Hasp4 PG V12.1 PDF

Securing the
Global
Vi l l a g e
Programmer's Guide
Programmer's Guide
Version 12
COPYRIGHTS AND TRADEMARKS
The HASP® system and its documentation are copyrighted (C)
1985 to present by Aladdin Knowledge Systems Ltd. All rights
reserved.
HASP®, MacHASP® and MemoHASP® are registered trademarks
of Aladdin Knowledge Systems Ltd.
NetHASP™, TimeHASP™, HASP36™, MemoHASP36™,
NetHASP36™, USBHasp™, and AladdinCARD™ are trademarks
of Aladdin Knowledge Systems Ltd.
All other trademarks, brands, and product names used in this guide
are trademarks of their respective owners.
HASP4 Programmer’s Guide i

LIMITED WARRANTY, LIMITATION OF
REMEDIES AND LIABILITY
Aladdin Knowledge Systems Ltd. (“Aladdin”) warrants for a
period of twelve (12) months after date of purchase its software
and the HASP® key as set forth in the Developer's License
Agreement.
Aladdin's sole obligation in the event of a breach of this warranty,
and the limitation on its liability for damages to any party, are as
set forth in the Developer's License Agreement.
EXCEPT AS STATED ABOVE, THERE IS NO OTHER WARRANTY,
EXPRESSED OR IMPLIED, REGARDING ALADDIN'S PRODUCTS
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
All attempts have been made to make the information in this

document complete and accurate. Aladdin is not responsible for
any direct or indirect damages or loss of business resulting from
inaccuracies or omissions. The specifications in this document are
subject to change without notice.
ii © Aladdin Knowledge Systems, 2003

ALADDIN KNOWLEDGE SYSTEMS LTD.
DEVELOPER'S LICENSE AGREEMENT
IMPORTANT INFORMATION - PLEASE READ THIS
AGREEMENT CAREFULLY BEFORE OPENING THE
PACKAGE AND/OR USING THE CONTENTS THEREOF
AND/OR BEFORE DOWNLOADING OR INSTALLING
THE SOFTWARE PROGRAM. ALL ORDERS FOR AND USE
OF THE HASP PRODUCTS (including without limitation, the
Developer's Kit, libraries, utilities, diskettes, CD_ROM, HASP®
keys, the software component of Aladdin's HASP and the
Developer's Guides) (hereinafter "Product") SUPPLIED BY
ALADDIN KNOWLEDGE SYSTEMS LTD. (or any of its
affiliates - either of them referred to as "ALADDIN") ARE AND
SHALL BE, SUBJECT TO THE TERMS AND CONDITIONS
SET FORTH IN THIS AGREEMENT.
BY OPENING THE PACKAGE CONTAINING THE
PRODUCTS AND/OR BY DOWNLOADING THE
SOFTWARE (as defined hereunder) AND/OR BY
INSTALLING THE SOFTWARE ON YOUR COMPUTER
AND/OR BY USING THE PRODUCT, YOU ARE
ACCEPTING THIS AGREEMENT AND AGREEING TO BE
BOUND BY ITS TERMS AND CONDITIONS.
IF YOU DO NOT AGREE TO THIS AGREEMENT OR ARE
NOT WILLING TO BE BOUND BY IT, DO NOT OPEN
THE PACKAGE AND/OR DOWNLOAD AND/OR
INSTALL THE SOFTWARE AND PROMPTLY (at least within
7 days from the date you received this package) RETURN THE
PRODUCTS TO ALADDIN, ERASE THE SOFTWARE, AND
ANY PART THEREOF, FROM YOUR COMPUTER AND DO
NOT USE IT IN ANY MANNER WHATSOEVER. UPON
RETURNING THE PRODUCT WITH A COPY OF THE
SALES RECIPT TO ALADDIN YOU WILL RECEIVE A
REFUND.
HASP4 Programmer’s Guide iii

1. Title & Ownership
THIS IS A LICENSE AGREEMENT AND NOT AN
AGREEMENT FOR SALE. The software component of
Aladdin's HASP Product Development Kit, including any
revisions, corrections, modifications, enhancements, updates and/
or upgrades thereto, (hereinafter in whole or any part thereof
defined as: "Software"), and the related documentation, ARE
NOT FOR SALE and are and shall remain in Aladdin's sole
property. All intellectual property rights (including, without
limitation, copyrights, trade secrets, trademarks, etc.) evidenced by
or embodied in and/or attached/connected/related to the
Product, (including, without limitation, the Software code and the
work product performed in accordance with Section 2 hereunder)
are and shall be owned solely by Aladdin. This License Agreement
does not convey to you an interest in or to the Software but only a
limited right of use revocable in accordance with the terms of this
License Agreement. Nothing in this Agreement constitutes a
waiver of Aladdin's intellectual property rights under any law.
2. License
Subject to payment of applicable license fees, Aladdin hereby
grants to you, and you accept, a personal, non exclusive and fully
revocable limited License to use the Software, in executable form
only, as described in the Software accompanying user
documentation and only according to the terms of this
Agreement:
(i) you may install the Software and use it on computers located in
your place of business, as described in Aladdin's related
documentation;
(ii) you may merge and link the Software into your computer
programs for the sole purpose described in the Developer's Guide;
however, any portion of the Software merged into another
computer program shall be deemed as derivative work and will
continue to be subject to the terms of this Agreement; and
iv © Aladdin Knowledge Systems, 2003

(iii) you are permitted to make a reasonable number of copies - but
not more than three (3) - of the Software solely for development
and backup purposes. The Software shall not be used for any other
purposes.
3. Sub-Licensing
After merging the Software in your computer program(s)
according to section 2 above, you may sub-license, pursuant to the
terms of this Agreement, the merged Software and resell the
hardware components of the HASP® keys which you purchased
from Aladdin, to distributors and/or users. Preceding such a sale
and sub-licensing, you shall incorporate by reference in your
contracts with such distributors and/or users, and otherwise
provide for all distributors and/or users to be bound by, the
warranties, disclaimers, and license terms specified by Aladdin in
this Agreement.
4. Prohibited Uses
Except as specifically permitted in Sections 1, 2 and 3 above, you
agree not to
(i) use, modify, merge or sub-license the Software or any other of
Aladdin's products except as expressly authorized in this
Agreement and in the Developer's Guide; and
(ii) sell, license (or sub-license), lease, assign, transfer, pledge, or
share your rights under this License with/to anyone else; and
(iii) modify, disassemble, decompile, reverse engineer, revise or
enhance the Software or attempt to discover the Software's source
code; and
(iv) place the Software onto a server so that it is accessible via a
public network; and
HASP4 Programmer’s Guide v

(v) use any back-up or archival copies of the Software (or allow
someone else to use such copies) for any purpose other than to
replace an original copy if it is destroyed or becomes defective. If
you are a member of the European Union, this agreement does
not affect your rights under any legislation implementing the EC
Council Directive on the Legal Protection of Computer Programs.
If you seek any information within the meaning of that Directive
you should initially approach Aladdin.
5. Limited Warranty
Aladdin warrants, for your benefit alone, that
(i) the Software, when and as delivered to you, and for a period of
three (3) months after the date of delivery to you, will perform in
substantial compliance with the Developer's Guide, provided that
it is used on the computer hardware and with the operating system
for which it was designed; and
(ii) that the HASP® key, for a period of twelve (12) months after
the date of delivery to you, will be substantially free from
significant defects in materials and workmanship.
6. Warranty Disclaimer
ALADDIN DOES NOT WARRANT THAT ANY OF ITS
PRODUCT(S) WILL MEET YOUR REQUIRMENTS OR
THAT ITS OPERATION WILL BE UNINTERRUPTED OR
ERROR-FREE. TO THE EXTENT ALLOWED BY LAW,
ALADDIN EXPRESSLY DISCLAIMS ALL EXPRESS
WARRANTIES NOT STATED HERE AND ALL IMPLIED
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE. NO ALADDIN'S
DEALER, DISTRIBUTOR, RESELLER, AGENT OR
EMPLOYEE IS AUTHORIZED TO MAKE ANY
MODIFICATIONS, EXTENSIONS, OR ADDITIONS TO
THIS WARRANTY. If any modifications are made to the
Software or to any other part of the Product by you during the
warranty period; if the media and the HASP® key is subjected to
vi © Aladdin Knowledge Systems, 2003

accident, abuse, or improper use; or if you violate any of the terms
of this Agreement, then the warranty in Section 5 above, shall
immediately be terminated. The warranty shall not apply if the
Software is used on or in conjunction with hardware or program
other than the unmodified version of hardware and program with
which the Software was designed to be used as described in the
Developer's Guide.
7. Limitation of Remedies
In the event of a breach of the warranty set forth above, Aladdin's
sole obligation shall be, at Aladdin's sole discretion:
(i) to replace or repair the Product, or component thereof, that
does not meet the foregoing limited warranty, free of charge;
(ii) to refund the price paid by you for the Product, or component
thereof. Any replacement or repaired component will be
warranted for the remainder of the original warranty period or 30
days, whichever is longer. Warranty claims must be made in writing
during the warranty period and within seven (7) days of the
observation of the defect accompanied by evidence satisfactory to
Aladdin. All Products should be returned to the distributor from
which they were purchased (if not purchased directly from
Aladdin) and shall be shipped by the returning party with freight
and insurance paid. The Product or component thereof must be
returned with a copy of your receipt.
8. Exclusion Of Consequential Damages

The parties acknowledge, that the Product is inherently complex
and may not be completely free of errors. ALADDIN SHALL
NOT BE LIABLE (WHETHER UNDER CONTRACT, TORT
(INCLUDING NEGLIGENCE) OR OTHERWISE) TO YOU,
OR ANY THIRD PARTY (INCLUDING, WITHOUT
LIMITATION, YOUR DISTRIBUTORS AND USERS OF
YOUR SOFTWARE PROGRAM) FOR ANY LOSS OR
DAMAGE (INCLUDING INDIRECT, SPECIAL OR
CONSEQUENTIAL DAMAGES), INCLUDING, WITHOUT
LIMITATION, ANY LOSS OR DAMAGE TO BUSINESS
HASP4 Programmer’s Guide vii

EARNINGS, LOST PROFITS OR GOODWILL AND LOST
OR DAMAGED DATA OR DOCUMENTATION,
SUFFERED BY ANY PERSON, ARISING FROM AND/OR
RELATED WITH AND/OR CONNECTED TO ANY USE
OF THE SOFTWARE AND/OR ANY COMPONENT OF
THE PRODUCT, EVEN IF ALADDIN IS ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
9. Limitation Of Liability
IN THE EVENT THAT, NOTWITHSTANDING THE
TERMS OF THIS AGREEMENT, ALADDIN IS FOUND
LIABLE FOR DAMAGES BASED ON ANY DEFECT OR
NONCONFORMITY OF ITS PRODUCT(S), ITS TOTAL
LIABILITY FOR EACH DEFECTIVE PRODUCT SHALL
NOT EXCEED THE PRICE PAID TO ALADDIN FOR
SUCH DEFECTIVE PRODUCT.
10. No Other Warranties

Except as specifically provided herein, Aladdin makes no warranty
or representation, either express or implied, with respect to its
products as described in the preamble of this agreement, including
its quality, performance, merchantability or fitness for a particular
purpose.
11. Termination
Your failure to comply with the terms of this Agreement shall
terminate your license and this Agreement. Upon termination of
this License Agreement by Aladdin:
(i) the License granted to you in this Agreement shall expire and
you, upon termination, shall discontinue all further use (including
without limitation sub-licensing) of the Software and other
licensed Product(s); and
viii © Aladdin Knowledge Systems, 2003

(ii) you shall promptly return to Aladdin all tangible property
representing Aladdin's intellectual property rights and all copies
thereof and/or shall erase/delete any such information held by it
in electronic form. Sections 1, 4, 6, 7, 8, 9, 10, 11 and 12 shall
survive any termination of this Agreement.
12. Governing Law & Jurisdiction

This Agreement shall be construed and governed in accordance
with the laws of Israel (except for conflict of law provisions) and
only the courts in Israel shall have jurisdiction in any conflict or
dispute arising out of this Agreement. The application of the
United Nations Convention of Contracts for the International Sale
of Goods is expressly excluded. The failure of either party to
enforce any rights granted hereunder or to take action against the
other party in the event of any breach hereunder shall not be
deemed a waiver by that party as to subsequent enforcement of
rights or subsequent actions in the event of future breaches.
13. Third Party Software

If the Product contains any software provided by third parties,
such third party's software is provided "As Is" without any
warranty of any kind and Sections 2, 3, 4, 6, 8, 9-13 of this
Agreement shall apply to all such third party software providers
and third party software as if they were Aladdin and the Product
respectively.
14. Miscellaneous
This Agreement represents the complete agreement concerning
this License and may be amended only by a written agreement
executed by both parties. If any provision of this Agreement is
held to be unenforceable, such provision shall be reformed only to
the extent necessary to make it enforceable.
I HAVE READ AND UNDERSTOOD THIS LICENSE
AGREEMENT AND AGREE TO BE BOUND BY ALL OF
THE TERMS.
HASP4 Programmer’s Guide ix

CE Compliance
The HASP product line complies with the CE EMC Directive and
related standards*. HASP products are marked with the CE logo
and a HASP CE conformity card is included in every shipment or
upon demand.
*EMC directive 89/336/EEC and related standards EN 55022,
EN 50082-1.
FCC Compliance
FCC authorities have determined that HASP is not a Class B
Computing Device Peripheral and therefore does not require FCC
regulation.
UL Certification
The HASP product line successfully completed UL 94 Tests for
Flammability of Plastic Materials for Parts in Devices and
Appliances. HASP products comply with UL 1950 Safety of
Information Technology Equipment regulations.
ISO 9001:2000 Certification

The HASP product line is designed and manufactured by Aladdin
Knowledge Systems, Inc., an ISO 9001:2000 certified company.
Aladdin's quality assurance system is approved by the International
Organization for Standardization (ISO), ensuring that Aladdin
products and customer service standards consistently meet
specifications in order to provide outstanding customer
satisfaction.
x © Aladdin Knowledge Systems, 2003

Certificate of Compliance
Upon request, Aladdin Knowledge Systems, Inc. will supply a
Certificate of Compliance to any software developer who wishes
to demonstrate that the HASP product line conforms to the
specifications stated. Software developers can distribute this
certificate to the end user along with their programs.
HASP4 Programmer’s Guide xi

Contents
List of Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix
About the HASP4 Programmer’s Guide. . . . . . . . . . . . . . . . . . . . . xxi
Part 1: Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3
About HASP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Advantages of the HASP System . . . . . . . . . . . . . . . . . . . . . . . 4
HASP Protection Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
HASP Developer Kit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
HASP Starter Kit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Basic Concept . . . . . . . . . . . . . . . . . . . . . . . . . . . .15

How Does HASP Work?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Identifying the HASP Key . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
HASP Protection Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
The Full Authorization System (FAS) . . . . . . . . . . . . . . . . . . 22
Frequently Asked Questions . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Installing HASP . . . . . . . . . . . . . . . . . . . . . . . . . . .29

HASP Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Software Protection – Quick Reference . . . . . . . . . . . . . . . . . 32
Installing HASP under Windows . . . . . . . . . . . . . . . . . . . . . . 33
Installing HASP under Mac . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Installing HASP under Linux . . . . . . . . . . . . . . . . . . . . . . . . . 40
HASP4 Programmer’s Guide xiii

Contents
Part 2: Using HASP Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Protecting with HASP Envelope . . . . . . . . . . . . . 51

About the HASP Envelope . . . . . . . . . . . . . . . . . . . . . . . . . . .52
Starting HASP Envelope . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
Protecting an Application . . . . . . . . . . . . . . . . . . . . . . . . . . . .54
Protecting Win32 Data Files . . . . . . . . . . . . . . . . . . . . . . . . . .55
Saving FAS Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59
HASP Envelope Parameters . . . . . . . . . . . . . . . . . . . . . . . . . .61
HASP Envelope Command-Line Switches . . . . . . . . . . . . . .73
Additional HASP4 Net Information . . . . . . . . . . . . . . . . . . .77
HASP Envelope for Mac Applications. . . . . . . . . . . . . . . . . .78
HASP Envelope for Linux . . . . . . . . . . . . . . . . . . . . . . . . . . .79
Frequently Asked Questions . . . . . . . . . . . . . . . . . . . . . . . . . .80
Accessing Keys with HaspEdit . . . . . . . . . . . . . . 83

HaspEdit for Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84
HaspEdit for Mac . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .107
Frequently Asked Questions . . . . . . . . . . . . . . . . . . . . . . . . .114
Assisting End-Users & Vendors . . . . . . . . . . . . . 117
Part 3: Using the HASP API . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
Protecting with the HASP API . . . . . . . . . . . . . . 129

Preparing for API Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . .130
Implementing the HASP API . . . . . . . . . . . . . . . . . . . . . . . .131
HASP Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .136
Enabling Local and Network Protection . . . . . . . . . . . . . . .142
HaspDemo Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .143
Protection Strategies. . . . . . . . . . . . . . . . . . . . . 147

Software Protection Attacks . . . . . . . . . . . . . . . . . . . . . . . . .148
Tips and Tricks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .149
Basic HASP Services . . . . . . . . . . . . . . . . . . . . . . 157

Service 1: IsHasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .160
Service 5: HaspStatus. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .161
xiv © Aladdin Knowledge Systems, 2003

Contents
Service 8: CheckHaspGeneration . . . . . . . . . . . . . . . . . . . . . 163

Service 9: HaspNetStatus . . . . . . . . . . . . . . . . . . . . . . . . . . . 164
Service 60: HaspEncodeData . . . . . . . . . . . . . . . . . . . . . . . . 165
Service 61: HaspDecodeData . . . . . . . . . . . . . . . . . . . . . . . . 166
HASP4 Memory Services . . . . . . . . . . . . . . . . . . .167

Service 3: ReadWord . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170
Service 4: WriteWord. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
Service 6: HaspID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172
Service 50: ReadBlock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
Service 51: WriteBlock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
HASP4 Time Services . . . . . . . . . . . . . . . . . . . . . .175

Service 70: SetTime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178
Service 71: GetTime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
Service 72: SetDate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
Service 73: GetDate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181
Service 74: WriteByte. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
Service 75: ReadByte . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
Service 78: HaspID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186
HASP4 Net Services . . . . . . . . . . . . . . . . . . . . . . .187

Service 40: LastStatus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
Service 42: Login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
Service 43: Logout. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
Service 44: ReadWord . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198
Service 45: WriteWord. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199
Service 46: HaspID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
Service 48: IdleTime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
Service 85: SetConfigFilename . . . . . . . . . . . . . . . . . . . . . . . 207
Service 88: HaspEncodeData . . . . . . . . . . . . . . . . . . . . . . . . 208
Service 89: HaspDecodeData . . . . . . . . . . . . . . . . . . . . . . . . 210
Service 96: SetServerByName. . . . . . . . . . . . . . . . . . . . . . . . 212
Service 104: HaspQueryLicense . . . . . . . . . . . . . . . . . . . . . . 213
Service 110: LoginProcess. . . . . . . . . . . . . . . . . . . . . . . . . . . 214
HASP4 Programmer’s Guide xv

Contents
Service 230: GetCurrentServer . . . . . . . . . . . . . . . . . . . . . . .215
HASP API Status Codes . . . . . . . . . . . . . . . . . . . 217

Status Codes for All HASP Keys . . . . . . . . . . . . . . . . . . . . .217
Status Codes for HASP4 Time Keys . . . . . . . . . . . . . . . . . .219
Status Codes for HASP4 Net . . . . . . . . . . . . . . . . . . . . . . . .220
Part 4: Using HASP in a Network . . . . . . . . . . . . . . . . . . . . . . 227
HASP4 Net Basic Concept . . . . . . . . . . . . . . . . . 229

What is HASP4 Net? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .229
How Does HASP4 Net Work? . . . . . . . . . . . . . . . . . . . . . . .230
Preparing Protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .232
Using HASP4 Net . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .233
Distributing HASP4 Net . . . . . . . . . . . . . . . . . . . . . . . . . . . .235
Supported Protocols, Platforms and Operating Systems. . .237
Protecting Applications with HASP4 Net . . . . . 241

HASP Envelope Options for HASP4 Net . . . . . . . . . . . . . .242
HASP4 Net API Services . . . . . . . . . . . . . . . . . . . . . . . . . . .243
Managing HASP4 Net Licenses. . . . . . . . . . . . . 247

How does the HASP License Manager Work?. . . . . . . . . . .248
HASP License Manager for Windows . . . . . . . . . . . . . . . . .249
HASP License Manager for Mac. . . . . . . . . . . . . . . . . . . . . .253
HASP License Manager for Linux . . . . . . . . . . . . . . . . . . . .256
Customizing the HASP License Manager . . . . . . . . . . . . . .258
Configuring HASP4 Net Clients . . . . . . . . . . . . 271

Search Sequence for Configuration File . . . . . . . . . . . . . . . .271
Sections in the Configuration File. . . . . . . . . . . . . . . . . . . . .272
Specifying Keywords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273
Monitoring HASP4 Net Licenses. . . . . . . . . . . . 281

Distributing Aladdin Monitor . . . . . . . . . . . . . . . . . . . . . . . .281
Installing Aladdin Monitor . . . . . . . . . . . . . . . . . . . . . . . . . .282
Settings for Aladdin Monitor . . . . . . . . . . . . . . . . . . . . . . . .282
Checking the Properties of HASP License Manager . . . . . .283
xvi © Aladdin Knowledge Systems, 2003

Contents
Checking HASP Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284

Starting and Stopping HASP License Manager as a Service286
Adapting HASP4 Net to the Network . . . . . . . .287

Defining the Range of Stations under IPX . . . . . . . . . . . . . 287
Defining the Range of Stations under TCP/IP . . . . . . . . . . 288
Defining the Range of Stations under NetBIOS . . . . . . . . . 290
Adapting the Timeout Length . . . . . . . . . . . . . . . . . . . . . . . 291
Defining the Number of Protected Applications Served . . 291
Part 5: Using the Remote Update System. . . . . . . . . . . . . . . 293
Remote Update System . . . . . . . . . . . . . . . . . . .295

Implementing RUS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296
Creating the RUS Utilities . . . . . . . . . . . . . . . . . . . . . . . . . . . 299
The Vendor Utility. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301
The Customer Utility. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310
Remote Update System API . . . . . . . . . . . . . . .315

Win32 Remote Update System API . . . . . . . . . . . . . . . . . . . 315
Implementing RUS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316
Functions Provided in Vendor DLL. . . . . . . . . . . . . . . . . . . 318
Functions Provided in Client DLL . . . . . . . . . . . . . . . . . . . . 322
Return Values. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324
Customization Utility. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326
RUS API for Mac Applications . . . . . . . . . . . . . . . . . . . . . . 327
Troubleshooting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329
Check List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330
Problems and Solutions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331
HASP Demo Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337
Technical Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339
Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 349
HASP4 Programmer’s Guide xvii

