SG Intec Ltd & Co KG SG-Lock Developer's Manual
  1. Manuals
  2. Brands
  3. SG Intec Ltd & Co KG Manuals
  4. Protection Device
  5. SG-Lock
  6. Developer's manual

SG Intec Ltd & Co KG SG-Lock Developer's Manual

Copy protection system for microsoft windows xp to 10 all 32/64-bit, ce, linux x86/a64/arm and mac os x
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
Copy Protection System
Developer Manual
for Microsoft Windows XP to 10 (all 32/64-bit),
CE, Linux X86/A64/ARM and Mac OS X

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SG-Lock and is the answer not in the manual?

Questions and answers

Summary of Contents for SG Intec Ltd & Co KG SG-Lock

  • Page 1 Copy Protection System Developer Manual for Microsoft Windows XP to 10 (all 32/64-bit), CE, Linux X86/A64/ARM and Mac OS X...
  • Page 3 Copy Protection System Developer Manual for Microsoft Windows XP to 10 (all 32/64-bit), CE, Linux X86/A64/ARM and Mac OS X...
  • Page 4 SG Intec Ltd & Co. KG, Schauenburgerstr. 116, D-24118 Kiel, Germany Fon ++49 431 97993-00 Fax ++49 431 97993-50 web: www.sg-lock.com email: info@sg-intec.de WEE-Reg.-ID: DE 43502119 All information in this manaul are subject to change without notice. All trademarks are the prop- erties of their respective owners.

  • Page 5: Table Of Contents

    ..... . . 3.3 The SG-Lock Product ID - what is it good for? ..
  • Page 6 6.5.3 Visual Basic ..... . . 6.6 Challenge-Response-Authentification of a SG-Lock ..6.6.1 C/C++ .

  • Page 7: Introduction

    1 Introduction SG-Lock is an innovative hardware based copy protection system, that can be used with all 32- and 64-bit Windows, Linux and Mac OS X operationg systems. Also Windows CE is supported. Outstanding freatures are: • Every SG-Lock has its own unique serial number.
  • Page 8 Chapter 1: Introduction Figure 1.1: SG-Lock U-Series • The SG-Lock API works with a modul internal as well as with an applica- tion internal 128-bit TEA (Tiny Encryption Algorithm) encryption engine. This symmetrical (key for encryption and decryption are identical) and se- cure encryption algorithm is the basis for various implementations of data and code protection as well as authentiction strategies.

  • Page 9: Installation And Tools

    Windows system directory (for example C:\WINDOWS\SYSTEM32) or into the installation directory of the protected application. 2. Plug the SG-Lock USB key into the USB port. A small window will show up for a short time giving the information, that the SG-Lock can now be used.
  • Page 10 Chapter 2: Installation and Tools 010111 000110 0101010 110101 SG-Lock API Application Space Operating System USB Sub-System SG-Lock Figure 2.1: The SG-Lock API (the file SGLW32.DLL) establishes the connec- tion between protected application and SG-Lock hardware.

  • Page 11: Windows Ce 4, 5 And 6

    Chapter 2: Installation and Tools 2.4 Windows CE 4, 5 and 6 Please note, that only the SG-Lock U4 supports Windows CE. 1. Copy the file SGLWCE.DLL in the application or the system directory (e.g. \Windows). This can also be done by a script at system start.

  • Page 12: Edit Sg-Lock With The Sg-Lock Manager

    Options offers to change the language with Select Language. Ad- ditionally the number radix can be changed between decimal and hexadecimal representaton. This has also to be taken into account when entering numbers! All functions, that the SGLMGR offers, are part of the SG-Lock API and can...
  • Page 13 The index card Properties offers with the push button Read Properties the display of important information like type, serial number, product id and version numbers of the attached SG-Lock. With the push button Write Product ID the value can be altered between 0 and 65535 (dec.).
  • Page 14 SG-Lock. SG-Lock uses a modul internal symmetric (i.e. the keys for encryp- tion and decryption are identical) 128-bit encryption. The data block length is 64-bit and the algorithm is TEA. The SG-Lock series 3 and 4 have multiple key...
  • Page 15 Chapter 2: Installation and Tools storage locations. To change a key the key number has to be choosen with Use Key No. first, after that enter the key used for encryption. The key will be written to its modul internal memory location by pushing the button Write Key. With the push button Generate Random Key a 128-bit key can be generated automaticly.
  • Page 16 Attention: The input of an authent code (AC) is necessary when not-demo (re- tail) SG-Lock moduls are used. Without entering a authent code only demo- moduls will be detected. Every software manufacturer, that uses SG-Lock, gets ones with the first dilivery his individual AC.

