARM distributions, udev is configured to block regular users from accessing USB devices even though the 80-hasp.rules file requests such access for these users. To bypass this limitation, the user can be added to the plugdev group of users. Users in this group are allowed access to USB devices.
Software for Sentinel SL Licenses
When you distribute protected applications that are licensed with Sentinel SL keys, you must include the following Sentinel LDK components with your applications.
For Unlocked Products
As part of the process to create unlocked protected applications, you create a bundle that includes your protected application and all the required Sentinel LDK components. Therefore, no additional components are required when you distribute the bundle.
Unlocked protected applications can also be updated to locked protected applications at the customer's site without adding any Sentinel LDK components.
For Locked Products
>For Windows x64: %CommonProgramFiles(x86)%\Aladdin Shared\HASP\
>For Windows x86: %CommonProgramFiles%\Aladdin Shared\HASP\
>For Mac: /var/hasplm (By default, the /var path is hidden. You may need to modify the operating system View option to display all files and folders in order to access this path.)
>For Linux: /var/hasplm
You can find the haspvlib_vendorID.* file in the above locations on the computer where Sentinel Vendor Suite is installed.
NOTE For information on dependencies between the version of your Vendor library and the version of the Run-time Environment or the Internal /External License Manager, see "Vendor Library Version Dependency" in the Sentinel LDK Release Notes.
Software for .NET and Java Assemblies
For protected .NET assemblies or Java applications, the following additional files must be distributed with your protected application:
Type of Protected Application | End User Operating System | Additional File Required |
---|---|---|
.NET assembly | 32-bit Windows | haspdnert.dll |
64-bit Windows | haspdnert_x64.dll | |
Java application | 32-bit Windows | HASPJava.dll |
64-bit Windows | HASPJava_x64.dll | |
Mac OSX | libHASPJava.dyliblibHASPJava.jnilib | |
64-bit Linux | libHASPJava_x86_64.so | |
All | Customized Sentinel Licensing API dynamic libraries (copied automatically to the output directory by Sentinel Envelope) |
These native library files enable the protected application to communicate with the Sentinel protection key.
NOTE For Linux applications that were protected using Sentinel LDK Envelope and that run under Red Hat EL 6.4: The installer for the protected application should determine if libXaw libraries are present on the end user's computer and, if not, install them.
Network Environment Management
Your end users can manage their network licenses online using Sentinel Admin Control Center, which is part of the Sentinel LDK Run-time Environment. Ensure that you provide them with the URL for accessing this application. For additional information, see Sentinel Admin Control Center.
Software for Updating Licenses
You can choose to distribute Sentinel Remote Update System to update licenses remotely in deployed Sentinel protection keys. For additional information on this utility, see Sentinel Remote Update System (RUS).
Firmware for Applications Protected With AppOnChip
For Windows applications protected with AppOnChip, the Sentinel HL key used by AppOnChip must have firmware version 4.52 or later. (This includes .NET assemblies and 64-bit native Windows binaries.) Your customers can upgrade the firmware to the required version by applying the V2C file that you will find on the machine where Sentinel LDK is installed, under:
%ProgramFiles(x86)%\Thales\Sentinel LDK\Redistribute\Firmware Update\Sentinel HL\Sentinel HL Driverless\
To update the firmware on the HL (Driverless configuration) key, ensure that the end user receives the V2C file described above. The end user should perform one of the following procedures:
1.Connect the HL key to the machine where the Run-time Environment is installed. No other key should be connected to the machine.
2.In Admin Control Center, use the Update/Attach option to apply the V2C file to the HL key.
OR
1.Connect the HL key to the machine where the RUS utility is installed. No other key should be connected to the machine.
2.In the RUS utility, use the Apply License Update tab to apply the V2C file to the HL key.