List of Tables
HASP Programmer’s Guide Symbol Guide .......................................................................... xxii
HASP Models.................................................................................................................................. 9
Device Driver Installation Tools (Windows) .......................................................................... 33
Command Line Switches for aksusbd (Mac) ............................................................................ 38
Command Line Switches for aksparlnx.o (Linux) ................................................................... 42
Command Line Switches for aksusbd (Linux).......................................................................... 44
HASP Envelope Main Tab Options......................................................................................... 62
HASP Envelope Option Tab Options..................................................................................... 65
HASP Envelope DataHASP Tab Options.............................................................................. 70
HASP Envelope Engines ........................................................................................................... 73
HASP Envelope Switches .......................................................................................................... 73
Key Access History Panel ........................................................................................................ 120
Parameters for HASP Stand-Alone Keys .............................................................................. 132
Parameters for HASP4 Net Keys............................................................................................ 132
PortNum Values and Ports Searched ..................................................................................... 133
HASP Models and Relevant Services ..................................................................................... 136
Basic HASP Services ................................................................................................................. 137
HASP4 Memory Services ......................................................................................................... 138
HASP4 Time Services............................................................................................................... 139
HASP4 Net Services ................................................................................................................. 140
Basic HASP Services and Parameters..................................................................................... 158
HASP4 Memory Services and Parameter .............................................................................. 168
HASP4 Time Services and Parameters .................................................................................. 176
HASP4 Net Services and Parameters ..................................................................................... 189
Status Codes for All HASP Keys ............................................................................................ 217
Status Codes for HASP4 Time Keys...................................................................................... 219
HASP4 Net Status Codes......................................................................................................... 220
HASP4 Net Warning Codes .................................................................................................... 224
HASP4 Net Supported Platforms........................................................................................... 237
HASP4 Net Protocols............................................................................................................... 237
HASP Envelope Switches for HASP4 Net ........................................................................... 243
HASP4 Net API Services......................................................................................................... 244
HASP License Manager Switches ........................................................................................... 258
Search Order for nhsrv.ini.......................................................................................................... 259
Boolean Values for HASP LM nhsrv.ini.................................................................................. 260
HASP4 Programmer’s Guide xix

HASP LM Installation API Error Codes ............................................................................... 269
nethasp.ini Configuration File Search Order......................................................................... 272
HASP License Manager Information ..................................................................................... 283
HASP Key Information ............................................................................................................ 284
HASP Information .................................................................................................................... 285
Program Table ............................................................................................................................ 285
Login Table ................................................................................................................................. 285
Vendor Utility Command Line Switches ............................................................................... 306
Vendor Utility Error Codes...................................................................................................... 308
Customer Utility Command Line Switches............................................................................ 313
Customer Utility Error Codes.................................................................................................. 314
Passwords of HASP Demo Memory Keys............................................................................ 337
Passwords of HASP4 Std Demo Keys ................................................................................... 337
General Specifications for All HASP keys............................................................................. 339
Specifications for HASP4 Std, HASP4 M1, HASP4 M4, HASP4 Net ............................. 340
Specifications for HASP4 Time............................................................................................... 340
Specification for USB models .................................................................................................. 341
HASP PC-Card........................................................................................................................... 341
AladdinCARD ISA .................................................................................................................... 342
AladdinCARD PCI.................................................................................................................... 342
HASP3 to HASP4 Compatibility ............................................................................................ 344
xx © Aladdin Knowledge Systems, 2003

About the HASP4
Programmer’s Guide
The HASP Programmer’s Guide is designed to help you, the software
developer, protect your application in the way that most suits your
needs.
The first part, "Getting Started" (page 1), introduces the HASP
protection system. It gives an overview of HASP hardware and
software and leads you through the installation of the HASP
software. This part is relevant regardless of which key and which
protection method you are using.
The second part, "Using HASP Tools" (page 49), helps you to use
HASP utilities for Windows and Mac which enable you to protect
your software easily, to program your HASP keys for distribution
and to assist your customers. This part is relevant regardless of
which key and which protection method you are using.
The third part, "Using the HASP API" (page 127), introduces the
HASP API protection methods and strategies. It provides detailed
descriptions of all HASP API services. This part is only relevant, if
you want to protect you software by adding HASP API calls to
your source code.
The fourth part, "Using HASP in a Network" (page 227),
introduces the HASP4 Net system and tools. This part is relevant
if you protect your software for networks using HASP4 Net keys.
HASP4 Programmer’s Guide xxi

About the HASP4 Programmer’s Guide
The fifth part, "Using the Remote Update System" (page 293),
provides you with information on tools and the API which enable
you to update your customers’ HASP keys remotely.
Throughout this guide noteworthy comments, suggestions,
cautions and warnings are displayed in special framed inserts with
the following symbols.
HASP Programmer’s Guide Symbol Guide

Symbol Meaning
! Warning or caution.
Noteworthy comment.
Suggestion to enhance
HASP performance.
To help you understand the HASP system in greater depth,

frequently asked questions are included at the end of most
chapters. For your convenience, a comprehensive glossary
provides concise explanations of HASP terms.
Information on technical specifications, passwords for HASP
Demo keys and troubleshooting can be found in the appendices.
xxii © Aladdin Knowledge Systems, 2003

Part 1
Getting Started
This part introduces the HASP protection system. It gives an
overview of HASP hardware and software and leads you through
the installation of the HASP software.
The chapter "Introduction" (page 3) introduces the advantages
and security features of the HASP system and gives an overview of
HASP hardware keys and supported platforms and operating
systems.
The chapter "Basic Concept" (page 15) explains the basic concept
of the HASP system and describes the contents of the HASP Kits.
The chapter "Installing HASP" (page 29) gives an overview of the
HASP software, the main stages of software protection and the
basic installation procedures for the various operating systems.
HASP4 Programmer’s Guide 1

Part 1 - Chapter 1
Introduction
Welcome to Aladdin’s HASP – the professional software
protection system. This chapter describes the HASP protection
system, its security features and its advantages. It introduces the
family of HASP protection keys and describes the contents of the
HASP Developer’s and Starter’s Kits.
About HASP
HASP is a state-of-the-art hardware-based system that protects
software from illegal use by preventing unauthorized access to and
execution of protected applications.
At runtime, the protected application queries the HASP connected
to the computer. If the response returned by the HASP is as it
should be and if the correct HASP algorithm is identified, the
application executes. If the response is incorrect, the application
may not load, may switch to a demo version, or limit certain
features.
Implementing HASP security is easy, yet the level of security it
provides is extremely high. Once your application is protected, it
can be activated only when the HASP key originally supplied with
your software is attached to the computer.

Introduction Part 1 - Chapter 1
Advantages of the HASP System

Substantial Developer Flexibility
The HASP system provides the widest range of products,
solutions, and features in the software protection industry –
including memory, network and time-based solutions for multiple
hardware platforms.
Maximum ease-of-use
A short learning curve and a standard application programming
interface (API) for all products ensures easy and rapid
incorporation of the HASP software into the application.
Support for a wide range of programming

environments
The HASP system has interfaces for numerous compilers and
programming languages that enable a quick and effortless
implementation of HASP.
Support for a wide range of operating systems

Supported operating systems are: Windows 3.x, Windows 95, 98,
ME, NT, 2000, XP, Server 2003, Linux, Mac OS 8.6, Mac OS 9.x,
Mac OS X.
All references to Windows NT in this manual apply to

Windows NT4 (service pack 6).
Cross-platform solution
HASP (USB version) provides a platform-independent solution.
One HASP key can be used to protect Windows, Mac and Linux
applications, thus saving you development time in integrating
protection, and on shipping logistics and costs.
4 © Aladdin Knowledge Systems, 2003

Getting Started Introduction
State-of-the-art security
Full-custom ASIC Chip or Advanced Micro-
Controller
All HASP keys (except USB models) are based on a proprietary,
full-custom ASIC (Application Specific Integrated Circuit) chip.
The 2800-gate, 1.2-micron HASP ASIC, designed in-house by
Aladdin engineers, prevents reverse engineering and makes HASP
hardware virtually impossible to crack.
USB models are unique in that they contain an advanced micro
controller that provides an inherently high level of security.
Advanced Encoding Capabilities in the Hardware

The advanced data encoding and decoding facilities incorporated
in the HASP hardware allow a far closer integration of the
hardware into the software being protected. Intelligent functions
within the key itself allow critical functions of the software to be
dependent on the presence of the correct key, otherwise they will
not operate correctly.
Any data used by the software can be encoded at any point in the
software. The encoded data is a function of the data sent to the
HASP and a unique, customer-specific “developer code”. This
means that this facility provides far more comprehensive
protection than simple periodical checks for the presence of a key.
Advanced Protection Algorithms and Anti-

Debugging Technology
HASP software uses state-of-the-art proprietary code protection
algorithms, plus the most advanced anti-debugging technology in
the industry. Special anti-hacking features implemented in the
HASP software create practically impenetrable obstacles for
would-be hackers.

Scrambled Communication
All communication between the application and the HASP is

randomly scrambled to protect the vital link between them. This
feature prevents emulation of the hardware key.
Benefits to Your Customer

HASP protection benefits both you and your customers. The
following are a few reasons why software protection is good for
your customers.
Cost-Effective Software
As HASP protection increases your sales and revenues, you can
budget more money to the ongoing development and support of
your product. In turn, your paying customers can enjoy more
advanced products, faster development times and higher-quality
technical support.
Protecting the License Agreement

Software protection helps maintain the integrity of your software
license agreement. HASP is the least painful, least intrusive means
of assuring compliance with the agreement. It ensures that
customers do not have to police their own employees or risk
breaking the license agreement.
Protecting Investments of Legitimate Users

HASP protects legitimate end users from the unfair practices of
dishonest end users who use unpaid-for software and waste your
valuable technical support resources.
Worldwide Service and Support

Multiple Production Facilities
Production facilities on three continents ensure rapid and punctual
supply, with back-up capabilities if necessary.

Local Service and Support in Over 40 Countries

With 8 international offices and over 40 local distributors, support
for HASP is available virtually whenever and wherever required.

Aladdin Consulting
For more detailed advice and training on HASP implementation
issues, contact our team of international consultants. They can
provide you with tailored training sessions on the following:
• Integration of HASP production and distribution in your
company
• Analysis of the best protection strategy for your applications
• Help with algorithm design and even implementation of HASP
protection in your software

HASP Protection Keys

HASP keys are available for different ports and as various models.
Table 1.1 HASP Models
HASP Model Memory Size Full Authori- Features Key Types

zation System
Options
HASP4 Std. no memory no FAS encoding/decoding parallel, USB
HASP4 M1 112 bytes 16 applications encoding/decoding parallel, USB

HASP ID
HASP4 M4 496 bytes 112 applications encoding/decoding parallel, USB,

HASP ID PC-Card
HASP4 Time 496 + 16 bytes 8 applications encoding/decoding parallel, USB

expiration date HASP ID
real-time clock
HASP4 Net 5 496 bytes 112 applications encoding/decoding parallel, USB

on 5 stations HASP ID
network access

network access

network access

HASP Model Memory Size Full Authori- Features Key Types

zation System
Options

network access
network access
HASP4 Net U 496 bytes 112 applications encoding/decoding parallel, USB

on an unlimited HASP ID
number of network access
stations.
HASP4 Net U - it is recommended that the number

of stations not exceed 200.
HASP4 Key Types for Different Ports

HASP4 keys are available in parallel port, USB and PC-Card
versions which are identical in functionality.
• HASP4 parallel keys connect to parallel ports and can only be
used to protect applications running on PCs.
• HASP4 USB keys are cross-platform keys that connect to
USB ports and can be used to protect applications running on
PCs and Mac platforms.
• HASP4 PC-Cards are advanced software protection cards that
are inserted in PC-Card (PCMCIA) slots found on most
notebook PCs.

HASP4 Key Models

HASP4 Standard – Low cost, high security
HASP4 Standard is the most cost-effective software protection
solution we offer. Using all the state-of-the-art techniques included
in the HASP system, HASP4 Std. offers an extremely secure, yet
surprisingly low-cost solution for your protection needs.
HASP4 Std. is available for the parallel port and for the USB port.
HASP4 M1 and HASP4 M4 – The most versatile

and secure software protection keys available
HASP4 M1 and M4 combine the inherently high level of
encryption-based security with the flexibility of up to 496 bytes of
secured read/write memory and a unique ID number for each key.
The HASP4 memory and its in-the-field upgrading capabilities let
you implement your marketing strategy by enforcing sales models
such as subscription, demo, try-before-you-buy and rental for up
to 112 applications – all in a single key.
HASP4 M1 is available for the parallel port and for the USB port.
HASP4 M4 is available for the parallel port, for the USB port and
as PC-Card.
HASP4 Time – Software Protection with a Real-

Time Clock
HASP4 Time contains an internal real-time clock, indicating the
exact time (hours, minutes and seconds) and date (day, month,
year. Specifically designed to enable software renting or leasing,
HASP4 Time also lets you charge clients periodically for software
use and maintenance. Based on HASP4 M4, HASP4 Time
contains 512 bytes of secured read/write memory and a unique ID
number for each key. Using the HASP4 Time memory you can
control the distribution and access of up to 8 different software
modules and different software packages, rent or lease software
and distribute demos which expire after a specific date.
HASP4 Time is available for the parallel port and for the USB
port.

HASP4 Net - Providing Licenses in a Network

The ultimate software protection solution for various network
environments. Connect a single HASP4 Net to any network
station to protect your application and to limit the number of
stations using it simultaneously. HASP4 Net provides all the
protection features of HASP4 M4.
HASP4 Net is available for the parallel port and for the USB port.
HASP Developer Kit

The HASP Developer Kit contains everything you need to
evaluate the HASP protection system, and includes the following:
Software
The HASP software is contained on a single CD-ROM.
Hardware
Your HASP Developer Kit comes with a demo HASP key. The
demo HASP key is either a HASP4 M1, HASP4 M4,
HASP4 Time, or HASP4 Net depending on the type of HASP key
you requested when ordering the HASP Developer Kit.
The demo HASP key you receive should be used for

evaluation purposes only. When you order HASP keys,
Aladdin assigns you a unique developer’s code that
differentiates your keys from others.
Documentation
Your HASP Developer Kit includes one copy of the HASP4
Programmer’s Guide.

HASP Starter Kit

The HASP Starter Kit is similar to the HASP Developer Kit,
except that it contains 5 HASP keys that are unique to your
company (2 keys in the case of HASP4 Net). Your HASP key
includes HASP passwords that only you know, thus ensuring that
your keys are differentiated from other HASP keys.
Whereas the demo HASP key you receive in a HASP Developer
Kit should be used for evaluation purposes only, the HASP keys
you receive in the HASP Starter Kit can be used to protect the
application in preparation for distribution to your end users.
With the HASP Starter Kit, you are ready to go. Simply protect
your application and order the number of keys you need.

Part 1 - Chapter 2
Basic Concept
To implement HASP protection effectively, we recommend that
you familiarize yourself with the concepts and terms described in
this chapter.
If you are protecting with HASP4 Net, you should also read
"HASP4 Net Basic Concept" (page 229) to familiarize yourself
with specific terms and concepts for HASP4 Net.

Basic Concept Part 1 - Chapter 2
How Does HASP Work?

At runtime, the protected application queries the HASP connected
to the computer. If the response returned by the HASP is as it
should be and if the correct HASP algorithm is identified, the
application executes. If the response is incorrect, the application
may not load, may switch to a demo version, or limit certain
features.
Figure 2.1 HASP Protection Mechanism

Getting Started Basic Concept
Identifying the HASP Key

Protection is based on making access to the protected application
dependent on the presence of the correct HASP key.
HASP keys contain information specific for your company, thus
ensuring the uniqueness of the HASP keys distributed by you.
The presence of the appropriate HASP key can be checked by
using the following methods:
• Use the hardware-based encryption engine.
• Check the key-specific ID
• Use the memory functionality
Using the Encryption Engine

When you implement HASP protection, you check for the
presence of the HASP key. The HASP system performs these
checks by encoding and decoding data via the HASP itself.
Verifying the presence of the HASP using the data encoding and
decoding functions requires a certain amount of planning. To start
with, you must have some data that you have previously encoded.
You then send that data to the HASP using the DecodeData
service. There, it is decoded and you can check whether the
decoded data is correct. If it is, then the HASP is present.
The decoded data can be verified by using the data in your
protected application. Refer to "Encode Internal and External
Data" (page 149) for information on using decoded data.
The encoded data is a function of the data sent to the HASP and a
unique, customer-specific “developer code”. Thus, encoding the
same string with two different developer codes will lead to
different results.
You can encode data using HaspEdit or the HASP API. For more
information refer to "Accessing Keys with HaspEdit" (page 83) or
to "Protecting with the HASP API" (page 129).

Figure 2.2 Decoding Data to Verify the HASP Key
Developer-Specific Information
When you order keys from Aladdin, you receive keys which
contain information specific to your company. This information is
used to differentiate your keys from other developers’ keys.

Developer Code
The developer code is a unique code Aladdin assigns to each
software developer. The developer code is burnt into the ASIC
component of the HASP to prevent reverse engineering, thus
ensuring total protection.
You use the same developer code when you order additional
HASP keys. The developer code is represented by the set of five to
seven letters printed on the label of each HASP.
HASP Passwords
The HASP passwords are two integers assigned to each software
developer. The passwords are based on your unique developer
code and ensure that only you can access your HASP keys.
Make sure to keep your passwords in a safe place, as

! they are used to access the HASP, protect your
application and use the HASP utilities.
Checking the HASP ID Number

Each HASP memory key has a unique ID number. A protected
application can check and verify this ID number.
HASP keys with ID numbers let you distinguish between users of
your application. By checking for the HASP ID number in your
application you can decide how to respond if a specific HASP is or
is not present.
You can retrieve the HASP ID using HaspEdit. For more
information refer to "Accessing Keys with HaspEdit" (page 83).
You cannot order HASP keys with specific ID

numbers. They are assigned randomly during
manufacturing and are guaranteed not to be repeated.

Using the HASP Memory Options

All HASP keys except HASP4 Std. contain internal read/write
memory. You can use the HASP memory do the following:
• Control access to different software modules or different
software packages
• Assign a unique code to each software user
• Rent or lease software and distribute demos which can be
activated only a limited number of times
• Save passwords, program code, program variables, and any
other data
For information on the read/write memory available with
different HASP keys refer to Table 1.1 (page 9).
You can edit the memory using HaspEdit. For more information
refer to "Accessing Keys with HaspEdit" (page 83).

HASP Protection Methods

HASP offers two different yet very powerful protection methods:
• HASP Envelope
• HASP application programming interface (API)
HASP Envelope
The simplest and quickest way to protect an application is to use
the HASP Envelope. HASP Envelope provides very effective and
powerful protection. This method does note require access to the
target application’s source code. HASP Envelope adds a protective
shield around executable files. The HASP Envelope scrambles
your file, and incorporates HASP checks and anti-debugging
features. After having protected your application with HASP
Envelope, it cannot run without the correct HASP.
As using the Envelope does not require access to the application
source code, it is a quick and easy method of protection. At the
same time, it provides a very high level of protection, making it
virtually impossible to debug or disassemble your applications.
For information on using HASP Envelope refer to "Protecting
with HASP Envelope" (page 51).
HASP Application Programming Interface (API)

If you have the source code of the application you want to protect,
you can link the HASP API to your application.
Use the API to insert calls to the HASP throughout your
application. With the API, you can check for the presence of the
HASP whenever you choose, and decide how to respond if the
correct HASP is not connected. In addition, you can check a
HASP memory key for sensitive data you may have stored in its
memory.
You must have access to the source code to implement the API.

Which Method to Use

You can use either the Envelope or the API alone, or combine
both methods of protection.
Use the Envelope when you want quick and easy protection, or
when you do not have access to the source code.
Use the API when you have access to the source code and when
you want to customize your protection by implementing additional
calls to the HASP key.
Both the Envelope and the API are very powerful protection
methods. Protecting your application with only one protection
method ensures a high level of security. However, we recommend
you implement both Envelope and API protection if possible.
Each method has its unique features, and complements and
enhances the other.
Incorporate the HASP API into your application source code,
compile, link the HASP library files or DLLs to your application,
and then use the HASP Envelope protection on your executable
file.
The Full Authorization System (FAS)

The Full Authorization System is a powerful feature that allows
you to protect multiple applications with a single HASP memory
key, and to specify the conditions under which each application
can be used.

FAS Options
With FAS, you can limit the use of your application by:
• Setting the number of activations (HASP4 M1, HASP4 M4 and
HASP4 Net).
This feature is useful for supplying demo versions of your
application.
• Setting an expiration date (HASP4 Time).
This feature is useful for leasing and renting your software.
• Setting the number of stations which can run the program
simultaneously (HASP4 Net).
FAS is an optional feature of the Envelope when you protect with
a HASP stand-alone memory key. With HASP4 Net, on the other
hand, FAS is not optional. FAS is an integral part of the HASP4
Net protection system, whether you protect with the Envelope or
the HASP API.
How Does FAS Work?

A HASP-protected application which implements FAS performs
several checks.
• The protected application first determines whether or not the
correct HASP is connected to the computer.
• If the correct HASP is present, the HASP memory is checked
to verify that the application is listed as authorized to run.
If the application is authorized to run then different checks are
performed, depending on the model of HASP you are using:
• With HASP4 M1 and HASP4 M4, the HASP memory is
checked to see that the number of authorized activations has
not been exceeded. With each activation of the application, the
number of authorized activations is decreased by one. When
the application starts and the number of authorized activation
equals 0, the protected application aborts and the appropriate
error message is displayed.

• With HASP4 Time, the expiration date listed in the HASP4

Time memory is checked and compared to the HASP4 Time
real-time clock. If the expiration date has passed, the
application aborts with an error message.
• If you are using HASP4 Net, refer to "How Does HASP4 Net
Work?" (page 230) to understand how FAS is automatically
integrated into the HASP4 Net system.
FAS is used by the HASP Envelope’s licensing system. When using
the API to license an application, you can implement your own
licensing scheme.

Frequently Asked Questions

Question Can I change my HASP passwords?
Answer No. In order to ensure the highest protection level and to

prevent reverse engineering of the hardware key, the HASP
passwords are indelibly burnt into the ASIC component of the
HASP during manufacturing. No one can then access the HASP
to read and change these passwords.
Question Can I give every customer a HASP with a unique code or

password?
Answer Yes. For this purpose, we recommend using HASP memory keys
which contain a unique ID number for each key. In addition, you
can program the memory of HASP memory keys individually for
each of your customers.
Question Is it possible that another developer will be given the same

passwords as me?
Answer No. Each developer is given a unique set of passwords.
Question What happens to a HASP4 Time when its battery dies?
Answer The HASP4 Time battery has a lifetime of 3-5 years, which by all
measures is a long time in terms of software licensing. When the
battery dies, HASP4 Time behaves in the same way as a HASP4
M4. Battery life is increased if the HASP4 Time key remains
connected to an operating computer.

Question Can stand-alone HASP keys be used in a network environment?
Answer Yes. There are two options for using HASP in a network. The
first is to connect a HASP to every station on which the
protected application is running. The second – and more efficient
option – is to protect your application with HASP4 Net, a
sophisticated protection system designed especially for network
environments.
HASP4 Net allows you to activate a protected application on
several stations using a single key. To learn more about HASP4
Net, see "HASP4 Net Basic Concept" (page 229).
Question Can various HASP keys be connected to each other?
Answer Yes. Multiple HASP keys can be daisy-chained without any special
connecting equipment.
Use an USB hub to connect multiple USB devices to the same
port.
Question And what about keys made by other companies?
Answer HASP keys are fully transparent. You can chain them before or
behind other keys, provided these keys are also transparent.
Question Can data files or applications written with software tools such as
Lotus and AutoLISP be protected with HASP?
Answer Yes. There is a special system for data file protection called
DataHASP. Easily implemented, DataHASP protects files by
encoding their data and allowing only authorized applications to
access them. DataHASP can be used with Win32 applications
and works with all HASP keys.
For more information, see "Protecting with HASP Envelope"
(page 51).

Question Why should I use a HASP memory key?
Answer There are three very good reasons to choose a HASP memory key
to protect your application:
• To distribute a demo version of your application, or lease your
software.
• To protect multiple applications using a single HASP.
• To use the HASP memory to save data and subsequently
enhance the security of your protected application.
Question How can I update the HASP memory after delivering my

protected application to my customer?
Answer The HASP Remote Update System (RUS) enables remote

updating of the HASP memory when the HASP is in the
possession of your customer. The RUS can be used via the
Internet. For more information got to:
http://www.hasp.com/rus
You update the HASP memory by sending RUS passwords
through phone, fax, or e-mail. This system enables additional
software activations and execution of additional software
modules.
For more information, see "Remote Update System" (page 295).