  • Page 17: Protecting Software With Sg-Lock

    A similar limit to run software is the use of an application only up to a certain date. In that case a date is stored in the SG-Lock memory to verify at program start and during software use, that has not been reached.

  • Page 18: The Sg-Lock Product Id - What Is It Good For

    B gets 2 and so on. In the source code of software A the parameter of the SG-Lock API functions is allways 1, in B allways 2 and so on - the SG-Lock API selects the right SG-Lock for you.
  • Page 19 SG-Lock AC=X AC X PID=3 Company Y AC=Y Software SG-Lock SG-Lock AC=X AC X PID=1 PID=2 Figure 3.1: The SG-Lock ProductId allows an easy separation of different prod- ucts of a manufacturer. The Authentcode separates manufactures strictly from each other.

  • Page 20: Encryption And Challenge-Response-Authentication Of Sg-Lock

    SG-Lock provides a special security feature based on an encryption algorithm. It is called a challenge-response-authentication. It gives a maximum of security by verifying the whole path from the protected application through the SG-Lock library, through the operations system and the physical interface (e.g. USB-bus) to the internals of the SG-Lock copy protection key.
  • Page 21 83A1 77E9 2E57 C112 83A1 77E9 2E57 C112 2E57 C112 83A1 77E9 83A1 77E9 Figure 3.2: The SG-Lock Challenge-Response-Authentication provides a secure connection from the protected application (EXE-file) through the whole operating system over the USB-bus to the SG-Lock token itself.

  • Page 23: Sg-Lock Api

    The basic func- tions, that are essential for most software protection approaches, like e.g. check- ing if a SG-Lock is actually plugged in a port of the PC. The extended functions with special capabilities provide functionalities for special intended aims, e.g.
  • Page 24 Searches for a SG-Lock device SglReadSerialNumber Reads the serial number of a SG-Lock device Extended functions SglReadData Reads data from the memory of a SG-Lock de- vice SglWriteData Writes data to the memory of a SG-Lock device SglReadCounter Reads a counter value from a SG-Lock device...

  • Page 25: Basic Functions

    The full list of return codes is listed in chapter 4.6. Comments This function of the SG-Lock API has to be called once first and successfully to enable all other API functions. In the case of dynamic linking the authentication is required after every link procedure (LoadLibrary call).

  • Page 26: Function: Sglsearchlock

    ULONG S g l S e a r c h L o c k ( ULONG P r o d u c t I d ) ; Parameters ProductId Indicates the ProductId of the SG-Lock looked Return values SGL_SUCCESS SG-Lock found...

  • Page 27: Function: Sglreadserialnumber

    SG-Lock serial number success- fully read SGL_DGL_NOT_FOUND SG-Lock not found The full list of return codes is listed in chapter 4.6. Comments Every SG-Lock has a serial number that is unique, which is also not depending on type and interface.

  • Page 28: Extended Function

    Chapter 4: SG-Lock API 4.3 Extended Function 4.3.1 Function: SglReadData Description Read 32-bit data from the SG-Lock memory. Types Declaration ULONG S g l R e a d D a t a ( ULONG P r o d u c t I d ,...

  • Page 29: Function: Sglwritedata

    Chapter 4: SG-Lock API 4.3.2 Function: SglWriteData Description Writes 32-bit data values to SG-Lock memory. Types Declaration ULONG S g l W r i t e D a t a ( ULONG P r o d u c t I d ,...

  • Page 30: Function: Sglreadcounter

    The full list of return codes is listed in chapter 4.6. Comments Counters are simple 32 bit data values in the SG-Lock memory. If desired, they can also be used for everything a 32 bit read/write variable is suitable for. By...

  • Page 31: Function: Sglwritecounter

    Chapter 4: SG-Lock API 4.3.4 Function: SglWriteCounter Description Writes a 32-bit count value to the SG-Lock memory. Types Declaration ULONG S g l W r i t e C o u n t e r ( ULONG P r o d u c t I d , ULONG CntNum , ULONG D a t a ) ;...

  • Page 32: Cryptographic And Signing Functions

    ULONG CryptMode , ULONG BlockCnt , ULONG * D a t a ) ; Parameters ProductId Indicates the ProductId of the SG-Lock KeyNum Number of key to use 0 to 1 - SG-Lock U3 0 to 15 - SG-Lock U4...
  • Page 33 Chapter 4: SG-Lock API Return values SGL_SUCCESS En-/Decryption successfully fin- ished SGL_DGL_NOT_FOUND SG-Lock not found The full list of return codes is listed in chapter 4.6. Comments The function uses destructive data proccessing mode. That meens the input of the parameter Data will be overwritten during execution of the function.

