Required Version of the Run-time Environment
Sentinel LDK uses two mechanisms that determine what version of Sentinel Run-time Environment (RTE) is required on end users’ machines (in situations where the RTE is required):
>Version Enforcement Options (selected in Sentinel Master Wizard)
This mechanism can be used to ensure that customers do not bypass the latest important security and reliability enhancements by installing an earlier version of Sentinel RTE. (“Security” in this case includes the security of the license and of the protected application against vulnerabilities and disassembly.) The version of the RTE on the end user’s machines satisfies the minimum requirements for strong security and reliability. The minimum acceptable version of the RTE is set by Thales in each release of Sentinel LDK and is listed in the Sentinel LDK Release Notes.
>Minimum RTE/API Version (selected in Sentinel EMS Administration Console)
This mechanism ensures that the version of the RTE on the end users’ machines supports important security and reliability features of Sentinel LDK that you want to have included when protecting and licensing your applications. You choose the minimum acceptable version of the RTE based on your requirements.
The installed version of the RTE must satisfy the requirements of both of these mechanisms. For example:
>If Minimum RTE/API Version is 7.60 and Version-unrestricted option is selected, minimum version is 7.60
>If Minimum RTE/API Version is 7.60 and Version-restricted option is selected, minimum version is 7.90
Each of these mechanisms is described in greater detail the sections that follow.
The following table provides a side-by-side comparison of the mechanisms.
Minimum RTE/API Version | Version Enforcement Options | |
---|---|---|
Version-restricted option | Version-unrestricted option | |
The minimum RTE version is set by the vendor in Sentinel EMS. |
The minimum RTE version (listed in the Sentinel LDK Release Notes) is set by Thales in the downloaded API libraries. |
There is no minimum version. |
Enforcement is set in the License Manager (any type) when a V2CP file from Sentinel EMS is applied by the License Manager. |
Enforcement is set in the application when it is protected by Envelope or by the downloaded API libraries used by the Licensing API |
There is no enforcement. |
Prior to Minimum RTE/API Version 8.11: Version of the License Manager versus the V2CP file is checked by the License Manager only when applying the update in the V2CP file. Downgrade of the RTE by the end user after applying the license update is not automatically detected. Minimum RTE/API Version 8.11 and later: Version of the License Manager versus the V2CP file is checked by the License Manager when applying the update in the V2CP file and at application runtime. Downgrade of the RTE generates an error. |
Version of the License Manager (Run-time Environment) is checked against the version specified in the downloaded Licensing API libraries by the application at run-time. Use of an earlier RTE causes the application generates an error. |
There is no enforcement. |
Applies when an application has a new or updated license. |
Applies when an application is protected or re-protected. |
Applies when an application is protected or re-protected. |
An error is generated if the application uses a feature that is not supported by the installed RTE. |
An error is generated if the application uses a feature that is not supported by the installed RTE. |
An error is generated if the application uses a feature that is not supported by the installed RTE. |