Part 1 - Chapter 3
Installing HASP
This chapter gives an overview of the HASP software, the main
stages of software protection and the basic installation procedures
for the various operating systems.
HASP Software
The HASP software consists of the following parts:
• Device drivers to access HASP keys
• HaspEdit to prepare HASP keys for distribution
• Aladdin DiagnostiX to assist vendors and end-users
• HASP API and HASP Envelope to integrate application
protection
• HASP Demo to demonstrate and test the HASP functionality
• HASP License Manager and Aladdin Monitor to provide,
administer and monitor HASP4 Net licenses

Installing HASP Part 1 - Chapter 3
Device Drivers
The HASP device drivers as the link between the HASP key and
the protected application. Both you and your customer need to
install the appropriate driver in order to run the protected
application.
HASP device drivers are available for the following operating
systems: Windows 95/98/ME/NT/2000/XP/Server 2003,
Mac OS 8.6, Mac OS 9.x, Mac OS X Linux.
HASP device drivers also enable you to use HASP keys on 64-bit
IA64 processors for Windows XP and Linux applications.
You can also integrate driver installation into the installation of
your protected application.
Accessing HASP Keys with HaspEdit

HaspEdit is a utility for accessing HASP keys, editing the memory
of HASP memory keys, and encoding/decoding data.
Assisting End-Users with Aladdin DiagnostiX

The Aladdin DiagnostiX utility lets your customers collect
information on their system and on their HASP key.
Protecting Applications
HASP Envelope
HASP Envelope is a tool which enables you to protect your
application by wrapping it in a protective shield.
You can use HASP Envelope as a command-line tool or with a
graphical user interface. For more information refer to "Protecting
with HASP Envelope" (page 43).

Getting Started Installing HASP
HASP API
The HASP application programming interface (API) enables you
to protect your application by inserting calls to the HASP key
throughout your source code.
The root directory on the HASP CD is subdivided according to
operating systems, development environment and compiler. The
directory for each compiler includes the following:
• Libraries that must be linked to your application
• A sample application that demonstrates the use of the API with
all HASP keys
For more information refer to "Protecting with the HASP API"
(page 115).
HASP Demo
Utilities which let you test HASP services. For more information
refer to "HASP Test Utility" (page 128).
Providing Licenses in a Network

For information on HASP4 Net refer to "HASP4 Net Basic
Concept" (page 209).
HASP License Manager

A utility that communicates between the protected application and
the HASP4 Net key.
Aladdin Monitor
A tool used to track the use of protected applications and HASP
License Managers in a network.

Software Protection – Quick Reference

The following overview indicates the main stages normally
involved in protecting your application using any HASP.
Stage 1: Install the HASP Device Driver

Enables access to HASP key. The newest drivers can be
downloaded at www.hasp.com/downloads.
For information on installing the drivers refer to the following
sections.
Stage 2: Use the HaspEdit Utility

Allows you to customize your protection.
For information about HaspEdit refer to "Accessing Keys with
HASP Edit" (page 73).
Stage 3: Use the HASP API

Allows you to incorporate HASP calls throughout the application.
For information on using the HASP API refer to "Protecting with
the HASP API" (page 115).
Stage 4: Use the HASP Envelope Utility

Protects your application automatically without getting into the
source code, for more information see "Protecting with HASP
Envelope" (page 43).
Stage 5: Use the HaspEdit Utility

Allows you to customize your keys for distribution with your
protected software.
For information about HaspEdit refer to "Accessing Keys with
HASP Edit" (page 73).

Installing HASP under Windows

Installing the HASP Software
Insert the HASP CD into your CD-ROM drive. The Setup wizard
will automatically start. If the installation does not automatically
start, run setup.exe from the Setup directory.
Now follow the instructions in the Setup wizard.
Installing the HASP Device Driver

The HASP device driver is installed automatically when using the
general HASP software setup. We provide also different
applications for installing the HASP device driver:
Table 3.1 Device Driver Installation Tools (Windows)
Application Operating system
Hinstall.exe Win32, command line version
HDD32.EXE Win32, GUI version
HDD16.EXE Win16, GUI version
You can find these applications in the Drivers directory of your

HASP CD. They automatically recognize the operating system in
use and install the correct driver files at the required location.
For information on which files are installed refer to the hdd.hlp
help file.
To install the HASP device driver under Windows NT/

2000/XP/Server 2003, you need administrator
privileges.
HASP support for Linux can be installed either automatically via

RPM packages or manually by extracting the requisite files from
the tar archive. Drivers have to be installed manually to run HASP
USB keys on Win64 systems using the Itanium processor.

The HASP device driver loads dynamically as soon as the HASP is

accessed following the system reboot.
If you install an upgraded version of the HASP device driver after
running a HASP-protected application, you must reboot your
system in order for the new driver version to load dynamically.
Customizing HASP Device Driver Installation

You can install the HASP device driver on your customer’s system
in one of two ways:
• Run hinstall.exe or HDD16.EXE/HDD32.EXE. You can write
a command (batch) file to perform the installation and then
distribute this file with your application.
• Use the HASP Install API in your setup program to install the
HASP device driver.
You implement custom installation through a DLL or library.
In the Drivers\drvapi directory you can find interfaces for several
compilers, including an interface for Install Shield. Each compiler
interface directory contains a sample installation program. For
more information on the hinstall utility and the HASP Device
Driver Installation API, see the hdd.hlp help file.
The Hinstall Utility

hinstall.exe is a Win32 application that installs the HASP device
driver under Windows 95/98/ME and
Windows NT/2000/XP/Server 2003 systems.
To install the HASP Device Driver:

• Type hinstall -i from the command line.
A window appears informing you that the HASP device driver was
successfully installed.
To remove the HASP Device Driver:

• Type hinstall -r from the command line.

A window appears informing you that the HASP device driver

was successfully removed.
To upgrade a HASP Device Driver:

• Install the new HASP device driver following the steps for
installation detailed above.
Installing HASP Win64 for Itanium

To enable HASP USB keys to run on Win64 systems, the
following drivers are required.
Driver Description
aksclass.dll Class installer used to create device class
aksusb.sys USB driver for handling USB communication
akshasp.sys HASP device driver for handling HASP

services.
aksclass.sys Class driver used to load the HASP device

driver
Once installed, the above drivers enable both Win64 and Win32
applications to run on Itanium systems using the HASP API.
Only HASP USB keys can run on systems using

the Itanium 64-bit processor.
Installing HASP on IA64 Platforms

There is no automatic installation of HASP4 drivers on IA64
systems.
The required HASP driver used for Win64 applications
! can only be installed manually.
Follow the instructions below to manually install all the drivers

required to run HASP4 USB on Win64 systems using the Itanium
processor.

1. Plug in the HASP USB key.

The Found New Hardware wizard indicates the presence of
the ‘Aladdin USB key’.
2. Insert the HASP Installation CD. In the Wizard screen, check
Install from a list or specific location. Click Next.
3. Specify the IA64\drivers directory. This directory should
contain the following files: aksusb.inf, aksusb.sys, aksclass.sys.
4. Click Next.
You have completed the installation of the USB driver.
5. The Found New Hardware wizard reappears to indicate the
presence of the HASP key.
6. In the Wizard screen, select Install from a list or specific
location. Click Next.
7. Specify the IA64\drivers directory. This directory should
contain the following files required to install the HASP Key:
aksclass.dll, akshasp.inf, and akshasp.sys. Click Next.
8. To complete the installation click Finish.
To ensure that the drivers have been installed properly, open the
Windows Device Manager and check for the following:
1. Aladdin HASP Key should appear under Aladdin Software
Protection Devices.
2. Aladdin USB Key should appear under Universal Serial Bus
controllers.
3. The LED in the HASP key should be activated.

Installing HASP under Mac

The HASP software for Mac includes the daemon and the
extensions, the HASP API, the HaspEdit utility, the HASP
Envelope, the HASP RUS and the HASP License Manager. The
software is contained in the Mac directory on the HASP CD.
Installing the HASP Daemon for Mac OS X

The HASP daemon aksusbd enables the Mac OS X system and the
protected application to access the HASP key.
Both you and your customer need to install and load the daemon
aksusbd in order to work with the HASP key under Mac OS X. The
script dinst enables you to do this.
To install the daemon or the extensions click on the aksusb
Installer. The daemon will be started automatically on every
system boot.
After the HASP daemon has been successfully installed and
loaded, your system will recognize HASP keys connected to the
USB port.
You can configure the daemon with the following command line
switches:

Table 3.2 Command Line Switches for aksusbd (Mac)
Switch Meaning
-v Print version number as decimal, format xx.xx.
-u <umask> Specifies the permission bits for the socket special

file. Default is 666 (access for everyone).
-l <value> Select type of diagnostic messages. Possible values

are:
0 - only errors
1- normal (default)
2 - verbose - logs key removals and connects to the
syslog.
3 - ultra verbose - includes some arcane error
messages in the log file.
-h Print command line help.
To configure the daemon proceed as follows:

1. Edit the startup file Aladdin which is referenced by the script
dinst.
2. Add the desired switches to the line aksusbd which starts the
daemon.
Installing the HASP Driver for Mac OS 8.6 and 9.x

The HASP driver enables protected applications running on Mac
OS 8.6 and Mac OS 9.x systems to access the HASP key.
Both you and your customer need to install the driver in order to
work with the HASP key under Mac OS 8.6 and 9.x. Use the
aksusb Installer to quickly install the HASP drivers.
Another method to install the driver for OS 9.x and 8.6:
1. Copy the files MacHasp4Shim and MacHaspUsbDD to the
Extensions folder in the System Folder.

If the files already exist you need to move them out of

the folder first, because they cannot be overwritten.
2. Reboot the system.

Your system will now recognize HASPs connected to the USB
port.
Installing HASP4 Net Support and Utilities

For information on HASP4 Net refer to "HASP4 Net Basic
Concept" (page 209) and subsequent chapters.

Installing HASP under Linux

The HASP software for Linux includes the following:
• Kernel mode drivers for various kernel versions and a daemon
• Utilities to query the driver version and to display parallel ports
• HASP Demo application and the source code.
• HASP library
The Linux software is contained in the tar.gz archive in the Linux
directory on the HASP CD.
A simple way to install HASP for Linux is to use RPM packages
that are available at:
http://www.hasp.com/downloads
For detailed information on the components refer to the readme
files in the archive.
Opening the Archive

To open the archive proceed as follows:
1. Create a new sub folder.
2. Unpack the archive using the following command:
Tar -xzf [path/]hasplinux105.tgz
Installing Daemon and Kernel Mode Driver

To access the HASP key, the kernel mode driver aksparlnx.o and
the daemon aksusbd have to be loaded.
All described actions should be executed as root.
Kernel Mode Driver Installation (aksparlnx.o)

Driver installation includes the following steps:

• Generate the device node

• Initialize the parport system
• Loading the driver
Generating the Device Node

To enable access to the driver, generate a /dev/Hardlock device
node. It should use the same major number as is used when
loading the driver (major=xxx command line to insmod, or 42
default).
1. Generate the device node with the following command:
mknod /dev/Hardlock c 42 0
2. Allow everyone to access the node:
chmod 666 /dev/Hardlock
Alternatively, if the access to Aladdin keys should be restricted
to a special group of users (e.g. group aladdin):
chgrp aladdin /dev/Hardlock
chmod 660 /dev/Hardlock
Initializing the Parport System

The aksparlnx driver uses the Linux parport driver in to access to
the parallel port without disrupting other users of the parallel port
(e.g. printer, zip drive).
Initialize the parport system before loading the aksparlnx driver:
modprobe parport_pc
The parport driver will report in the system log the parallel ports it
has found in the system. aksparlnx will be able to access keys on
any of these ports by default.
Loading the Driver

Load the aksparlnx driver with the following command:
insmod <path_to_driver>/aksparlnx.o

The status message is generated in the system log informing you if

the installation has been successful or not. If the installation fails
because of a kernel version mismatch, try a force installation with
the following command:
insmod -f <path_to_driver>/aksparlnx.o
The loading of the driver (modprobe and insmod) should be
incorporated into a startup script, so that it will be available on
subsequent system boots.
Options for aksparlnx.o

Table 3.3 Command Line Switches for aksparlnx.o
(Linux)
Switch Meaning
-major= The driver uses device major number 42 by default.

<number> You can change this by giving an argument to the
insmod command.
Also change the driver special file using the
command mknod /dev/Hardlock c
<number> 0
-loglevel= Select type of diagnostic messages. Possible values

<value> are:
0 - only errors
1- normal (default)
2 - verbose
3 - ultra verbose
The messages are logged in syslog with priority
kern.info (and kern.debug). Refer to /etc/
syslog.conf to see where the messages will be put,
usually it is the file /var/log/messages.

Switch Meaning
-timeout= Specifies the maximum amount of time the driver

<value> waits when requesting exclusive port access from
the parport driver. The value used is 1/100 of a
second. The default value is 100 (= 1 second).
After this time the request will be aborted with a
PORT_BUSY error.
-hlportadress= If you have a parallel port in the system which by

<address> chance is not detected by the Linux parport driver
(and therefore not seen by aksparlnx.o), you can
make this port known to aksparlnx.o.
Use this switch only if you are an
! experienced user. Giving an illegal port
address will cause the system to crash!
Aladdin Daemon Installation (aksusbd)
Enabling Access to USB Keys

To enable access to USB keys, usbdevfs must be mounted on /proc/
bus/usb. On newer distributions it is mounted automatically (e.g
SuSe 7.0).
To mount usbdevfs manually use the following command:
mount -t usbdevfs none /proc/bus/usb
Enabling Access to Parallel Keys
To enable access to parallel port keys, the kernel driver aksparlnx
must be installed before starting aksusbd.
Loading the Daemon

Load the daemon by starting it:
<path>/aksusbd
The daemon will fork and put itself into the background.
the installation has been successful or not.

It reports its version, the version of the API used for USB and the
version of the API inside the kernel driver (for parallel port keys).
If the kernel driver happens to be unavailable when aksusbd is
launched, parallel port keys cannot be accessed, but USB keys are
still accessible. The system log reflects this status.
If /proc/bus/usb is not mounted when launching aksusbd, USB keys
cannot be accessed.
Preferably the daemon should be started at system boot up time
with some script located in /etc/rc.d/init.d or /etc/init.d (depending
on Linux distribution).
Options for aksusbd

Table 3.4 Command Line Switches for aksusbd (Linux)
Switch Meaning
-v Print version number as decimal, format xx.xx.
-l <value> Select type of diagnostic messages. Possible values

are:
0 - only errors
1- normal (default)
2 - verbose
3 - ultra verbose
The messages are logged in syslog with priority
kern.info (and kern.debug). Refer to /etc/syslog.conf to
see where the messages will be put, usually it is the
file /var/log/messages.
-u <umask> Specifies the permission bits for the socket special

file. Default is 666 (access for everyone).
-h Print command line help.

Installing HASP for Linux on Itanium

The following software is required to run HASP USB keys for
Linux distributions on Itanium processors:
• A daemon
• HASP Demo application and the source code.
• HASP library
The software is contained in the hasplinux105-ia64.tgz archive in
the Linux directory on the HASP CD. The daemon is also part of
the RPM package provided for either RedHat or SuSe
distributions.
For detailed information on the components refer to the readme
files in the archive.
Only HASP USB keys can run on systems using

the Itanium 64-bit processor.
There are two ways to install HASP for Linux on Itanium:

• Automatically using PRM packages
• Manually by extracting the tar archive
Automatic Installation of HASP for Linux on Itanium

Depending on the Linux distribution used, you can install HASP
drivers using RPM packages. Use table below to select the RPM
packages corresponding to your Linux distribution.
Linux Distribution RPM Package
SuSE 7.3 rpm -i aksusbd-suse-1.5-1.ia64.rpm

SuSE 8.0
RedHat 7.2 rpm -i aksusbd-redhat-1.5-1.ia64.rpm

RedHat 7.3

The aksusbd packages listed above contain the USB daemon,

which is started by default.
The PRM packages only contain software for accessing

HASP keys. The developer library and sample files for
implementing HASP4 in your applications are located
in the hasplinux105.tgz tar archive.
Manual Installation of HASP for Linux on Itanium

To manually install HASP keys you must:
a. Open the archive.
b. Install the Daemon.
c. Enable access to HASP USB keys.
All described actions should be executed as root.
Opening the Archive

To open the archive proceed as follows:
1. Create a new HASP sub folder.
2. Unpack the archive using the following command:
tar -xzf [path/]hasplinux105-ia64.tgz
Installing Daemon
To access the HASP key, the daemon aksusbd has to be started.
Enabling Access to USB Keys

To enable access to USB keys, usbdevfs must be mounted on /proc/
bus/usb. To mount usbdevfs manually use the following command:
mount -t usbdevfs none /proc/bus/usb
Loading the Daemon

Load the daemon by starting aksusbd:

<path>/aksusbd
The daemon will fork and put itself into the background.
the installation has been successful or not.
It reports the daemon version, the API version used for USB keys.
If /proc/bus/usb is not mounted when launching aksusbd, HASP
USB keys cannot be accessed. Preferably the daemon should be
started when the system is booted with a requisite startup script
stored in /etc/rc.d/init.d or /etc/init.d (depending on Linux
distribution).

Part 2
Using HASP Tools
This part describes the HASP utilities HASP Envelope, HaspEdit
and Aladdin Diagnostic.
The chapter "Protecting with HASP Envelope" (page 51) explains
the use of HASP Envelope which provides a convenient way to
protect your application and encode data files.
The chapter "Accessing Keys with HaspEdit" (page 83) explains
the use of HaspEdit for Win32 and for Mac which let you access
your HASP keys.
The chapter "Assisting End-Users & Vendors" (page 117)
describes how you can assist your customer with Aladdin
DiagnostiX which lets your customers collect information on their
system and on their HASP key.

Part 2 - Chapter 4
Protecting with
HASP Envelope
Using HASP Envelope is the fastest way to protect your software
from unauthorized use. Implementing HASP Envelope protection
is easy, as you do not need to alter the application’s source code.
HASP Envelope is available as command-line tool (DOS, Win16,
Win32) and as graphical user interface (Win32).
Using a configuration file to define and store protection
parameters, HASP Envelope is also available for Mac and Linux
applications.
The HASP Envelope interface provides a convenient way to
perform any of the following operations:
• Protect applications
• Protect Win32 data files
• Save FAS protection parameters to the HASP memory
If you plan to use both HASP Envelope and API

! protection, first implement the HASP API and then the
HASP Envelope.

Protecting with HASP Envelope Part 2 - Chapter 4
About the HASP Envelope

The HASP Envelope utility adds a protective shield around DOS,
Windows and Win32 executable files and DLLs.
Envelope protection offers file encoding and advanced anti-
debugging features which enhance the overall level of security.
Figure 4.1 HASP Envelope Protection
Before you implement HASP Envelope protection do the

following:
• Backup your unprotected file.
By default, during protection, the original file is destroyed and a
new one is created.
• Make sure there is enough space on your disk.
After protecting with the HASP Envelope, your application will
require additional disk space. The amount of space depends
upon the type of application you are protecting.

Using HASP Tools Protecting with HASP Envelope
Starting HASP Envelope

You can protect a DOS, Win16 or Win32 application using a
graphical user interface (GUI) as described here, or from the
command line as described on page 73.
1. Install the HASP device driver. See "Installing HASP under
Windows" on page 33.
2. Connect the HASP key(s) with which you want to protect your
application to the computer.
3. Activate the Envelope utility by either choosing HASP
Envelope from the HASP CD folder, or by running
haspenv.exe.
The HASP Envelope window is displayed.
There are three available options:

• Click Start HASP Wizard to access the Wizard, which guides
you through the protection process step by step.
• Click New Envelope Configuration to begin a protection
session using new protection parameters.
• Click Open Envelope Configuration to begin a protection
session using saved protection parameters.

Protecting an Application
This chapter describes the protection process using the New or
Open Envelope configuration options.
1. In the Envelope’s Main tab, enter the path and name of the
application to protect in the Unprotected File box.
2. Type the HASP passwords into the correct boxes.
3. If you are implementing FAS, fill in the FAS parameters
according to the model of HASP you are using:
For HASP4 M1 and HASP4 M4, enter the program number
and the number of activations on the Options tab.
For HASP4 Time, enter the program number and the
expiration date on the Options tab.
For HASP4 Net, enter the program number on the Main tab.
You can enter either the number of activations, the number of
licenses, or both.
4. Fill in the remaining boxes in the Main, Options, and Error
Messages tabs according to your specific protection needs. See
the following sections for detailed descriptions of the tabs and
their boxes.
5. Click the Protect icon or choose Protect Application from
the Envelope Tools menu.
A window appears, informing you that the application was
successfully protected.
6. Click OK.
If you assigned FAS protection parameters, you are now asked
if you want to save them. See "The Full Authorization System
(FAS)" on page 22 for more details.
The protected application cannot function unless the requisite
HASP key is present.

Protecting Win32 Data Files

With DataHASP, you can protect data files, such as text files.
DataHASP encodes their data and enables only authorized
applications to decode it.
Never encode the same file twice. If you do, the

! software will not be able to restore it.
You can protect Win32 data files using a graphical user interface
(GUI) as described here, or from the command line as described
on page 73.
Alternatively you can build your own application and

call API services 60, 61, 88 or 89 to encode and decode
any data file opened by your program in whatever way
you choose.
When you protect Win32 data files, you also need to protect the
application that loads these files and decodes them. This section
provides instructions on how to protect both the data files and the
application that accesses them.
The application you authorize to decode data files

! should not support the copying or exporting of files. If
it does, the end user will be able to copy or export an
encoded data file to a non-encoded file.
Preparing Protection
1. Place a copy of the application which accesses the data file (for
example Notepad.exe) in a temporary directory.
2. Create a data file and save it in the same directory (for example
text.txt).
3. Connect the HASP key(s) with which you want to protect your
data files to the computer and make sure that the HASP device
driver is properly installed.

4. Activate the Envelope utility by choosing HASP Envelope

from the HASP CD folder. The HASP Envelope window
appears.
5. Choose New Envelope Configuration.
Setting Protection Parameters

1. In the Envelope's Main tab, enter the path and name of the
application to protect (in this example C:\Temp\Notepad.exe)
in the Unprotected File box.
2. Enter the HASP passwords in the appropriate boxes.
3. Fill in the remaining boxes in the Main, Options, and Error
Messages tabs according to your specific protection needs. See
the following sections for detailed descriptions of the tabs and
their boxes.
4. In the DataHASP tab, enter the name of the data file you want
to encode and then decode at run time (in this example,
test.txt).
Win32 and Linux applications protected by HASP

Envelope, can run on systems using an Itanium
processor.

Figure 4.2 DataHASP Tab

T
5. In the Encryption Key box, enter any eight characters as an

encoding key.
6. In the Data Files to Encrypt box, choose Add, and select
C:\test.txt.
7. Under Data Files to Decrypt at Run Time, type test.txt in
the Decrypt box. Alternatively, you can use wildcards, i.e. *.*,
or *.txt.
It is recommended that you use wildcards in the

! Decrypt box to ensure that an unencrypted copy of the
file cannot be saved. Alternatively you can disable the
Save As option in the program.

Performing Protection
1. Click the Protect icon or choose Protect Application from
the Envelope Tools menu.
A window appears, informing you that the application was
successfully protected and that you can encrypt the data files
now.
2. Click OK and then click on the Encrypt Selected Files button
at the bottom of the window.
A message appears, informing you that all selected files were
encrypted successfully. Successful protection allows you to
ensure that the document can only be opened with the
protected application and not with any other copy of the
executable.
If you assigned FAS protection parameters, you are now asked
if you want to save them. See "Saving FAS Parameters"
(page 59) for more details.
The protected application now cannot work without the correct
HASP and only this application can access the protected data files.