  • Page 34: Function: Sglsigndata

    Description Signs or verifies the signature of a data array. The task will will be processed by the SG-Lock and if desired also by the application (PC-CPU) to accelerate the signing process (combined mode). Important condition for combined mode: Both keys (application and SG-Lock internal) have to be different, to ensure highest security! The signature is 64-bit long.
  • Page 35 Indicates the partitioning of computing power between SG-Lock and application (PC-CPU). 0 is SG-Lock only. If >0 the value is used as the power of 2, where the result of that determines which block index is signed or verified by the SG-Lock.
  • Page 36 (which is in principle possible), then he will try that also first for the SG-Lock. That will fail, if a differnt 128-bit key is used in the SG-Lock. For a deeper understanding of the function, please take a look into the SG-Lock in- clude/header file for your programming language.

  • Page 37: Administrative Functions

    SG-Lock users. For example company X protects its appli- cation A and B with SG-Lock and gives all keys for application A the ProductId 1 and the keys for application B the ProductId 2, then all keys of application B are ”hidden“...

  • Page 38: Function: Sglwriteproductid

    Chapter 4: SG-Lock API 4.5.2 Function: SglWriteProductId Description Writes a new 16-bit ProductId to the SG-Lock. Types Declaration ULONG S g l W r i t e P r o d u c t I d ( ULONG O l d P r o d u c t I d , ULONG N e w P r o d u c t I d ) ;...

  • Page 39: Function: Sglwritekey

    Chapter 4: SG-Lock API 4.5.3 Function: SglWriteKey Description Writes a 128-bit key to the SG-Lock key memory. Types Declaration ULONG S g l W r i t e K e y ( ULONG P r o d u c t I d , ULONG KeyNum , ULONG * Key ) ;...

  • Page 40: Function: Sglreadconfig

    ULONG P r o d u c t I d , ULONG C a t e g o r y , ULONG * D a t a ) ; Parameters ProductId Indicates the ProductId of the SG-Lock Category Type of requested information 0: Information about SG-Lock modul Data...
  • Page 41 Chapter 4: SG-Lock API Comments Further information to certain values can be found in the include and include/- header files of the SG-Lock API.

  • Page 42: Return Values

    Chapter 4: SG-Lock API 4.6 Return Values Every SG-Lock API function gives a return value back to the caller, to check if the function was executed without errors. In the case that an error occured the return value is unequal to 0. A detailed explanation of the error can be obtained from the table below.

  • Page 43: Encryption, Signing And Key Management

    Factory-provided all key storage (1, 2 or 16 keys, depending on module type) will be initialized with keys. Each SG-Lock user gets his own set of secret keys, that can be overwritten by self-generated keys (keys of module type U2 are static...
  • Page 44 Chapter 5: Encryption, Signing and Key Management and can not be overwritten). All SG-Lock modules of a user include an identical set of keys. This set of keys will be delivered with the first purchase. All demo modules have an own individual set of keys, printed below.

  • Page 45: Programming Examples

    6 Programming Examples 6.1 Function SglAuthent 6.1.1 C/C++ # i n c l u d e "SGLW32 . h " u n s i g n e d i n t R e t u r n C o d e ; / / T h i s i s t h e DEMO a u t h e n t i c a t i o n code , / / e v e r y r e g u l a r SG−Lock u s e r g e t s i t s / / own u n i q u e a u t h e n t i c a t i o n c o d e .

  • Page 46: Visual Basic

    Chapter 6: Programming Examples { T h i s i s t h e DEMO a u t h e n t i c a t i o n code , e v e r y r e g u l a r SG−Lock u s e r g e t s i t s own u n i q u e a u t h e n t i c a t i o n c o d e .
  • Page 47 Chapter 6: Programming Examples Dim Rc As Long ’ R e t u r n C o d e ’ do a u t h e n t i c a t i o n o f SGLW32 . D l l Rc = S g l A u t h e n t ( A u t h e n t C o d e ( ) ) I f Rc = SGL_SUCCESS Then T e x t 1 .

  • Page 48: Function Sglsearchlock

    Chapter 6: Programming Examples 6.2 Function SglSearchLock 6.2.1 C/C++ # i n c l u d e "SGLW32 . h " / / I n t h e c a s e a SG−Lock u s e r p r o t e c t s more t h a n 1 / / a p p l i c a t i o n / p r o d u c t , he s h o u l d g i v e e a c h o f i t a u n i q u e / / p r o d u c t ID .