Saving FAS Parameters

After implementing HASP Envelope protection of executables or
data files, you can also use HASP Envelope to save FAS protection
parameters to the memory of your HASP key immediately after
the protection process.
Alternatively, you can use HaspEdit to save FAS

parameters to your HASP keys.
The FAS protection parameters which you can save to the HASP
memory are:
• For HASP4 M1 and M4 the application program number and
number of application activations.
• For HASP4 Time the application program number and
application expiration date.
• For HASP4 Net the program number, number of licenses and
number of activations.
While FAS is optional for HASP stand-alone memory

keys, it is an integral part of the HASP4 Net system.
Therefore, remember that saving protection parameters
to the HASP4 Net memory is mandatory.
You have the choice of using HaspEdit or the Envelope to set FAS
protection parameters and save them to the HASP memory.
However, you must use the Envelope to set the program number.
By assigning the program number using HASP Envelope, you
establish the link between the HASP key and your program’s
protection parameters, which are saved to the HASP memory. It is
this link that enables the protected application, when loaded, to
retrieve the correct protection parameters from the HASP
memory.
You can save FAS parameters to the HASP key immediately after
implementing HASP Envelope protection, or independent of the
Envelope protection process.

Saving FAS Parameters After Implementing Protection

Directly after implementing protection, a dialog box appears
giving you the option to write to the memory of the connected
HASP key.
1. Select if you want to write to a local HASP key or a HASP4 Net
key.
2. Click Save Parameters.
3. To write the same protection parameters to additional HASP
keys, remove the currently attached HASP key, connect another
one and click Save Parameters.
4. To stop writing to HASP keys, click Close.
Saving FAS Parameters Independent of the Protection Process

1. Set the FAS parameters you want to write to your HASP key.
2. From Envelope Tools select Program HASP.
The Save FAS Parameters dialog box appears.
3. Select if you want to write to a local HASP key or a HASP4 Net
key.
4. Click Save Parameters.
5. To write the same protection parameters to additional HASP
keys, remove the currently attached HASP key, connect another
one and click Save Parameters.
6. To stop writing to HASP keys, click Close.

HASP Envelope Parameters

This section describes the HASP Envelope utility tabs, boxes,
menus and icons.
Main Tab
You must specify parameters in the Main tab in order to protect
your application. If you are using a stand-alone HASP key only, fill
in all the boxes except for those in the HASP4 Net Parameters
frame. If you are using a HASP4 Net key only, fill in all the boxes
except for those in the HASP Passwords frame. If you are using
both a stand-alone HASP key and a HASP4 Net key, fill in all the
relevant boxes.
Figure 4.3 HASP Envelope Main Tab

#

Table 4.1 HASP Envelope Main Tab Options
Option Description
Unprotected File Enter the path and name of the application file to protect. Each file must
(source) have the extension.exe or .dll. Click Browse to search your disks for a
specific file.
Protected File Default: The filename entered in the Unprotected File box.
(destination) By default, the HASP Envelope utility overwrites the original unprotected
file when saving the protected version of your application. To avoid
overwriting your original file, give the protected application a different
filename. Type this filename in the Protected File box.
HASP Password Enter the HASP passwords of all HASP stand-alone keys with which you
want to protect your application. You can enter up to 3 sets of HASP
passwords to protect a single application with up to 3 HASP keys.
HASP Demo Key Check this box to enter the passwords of a HASP demo key
automatically.
Use HASP4 Check this box to use the enhanced security features of HASP4
Security Features If you need to maintain compatibility with the HASP-3 generation of
keys, you should not use this feature.
Executable Type The HASP Envelope tries to detect the executable type automatically. If it
cannot detect the type of executable, this box will have the value
Unknown Type.
Overlay File Check this box if the file to be protected contains overlays or extra data
appended to the executable. Also creates a loader for DOS applications
that exceed the maximum DOS size memory.
Target Computer Default: IBM PC and compatibles

Specify the type of computer on which the application will run. If your
target computer is an NEC, change the value accordingly to NEC.
NetHASP When protecting with HASP4 Net, enter the passwords you received
Passwords with your HASP4 Net key.
NetHASP Demo Check this box to enter the passwords of a HASP4 Net demo key
Key automatically.

Option Description
Program Number Default: 1

With just a single HASP4 Net, you can protect multiple applications.
Assign a unique program number from 1 to 112 for each application you
protect with HASP4 Net. Make a note of this number. You will need it
later to save program protection parameters when programming HASP4
Net keys for your clients
Number of When protecting with HASP4 Net, assign the number of application
Licenses licenses in this box. This number is saved to the HASP4 Net memory.
Type a number in this box or use the arrow keys to set it. Check the
Unlimited option to assign an unlimited number of licenses.
Possible values are dependent on the HASP4 Net model. You can assign
every value from 0 up to the number of the model, for example 0 to 5 for
a HASP4 Net 5 key.
To save the number of licenses in the HASP4 Net memory, click Save
Parameters when prompted after implementing Envelope protection.
Number of When protecting with HASP4 Net, assign the number of application
Activations activations in this box. This number is saved to the HASP4 Net memory.
Type a number in this box or set it with the arrow keys. Check the
Unlimited option to assign an unlimited number of activations.
To save the number of activations in the HASP4 Net memory, click Save
NetHASP Default: nethasp.ini

Configuration File You can specify the name of a configuration file for the HASP4 Net
system. To look for a file, click Browse. For more information about the
HASP4 Net configuration file, refer to "Customizing the HASP License
Manager" (page 258).
If the application finds a configuration file, it reads the file and uses the
information contained in it. If not, the application uses default values.

Options Tab
The Options tab contains additional protection settings.
Figure 4.4 HASP Envelope Options Tab

Table 4.2 HASP Envelope Option Tab Options
Option Description
Use Full Default: Disabled

Authorization You can use the Full Authorization System (FAS) with a HASP4 M1,
System (FAS) HASP4 M4, or HASP4 Time. For more information about FAS refer to
"Saving FAS Parameters" (page 59).
To use FAS, check the Use Full Authorization System box.
As FAS is an integral part of the HASP4 Net protection system, HASP4
Net FAS parameters are entered in the HASP4 Net Parameters frame
on the Main tab.
Application Default: 1
Program Number If you are using a HASP stand-alone memory key to protect multiple
applications with FAS, assign a unique number to the application. Make
a note of this number. You will need it later to save program protection
parameters when programming HASP keys for your client.
Possible values are 1 to 16 for HASP4 M1, 1 to 112 for HASP4 M4 and 1
to 8 for HASP4 Time.
Number of If you are using a HASP M1 or HASP4 M4 in conjunction with FAS,

Application enter the number of application activations in this box.
Activations Type the number of activations in the box or use the arrow keys to set it.
Check the Unlimited box to permit an unlimited number of activations
of the application.
To save the number of activations in the HASP memory, click Save
Application If you are using a HASP4 Time in conjunction with FAS, enter the date
Expiration Date after which the application will stop running.
Click Date and select the month, day and year.
To save the expiration date in the HASP4 Time memory, click Save
Perform Default: Disabled

Background HASP By default, the HASP system checks for the presence of a key once
Checks when the application is loaded. If you want to repeat the check during
run time, add background HASP checks.
To enable this feature, mark with a check the Perform Background
HASP Checks box.

Option Description
Interval in Seconds When you use the Background HASP Checks option, you must
specify at what interval the system checks for the key. Type a value
representing the interval in seconds.
Anti Debug and Default: Enabled

Reverse With this feature you can increase the protection level by keeping users
Engineering from running your program with a debugger and by adding additional
anti-debugger modules to your program file.
To add a debugger detection, mark with a check the User Mode
Debugger Protection box.
To add additional anti debug modules, move the slider marked Anti
Debug Modules to the right.
Use HASP ID Default: Disabled

Number Use this box to ensure that the protected application runs only if the
HASP with the specified ID number is connected to the computer. To
incorporate this option, mark with a check the Use HASP ID Number
box. This option is available exclusively for HASP stand-alone memory
keys.
You can enter the appropriate ID number of a key in one of two ways:
• Click Let Envelope Detect HASP ID to read the ID number of
the HASP key currently attached to the port.
• Click Enter HASP ID Manually to open a box in which you can
manually enter the HASP ID number you previously determined
using the HaspEdit utility. The ID number is a 32-bit unsigned
integer which must be entered in hexadecimal form. With this
method, you do not need to connect the HASP containing the
specific ID while protecting. When protecting with more than one
HASP key, use the ID number of the key for which the HASP
passwords were entered in the first password box. The ID
numbers of the other keys will not be checked.
Encrypt Program Default: Enabled

File This feature allows you to add additional protection by scrambling the
program file. Applications which write to their application file during
run time should not be scrambled.

Option Description
Encryption Key The scrambling process requires several encoding keys chosen at
(decimal) random by the HASP Envelope utility. To ensure maximum security, you
can set one of these scrambling keys to a number of your choice
between 0 and 65535
Encryption Level You can specify the frequency of HASP key access for scrambling. Move
the Encryption Level slider to the right to increase the frequency.
Protection In the Protection Methods frame, you indicate which method of

Methods protection you would like to use. You can use the Envelope method,
incorporate Pattern Code Security, or both.
When you click the Protect icon or choose Protect Application from
the Envelope Tools menu, you implement the protection methods you
indicated in this box.
Install HASP Default: Enabled

Envelope Check the Install HASP Envelope box to implement the Envelope
protection method. Envelope protection will take effect when clicking
the Protect icon or selecting Protect Application from the Envelope
Tools menu.
Install Pattern Default: Disabled

Code Security Check the Install Pattern Code Security (PCS) box to install PCS and
(PCS) enhance security. PCS will take effect when clicking the Protect icon or
selecting Protect Application from the Envelope Tools menu.
Advanced Options Default: Disabled

Click this button to access the DOS Advanced Options window.
This is applicable for protected DOS applications that exceed 640 KB
of allotted memory. The advanced options window contains
information on the loader application. For more information on the
loader see the HASP Envelope help file.
Switches In the Switches field you can enter additional protection parameters by
using HASP Envelope command-line switches.

DataHASP Tab
Use the DataHASP tab to protect data files. On the DataHASP
tab, you can do the following:
• Specify the data files you want to encode
• Specify which encoded data files should be decoded during run
time by your protected application
• Encode the data files
In addition to encoding the data files, you need to specify which
application is authorized to decode them and protect that
application. Do this by entering values in the appropriate boxes on
the Main tab and other relevant tabs and protecting the
application.
Alternatively you can build your own application and

call API services 60, 61, 88 or 89 to encode and decode
any data file opened by your program in whatever way
you choose.
Never encode the same file twice. If you do, the

! software will not be able to restore it.

Figure 4.5 HASP Envelope DataHASP Tab

:

Table 4.3 HASP Envelope DataHASP Tab Options
Option Description
Data Files to Enter the filename or file patterns of data files that your application
Decrypt at Run should decode at run time. Also enter exceptional data files (from
Time among those files specified for decoding) which your application
should not decode.
For example, consider an application that accesses all your encoded
data files having an *.adb format. Suppose that the same application
needs to access the file xyz.adb, which is not one of your encoded data
files, but rather a file supplied by your application’s environment. In
this case, in the Decrypt box enter *.adb. In the Do Not Decrypt box,
enter xyz.adb. This instructs your protected application to decode all
data files with an adb extension, except for the file xyz.adb.
Decrypt Type the files to decode at run time (represent them in the standard
way, or using wildcards, i.e. *.*, or aa??.txt)
Do not decrypt Type the files (from among those files specified for decoding) not to
decode at run time (represent them in the standard way, or using
wildcards, i.e. *.*, or aa??.txt)
Protection By entering protection parameters, you set the encoding key used to
Parameters encode data files
Encryption Key Enter up to 8 characters in the Encryption Key box. These will
become part of the encoding algorithm.
HASP Passwords The passwords of your HASP key, which you enter in the Main tab,
for Encryption automatically appear in the HASP Passwords for Encryption box.
Only the HASP key to which these passwords belong will open the
protected data files.

Option Description
Data Files to Before encoding data files, make sure you have set the Protection
Encrypt Parameters in the DataHASP tab.
Never encode the same file twice. If you inadvertently do
! so, the software will not be able to restore the settings.
Input Data Files to Type the files (with their paths) to encode or click Add to choose files
Encrypt from directories.
Output Encrypted DataHASP copies the filenames listed in the Input Data Files to
Data Files Encrypt box and places them in a new directory. The new default file
path automatically appears here.
After supplying the encoded data files along with the

protected application to the end user, you can send new
encoded data files. Simply encode the data files, making
sure that they are named so that they fit the patterns of
the Data Files to Decrypt at Run Time boxes. If they
fall outside these patterns, you must fill in all the boxes
of the DataHASP tab and re-protect your application,
remembering to include all the data files (the old and
the new) in the Data Files to Decrypt at Run Time
boxes.

Error Messages Tab

This tab lists the error messages which appear when a problem
occurs during run time. You can edit these messages. For example,
you can write the messages in another language in the boxes
provided, if you want.
Figure 4.6 HASP Envelope Error Messages Tab

HASP Envelope Command-Line Switches

Protecting with the Envelope using command-line switches can
save you time and keystrokes. Switches also enable you to execute
HASP Envelope protection from batch files without going
through the HASP Envelope utility screens. You can run the DOS,
Win16 and Win32 Envelopes from the command-line using
switches.
Table 4.4 HASP Envelope Engines
HASP Envelope Engine Executable Name
DOS Envelope Instdos.exe
Win16 Envelope Instw16.exe
Win32 Envelope Instw32.exe
The following table lists the various HASP Envelope command-

line switches. You can use these switches with any Envelope,
unless otherwise specified.
Table 4.5 HASP Envelope Switches
Switch Operation
-c Specify number of anti debug modules (1-50).

For the Win 16 and the Win 32 Envelope only.
-cfgfile <filename> Load a configuration file and use the

parameters which were saved in it.
-createcfg Create a configuration file. For the Windows

<filename> and Win32 Envelopes.
-dhfilter Files or file patterns to decrypt at run time

<filename> (standard representation, i.e, *.* or aa??.txt). A
maximum of 8 files or file patterns can be
specified. For the Win32 Envelope only.

Switch Operation
-dhfilterx Files or file patterns not to decrypt from

<filename> among the file patterns chosen for decrypting
at run time (standard representation, i.e, *.* or
aa??.txt). A maximum of 8 files or file patterns
can be specified. For the Win32 Envelope only.
-dhkey <key> Specify an encryption key for data files (up to 8

characters in length). For the Win32 Envelope
only.
-drvwait Increase the time interval for searching for a

<seconds> driver. Possible values 0 to 255. For the Win32
Envelope only and only applies to Windows
NT/2000/XP/Server 2003.
-enc Default. Encrypt the file during protection.
-enclevel Encryption level for data encryption (1-5). For

the Win 16 and the Win 32 Envelope only.
-exsecnum <num> Do not encrypt section number. For the Win32

Envelope only.
-fas Use the Full Authorization System.
-fasprgnum Specify the Full Authorization System program

<prog number> number.
-h3pass <pass1> Specify the HASP passwords.

<pass2>
-hasp4 Use the HASP4 security features for the Win16

and Win32 envelopes.
-help or -? Display a list of all switches, with brief

explanations of each one and then exit.
-highsecoff Disable high security level. Default for

protection with a HASP4 Net key and
necessary for 286 processors and lower. For the
DOS Envelope only.

Switch Operation
-highsecon Enable high security level. Default for

protection with a HASP stand-alone key. For
the DOS Envelop only
-interval <value> Specify an interval for background checks in

seconds.
-loader<filename> Specify a loader filename when protecting an

application with overlays For the DOS
Envelope only.
-loginprocess Activates the per-process method of logging

into a HASP4 Net key. Available only for the
Win32 Envelope.
-loginx Use with applications that do not perform

automatic HASP4 Net Logout (e.g., Visual
Basic). For the Win32 Envelope only.
-mhid Specify the HASP ID number of the HASP4

<IdNumber> M1, HASP4 M4 or HASP4 Time.
-mhpass <pass1> Specify the HASP4 M1, HASP4 M4 or HASP4

<pass2> Time passwords.
-netcfg <filename> Specify a HASP4 Net configuration filename.
-nhpass Specify the HASP4 Net passwords.

<pass1><pass2>
-nodbgcheck Disables debugger detection. For the Win32

Envelope only.
-noenc Do not encrypt the file during protection.
-nofas Default. Do not use the Full Authorization

System.
-nohasp4 Disable the HASP4 security features.
-norandomsize Disables the Random File Size option. For the

DOS Envelope only.

Switch Operation
-nores Increase compatibility for resident DOS

programs. This switch disables background
HASP checks. For the DOS Envelope only.
-nospecial Default. Use the applications that do not

contain overlays. Identical to: Special Overlays
Mode = NO. For the DOS Envelope only.
-novir Disable automatic virus protection. For the

DOS Envelope only.
-out <filename> Rename the protected application file.
-ovl Handle overlays. For the Win32 Envelope only.
-pcs Install PCS in batch mode.
-prg <filename> Specify the application file to protect.
-prgnum <program Specify the program number. (With the

number> Windows and DOS Envelopes, for FAS or
HASP4 Net; with the Win32 Envelope, for
HASP4 Net only).
-quiz <intensity> Specifies how often random data are encrypted

and decrypted using the HASP key. Possible
values 0 to 50. For the Win32 Envelope only.
-randomsize Default. Enables the Random File Size option.

For the DOS Envelope only.
-special Handle overlays and DOS extenders. Identical

to: Special Overlays Mode = NO. For the DOS
Envelope only.
-special1 Alternative overlay handling. Identical to:

Special Overlays Mode = YES - Method 1.For
the DOS Envelope only.
-vir Default. Automatic virus protection. For the

DOS Envelope only.

Additional HASP4 Net Information

Protection for Networks and Stand-Alone Machines
HASP Envelope allows you to protect your application for both
network environments and stand-alone machines.
When you activate an application protected for both networks and
stand-alone machines, your application performs the following
checks:
• First, the application checks that a HASP stand-alone key is
connected to the computer that activated the application.
• If the application does not find a HASP connected to the
computer, it searches the network for a HASP4 Net key.
To enable HASP Envelope protection for both networks and
stand-alone machines, enter the passwords of both a HASP4 Net
and a HASP stand-alone key in the correct password boxes.
HASP4 Net Idle Time

For an Envelope-protected application, the default time span after
which a station is considered idle is the default idle time of the
HASP License Manager.
HASP4 Net Logout for Win 16 Applications

The envelope automatically adds a HASP4 Net Login at the start
of the program, and a HASP4 Net Logout when the application
ends. However, if the application is Win16 and the protocol is
TCP/IP only, the logout is not automatically performed. To
ensure that the automatic logout is added in these cases, make sure
one of the other supported protocols is installed.

HASP Envelope for Mac Applications

HASP Envelope protection can be implemented for Mac
applications using HASP4 keys. HASP Envelope for
Mac is an OS X terminal utility that enables you to protect Mac
Carbon applications.
You can run the HASP Envelope only on an OS X

terminal. However once you have protected your
applications with the Mac Envelope engine, the
resulting carbon executables can be run on both OS 9
and OS X systems.
Protecting Mac Applications

You protect Mac applications by:
a. Defining and storing protection parameters in a
configuration file.
b. Accessing the configuration file during the protection
session.
The HASP Envelope configuration parameters are detailed in the
HASP Envelope for Mac Applications help file available on the HASP
CD.
Once protection parameters are defined and stored in the
configuration file, you activate the Envelope as follows:
InstMac --cfgfile <configuration filename>
<configuration filename> is the name of the

! configuration file containing your settings.

HASP Envelope for Linux

HASP Envelope protection can be implemented for Linux
applications using HASP4 keys. HASP Envelope for
Linux is an X86 terminal utility that enables you to protect Linux
applications.
You can run the HASP Envelope only on SuSE 7.X and
8.0 terminals. The resultant executables can only run on
X86 and Itanium (32-bit emulation mode) platforms.
Protecting Linux Applications

You protect Linux applications by:
a. Defining and storing protection parameters in a
configuration file.
b. Accessing the configuration file during the protection
session.
The HASP Envelope configuration parameters are detailed in the
HASP Envelope for Linux Applications help file available on the
HASP CD.
Once protection parameters are defined and stored in the
configuration file, you activate the Envelope as follows:
InstLinux --cfgfile <configuration filename>
<configuration filename> is the name of the

! configuration file containing your settings.


In addition to the FAQs listed below, an extensive list of solutions
to both general and specific Envelope-related questions is
provided in the Aladdin Knowledge base available at:
http://www.hasp.com/kb2
Please contact your local HASP representative for access
passwords and further details.
Question How long does it take to load an Envelope-protected application

into memory?
Answer Depending on the size of the application and computer

performance, loading time increases by several seconds only.
Question Does HASP anti-debugging interfere with normal PC operation?
Answer No. The HASP anti-debugging mechanism is completely

transparent and has no affect on application execution.
Question Does the HASP Envelope check for the key during the
application’s run time?
Answer Yes. HASP Envelope can implement a series of background

HASP checks while the application runs. For additional
information, see Perform Background HASP Checks in the
"Options Tab" (page 64).

Question Can I use a HASP Envelope to protect with a HASP4 M1 or a

HASP4 M4 and a HASP4 Net?
Answer Yes. Enter the passwords of your HASP4 M1 and HASP4 M4

keys and HASP4 Net keys and the values of the additional boxes
relevant to both types of keys. After protecting, the protected
application will first search for the HASP4 M1 or HASP4 M4 on
the computer at which the application is activated. If a HASP4
M1 or HASP4 M4 is not connected, the protected application
will search the network for the HASP4 Net key.
Question When do I need to specify a program number when using HASP

Envelope?
Answer With HASP4 Net, always! With HASP4 M1 or HASP4 M4, only
when you implement the Full Authorization System.

Part 2 - Chapter 5
Accessing Keys with

HaspEdit
HaspEdit is an application which lets you access your HASP keys.
HaspEdit is available for Mac OS 9.x and Mac OS X and for
Windows 95/98/ME/NT/2000/XP/Server 2003.
The keys programmed with one of the HaspEdit applications can
be used on all supported platforms. Alternatively, you can use the
HASP API to program your HASP keys.
Use HaspEdit to perform two main types of operation:
• Prepare for application protection by encoding data and
retrieving the HASP ID number.
• Program your HASP keys and prepare them for distribution to
clients by editing the HASP memory, setting protection
parameters and the HASP4 Time real-time clock.

Accessing Keys with HaspEdit Part 2 - Chapter 5
HaspEdit for Windows

This chapter explains the use of HaspEdit for Windows in
performing the main operations. For detailed information refer to
the online help.
Activating HaspEdit
To load HaspEdit:
1. Connect the HASP key to your computer.
Do not connect more than one HASP key with the

! same passwords while using HaspEdit because you can
only write to one key at a time.
HaspEdit does not distinguish between different
connected keys with the same developer code and could
as a consequence mistakenly destroy data stored in one
or more of them.
2. Choose HaspEdit from the HASP CD menu in the Windows

Programs directory. The HaspEdit window appears:
3. Start a new HaspEdit session, or open an existing HaspEdit

configuration file if you have one saved in your computer.

Using HASP Tools Accessing Keys with HaspEdit
HaspEdit Configuration File

A HaspEdit configuration file stores HASP parameters set using
HaspEdit. In the configuration file, you save details of the HASP
model you are using, the key’s passwords, its ID, its memory image
and FAS protection parameters. Saving the details of your
HaspEdit session is useful if you want to program multiple keys
with the same information.
When you choose Save from the File menu, you save the HASP
parameters to a file and not to the HASP key. The name of the
configuration file then appears in the HaspEdit utility’s title bar.
Before closing, HaspEdit asks you whether or not to save the
current HaspEdit parameters to the configuration file
The HaspEdit configuration file contains your secret

! passwords. Regard this file as if it were your source code
and keep it in a safe place.
When you activate HaspEdit, you can either start a new HaspEdit
session, or load a previous session by opening a configuration file.
Starting a New HaspEdit Session

To start a new HaspEdit session:
1. Choose New HaspEdit Session and click OK.
The HASP Password dialog box appears
2. Enter the HASP passwords. If you are evaluating a HASP
demo key, check the A Hasp demo key box in order to enter
the HASP demo passwords automatically.
3. Click OK.
If the passwords entered match those of the key connected, the
Configuration window is displayed. You can now use HaspEdit.

Opening an Existing HaspEdit Configuration File

To open an existing HaspEdit configuration file:
1. Choose Open HaspEdit Configuration and click OK.
The Open dialog box appears.
2. Select or enter the name of the configuration file to open.
3. Click Open.
If the passwords and model of the key saved in the
configuration file match those of the key connected, the
Configuration window is displayed. You can now use HaspEdit.
HaspEdit Configuration Window

The Configuration window appears when you start a new
HaspEdit session or open an existing HaspEdit configuration file.
When you close this window, you are prompted to end the current
HaspEdit session
Figure 5.1 HaspEdit Configuration Window.
The HaspEdit configuration Window displays the following

information:
• The HASP model.
• The passwords of the HASP key. The passwords can be viewed
or hidden by checking Passwords in the View menu.
• The unique ID number of the HASP key.

Preparing for Application Protection

Use HaspEdit to prepare for application protection by encoding
data for use in your application and by retrieving the unique
HASP ID number.
Encoding Data
This function allows you to encode data using a HASP4 key. After
encoding, you can use the encoded data in your application and
decode it during runtime using the appropriate HASP API
function.
To encode data:
1. Choose Encoding from the HASP Tools menu or click the
Encode icon. The Encode window appears:
2. Enter or select the source of the data you would like to encode.
You can encode data from the windows clipboard or a file, or
you can type a string directly at the keyboard.

3. Enter or select the name of a binary destination file for the

encoded data (optional).
Binary output data cannot be pasted into a text editor,

since the characters are non-printable.
4. Enter the name of an ASCII destination file or choose

Clipboard for the encoded data (optional).
ASCII-encoded data has the following appearance:
5. Select your programming language.

This option will produce an include file for your programming
language, so you can use the encoded data easily within your
application.
6. Click Encode to start the process.
Theoretically, you can encode or decode up to 4GB of

data in a single call. Please note that HaspEdit needs to
allocate buffers to encode and decode the data. This
means that the restrictions on the HaspEdit encoding/
decoding feature are related to the amount of RAM and
hard disk space on your computer.

To decode data:
1. Choose Decoding from the HASP Tools menu or click the
Decode icon. The HASP Decode window appears:
2. Enter or select the name of a binary source file containing the

encoded data you would like to decode.
3. Enter or select the name of a binary destination file for the
decoded data.
4. Press Decode to start the process
Retrieving the HASP ID Number

With HASP Edit, you can retrieve the HASP ID of HASP4 keys
with memory. The HASP ID is unique to every key. You can
incorporate a check for this number into your application using
HASP Envelope or API. Check for a specific HASP ID in your
protected application using service 6 (HaspID).

To check the ID number of a HASP memory key:

1. Connect the HASP key to your computer.
2. Choose HASP ID from the HASP Tools menu or click the
ID icon. The HASP ID window appears:
The window displays the ID number (an unsigned, 32-bit

integer) in hexadecimal and decimal format and as two short,
16-bit words.
3. If you choose to protect with the HASP Envelope, note the ID
number displayed in hexadecimal format. You can later enter it
into the HASP Envelope.
4. If you choose to protect with the HASP API, note the ID low
word and the ID high word and compare them with the values
the hasp( ) routine returns in Par1 and Par2 of Service 6: HASP
ID. Alternatively, note the ID number and compare it to the
value you calculate using the formula found in Service 6.
To copy contents of the HASP ID window, select Copy

from the Edit menu.

Setting Protection Parameters with FAS

The Full Authorization System (FAS) enables you to lease your
software, distribute demo versions of your application and protect
multiple applications with a single HASP memory key.
Implementing FAS is optional when protecting with HASP4 M1 or
HASP4 M4, and is implemented with the Envelope. However, FAS
is required with HASP4 Net and is implemented via the HASP
Envelope and/or the HASP API.
You can implement FAS only with HASP4 keys with memory.
This section describes how to program HASP keys if you are using
FAS.
FAS Program List

With FAS, you create a list of applications to protect and set the
protection parameters for each.
Use FAS to authorize the following up to:
• 16 applications using a single HASP4 M1
• 112 applications using a single HASP4 M4
• 8 applications using a single HASP4 Time
• 112 applications using a single HASP4 Net
Use HaspEdit to assign each application on the FAS program list
a unique program number which identifies it and to set protection
parameters.
Comments written in MemoHASP FAS Editor are

saved in the HaspEdit configuration file and not in the
key’s memory.
FAS Protection Parameters

With HaspEdit, you specify protection parameters for each
program on the FAS program list. The parameters you specify
depend on the HASP model you are using.
Use FAS to do the following:

• Limit the number of activations for each application protected

with a HASP4 M1 or HASP4 M4.
• Set expiration dates after which applications protected with a
HASP4 Time cannot run.
• Limit both the number of stations which can run a HASP4 Net
protected program simultaneously and the number of
activations for each application.
Make a note of the number assigned to each program.

In the Envelope utility, you use this number to specify
the program you are protecting.
Use HaspEdit to set and/or edit the protection parameters for

each program. Once you set protection parameters for each
program, write the program list and protection parameters to the
HASP memory.
The next sections describe how to edit the FAS program list for
each of the different HASP memory keys.
Setting the FAS Program List for HASP4 M1 and HASP4 M4

Use FAS to limit the number of allowed activations for each
application protected with HASP4 M1 and HASP4 M4.
To set the FAS program list for HASP4 M1 or

HASP4 M4:
1. Choose Full Authorization System (FAS) from the HASP
Tools menu and click MemoHASP, or click the FAS icon. The
MemoHASP FAS Editor window appears:

2. Click Add to add the program(s) you want to protect. The Add
Program window appears.
3. In the Program box, enter a program number unique to the

program you are protecting. The number can be from 1 to 16
for HASP4 M1, or from 1 to 112 for HASP4 M4. The program
number should be identical to the number you assign your
program when you protect it with HASP Envelope.
4. In the Activations box, enter the maximum number of allowed
activations for the application. Check Unlimited to allow an
unlimited number of activations.
5. In the Comments box, add information identifying the
program, such as its filename and any further relevant
comments.
6. Click OK. The program is added to the MemoHASP FAS
Editor list.
7. Click Write. The Write HASP Memory window appears.

8. Save changes to the HASP key. You can either:

• Click Write to save all the changes to the memory.
• Check Write Selected Programs Only to save only the
selected programs to the memory, click Write.
All changes to the memory are initially shown on screen in red.
Clicking Write saves the changes to the HASP key. All data written
to the key appear in blue.
Setting the FAS Program List for HASP4 Time

Use FAS to set an expiration date after which the HASP4 Time
protected application(s) will stop running.
To set the FAS program list for HASP4 Time:

Tools menu and click TimeHASP or click the FAS icon. The
TimeHASP FAS Editor window appears:

2. Click Add to add the program(s) to protect. The Add Program

dialog box appears:

program you are protecting. The number can be from 1 to 8.
The program number should be identical to the number you
assign your program when you protect it with the Envelope
4. In the boxes provided in the Program Expiration Date frame,
enter the day, month and year of the application’s expiration
date. Click the Unlimited Date box if you do not want to set
an expiration date.
comments.
6. Click OK. The program is added to the TimeHASP FAS Editor
list.
8. Save changes to the HASP4 Time key. You can either:
Clicking Write saves the changes to the HASP4 Time key. All data
written to the key appear in blue.

Setting the FAS Program List for HASP4 Net

Use FAS to set the number of stations that can run the program
simultaneously and to set the allowed number of activations for
each of the applications protected with HASP4 Net..
FAS must be used whenever you use a HASP4 Net key,

even when protecting a single program.
To set the FAS program list for HASP4 Net:

Tools menu and click NetHASP or click the FAS icon. The
NetHASP Program Editor appears:
2. Click Add to add the program(s) to protect. The Add Program

dialog box appears.


program you are protecting. The number can be from 1 to 112.
The program number should be identical to the number you
assign your program when you protect it with the HASP
Envelope or the HASP API
4. In the Stations box, enter the maximum number of stations
allowed to use the program simultaneously.
5. The maximum number possible depends on the HASP4 Net
model number. HASP4 Net5 allows up to 5 stations; HASP4
Net10 allows up to 10 stations, and so on. If using HASP4
NetU, check the Unlimited box to allow an unlimited number
of stations.
Note: It is recommended that the number of
stations not exceed 200.
6. In the Activations box, enter the allowed number of

activations for the application or check the Unlimited box to
allow an unlimited number of activations.
comments.
8. Click OK.
9. The program is added to the NetHASP Program Editor list.
11. Save changes to the HASP4 Net key. You can either:
Clicking Write saves the changes to the HASP4 Net key. All data
written to the key appear in blue.

Editing the HASP Memory

With HaspEdit you read and write to the HASP memory and save
passwords, a customer’s name, parts of your program code or any
other data.
Memory not used for FAS can be used to save any

additional data of you choice.
Navigating in the HASP Memory Editor Windows

All HASP Memory Editor Windows are navigated similarly. Use
the mouse to move from field to field in the window and the
buttons to perform different operations.
You can view in the Offset box the position number of the
selected word in memory. Enter the position number of a word in
this box to select it for editing.
Click Hex (hexadecimal) or Decimal to choose the format in
which to enter data in the left pane. Enter data in ASCII format in
the right pane. Use the mouse to toggle between the two panes.
Press PageUp and PageDown to move between pages of HASP4
M4, HASP4 Time and HASP4 Net memory.
Clicking Write saves the changes to the key. All data written to the
key appear in blue.
The box Location Description indicates the location of words in
HASP memory. First, it specifies if a word of memory is located in
the User area or FAS area. If the word is in the FAS area, it shows
the program number (i.e., (P1) for program 1 or (P2) for program
2, etc.) associated with the selected word. Also, it notes if the word
is unregistered (meaning that it is not on the FAS program list) or,
if it is registered, it places in quotation marks comments you
assigned.
If the cursor is located in the FAS area on a word of

! memory associated with a program whose protection
parameters are saved in the FAS program list, make sure
not to overwrite the word with your own data.

Editing HASP4 M1 and HASP4 M4 Memory

Use HaspEdit to edit HASP4 M1 (56 words of memory) and
HASP4 M4 (248 words of memory). The first 24 words of
memory comprise the User area and can be used to store any data.
The remaining words of memory comprise the FAS area.
To edit HASP4 M1 and HASP4 M4 memory:

1. Choose HASP Memory from the HASP Tools menu and
click MemoHASP, or click the Memory icon.
The MemoHASP Memory Editor opens and displays the
contents of the key’s memory.
2. Edit the memory.

3. Click Write to save changes to the memory.
Editing HASP4 Time Memory

HASP4 Time incorporates two areas of memory: the 16-byte FAS
HASP4 Time area and a user area of 248 words.
Follow the instructions under "To edit the HASP4 Time FAS
memory" below to edit the 16 bytes section. Follow the
instructions in "To edit the HASP4 Time user memory" to edit the
248-word section.

All 248 words make up the user area and can be used to store any
data.
To edit the HASP4 Time FAS memory

click TimeHASP, or click the Memory icon.
The TimeHASP Memory Editor opens and displays the
contents of the HASP memory:
2. Edit the memory.

3. Click Write to save changes to the HASP4 Time memory.
To edit the HASP4 Time user memory

click MemoHASP.

The HASP4 Time Memory Editor opens and displays the

contents of the HASP memory.
2. Edit the memory.

3. Click Write to save changes to the memory.
Editing HASP4 Net Memory

Use HaspEdit to edit HASP4 Net (248 word of memory). The
first 24 words of HASP4 Net memory comprise the User area and
can be used store any of your data. The remaining memory
comprises the FAS area
Memory not used for FAS can be used to save any

additional data of you choice.
To edit HASP4 Net memory:

click NetHASP, or click the Memory icon.

The NetHASP Memory Editor opens and displays the

contents of the HASP memory:
2. Edit the memory.

3. Click Write to save changes to the HASP4 Net memory.
Setting the HASP4 Time Clock

With HaspEdit you set the HASP4 Time real-time clock. With
HaspEdit, you can view and change the time and date of the
HASP4 Time clock.
To set the HASP4 Time clock:

1. Choose TimeHASP Clock from the HASP Tools menu.

The TimeHASP Time & Date dialog box appears:
2. Enter the month, day and year in the Date field.

3. Click Write to save the date.
4. Enter the time in hh (hours), mm (minutes) and ss (seconds) in
the Time field. To set the real-time clock to the system time,
click Get System Time and then click Write.
The HASP4 Time clock uses the 24-hour format (00:00:00 to
23:59:59)
5. Click Write to save the time.
6. Click Close to exit the TimeHASP Time & Date dialog box.

Programming Multiple HASP Keys

After you have protected your application, you can program your
HASP keys in preparation for delivery (together with the
application) to your customers.
When you program multiple keys, do not daisy-chain them.
Instead, save the same memory to the keys one after another using
a simple procedure. HaspEdit lets you program multiple keys with
the same parameters set in the Memory Editor and FAS Editor
using either of the following methods:
• Program Key
• Create Programming Utility
Program Key
When you use the Program Key option, you program each HASP
key with the data from the current HaspEdit utility session.
To save HaspEdit memory to multiple keys:

1. Choose Program Key from the HASP Tools menu, or click
the Prog icon on the toolbar.
The Multi-key Programming window appears.
2. Click Yes to write the HaspEdit memory to the connected
HASP key. The number of keys you have programmed so far is
displayed as the Write Count.
3. Remove the currently attached HASP key and connect the next
one you want to program.
4. Repeat steps 2-3 until all the keys have been programmed.

Create a Programming Utility

When you create a programming utility, you create a stand-alone
executable to program each HASP key with the parameters you set
in the current HaspEdit session. When creating the file, make sure
to leave open the FAS and/or Memory Editor windows (you can
minimize them if you want), because it is with the data in them
that the HASP Programming utility generates the executable.
To create a HASP Programming utility:

1. Choose Create Programming Utility from the HASP Tools
menu. The HASP window opens:
2. Choose the type of executable in the Application Type frame.

3. Enter a name for the executable in the Utility Name box.
The default name is Haspprog.exe. You can change the name/
directory by entering a new one or by clicking Browse.
4. In the Program Caption box (for Win32 GUI applications) or
the Program Banner box (for Win32 console or DOS
applications), enter a title to appear when the executable is
loaded.
5. Click Create.
If an executable of the same name does not already exist, a
message confirming creation of the executable appears. Click
OK to return to the HASP Programming Utility dialog box.

If an executable of the name specified already exists, a

confirmation dialog box appears. Click Yes to replace the file
and create a new executable, or click No to return to the HASP
Programming Utility dialog box.
You can now run the executable and edit keys.

HaspEdit for Mac

This chapter explains the use of HaspEdit for Mac in performing
the main operations on Mac OS X. For detailed information refer
to the online help.
Getting Started
To start HASP Edit for Mac:
1. Connect a HASP key to your computer.
Do not connect more than one HASP key to the computer
while using HaspEdit. The HaspEdit utility can only handle
one key at a time.
2. Start HaspEdit. The Password window is displayed.
3. Enter the passwords and confirm with OK.
The passwords for HASP demo keys are inserted automatically by
default. To change this setting, choose Preferences from the
HaspEdit menu and activate/deactivate the option.
You can also start HaspEdit without connecting a

HASP key, e.g. to edit templates.
Setting Preferences
You have the following options when setting preferences for
HaspEdit for Mac:
• Change the value with which the memory will be filled when
clearing the memory
• Set a root directory for your template files
• Display a warning if the time and date assigned to a HASP4
Time key differ significantly from the system time setting
• Facilitate the use of HASP demo keys by having their
passwords inserted automatically

• Scan for connected keys periodically

To set preferences, choose Preferences from the HaspEdit
menu and activate/deactivate the option.
Preparing for Application Protection

Use HaspEdit for Mac to prepare for application protection by
encoding data for use in your application and by retrieving the
unique HASP ID number.
Encoding Data
This function allows you to encode data using a HASP4 key. After
encoding, you can use the encoded data in your application and
decode it during runtime using the appropriate HASP API
function.
To encode data:
1. Select Encode/Decode in the navigation tree.
2. Make sure the right HASP key is connected.
3. Enter data or click Load to load a file.
4. Select a format for your output data.
5. Use the mouse or the keyboard to select the section of data you
want to encode (at least 8 bytes). Click Encode to encode the
data and click Save As to save the encoded data to a file.
You have the option to edit the file and select sections
to encode. If the file size exceeds 1024 bytes you can
encode the file but you cannot edit it or select sections.
Retrieving the HASP ID Number

With HASP Edit, you can retrieve the HASP ID of HASP4 keys
with memory. The HASP ID is unique to every key. You can check
for a specific HASP ID in your protected application using service
6 (HaspID).

To retrieve the HASP ID, connect the HASP key to your

computer and enter the passwords. The ID number is displayed
automatically in the Current HASP view.
You can choose between three different 32-bit and 16-bit
representations of the number:
• Hexadecimal
• Decimal unsigned
• Decimal signed
Programming HASP Keys

Before distributing HASP keys to your customers together with
the protected application you need to program them. You can fill
the memory of the HASP4 keys with data of your choice and/or
use the memory for the Full Authorization System (FAS). The
keys programmed with HASP Edit for Mac can be used on all
supported platforms.
The programming process involves the two main steps:
First you create a master key or a template which serves as a basis
for programming a number of keys. You may need to create
several master keys or templates in case you are using more than
one HASP key type.
After creating a master key or a template, you can start to program
your keys for distribution. To program several identical keys
quickly, use the multi key programming tool.
.
Do not connect more than one HASP key with the

! same passwords while using HaspEdit, because you can
only write to one key at a time.

Programming a Single HASP Key
To program a single HASP key:

1. Connect the HASP4 key you want to use as a master key. In
case the key is not displayed in the Current HASP view,
choose Scan for Connected Key from the Edit menu.
2. Enter the passwords for the key.
3. Click the Memory box and edit the memory according to your
needs.
The data are colored red until being written to the key or saved
to a template file.
4. Click Write to program the key. You can also save the memory
image to a template file (see below).
Working with Templates

The HaspEdit template file stores HASP parameters and
additional information:
• The HASP key type
• The key's passwords
• The memory image and FAS protection parameters
• Additional comments about the FAS parameters
• HASP4 Time parameters
The HaspEdit template file contains the HASP

! passwords. Regard it as part of your source code and be
sure to keep it safe.
You use template files to program several HASP keys of the same
type with the same memory content.
You have the following options when working with templates:
• Create, rename and delete templates
• Write to a currently connected key from the template view

• Link comments from a template to a current key view for a

better overview
To create a template:
1. Choose New from the File menu.
2. Choose Save as from the File menu.
3. Enter a name for the template and select a folder.
To create a template from a connected key:

1. Connect the key and choose Scan for Connected Key from
the Edit menu to scan for it.
2. Choose Save as from the File menu.
3. Enter a name for the template and select a folder.
To program a single key from the template view:

• Connect the key you want to program.
• Select the template.
• Click Write Key.
Using the Multi Key Programming Tool

When you program multiple keys, you save the same memory to
the keys one after another using the memory content of a key
which has already been programmed or using a template.
To use the multi key programming tool with the

memory of a programmed key:
1. Connect and program the key you want to use as a basis.
2. Select Current HASP in the navigation tree.
3. Select Multi Key Programming from the Tools menu.
4. Disconnect the key.
5. Connect a new key and confirm.

6. Repeat steps 4 to 5 for every new key.
To use the multi key programming tool with a

template:
1. Select the template you want to use.
2. Select Multi Key Programming from the Tools menu.
3. Connect a key and confirm.
4. Disconnect the key.
5. Repeat steps 3 to 4 for every new key.
Using the Full Authorization System

The Full Authorization System (FAS) allows you to protect
multiple applications with a single HASP memory key and to
specify the conditions under which each application can be used.
With HASP Edit, you specify protection parameters for each
program on the FAS program list. The parameters you specify
depend on the HASP model you are using.
You have the following options:
• Limit the number of activations for each application protected
with a HASP4 M1 (up to 16 applications) or HASP4 M4 (up to
112 applications).
• Set expiration dates after which applications protected with a
HASP4 Time cannot run.
• Limit both the number of stations which can run a HASP4
Net-protected program simultaneously and the number of
times each application can be activated.
To view the FAS protection parameters:

1. Connect the key or select the template.
2. Choose As FAS List or Split from the View menu.
To set the FAS protection parameters:

1. Connect the key or select the template and click the FAS box.

2. Enter the number of possible activations (HASP4 M1, HASP4

M4, HASP4 Net), stations (HASP4 Net) and expiration date
(HASP4 Time).
3. To set the number of activations to unlimited, choose
Unlimited from the Edit menu or type U.
Memory usage with FAS

FAS programs are stored in the FAS area of HASP memory. The
FAS area starts at word offset 24.
When you use HASP4 M1, HASP4 M4 or HASP4 Net keys, each
program protected with FAS requires four bytes (two words) of
HASP memory. Each pair of words in the FAS area is reserved for
a specific program number. The first two words are reserved for
program number 1, the second two words for program number 2,
etc.
When you use HASP4 Time keys, each program protected with
FAS requires two bytes (one word) of the additional HASP Time
memory.
The comments entered in the FAS list are only saved in

the template file, not in the key’s memory.


Question I’ve used HASP4 Net to protect a single application. The first 24
words in HASP4 Net memory are not sufficient. What can I do?
Answer The remaining 224 words of HASP4 Net memory are reserved
for the protection parameters of the 112 applications you can
protect with a single HASP4 Net. Since you are protecting only
one application, you can use part of this reserved memory for
other purposes.
Question Is HaspEdit the only utility with which I can program my HASP
keys?
Answer No. You have several other options for doing so. The first is to
create an automatic programming utility with pre-defined
protection parameters which you set in the HaspEdit utility. For
more information about the programming utility, see page 104.
The second option is to write your own program that implements
the HASP API and writes data to the HASP memory. For more
information about the HASP API, see page 129. Finally, an
option called “Program HASP”, which involves saving FAS
parameters, is found in the Win32 Envelope utility. For more
information about using the HASP Envelope in conjunction with
FAS, see "Saving FAS Parameters" (page 59).

Question Can I use HASP keys programmed with HaspEdit for Mac or
HaspEdit for Windows on the other platform?
Answer Yes. The keys programmed with one of the HASP Edit
applications can be used on all supported platforms.
Alternatively, you can use the HASP API to program your HASP
keys.

Part 2 - Chapter 6
Assisting End-Users
& Vendors
Aladdin DiagnostiX
The Aladdin DiagnostiX utility collects information on deployed
keys and the systems on which they are running. This feedback
mechanism will help you provide solutions to customers
encountering problems related to the protected application.
Your customers can use the Aladdin DiagnostiX utility:
• To check for a HASP key.
• To create a report file that contains data for Aladdin devices
and other relevant system information.
• To configure the HASP nethasp .ini file.
• To download an updated driver.
Aladdin DiagnostiX is available for the following environments:
Windows 95/98/ME and Windows NT/2000/XP/Server 2003.
When your customers run the Aladdin DiagnostiX utility, instruct
them to select the Check HASP tool to check for a HASP key. In
addition to HASP device data, customers can use Aladdin
DiagnostiX to generate reports containing vital information about
their systems.
The Aladdin DiagnostiX utility is divided into three parts:

Assisting End-Users & Vendors Part 2 - Chapter 6
• Menus for creating reports, accessing the Aladdin DiagnostiX

settings dialog, the online help system, and for exiting the
system.
• The Diagnostic Tools pane contains icons used to activate the
analytic and diagnostic tools.
• A display area to view the analytic and diagnostic tools.
The utility diagnoses your system at startup with the System Info
diagnostic tool. Results are displayed in the workspace as part of
the System Info screen.
Your customers can use Aladdin DiagnostiX to update drivers for
locally installed keys. These updated drivers are available via the
Aladdin FTP site.
To update the drivers:
a. Click the Driver Update button provided under the System
Info screen.
b. Follow the on-screen instructions to download and install
the new driver(s).
Your updated drivers will not immediately appear in the System
Info screen. You must restart the Aladdin DiagnostiX utility to
include the new drivers in the system entity list.