  • Page 49: Visual Basic

    Chapter 6: Programming Examples Memo1 . T e x t : = ’ S g l S e a r c h L o c k : E r r o r ! ’ + c h a r ( $0D ) + c h a r ( $0A ) ; end ;...

  • Page 50: Function Sglreadserialnumber

    Chapter 6: Programming Examples 6.3 Function SglReadSerialNumber 6.3.1 C/C++ # i n c l u d e "SGLW32 . h " # d e f i n e PROD_ABC_ID 1 u n s i g n e d i n t R e t u r n C o d e ; u n s i g n e d i n t S e r i a l N u m b e r / / Read s e r i a l number o f SG−Lock w i t h p r o d u c t ABC R e t u r n C o d e = S g l R e a d S e r i a l N u m b e r ( PROD_ABC_ID , &S e r i a l N u m b e r ) ;...

  • Page 51: Visual Basic

    Chapter 6: Programming Examples 6.3.3 Visual Basic ’ The f i l e SGLW32 . BAS h a s t o be i n c l u d e d i n t h e p r o j e c t ’...

  • Page 52: Function Sglreaddata

    Chapter 6: Programming Examples 6.4 Function SglReadData 6.4.1 C/C++ # i n c l u d e "SGLW32 . h " # d e f i n e PROD_ABC_ID 1 / / a d d r e s s where d a t e i s s t o r e d i n SG−Lock : # d e f i n e RUN_DATE_ADR 10 / / d a t e s t o r e d a s y e a r / month / day ( 3 DWords ) : # d e f i n e RUN_DATE_CNT 3...

  • Page 53: Visual Basic

    Chapter 6: Programming Examples RC: = S g l R e a d D a t a ( PROD_ABC_ID , RUN_DATE_ADR, RUN_DATE_CNT , Addr ( RunDate ) ; i f ( RC <> SGL_SUCCESS ) t h e n b e g i n { no SG−Lock f o u n d ! ! } Memo1 .
  • Page 54 Chapter 6: Programming Examples Case E l s e T e x t 1 . C a p t i o n = " E r r o r " & Rc & " o c c u r e d ! " E x i t Sub End S e l e c t ’...

  • Page 55: Function Sglwritedata

    Chapter 6: Programming Examples 6.5 Function SglWriteData 6.5.1 C/C++ # i n c l u d e "SGLW32 . h " # d e f i n e PROD_ABC_ID 1 / / a d d r e s s e where d a t e i s s t o r e d i n SG−Lock : # d e f i n e RUN_DATE_ADR 10 / / d a t e s t o r e d a s y e a r / month / day ( 3 DWords ) : # d e f i n e RUN_DATE_CNT 3...

  • Page 56: Visual Basic

    Chapter 6: Programming Examples RunDate [ 1 ] : = 1 2 ; RunDate [ 2 ] : = 2 4 ; { W r i t e new d a t e t o r u n t o SG−Lock w i t h p r o d u c t ABC } RC: = S g l W r i t e D a t a ( PROD_ABC_ID , RUN_DATE_ADR, RUN_DATE_CNT , Addr ( RunDate ) ;...
  • Page 57 Chapter 6: Programming Examples Case SGL_SUCCESS T e x t 1 . C a p t i o n = RunDate (0)& " / "&RunDate (1)& " / "&RunDate ( 2 ) Case SGL_DGL_NOT_FOUND T e x t 1 . C a p t i o n = "SG−Lock n o t f o u n d ! " E x i t Sub Case E l s e T e x t 1 .

  • Page 58: Challenge-Response-Authentification Of A Sg-Lock 6.6.1 C/C

    Chapter 6: Programming Examples 6.6 Challenge-Response-Authentification of a SG-Lock 6.6.1 C/C++ # i n c l u d e < t i m e . h> # i n c l u d e < s t d l i b . h>...
  • Page 59 / / a u t h e n t i c a t i o n s u c c e s s f u l . . . More programming examples and the necessary include files can be found on the SG-Lock CD-ROM.

  • Page 61: Technical Data

    7 Technical Data 7.1 SG-Lock U2/U3/U4 Interface Memory Type non volatile RAM Memory no Memory 256 Bytes 1024 Bytes 32-Bit-Counter no Counter 128-Bit-Key 1 (fixed) 2 (free writable) 16 (free writable) Algorithm Read Cycles unlimited > 1.000.000 Write Cycles Data Storage 128-Bit encrypted >...
  • Page 62 Chapter 7: Technical Data Notes...
  • Page 63 Chapter 7: Technical Data...

Table of Contents