Using HASP Tools Assisting End-Users & Vendors
Diagnosing HASP Keys

The Aladdin DiagnostiX utility provides two specific tools for
HASP keys:
• The Check HASP tool is used to access and retrieve
information on HASP keys.
• The HASP nethasp .ini Configuration tool is used to
configure key server access settings for HASP4 Net keys.
Checking for a HASP Key

To check for a HASP key, select the HASP icon in the Diagnostic
Tools pane. The Check HASP screen appears in the workspace.
To check for a HASP key

Follow the procedure below to check for a HASP key.
1. Select an Access Mode from the Check HASP screen. The
default setting is Check any HASP key.
Note: an additional access mode, Use Customized file, will be
display if the corresponding DLL has been provided to you by
your HASP vendor.
2. If you have selected Check a specific HASP key, please enter
the two required passwords for the key in the fields provided.
The HASP passwords are the core of HASP protection

concept, therefore you must never reveal them to
customers. This option of the Aladdin DiagnostiX
utility must therefore only be used by those in your
company who know the passwords.
3. To access keys connected remotely, check Access to HASP

LM and enter the program number. This option is only
available for checking demo or specific keys.

4. If you want data in the HASP memory read and then encoded
with a cryptographic algorithm, check Save memory to
reports file. This option is not available when you define
Access Mode to Check any HASP key.
5. Click OK.
6. Details for the access display in the Key Access History panel
of the Aladdin DiagnostiX window.
Key Access History Panel

The Key Access History panel records and tabulates all attempts
to access HASP keys. Key access information is displayed
sequentially, showing the most recent access first. The table below
details the Key Access History panel.
Table 6.1 Key Access History Panel
Column Value Description
Access local The key was found on a local port

Mode
remote The key was found on a remote port
Error No. Relevant error number
Port/Prog. Displays the number of the port to which the HASP

key is connected. If a HASP was found and logged in
on a remote port with HASP LM, the program
number is also displayed. If the HASP key cannot be
accessed, (n/a) is displayed.
Key Type The type of HASP key located
HASP ID ID number of the located key
Addit. Info Additional information related to error number

displayed above

Configuring HASP nethasp .ini files

Aladdin DiagnostiX enables your customers to quickly configure
and create HASP nethasp.ini files and thus speed up
communications between their protected applications and HASP4
Net keys. Through the HASP nethasp .ini Configuration screen,
your customers have three options for creating an ini file:
• Using an automated file. The file will be created based on
information collected at startup. Information contained in the
file will be then used to access servers. The first suitable
protocol will be used in the following order: IP and then IPX.
Only IP server names found at startup will be used.
• Using a default file. In this option, your customers can specify
any of the following to be included in the .ini file.
• IP
• IPX
• NetBIOS
If this option is selected, no pre-defined settings for server
names will be included in the default .ini file.
• Using a customized file. Aladdin DiagnostiX enables your
customers to set particular local and server protocols.
To access the HASP nethasp.ini Configuration

screen:
1. Double click the HASP icon in the Diagnostic Tools pane.
The HASP nethasp .ini icon appear below the HASP icon.
2. Click on the HASP nethasp .ini icon.
The nethasp.ini Configuration screen appears in the
workspace.
To Configure an .ini file:

Use the following procedure to configure an .ini file using Aladdin
DiagnostiX:

1. Select one of the three methods provided to create the file. If

you select the automated options skip steps 2 - 3 and proceed
to step 4.
2. If you have selected the default option in step 1, check any or
all of the protocols provided. Skip to step 4.
3. If you have selected the customized option in step 1, use the
fields provided to define IP and IPX servers. You can manually
use command-line parameters or click the corresponding
browse button to view and select from a list of available
options.
4. Enter the name of the output directory for the .ini file in the
Set output directory field. You can also use the browse button
to point to the desired directory.
5. Click Create.
Creating Reports
Your customers can use Aladdin DiagnostiX to create reports
containing information on the following:
• HASP devices
• System information including Win16 and DOS subsystems
• Information pooled by external reporting tools
• Memory read from HASP keys (encrypted)
If your customers are experiencing a problem with their HASP
device or have difficulties in accessing the protected application,
they can e-mail the reports to you or to the local HASP technical
support staff.
Create Report Settings

The content and format of the reports generated by Aladdin
DiagnostiX is set in the Create Report tab of the Aladdin
DiagnostiX Settings dialog.
The settings listed below appear in the Create Report tab.

Report format: offers three format possibilities - XML, HTML,

and TEXT.
If you select either the HTML or Text options, an

additional XML file will be created containing the
read memory of any key detected.
The Aladdin DiagnostiX reporting feature may generate multiple

files. To zip the generated files check the Zip all output files box.
To include information on Win16 and DOS subsystems in the
generated reports, check the Include Win16/DOS box. Aladdin
DiagnostiX will generate two separate report files for each
subsystem.
To create a report:
1. Review the settings outlined in the preceding section.
2. Use one of the following methods to create a report.
• Click the Create Reports icon.
• Select Create Report from the Edit menu.
• [Ctrl] + R
• Create Report button under the System Info screen.
A message box appears indicating the contents of the report file
and its location.
Linking to External Reporting Tools

Aladdin DiagnostiX allows you to define settings for up to two
separate external reporting tools such as msinfo32. The reports
generated by these external tools can be zipped and stored in a
single file. Use the procedure below to link Aladdin DiagnostiX to
external reporting tools:
1. Open the Reporting Tools tab in the Aladdin DiagnostiX
Settings dialog.

2. Check the Reporting tool 1 box.

The Execute and Output File fields should be activated.
3. In the Execute field, either specify the command line path to
the target reporting tool, or browse for the tool using the
button. Add additional command-line parameters to run the
tool in ‘silent mode’ and specify the output DiagnostiX file.
4. Use the Output File field to specify the name of the file
generated by the external tool. Specify the path to the
destination directory, or browse for the file by clicking the
button.
5. To define settings for a second external reporting tool, check
the Reporting Tool 2 box and repeat steps 2-4.
You can optionally set a time limit for the external tool to
generate a report. Check the appropriate box and specify a time
limit. If the reporting tool does not generate its report within
the allocated time frame, it will be terminated.
6. Click OK to exit.

Aladdin Diagnostix Memory Beamer

The Aladdin DiagnostiX Memory Beamer is a vendor utility that
serves as a channel for transferring secured data between vendors
and their customers. In conjunction with the Aladdin DiagnostiX
tool, the Aladdin DiagnostiX Memory Beamer:
• Enables you to send customized DLLs to your customers.
• Accesses reports generated by the Aladdin DiagnostiX utility.
• Decrypts the HASP memory of deployed keys.
• Prepares decrypted HASP memory to be read using HaspEdit.
Aladdin Diagnostix Memory Beamer is designed for the

exclusive use of software vendors and not end users.
Sending Passwords to Your Customers

The HASP passwords are the core of HASP protection concept,
therefore you must never reveal them to customers. You can however use
the Memory Beamer to ‘inject’ passwords into customized DLL files that
can later be supplied to your customers. Once available on your
customers’ system, these customized DLLs provide an additional means
to access a HASP key via the Aladdin DiagnostiX utility.
Follow the instructions below to prepare a DLL with HASP
passwords:
1. In the fields provided enter the two HASP passwords.
2. Click Inject.
A message box appears confirming that the passwords have
been ‘injected’ into a DLL.
A DLL file containing the two HASP passwords should appear
in your current directory.
3. Send the DLL file to your customer with instructions for them
to store the file in the same folder where their Aladdin
DiagnostiX utility is located.

Reading Report Files

The Beamer enables you to quickly access and sort reports
generated by the Aladdin DiagnostiX utility. The Beamer displays
the following information based on information stored in report
files:
• Type of HASP key
• Access Type and HASP ID
You can also use the Beamer to decrypt the read memory of a
HASP key after providing the required passwords. This memory
can then be read via the HaspEdit tool.
The Aladdin Diagnostix Memory Beamer currently

! only runs on 32-bit operating systems.
Follow the instructions below to read a report file:

1. Open the report file appearing in the Report File field. If the
Report field is empty, use the browse button to point to the
directory where the report file is stored. Click Open.
2. If the report file contains relevant HASP entries, the Key Type
and Access fields should display information.
If at any time you wish to skip a particular report

file and move on the next file, click Skip.
3. The Beamer can be used to decrypt the memory of deployed

HASP keys. If the report file contains the encrypted read
memory from the HASP key, enter the two required passwords
in the Password fields.
Provide a file name to store the decrypted memory from the
report file or use the browse button to point to a desired location.
The memory data will be stored as a HED file and can be read
using the HaspEdit tool.

Part 3
Using the HASP API
This part introduces the HASP API protection methods and
strategies. It provides detailed descriptions of all HASP API
services.
The chapter "Protecting with the HASP API" (page 129) explains
how to use the hasp() routine and gives an overview of HASP API
services.
The chapter "Protection Strategies" (page 147) provides you with
information on how to maximize your protection.
The chapter "Basic HASP Services" (page 157) describes services
relevant for all HASP stand-alone keys.
The chapter "HASP4 Memory Services" (page 167) describes
services relevant for all HASP4 M1, HASP4 M4 and HASP4 Time
keys.
The chapter "HASP4 Time Services" (page 175) describes services
relevant for HASP4 Time keys.
The chapter "HASP4 Net Services" (page 187) describes services
relevant for HASP4 Net keys.
The chapter "HASP API Status Codes" (page 217) explains all
status codes returned by the HASP system.

Part 3 - Chapter 7
Protecting with the

HASP API
The HASP application programming interface (API) is a powerful
protection method, the strength of which depends on how you
implement it. The more sophisticated and complex your API calls
are, the better your HASP protection will be.
You use the API to insert calls to the HASP throughout the
application and thus enhance security. You can check for the
presence of the HASP key at any point in the application and
decide how to respond according to the result of the check. You
can also check a HASP memory key for data you stored in its
memory.
The manner in which you perform these checks is a crucial and
determining factor for security. It is essential, therefore, that you
consult the chapter "Protection Strategies" (page 147) for
guidelines on how best to do so.
Before protecting with the HASP API, we recommend that you
check the API files for your compiler. Each HASP interface
includes a sample application demonstrating API usage.

Protecting with the HASP API Part 3 - Chapter 7
Preparing for API Usage

To use the HASP API, you have to install the HASP device driver
or a daemon. Refer to "Installing HASP" (page 29) for
information on installing the HASP drivers.
Before implementing the API calls in your application, use
HASP Edit and/or the API to perform the following tasks.
Encode data for use within your application

Use the service HaspEncodeData or the HASP Edit utility to
encode data. You can decode this data with the API when the
correct HASP key is connected.
Edit the HASP memory

The API enables you to access the memory and read and write
data from and to a specified address.
You can use HASP Edit or the services WriteWord, WriteBlock
and WriteByte (only HASP4 Time) to write to the memory.
Determine the HASP ID number

HASP memory keys have a HASP ID number. With the API, you
can check the presence of a specific HASP by verifying its ID
number.
You can use HASP Edit to determine the ID number.

Using the HASP API Protecting with the HASP API
Implementing the HASP API

After you have performed the necessary operations using
HASP Edit or the API, you are ready to protect your application
with the API by incorporating calls to the hasp( ) routine
throughout your source code.
Main Stages of Implementation

To implement the API:
1. Examine the sample code that corresponds to your chosen
development environment.
2. Add the hasp() call to your source code.
3. Use the API to decode and verify important data that your
application uses.
4. On the basis of the output from step 3, carry out any error
checking and issue appropriate notification to the user.
5. Repeat steps 2-4 several times, incorporating these checks in
the various different modules.
6. Compile your source and link it to the HASP object files or to
the supplied library.
7. Use the HASP Envelope utility to add an additional layer of
protection to your application.
Using the hasp( ) Routine

Use the hasp( ) routine to incorporate API protection into your
application. The hasp( ) routine checks for the presence of a
HASP key, encodes data at runtime and accesses the memory of a
HASP memory key to perform read and write operations.
The hasp( ) routine is called differently for stand-alone keys and
HASP4 Net keys.

Parameters for HASP Stand-Alone Keys

hasp (Service, SeedCode, PortNum,
Password1,Password2,Par1, Par2, Par3,
Par4)
The hasp( ) routine accepts the following nine parameters.

Table 7.1 Parameters for HASP Stand-Alone Keys
Parameter Description
Service Determines the operation performed by the routine.
SeedCode Used for backward compatibility only.
PortNum Specifies which port to search for the HASP key.
Password 1 First password for the HASP key.
Password 2 Second password for the HASP key.
Par1 to Par4 The values of Par1 to Par4 change according to the

service.
Parameters for HASP4 Net Keys

hasp (Service, SeedCode, ProgNum,
Par4)
The hasp( ) routine accepts the following nine parameters.

Table 7.2 Parameters for HASP4 Net Keys
Service Determines the operation performed by the routine.
SeedCode Used for backward compatibility only.
ProgNum Program number assigned to the protected application

in the HASP4 Net memory.

Password 1 First password for the HASP key.
Password 2 Second password for the HASP key.
Par1 to Par4 The values of Par1 to Par4 change according to the

service.
Specifying the Port

You can use the PortNum parameter to specify a parallel port or
the USB port number. Applications protected with HASP4 Net
search all ports for the HASP4 Net key, so if you are using HASP4
Net, skip this section.
Specifying the Parallel Port

Use the PortNum parameter to specify the parallel port to be
searched for HASP stand-alone keys.
If you set PortNum to 0, the protected application automatically
searches all parallel ports in the following order: 378h, 278h,
3BCh. The automatic search stops when the application finds the
HASP.
You may want to search for the HASP at a specific parallel port or
to address a hardware port directly (bypassing the BIOS data area).
The following table lists the various values you can assign to
PortNum in order to search for a specific port.
Table 7.3 PortNum Values and Ports Searched
PortNum Port Searched
0 Automatic search at all ports
1 LPT1 only
2 LPT2 only
3 LPT3 only
101 03BCh only

PortNum Port Searched
102 0378h only
103 0278h only
201 - 255 Specific HASP on USB port
Specifying the USB Port

Use the PortNum parameter to specify the USB port number. For
the purpose of HASP USB enumeration, integers from 201
through 255 are reserved for the USB port. Each port at which a
key is attached is assigned one of these 55 numbers in consecutive
sequence.
The following example shows how to use HASP USB
enumeration:
1. Call the hasp() routine with the IsHasp() service. The value
returned in P2 is the number of ports to check for your specific
key.
2. Treat the number in P2 as the variable n, where n is the number
of USB ports to check.
3. Call the hasp() routine with a HASP API service that reads
memory or retrieves the HASP ID number, transferring the
first USB port number in the PortNum parameter. You should
check for unique data that confirms the identity of a particular
key.
4. If the memory of the key at that first port identifies it as the
specific key you want, store its USB port number. Otherwise,
loop back to step 3 with the next USB port number. In all, loop
up to n times.
Later in your code, you communicate with that particular key using
its specific port number.

Checking for Vital Errors

For HASP stand-alone keys there are two vital error codes to
check after every call to hasp(). The relevant codes are returned in
p3:
• "HASP not found": error -3. If this error is encountered,
prompt the user to attach the (correct) HASP key.
• "Port Busy": error -6. Call the hasp key again after a short
pause, or ask the user to wait for the printer or other devices to
finish before continuing with the application.
You should also perform one check at the start of your application
to establish whether the HASP device driver is installed. Do this
by checking the first hasp() call for errors -100, -110 and -111. If
either of these are encountered, install the driver and continue the
program.

HASP Services
Refer to Table 7.4 for information on which service to use with
the various HASP models.
Table 7.4 HASP Models and Relevant Services
HASP Model Relevant Services
HASP4 Std. Basic HASP services
HASP4 M1, M4 Basic HASP services

HASP4 memory services
HASP4 Time Basic HASP services

HASP4 memory services
HASP4 Time services
HASP4 Net HASP4 Net services

Basic HASP Services

You can use the basic HASP services with HASP4 Std.,
HASP4 M1, HASP4 M4 and with HASP4 Time. The following
services are available.
Table 7.5 Basic HASP Services
Servi Name Operation

ce
1 IsHasp Check if any HASP is connected

to the computer.
5 HaspStatus Check the type of HASP

connected to the computer.
Check which parallel port has a
key connected to it.
Check the memory size of a
HASP memory key.
Check the API version.
Return values relate to the first key
found with the specified
passwords.
8 CheckHaspGeneration Determines whether a connected

key is a HASP3 or HASP4.
9 NetHaspStatus Determines what kind of HASP4

Net key is connected.
60 HaspEncodeData Encode data sent to the connected

HASP4 key. Use in conjunction
with HaspDecodeData to verify
that a specific HASP4 key is
connected.
61 HaspDecodeData Decode data sent to the

connected HASP4 key. Use in
conjunction with
HaspEncodeData to verify that a
specific HASP4 key is connected.

HASP4 Memory Services

You can use HASP4 memory services with HASP4 M1,
HASP4 M4 and with HASP4 Time (496 bytes area). The following
services are available.
Table 7.6 HASP4 Memory Services
Service Name Operation
3 ReadWord Read one word of data from the

HASP memory.
4 WriteWord Write one word of data to the HASP

memory.
6 HaspID Get the HASP ID number.
50 ReadBlock Read a block of data from the HASP

memory.
51 WriteBlock Write a block of data to the HASP

memory.

HASP4 Time Services

You can use HASP4 Time services with HASP4 Time keys.
Use services 74 to 77 to access the 16-byte HASP4 Time memory.
Use the HASP4 memory services 3, 4, 50, and 51 to access the
496-byte memory of the HASP4 Time key.
The following HASP4 Time services are available.
Table 7.7 HASP4 Time Services
70 SetTime Set the HASP4 Time clock to a given

time.
71 GetTime Get the time from the HASP4 Time

clock.
72 SetDate Set the HASP4 Time clock to a given

date.
73 GetDate Get the date from the HASP4 Time

clock.
74 WriteByte Write one byte of data to the

HASP4 Time memory.
75 ReadByte Read one byte of data from the

HASP4 Time memory.
76 WriteBlock Write a block of data to the

HASP4 Time memory.
77 ReadBlock Read a block of data from the

HASP4 Time memory.
78 GetHaspID Get the HASP4 Time ID number.

HASP4 Net Services

You can use HASP Net services with HASP4 Net keys only. The
following services are available.
Table 7.8 HASP4 Net Services
40 LastStatus Check the status of the last call. Use

this service after each call to the
hasp( ) routine.
42 Login Request permission from the HASP

License Manager to activate the
application.
Unless you use services 85 or 96,
login must be your first call to the
hasp( ) routine.
43 Logout Request HASP4 Net session

termination from the HASP License
Manager.
44 ReadWord Read one word of data from the

HASP4 Net memory.
45 WriteWord Write one word of data to the

HASP4 Net memory.
46 HaspID Get the HASP4 Net ID number.
48 IdleTime Set a maximum time frame for idle

stations.

HASP4 Net memory.
53 WriteBlock Write a block of data to the HASP4

Net memory.
85 SetConfigFilename Set name of HASP4 Net

configuration file.

88 HaspEncodeData Encode data sent to the connected

HASP4 Net key. Use in conjunction
with HaspDecodeData to verify that
a specific HASP4 Net key is present
on the network.
89 HaspDecodeData Decode data sent to the connected

HASP4 Net key. Use in conjunction
with HaspEncodeData to verify that
a specific HASP4 Net key is present
on the network.
96 SetServerByName Set the name of the HASP License

Manager to which the protected
application will perform a HASP4
Net login.
110 LoginProcess Determines whether activations of

applications protected with HASP4
Net keys will be decremented per
station or per process.
230 GetCurrentServer Retrieves the currently used License

Manager address.

Enabling Local and Network Protection

The API allows you to protect your application for both network
environments and stand-alone PCs.
To enable API protection for both networks and stand-alone
computers:
1. Use the basic HASP, HASP memory, and HASP4 Time
services to check whether or not the correct HASP stand-alone
key is connected to the local port of the computer.
2. If the correct HASP stand-alone key is not found, use the
HASP4 Net services to search for the HASP4 Net.

HaspDemo Utility
With the HaspDemo utility, you can test the HASP API services
and the operation of HASP4 Net.
The test utility available is haspdemo.exe for Windows and Win32.
With this utility, you can test HASP keys of all models. The
haspdemo.exe is a multi-object sample program that you use to test
keys with different versions of the HASP API. Access it by
clicking HaspDemo for Win16 or Win32 on the HASP CD
menu. You can find the executable under
Utility\Haspdemo\Windows\Win16 or Win32
You need to provide passwords for most of the

! functions in the HaspDemo utility. The core of HASP
protection concept are the passwords, therefore you
must never reveal them to customers. Haspdemo.exe must
only be used by those in your company who know the
passwords. Use Aladdin DiagnostiX as a secure
communication medium with your customers. See
"Assisting End-Users & Vendors" on page 117.


Question How long is a HASP check?
Answer With HASP stand-alone keys, a call to the hasp( ) routine takes
about 20 milliseconds. A HASP4 Net login takes
approximately two seconds, depending on network traffic.
Calls to the other HASP4 Net services require approximately
half a second. As is clear from these figures, you can issue as
many calls to the HASP as you like.
Question How does HASP prevent code tracing?
Answer More than 60% of our routines are designed specifically to

prevent tracing the code of the protected application.
Naturally, we cannot reveal all our “tricks-of-the-trade”, but
below are some samples.
• Grabbing debugger interrupts, making it difficult to
activate the debugger itself.
• Special traps for hardware debuggers.
• Hard-to-trace self-generating code.
• Time traps.
• Frequent releases of software upgrades which implement
new features and security enhancements.

Question The programming language or compiler I am using is not

compatible with any of the HASP supported languages and
compilers. How can I protect my software?
Answer In this case, we suggest the following:

• Try using an available HASP interface which uses the same
type of object files as your compiler.
• Try using a DLL (for Windows and Win32 applications).
• Consult your local HASP representative. New interfaces
are constantly added to the long list of compilers and
languages supported by HASP.
• Use the HASP Envelope utility.
Question How can I protect a DLL with HASP?
Answer You can use the Win32 Envelope utility to protect Win32
DLLs, the Win16 Envelope to protect Win16 DLLs, and the
HASP API to protect Windows and Win32 DLLs.
There are two options when protecting DLLs with the API:
• Use the object files supplied with the HASP software and
link them to your DLL. Incorporate calls to the hasp( )
routine into your application.
• Call the hasp( ) routine from your DLL. The hasp( )
routine is defined in the HASP DLL we supply. Include
both your DLL and the HASP DLL when you distribute
your application.

Question I’ve used the API to check the HASP ID number. Sometimes,
HaspID returns a negative number in IDLow. When I calculate
the ID number, I get a different one than that which appears in
HaspEdit.
Answer When IDLow is negative, use the following equation to calculate

the ID number:
ID number = 65536 + IDLow + 65536 * IDHigh
Alternatively, you can use HaspEdit to check the short (16-bit)
fractions of the IDLow and IDHigh words. You can then directly
compare them to the IDLow and IDHigh parameters returned by
the hasp( ) routine without calculating the ID number.
Question Where can I find a sample program that demonstrates how to

implement the API?
Answer There is a sample program on our CD for most of the common

compilers. For example, for Visual C++, you can find a sample
under win32api\c\for sources, or make files under
win32api\c\msc.

Part 3 - Chapter 8
Protection
Strategies
The HASP protection system includes the best hardware and
software protection tools available on the market today. However,
a HASP-based software protection system is only as secure as the
way in which you implement it. The calls to the hasp( ) routine that
you insert into your code ultimately control access to your
application. Because the HASP hardware is virtually impossible to
break or duplicate, attacks usually focus on tracing the protection
code and eliminating the protection routines.
To achieve maximum protection with HASP, use both the
Envelope and API protection methods. Each method has its
unique features and complements and enhances the other.
To increase software security when protecting with the API, use
the techniques outlined in this chapter. This chapter describes the
following:
• Attacks on software protection schemes that can be avoided by
implementing proper protection techniques.
• Tips for maximizing the security of your protected application.
If you would like assistance in strengthening your application
against possible attacks, we can offer a more personalized support
service from our team of Aladdin Consultants. They will be able to
provide help on a wide range of issues, including protection
strategies and implementation techniques.

Protection Strategies Part 3 - Chapter 8
For more information on Aladdin Consulting, please contact your

local HASP representative.
Software Protection Attacks

There are two main methods of attacking a protected application:
• Patching calls to the protection routine
• Patching the software of the key manufacturer
To patch calls to the protection routine, you need to change the
protected executable so that it does not send requests to the key,
verify the results returned by the key, or act according to the
results specified in the code.
This kind of attack is used when you assume that protection has
been poorly implemented.
To patch the software of the key manufacturer, you need to change
the routines responsible for communication with the hardware key.
When you change these routines, you ensure that they return the
expected results even when the correct key is not connected.
It is important to note that both of these methods are application-
specific and cannot be applied as is to other protected applications.
To achieve maximum security, we recommend that you

link your applications to HASP objects rather DLLs.

Using the HASP API Protection Strategies
Tips and Tricks

This section provides tips and tricks to combat the attacks
described in the previous section. Use as many of the strategies as
possible to maximize the level of your application’s security.
Keep in mind that when you implement protection, you should do
so in a way that considers the implications for legitimate end users
of the application. For example, a legitimate user may forget to
attach the key to the computer; your protection scheme should
take this into consideration. Clever protection strategies combat
attacks on your software, not innocent users.
Use Multiple Calls

Insert numerous calls to the hasp( ) routine to exhaust those who
attack your protected software. Complex multiple calls create great
difficulties in following and attacking your protection scheme.
The more calls and return codes checked, the more difficult it is to
trace and remove all of them. The calls should be made from as
many different places in your code as possible.
Encode Internal and External Data

Encode some of the data your application uses and make decoding
dependent on the presence of the HASP key.
Encoding your data greatly enhances your application's security.
Use the HASP4 ability to encode strings or binary data which will
adversely affect program flow if it is decoded improperly. This
creates an association between your application and the HASP that
cannot easily be removed. Not only will the application have to be
cracked to remove or alter all checks to the HASP but also the data
will have to be decoded. It is not necessary to encode all the data
handled by your application, but certain key data can be encoded.
Good choices are file headers, important constants in calculations,
or some small fields in a database. Anything that will affect the

main functions of the application is a potential candidate for

encoding. Care should be taken to notify the customer that the
HASP key is not present to prevent damage to valuable data.
When a hacker removes these checks and dialog boxes, the subtle
dependency of your application on this data will be revealed.
For simple data sets, the basic process is outlined below. These
basic procedures can be modified to suit your requirements.
1. Connect your HASP4 key
Make sure that the HASP4 key that you want to use to protect
your application is attached to the computer.
2. Encode the data
Use the HaspEdit utility to encode your data. The output from
this process will be a binary file. Alternatively you can choose to
create an include file in either VB or C format. This allows you
to access encoded values directly within your application.
3. Incorporate the encoded data in your application.
Replace the original clear text data in your application with the
include file or the encoded data.
4. Decode the data on demand in your application
Use service 61 - HaspDecodeData to decode the encoded data
via the connected HASP4 key. Now you are ready to perform
operations on this data. Remember to provide for error
checking to warn users if a HASP4 is not present.
Note that “HASP not found” and similar strings should not be
encoded using HASP-dependent encoding keys. As these strings
are displayed when the HASP is not connected, their proper
decoding should not be dependent upon a response from the
HASP key. For these types of strings, use an encoding key of your
choice and any available encoding method.

Avoid Repetitive Schemes

A scheme that repeats itself throughout your code is easy to learn
and track. Once your scheme is understood, it becomes obvious
what to look for, making any attack that much easier.
Furthermore, if your application consists of multiple protected
executables or DLLs, change the protection scheme from one file
to another. Use all the HASP services, calling each of them many
times, and implementing a different protection scheme with each
call. In addition, use the HASP Envelope to protect your
executables. The HASP Envelope uses Multi-Layer Envelope
technology, which implements a different protection scheme for
each executable file.
Avoiding repetitive schemes makes an attack far more time-
consuming. Searching and hacking a HASP call should be a new
and difficult task each time an attack is planned.
Separate the Call Steps

Checking for a HASP involves three main steps:
• Calling the hasp() routine.
• Evaluating the values returned from the protection routine.
• Responding according to the returned values.
To enhance security, code the three steps in different places
throughout your software. Separated steps are much more
difficult to trace than sequential steps. The response to an
unconnected HASP should be delayed and come as a total
surprise, nowhere in the vicinity of the actual HASP check.
For example, you can check for the HASP when the user clicks on
a specific menu item. Allow the user to work even though a key is
not connected. Issue the “HASP not found” message only after an
entirely different operation is executed so that the connection
between the original HASP check and the response is not
apparent.

Encode the HASP Memory

In addition to the inherently high level of security provided by the
ASIC chip, you can further secure the HASP memory by encoding
it.
For example, you can use the unique HASP ID number as a key
for encoding the HASP memory. During run time, make sure to
decode the memory using the HASP ID number.
Since the encoding key is different for each HASP, the run time
decoding process is unique for each key. This process provides yet
another obstacle in the copying of the HASP memory contents
from one key to another, as the HASP ID number cannot be
copied. The memory of the “fake” HASP is decoded using an
invalid encoding key, resulting in incorrect memory data.
Checksum Your Code

Perform a checksum to find out if your application has been
tampered with.
To perform a simple checksum:

1. Calculate the checksum.
2. Compare it with the correct value. Please be sure to separate
the steps as outlined in "Separate the Call Steps" on page 151.
3. Continue if the two match, otherwise issue an error message.
Unfortunately, the above technique is vulnerable to several attacks.
• The code can be patched and the check bypassed.
• One can force the checksum to return the correct value.
To do so, one must identify the checksum algorithm and use code-
patch and breakpoint techniques to compensate for changed bytes.
You can defend against this type of attack by avoiding simple
modulo addition or performing a XOR operation. Use CRC (cyclic
redundancy check) or another algorithm sensitive to byte ordering.

Another defense technique is to avoid comparing the result of the

checksum with a previously calculated value. Instead, use the
checksum result to perform an action that results in an error if the
wrong value was calculated.
For example, store the result in a variable and use that variable
later on as a key to decode a certain code or data. This approach
has the advantage of delayed reaction. In addition, the expected
checksum value is not explicitly stored in the application.
Use Program Functionality as Response to a Missing

HASP Key
There are a range of possible responses you can include in your
code when the correct HASP is not connected. The most simple
of responses is to insert a “HASP not found” message. However,
this implies that a HASP check was performed.
Instead of issuing a “HASP not found” message, devise an
interruption to the natural flow of your program if the correct
HASP is not connected. For example, instruct the application to
stop responding to user input (i.e. the protected application will
not respond to mouse clicks) if the correct HASP is not attached,
and to resume normal operations if the key is later connected.
Only the functionality of the protected application will be affected.
Other programs should continue to function. Illegitimate users
may think that the difficulty is caused by a bug in the program.
They might not realize that a HASP check was performed and that
the problem is due to the lack of a HASP key.
Be sure to use program functionality in this way while taking into
consideration the legitimate users who have mistakenly forgotten
to connect the HASP.
Hide Passwords
Hide passwords in the protected application by:
• Scramble them
• Saving them in different parts of the source code

• Comparing the different places where they are saved as a check

for tampering
Generate Noise
Call the hasp( ) routine and pass it parameters that have irrelevant
values. These values can be produced by random number
generators, time values, intermediate results of calculations and
more. Of course, these calls to the hasp( ) routine should not lead
to any meaningful results and actions. Generating noise causes
distractions and poses additional obstacles for anyone who tries to
attack your protected application.
Use HASP-Dependent Data

When using data stored in the HASP memory, you typically check
that the value is valid before proceeding. However, the checking
process forces you to include the real value that is checked in your
application. The value is then accessible to attacks.
To prevent accessing this data, read it and use it in your application
without explicitly checking its validity. If the HASP is connected,
the value is valid. Otherwise, the value is invalid and results in an
error.
For example, instead of checking data read from the HASP
memory, you can use it directly to go to a label and perform an
operation as described in the following pseudo-code:
Begin
Global variable FLAG is assigned an initial
value.
Call the hasp( ) routine with the ReadWord
service.
FLAG is assigned the value of the data read
from the HASP memory (100 in this example).
Goto FLAG
...
...
...
Label 100:

Perform an operation that is required for the

correct program flow.
In the above example, when the HASP is connected and the
correct value of 100 is read from its memory, the program
continues and performs its intended operation by going to label
100. If the HASP is not connected, the program does not reach
the designated label and does not perform the requested
operation.
This strategy prevents using an IF statement which translates to an
Assembly CMP, and is therefore much more difficult to trace.
Use HASP Envelope

HASP Envelope adds a protective shield around your application.
Envelope protection offers file encoding and advanced anti-
debugging features which make attacks much more difficult.
If you are protecting a series of executables, the HASP Envelope,
with its Multi-Layer Envelope technology, implements a different
protection scheme for every executable file. Varying protection
schemes makes it much more difficult to understand and hack an
application.
Change Your Strategy

To maintain a high level of software security, you should change
your protection scheme often. Vary your methods, implementing
different security measures for each version of your application.
Upgrade your tools of defense regularly.
Aladdin is committed to supplying you with the best protection
technology available on the market, and continually enhances its
product line. Check the Aladdin web site periodically for
information about new features in the HASP protection system
and contact your HASP representative for the latest updates on
the HASP software developments.
Stay in step with Aladdin and always keep one step ahead of
anyone who tries to attack your software.

Part 3 - Chapter 9
Basic HASP Services

This chapter describes the basic HASP API services which are
applicable to HASP4 Standard, HASP4 Time HASP4 M1 and
HASP4 M4. Each of the services are described in detail.
Table 9.1 on page 158 lists the hasp( ) routine parameters for each
service. Each service listed in the following table is assigned two
rows:
• The call row, C, lists parameters you pass to the hasp( ) routine.
• The return row, R, lists parameters that the hasp( ) routine
returns.
Every call to the HASP routine receives nine input parameters, but
not all the parameters are used. Par1, Par2, Par3 and Par 4 are
pointers to 32-bit integers in 32-bit systems, and 16-bit integers in
16-bit systems. All other parameters are integers. The values of
Par1, Par2, Par3, and Par4 change according to the service.
All parameters are 16 bits in16-bit applications and 32 bits in 32-
bit applications..
All unused input parameters are generally ignored.

However it is recommended that unused input
parameters be set to 0.
In 64-bit systems, Par1-4 are pointers to 32-bit
integers.

158
eration(8)
IsHasp (1)
Service (no.)
HaspStatus (5)
CheckHaspGen-
NetHaspStatus(9)
Basic HASP Services
R
R
R
R
C
C
C
Seed Code
LptNum LptNum PortNum PortNum PortNum
Password1 Password1 Password1 Password1

Table 9.1 Basic HASP Services and Parameters
Hasp4 Net HASP4 Memory Size HASP Par1

type found found
HASP Type Port Par2
Status Status Actual Status Par3

PortNum
HASP Object Par4

Version
Part 3 - Chapter 9
© Aladdin Knowledge Systems, 2003

Using the HASP API Basic HASP Services
Service (no.)
Seed Code
Password2
Password1
PortNum
Par2
Par3
Par4
Par1
HaspEncodeData (60) C
Password1
Password2
PortNum
Segment
Offset
Buffer
Buffer
Buffer
Size
0
R
Status
HaspDecodeData(61) C
Password1
Password2
PortNum
Segment
Buffer
Buffer
Buffer
Offset
Size
0
R
Status
The Buffer Segment parameter is only relevant for
16-bit applications.

Basic HASP Services Part 3 - Chapter 9
Service 1: IsHasp
Description Check if a HASP is connected to the computer.
Relevant Keys HASP4 Std., HASP4 M1, HASP4 M4, HASP4 Time
Syntax
Par4)
Parameters
Used Service 1
PortNum Value indicating the ports to search, see “Specifying
the Port” on page 133.
Return Values
Par1 A value indicating if a HASP key was found
0 No HASP is connected to the computer.
1 A HASP is connected to the computer
Par 2 Actual port address, see “Specifying the Port” on
page 133.
Par 3 A code indicating the status of the operation. See
"HASP API Status Codes" on page 217.
Comments Service 1, IsHasp, is a service used to check if any HASP is

connected to your computer. Always use IsHasp in conjunction
with other HASP API services. To verify that the correct HASP
(with your developer code) is connected, use Service 61,
HaspDecodeData. For a simple presence check, use Service 5,
HaspStatus.

Service 5: HaspStatus
Description Check the type of HASP connected to the computer. Also check
to which port the key is connected.
Syntax
Par4)
Parameters
Used Service 5
PortNum Value indicating the port to search for the HASP.
Password1 First HASP password.
Password2 Second HASP password.
Return Values
Par1 Memory Size
1 HASP4 M1
4 HASP4 M4
0 other keys
Par2 HASP Type
0 HASP4 Std.
1 HASP4 M1 or HASP4 M4
5 HASP4 Time
Par 3 Actual port number, see “Specifying the
Port” on page 133.
Par4 HASP Object Version – The current API
version.

Comments • To minimize search time, use the value of the Actual PortNum
received in Par3, and pass it via the PortNum parameter in
subsequent calls to the hasp( ) routine.
• If a HASP4 Net key is connected to a local port, this service
identifies it as HASP4 M4. The memory size returned in Par1
is 4, the HASP model returned in Par2 is 1.
• Older TimeHASP-1 keys used to return 3 in Par2. Applications
which use such keys should be updated to handle a status of 3
or 5.
• Return values relate to the first key found with the specified
passwords.

Service 8: CheckHaspGeneration
Description Checks if connected key is a HASP4 generation key.
Relevant Keys HASP4 Std., HASP4 M1, HASP4 M4, HASP4 Time, HASP4 Net
Syntax
hasp (Service, SeedCode, LptNum,
Par4)
Parameters
Used Service 8
LptNum Value indicating the port to search for the HASP.
Par1 0 (reserved).
Par2 0 (reserved).
Par3 0 (reserved).
Par4 0 (reserved).
Return Values Par1 A value indicating whether a HASP4 key was

found.
0 No HASP4 key connected to the computer.
1 HASP4 key is connected to the computer
Par 3 A code indicating the status of the operation.
Comments This service only works if reserved input parameters Par1, Par2,
Par3, Par4 are set to 0. When Par1 and Par3 returns are 0, a
HASP3 with specific passwords is connected.

Service 9: HaspNetStatus
Description Determines what kind of HASP4 Net key is connected.
Relevant Keys HASP4 Net
Syntax
hasp (Service, SeedCode, LptNum,
Par4)
Parameters
Used Service 9
LptNum Value indicating the port to search for the HASP.
Par1- Par4 0 (reserved).
Return Values
Par1 Type of HASP4 Net key connected:
0 No HASP4 Net key attached
5 HASP4 Net 5 users
10 HASP4 Net 10 users
0xffff HASP4 Net unlimited
Par 3 A code indicating the status of the operation.
Comments This service only works if reserved input parameters Par1, Par2,
Par3, Par4 are set to 0.

Service 60: HaspEncodeData

Description Encodes data via a connected HASP key.
Syntax
Par4)
Parameters
Used Service 60
Par1 0 (reserved).
Par2 Buffer size. The size in bytes of the buffer to be
encoded. The buffer must be at least 8 bytes in size.
Par3 Buffer segment. The segment address of the buffer.
Only relevant for 16-bit applications.
Par4 Buffer offset. The offset address of the buffer.
Return Values
Par 3 Status – A code indicating the status of the
operation. See "HASP API Status Codes" on
page 217.
Comments The contents of the program buffer are encoded via the connected
HASP and updated in place.
This service can only be used with the HASP4 generation of
HASP keys. If a key prior to the HASP4 generation is attached, no
data will be encoded and the service will return an error code.

Service 61: HaspDecodeData

Description Decodes data via a connected HASP key.
Syntax
Par4)
Parameters
Used Service 61
Par1 0 (reserved).
decoded. The buffer must be at least 8 bytes in size.
Return Values
page 217.
Comments The contents of the program buffer are decoded via the connected
data will be decoded and the service will return an error code.

Part 3 - Chapter 10
HASP4 Memory
Services
This chapter describes the HASP API services for HASP4 M1,
HASP4 M4, and HASP4 Time. Each of the services are described
in detail.
Table 10.1 on page 168 lists the hasp( ) routine parameters for
each service. Each service listed in the following table is assigned
two rows:
returns.
Par1, Par2, Par3, and Par4 change according to the service. A
‘word’ of data contains 8 bytes or 16 bits.

HASP4 Memory Services Part 3 - Chapter 10
Due to the fact that Macintosh machines operate in Big

! Endian and Intel machines in Little Endian, the values
of ReadWord and WriteWord are byte-swapped on
Macintosh in relation to Intel.
Consider this fact when you read and write to a HASP
key with these services, or use the services ReadBlock
and WriteBlock which operate endian independently.
Table 10.1 HASP4 Memory Services and Parameter
Service (no.)
Seed Code
Password2
Password1
PortNum
Par2
Par3
Par4
Par1
ReadWord (3) C
Password1
Password2
PortNum
Address
R Status
Data
WriteWord (4) C
Password1
Password2
PortNum
Address
Data
R
Status
HaspID (6) C
Password1
Password2
PortNum
R
IDHigh
IDLow
Status

Using the HASP API HASP4 Memory Services
Service (no.)
Seed Code
Password2
Password1
PortNum
Par2
Par3
Par4
Par1
ReadBlock (50) C
Password1
Password2
PortNum
Segment
Address
Length
Offset
Buffer
Buffer
Block
Start
R
Status
WriteBlock (51) C
Password1
Password2
PortNum
Segment
Address
Length
Buffer
Buffer
Offset
Block
Start
Status


Service 3: ReadWord
Description Read one word of data from the HASP memory.
Relevant Keys HASP4 M1, HASP4 M4, HASP4 Time
Syntax
hasp (Service, SeedCode, PortNum, Password1,
Password2,Par1, Par2, Par3, Par4)
Parameters
Used Service 3
PortNum Value indicating the ports to search, see “Specifying
the Port” on page 133.
Par1 Address – The HASP memory address you want to
read from:
0 to 55 – HASP4 M1
0 to 247 – HASP4 M4
0 to 247 – HASP4 Time
Return Values
Par2 Data – One word of data read from HASP memory.
page 217.

Service 4: WriteWord
Description Write one word of data to the HASP memory.
Syntax
Parameters
Used Service 4
Par1 Address – The HASP memory address you want to
write to:
0 to 55 – HASP4 M1
0 to 247 – HASP4 M4
Par2 Data – One word of data.
Return Values
page 217.

Service 6: HaspID
Description Determine the HASP ID number.
Syntax
Parameters
Used Service 6
Return Values
Par1 IDLow – Low (least significant) word of the ID
number.
Par2 IDHigh – High (most significant) word of the ID
number.
page 217.
Comments The ID number is a long integer (32 bits). You calculate it as

follows, if IDLow and IDHigh are unsigned.
ID number = IDLow + 65536 * IDHigh
If IDLow and IDHigh are signed, you need to compensate a
negative value by adding 65536.

Service 50: ReadBlock

Description Read one block of data from the HASP memory.
Syntax
Parameters
Used Service 50
Par1 Start Address – Defines the initial HASP memory
address for reading the block:
0 to 55 – HASP4 M1
0 to 247 – HASP4 M4
Par2 Block Length – The block size, in words.
Par3 Buffer Segment – The segment address of the buffer.
Par4 Buffer Offset – Offset address of a program buffer
(variable). The buffer size must be at least as large as
the block size.
Return Values
page 217.
Result The HASP memory content is read into the program buffer.

Service 51: WriteBlock

Description Write one block of data to the HASP memory.
Syntax
Parameters
Used Service 51
Password1 The first HASP password.
Password2 The second HASP password.
Par1 Start Address – Defines the initial HASP memory
address for writing the block:
0 to 55 – HASP4 M1
0 to 247 – HASP4 M4
Par2 Block Length – The block size, in words.
Par3 Buffer Segment – The segment dress of the buffer.
the block size.
Return Values
page 217.
Comments The contents of the program buffer are written to the HASP
memory.

Part 3 - Chapter 11
HASP4 Time Services

This chapter describes the HASP API services which are
applicable to HASP4 Time. Each of the services are described in
detail.
The HASP4 Time battery has a lifetime of over four years. When
implementing the API with HASP4 Time, it is recommended that
you incorporate calls which check that the clock is advancing and
act accordingly when it stops.
Table 11.1 on page 176 lists the hasp( ) routine parameters for
each service. Each service listed in the following table is assigned
two rows:
returns.
Par1, Par2, Par3, and Par4 change according to the service.


176
SetDate (72)
SetTime (70)
GetDate (73)
GetTime (71)
Service (no.)
WriteByte (74)
HASP4 Time Services
R
R
R
R
C
C
C
C
Seed Code
PortNum PortNum PortNum PortNum PortNum PortNum
Password1 Password1 Password1 Password1 Password1 Password1

Table 11.1 HASP4 Time Services and Parameters
Address Day Day Second Second Par1
Data Month Month Minute Minute Par2
Status Status Status Status Par3
Year Year Hour Hour Par4

Part 3 - Chapter 11

HaspID (78)
Service (no.)
ReadByte (75)
ReadBlock (77)
WriteBlock (76)
Using the HASP API
R
R
R
R
C
C
C
Seed Code
HASP4 Programmer’s Guide

PortNum PortNum PortNum PortNum PortNum
Password1 Password1 Password1 Password1 Password1
Password2 Password2 Password2 Password2 Password2
IDLow Start Start Address Par1
Address Address
IDHigh Block Block Data Par2

Length Length
Status Status Buffer Status Buffer Status Status Par3

Segment Segment

Buffer Buffer Par4
Offset Offset
177
HASP4 Time Services
HASP4 Time Services Part 3 - Chapter 11
Service 70: SetTime

Description Set the time on the HASP4 Time real-time clock.
Relevant Keys HASP4 Time
Syntax
hasp (Service, SeedCode, PortNum,Password1,
Parameters
Used Service 70
PortNum Value indicating the port to search for the HASP key.
Password1 First HASP4 Time password.
Password2 Second HASP4 Time password.
Par1 Second – Seconds portion of the time you want to set

(00 to 59).
Par2 Minute – Minutes portion of the time you want to set
(00 to 59).
Par4 Hour – Hour portion of the time you want to set (00
to 23).
Return Values
page 217.

Using the HASP API HASP4 Time Services
Service 71: GetTime

Description Get the time from the HASP4 Time real-time clock.
Syntax
Parameters
Used Service 71
Return Values
Par1 Second – Seconds read from the HASP4 Time clock.
Par2 Minute – Minutes read from the HASP4 Time clock.
page 217.
Par4 Hours – Hours read from the HASP4 Time clock.

Service 72: SetDate

Description Set the date on the HASP4 Time real-time clock.
Syntax
Parameters
Used Service 72
Par1 Day – Day to set on the HASP4 Time clock (1 to 31).
Par2 Month – Month to set on the HASP4 Time clock (1
to 12).
Par4 Year – Year to set on the HASP4 Time clock (0 to
99).
Return Values
page 217.
Comments Year ranges from 0 to 99, where 92 to 99 refer to 1992-1999, and

00 to 91 refer to 2000-2091.

Service 73: GetDate

Description Get the date from the HASP4 Time real-time clock.
Syntax
Parameters
Used Service 73
Return Values
Par1 Day – Day read from the HASP4 Time clock (1 to
31).
Par2 Month – Month read from the HASP4 Time clock
(1 to 12).
page 217.
Par4 Year – Year read from the HASP4 Time clock (0 to
99).
Comments Year ranges from 0 to 99, where 92 to 99 refer to 1992-1999, and

00 to 91 refer to 2000-2091.

Service 74: WriteByte

Description Write one byte of data to the HASP4 Time memory.
Syntax
Parameters
Used Service 74
Par1 Address – The HASP4 Time memory address to
which you want to write (0 to 15).
Par2 Data – One byte of data.
Return Values
page 217.
Comments This service writes to the 16-byte memory of a HASP4 Time. To

write to the 248-word memory of a HASP4 Time, use Service 4
(page 171).

Service 75: ReadByte

Description Read one byte of data from the HASP4 Time memory.
Syntax
Parameters
Used Service 75
Par1 Address – The HASP4 Time memory address to
which you want to read (0 to 15).
Return Values
Par2 Data – One byte of data read from the HASP4 Time
memory.
page 217.
Comments This service reads from the 16-byte memory of a HASP4 Time. To
read from the 248-word memory of a HASP4 Time, use Service 3
(page 170).


Description Write one block of data to the HASP4 Time memory.
Syntax
Parameters
Used Service 76
Par1 Start Address – Defines the initial HASP4 Time
memory address for writing the block (0 to 15).
Par2 Block Length – Size, in bytes, of the data block (the
maximum is 16).
the block size.
Return Values
page 217.
Comments This service writes a block to the 16-byte memory of a

HASP4 Time. To write a block to the 248-word memory, use
Service 51 (page 174).


Description Read one block of data from the HASP4 Time memory.
Syntax
Parameters
Used Service 77
Par1 Start Address – Defines the initial HASP4 Time
memory address for reading the block (0 to 15).
Par2 Block Length – The size, in bytes, of the data block
(maximum 16).
the block size.
Return Values
page 217.
Comments This service reads a block from the 16-byte memory of a

HASP4 Time. To read a block from the 248-word memory of a
HASP4 Time, use Service 50 (page 173).

Service 78: HaspID

Description Determine the HASP4 Time ID number.
Syntax
Par4)
Parameters
Used Service 78
Return Values
number.
number.
page 217.

negative value by adding 655356

Part 3 - Chapter 12
HASP4 Net Services

This chapter describes the HASP API services for HASP4 Net.
Each of the services are described in detail.
Table 12.1 "HASP4 Net Services and Parameters" on page 189
lists the hasp( ) routine parameters for each service. Each service
listed in the following table is assigned two rows:
returns.
Par1, Par2, Par3, and Par4 change according to the service. A
‘word’ of data contains 8 bytes or 16 bits.


HASP4 Net Services Part 3 - Chapter 12
When using the ReadWord or WriteWord services to

! write or read from a HASP key, you should be aware
that the byte order of the referred value will be
dependant on the system you are using. Intel-based
CPUs utilize the little-endian order, whilst Macintosh
computers use the big-endian order. Alternatively you
can also use ReadBlock and WriteBlock -
endian-independent services to read or write to a HASP
key.
Using HASP4 Net Services

The HASP4 Net API requires that some services be called in
sequence, as described below:
1. Optionally, call the hasp( ) routine with the SetConfigFilename
and then with the LastStatus service.
2. Optionally, call the hasp( ) routine with the SetServerByName
and then with the LastStatus service.
3. Call the hasp( ) routine with the Login service and then with the
LastStatus service.
4. Once you call the Login service, you are free to call any HASP4
Net service. After each call to a service, call the hasp( ) routine
with the LastStatus service.
5. Call the hasp( ) routine with the Logout service and then with
the LastStatus service.

Using the HASP API HASP4 Net Services
Under the TCP/IP protocol, a Windows 16-bit

! application calling the hasp( ) routine automatically
gains control while the routine is being processed.
Control is gained through the application message loop
rather than through the instruction following the
hasp( ) routine call.
Do not call the hasp( ) routine again until control is
gained through the instruction following the call. If you
do, your application crashes. To avoid this situation, use
flags to prevent new calls to the hasp( ) routine while
the previous call is being processed.
Table 12.1 HASP4 Net Services and Parameters
Service (No.)
Seed Code
Password2
Password1
PortNum
Par2
Par3
Par4
Par1
LastStatus (40) C
Warning
System
Error
Status
Code
Net
Login (42) C
Password1
Password2
Seed Code
ProgNum
Logout (43) C
Password1
Password2
ProgNum
ReadWord (44) C
Password1
Password2
ProgNum
Address

190
HaspID (46)
IdleTime (48)
Service (No.)
ReadBlock (52)
WriteWord (45)
WriteBlock (53)
HASP4 Net Services
R
R
R
R
R
C
C
C
C
C
Idle Time Seed Code
ProgNum ProgNum ProgNum ProgNum ProgNum PortNum
Start Start IDLow Address Par1

Address Address
Block Length Block IDHigh Data Data Par2

Length
(Buffer Status (Buffer Status Status Status Par3

Segment) Segment)
Buffer Buffer Par4

Offset Offset

Part 3 - Chapter 12
(85)
(104)
Service (No.)
SetConfigFilename
HaspQueryLicense
HaspEncodeData(88)
HaspDecodeData(89)
SetServerByName (96)
Using the HASP API
R
R
R
R
R
C
C
C
C
C
Seed Code
HASP4 Programmer’s Guide

ProgNum ProgNum ProgNum PortNum
Par1
Buffer Buffer Buffer Buffer Par2

Size Size Size Size
(Buffer Status (Buffer Status (Buffer (Buffer Status Par3

Segment) Segment) Segment) Segment)
Buffer Buffer Buffer Buffer Par4

Offset Offset Offset Offset
191
HASP4 Net Services
Service (No.)
Seed Code
Password2
Password1
PortNum
Par2
Par3
Par4
Par1
R
Activations
remaining
Key Type
Licenses
Licenses
Active
Max.
LoginProcess (110) C
Password1
Password2
ProgNum
GetCurrentServer C Status
Offset
Buffer
Buffer
(230)
Size
R
Buffer size
Status


Service 40: LastStatus

Description Check the status of the previous call to the hasp( ) routine. Call
hasp( ) with the LastStatus service after each call with one of the
HASP4 Net services.
Syntax
hasp (Service, SeedCode, ProgNum, Password1,
Parameters
Used Service 40
Return Values
Par1 Net Status – A code indicating the status of the
previous call to the hasp( ) routine. If the last call was
successful, 0 is returned.
If not an error code is returned. See Table 13.3
"HASP4 Net Status Codes" on page 220.
Par2 System Error – A context-dependent error code. For
example:
• A NetBIOS communication error returns the
specific NetBIOS error code.
• A HASP4 Net configuration file error returns the
configuration file line number where the error
occurred
Par3 Warning – A warning code. See Table 13.4 "HASP4
Net Warning Codes" on page 224
Comments If an error occurs, your application should display Net Status,

System Error and Warning.

Service 42: Login

Description Perform a HASP4 Net login. The protected application accesses
the HASP License Manager with a request for a license.
Syntax
Parameters
Used Service 42
ProgNum The number assigned to the application in HASP4
Net memory, using the HaspEdit utility. See
"Accessing Keys with HaspEdit" on page 83.
Password1 First HASP4 Net password.
Password2 Second HASP4 Net password.
Return Values Use Service 40: LastStatus (page 193) to check if the call has been
performed successfully.
Comments For a description of the login process, see "How Does

HASP4 Net Work?" on page 230.
With the exception of SetConfigFilename, SetServerByName, and
LastStatus, call login before any other service.
If you call the hasp( ) routine with the login service more than
once from the same station, the HASP License Manager does not
add the station and application to the log table a second time. In
other words, the HASP License Manager does not grant an
additional license to the application.
When you re-activate a protected application after a computer
crash, the application is already listed in the log table and the
HASP License Manager does not grant the application an
additional license.

Multiple Win32 processes under Windows NT or Windows 95/

98/ME take only one license when a single protocol is used, or
when NetBIOS and IPX are used in combination. However, such
processes under these operating systems take two licenses if TCP/
IP is used together with NetBIOS and/or IPX.

Service 43: Logout

Description Perform a HASP4 Net logout. When you call hasp( ) with the
logout service, the HASP License Manager deletes the station and
application from the HASP4 Net log table. As a result, a license is
freed.
Syntax
Parameters
Used Service 43
Comments If you do not perform a HASP4 Net logout, the station and
application remain listed in the HASP4 Net log table. In this case
the behavior is as follows:
• The number of stations running the application at the same
time remains unchanged and a license is not freed. If you have
licensed a protected application to run on n stations, and n
stations have performed a HASP4 Net login, no other station
can run the application until one of these n stations performs a
HASP4 Net logout.
• If the same station re-activates the application, the application
runs using the license that is already granted.

• When the number of stations running a protected application

has reached its maximum and there is an attempt to activate the
application from another station, the HASP License Manager
searches the log table for an idle station. If it finds one, the
HASP License Manager deletes the idle station from the HASP
log table. As a result, a license is freed and immediately granted
to the application that issued the request. The default idle time
is 36 hours. You can change the idle time using Service 48:
IdleTime (page 201).

Service 44: ReadWord

Description Read one word of data from the HASP4 Net memory.
Syntax
Parameters
Used Service 44
Par1 Address – The HASP4 Net memory address you
want to read from (0 to 247).
Par2 Data – Data read from the HASP4 Net memory.

page 217.

Service 45: WriteWord

Description Write one word of data to the HASP4 Net memory.
Syntax
Parameters
Used Service 45
Par1 Address – The HASP4 Net memory address you
want to write to (0 to 247).
Par2 Data – One word of data.

page 217.
Comments Word offsets 24 and higher in the HASP4 Net memory are
reserved for the HASP4 Net Program List. If you write to any of
these offsets, you may overwrite application protection parameters
that you have previously saved in this memory area.

Service 46: HaspID

Description Determine the HASP4 Net ID number.
Syntax
Parameters
Used Service 46

number.
number.
page 217.

negative value by adding 65535.

Service 48: IdleTime

Description Controls the stations that no longer use a protected application.
With IdleTime, you specify a time frame. If the station using the
protected application does not access the HASP4 Net within this
time frame, the HASP License Manager regards the station as idle.
Syntax
hasp (Service, IdleTime, ProgNum, Password1,
Parameters
Used Service 48
IdleTime The time frame in minutes (0 to 65535).
A station which does not access the key within this
time frame is considered idle.
Comments When the number of stations running a protected application has

reached its maximum and there is an attempt to activate the
application from another station, the HASP License Manager
searches the log table for an idle station. If it finds one, the HASP
License Manager deletes the idle station from the HASP log table.
As a result, a license is freed and immediately granted to the
application that issued the request.

The protected application, running on the station that was deleted

from the log table, returns an error code (error 135 or 139) the
next time it tries to access the HASP4 Net.
When a station accesses the HASP4 Net during the idle time
frame, the idle time counter resets to zero.
To implement IdleTime, call the hasp( ) routine with the IdleTime
service after the Login service. If you do not set the idle time, the
HASP License Manager uses a default time frame of 36 hours.


Description Read one block of data from the HASP4 Net memory into the
program buffer.
Syntax
Parameters
Used Service 52
Par1 Start Address – Defines the initial HASP4 Net
memory address for reading the block (0 to 247).
Par2 Block Size – Data block size in words (maximum 24
words).
Par3 Buffer Segment – Segment address of a program
buffer (variable). Only relevant for 16-bit
applications.
the block size.

page 217.


Description Write one block of data from the program buffer to the HASP4
Net memory.
Syntax
Parameters
Used Service 53
Par1 Start Address – Defines the initial HASP4 Net
memory address for writing the block (0 to 247).
Par2 Block Size – Data block size in words (maximum 24
words).
Par3 Buffer Segment – Segment address of a program
buffer (variable).
the block size.

Comments Word offsets 24 and higher in the HASP4 Net memory are
reserved for the HASP4 Net program list.
If you write to any of these offsets, you may overwrite application
protection parameters that you have previously saved in this
memory area.

Service 85: SetConfigFilename

Description Set the name of the HASP4 Net configuration file. The HASP4
Net configuration file contains parameters and other fine-tuning
settings for the protected application.
Syntax
Parameters
Used Service 85
Par2 Buffer Size – The byte size of the buffer containing
the name of the HASP4 Net configuration file.
Par3 Buffer Segment – The segment address of the buffer
containing the name of the HASP4 Net
configuration file. Only relevant for 16-bit
applications.
Par4 Buffer Offset – The offset address of the buffer
containing the name of the HASP4 Net
configuration file.
Comments If you use the SetConfigFilename service, call it before performing

a HASP4 Net login. If you do not use SetConfigFilename, the
protected application either does not use a HASP4 Net
configuration file, or it uses the default file named nethasp.ini if it
finds it. For more information about the HASP4 Net
configuration file, see "Configuring HASP4 Net Clients"
(page 271).

Service 88: HaspEncodeData

Description Encodes data via the HASP4 Net.
Syntax
Parameters
Used Service 88
Par1 0 (reserved).
encoded. The buffer must be at least 8 bytes in size.

page 217.
Comments The contents of the program buffer are encoded via the connected


data will be encoded and the service will return an error code.
This service is not applicable for DOS applications.
If data is encoded with a Win16 application, the maximum buffer
size is 64K. Data encoded with a Win32 application which exceeds
64K cannot be decoded by a Win16 API.
Encoding at runtime should be kept to a minimum. Instead,
previously encoded files and data which are then decoded at
runtime should be sent to users. See "Protection Strategies" on
page 147.

Service 89: HaspDecodeData

Description Decodes data via the HASP4 Net.
Syntax
Parameters
Used Service 89
Par1 0 (reserved).
decoded. The buffer must be at least 8 bytes in size.

page 217.
Comments The contents of the program buffer are decoded via the connected


data will be decoded and the service will return an error code.
If data is encoded with a Win16 application, the maximum buffer
size is 64K. Data encoded with a Win32 application which exceeds
64K cannot be decoded by a Win16 API.

Service 96: SetServerByName

Description Specify the name of a HASP License Manager and instruct the
protected application to communicate with the specific HASP
License Manager.
Syntax
Parameters
Used Service 96
decoded. The buffer size can be a maximum 7 bytes.
Par3 Buffer segment. The segment address of the buffer
containing the name of the HASP LM. Only relevant
for 16-bit applications.
Comments If you call the hasp( ) routine with the SetServerByName service,
do so before performing a HASP4 Net login.
To name a HASP License Manager, load it with the -srvname
switch, see "Switches for the HASP License Manager" (page 258).
When an application calls the hasp( ) routine with
SetServerByName, the routine searches for a HASP License
Manager loaded with the specified name. If it finds one, the hasp( )
routine stores the HASP License Manager location. When the
application performs a HASP4 Net login, the HASP License
Manager at the stored location is accessed.

Service 104: HaspQueryLicense

Description Queries the current license attributes from the HASP4 Net.
Syntax
Parameters
Used Service 42
Par1 Number of currently active licenses (concurrent

users) for this ProgNum.
Par2 Maximum number of licenses available for this
ProgNum.
Par3 Type of HASP4 Net key.
Par4 Number of activations remaining for this ProgNum

(-1 = Unlimited).

Service 110: LoginProcess

Description Determines whether activations will be decremented per station or
per process.
Syntax
Parameters
Used Service 110
Net memory, using the HaspEdit utility.
Par1 0 decrement activations per station
1 decrement activations per process
Par2 0 (reserved).
Par3 0 (reserved).
Par4 0 (reserved).
Return Values .
Par3 Status - a code indicating the status of the operation.
Comments When Par1 is set to 0, LoginProcess behaves like Login Service 42.
This service only works if reserved input parameters Par2, Par3,
Par4 are set to 0.

Service 230: GetCurrentServer

Description Retrieves the currently utilized License Manager address.
Syntax
Parameters
Used Service 230
Par 1 0 (reserved)
Par 2 Size of data buffer
Par 3 0 (reserved)
Par 4 Pointer to data buffer
Return Values .
Par2 Actual size of data written to data buffer
Par3 Status- a code indicating the status of the operation
You can use Service 40 (see page 193) to check if the call has been
Comments The return values are zero-terminated strings containing a

representation of the server address which is easy to parse. The
application must be successfully logged in before calling this
function.

Part 3 - Chapter 13
HASP API
Status Codes
Status Codes for All HASP Keys
When you use the API to access HASP, the hasp( ) routine returns
a status code in Par3. The following tables list the status codes
returned according to the type of HASP you use.
Table 13.1 Status Codes for All HASP Keys
Code Description
0 Successful operation.
-1 Time-out: unsuccessful write operation.
-2 The address is out of range.
-3 A HASP with the specified password was not found.
-4 A HASP was found but it is not a MemoHASP.
-5 Unsuccessful write operation.
-6 The parallel port is currently unavailable. Another device

attached to it, such as a printer, is active. Retry API call
after some seconds.

HASP API Status Codes Part 3 - Chapter 13
Code Description
-7 The size of the buffer is too small. This error only occurs
with services that have a minimum buffer size requirement.
-8 The hardware does not support the requested service. This

service requires a HASP4 generation key to be connected.
-9 Invalid pointer. The pointer passed to the service is not

valid.
-10 Access to key prohibited because the application is running

through a remote screen on Citrix Winframe or Windows
Terminal Server (the application can only run on the
console screen).
-11 Access to key prohibited because the application is running

on Citrix Winframe or Windows Terminal Server (service
pack 4+ required to detect if this is running on the console
screen).
-12 A parameter passed to the service is not valid or is out of

range.
-13 Version Mismatch. This error message indicates that the

driver is too old to allow the API to function. You should
update your driver. Valid only for Win32 and Win64
applications.
-100 Cannot open the HASP device driver

Applies to Win32 applications.
Install the HASP device driver.
-110 Cannot open the HASP device driver

Applies to DOS, DOS extender, and Windows applications
attempting to access the HASP device driver.
Install the HASP device driver.
-111 Cannot read the HASP device driver


Using the HASP API HASP API Status Codes
Code Description
-112 Cannot close the HASP device driver.

-120 Cannot allocate DOS memory

Applies to DOS extender and Windows applications
protected with stand-alone keys
Try freeing DOS memory.
-121 Error freeing DOS memory

Applies to DOS extender and Windows applications
protected with stand-alone keys.
-999 Invalid service.
Status Codes for HASP4 Time Keys

Table 13.2 Status Codes for HASP4 Time Keys
Code Description
0 Successful operation.
-20 Invalid day.
-21 Invalid month.
-22 Invalid year.
-23 Invalid seconds.
-24 Invalid minutes.
-25 Invalid hours.
-26 Invalid address: the address is not in the range 0 to 15.
-27 Timeout: unsuccessful write operation.
-28 A HASP with the specified password was not found.
-29 A HASP was found but it is not a HASP4 Time.

Status Codes for HASP4 Net

When you call the hasp( ) routine with the HASP4 Net LastStatus
service, the hasp( ) routine returns a status code in Par1
(NetStatus), specifying the status of the previous call. If a context-
dependent error occurs, you receive it in Par2 (System Error)
when you call LastStatus. The hasp( ) routine may also return a
warning code in Par3.
When the hasp( ) routine returns an error, the execution of the
service is stopped and not completed.
LastStatus codes are divided into two groups:
Status codes 1 to 127 - indicate errors in communication between
the protected application and the HASP License Manager, or
errors in parameters you passed to the hasp( ) routine.
Status codes 129 to 151 - indicate errors that occur after the
client-server communication has been established.
The following table shows the possible values of Par1 (NetStatus).
Table 13.3 HASP4 Net Status Codes
Code Description
0 Operation successful.
1 The IPX, NetBIOS, or TCP/IP protocols have not been

installed properly – act accordingly.
2 Communication error – unable to get the socket number

(applies to IPX and TCP/IP).
Verify that the protocol is installed properly.
3 Communication error.
NetBIOS – unable to establish the session.
IPX – unable to get the immediate address of the HASP
License Manager. Verify that the protocol is installed
properly.
TCP/IP – unable to connect to the server. Verify that the
server address is correct.

Code Description
4 No HASP License Manager was found.

Check whether your application has a path to the address
file and read permission.
5 Cannot read the HASP License Manager address file.
6 Cannot close the HASP License Manager address file.
7 Communication error – failed to send packet.

Verify that the protocol is installed properly.
8 The network is busy.

IPX - the network is busy or incorrect address files were
found. In the latter case, delete all copies of the haspaddr.dat
and newhaddr.dat files.
NetBIOS - the network is busy.
TCP/IP - when TCP is used, error indicates that the
network is busy.
10 You called the hasp( ) routine with one of the services,

without first calling the Login service.
11 Communication error – adapter error (applies only to

NetBIOS).
Verify that the protocol is properly installed.
15 No active HASP License Manager was found.
18 Cannot perform a HASP4 Net login because of an

unsuccessful SetServerByName call.
19 Syntax error in the configuration file. The LastStatus

service returns the line number in which the error occurred
in Par2.
If LastStatus returns 0 in Par2, there is an environment
variable with an illegal setting.
20 Error handling the HASP4 Net configuration file. A file

operation such as "open file" or "read file" failed. One
possible reason could be that the system is out of file
handles. The LastStatus service returns the OS system
error code in Par2.

Code Description
21 HASP4 Net did not succeed in allocating memory. This

error is unique to HASP4 Net interfaces under DOS
extenders and Windows.
Try to free DOS memory.
22 HASP4 Net did not succeed in freeing DOS memory. This

error is unique to HASP4 Net interfaces under DOS
extenders and Windows.
23 Invalid HASP4 Net memory address.
25 Failed to load winsock.dll (applies only to TCP/IP and

IPX).
26 Failed to unload winsock.dll (applies only to TCP/IP and

IPX).
28 Winsock.dll startup error (applies only to TCP/IP and

IPX).
30 Failed to close socket (applies only to TCP/IP).
33 SetProtocol service requested without performing logout.
34 Access to key prohibited because the application is running

on Citrix Winframe or Windows Terminal Server (service
pack 4+ required to detect if this is running on the console
screen).
129 The correct HASP4 Net is not connected to the HASP

License Manager.
130 The program number specified is not in the program list of

the HASP4 Net memory.
131 Error reading from HASP4 Net memory.
132 Error writing to HASP4 Net memory.
133 The current Login request exceeds the number of stations

which may run the application at the same time.
134 The current login request exceeds the number of

authorized activations for the application.

Code Description
135 You called the hasp( ) routine with the Logout service
without first calling the Login service. This may occur due
to the LM reloading, or after logging out from the LM.
136 The HASP License Manager is busy – this may occur if

your HASP4 Net system is not well adapted to the
network.
137 There is no space in the HASP4 Net log table.
138 Internal HASP4 Net error – the number of licensed

stations is larger than the maximum number allowed by the
HASP4 Net model.
139 The computer with the HASP4 Net crashed and was
reactivated, or you called the hasp( ) routine with a service
(not including 40, 85, or 96) without first calling the login
service.
140 The HASP License Manager does not serve the network of
your station.
141 Invalid service, or new version of the HASP API is

communicating with an older version of the HASP License
Manager.
142 The HASP License Manager matching the name specified

in the HASP4 Net configuration file was not found.
150 No HASP License Manager with the assigned name was

found. This error is returned by the SetServerByName
service.
151 Two or more different HASP License Managers with the

assigned name were found. This error is returned by the
SetServerByName service.
152 The encode operation failed because the hardware does not
support the service.

Code Description
153 The decode operation failed because the hardware does not
support the service.
155 An old version of the License Manager has been found.

The API used requires a newer version of the License
Manager to be installed.
157 NH Buffer is too small. Whenever the buffer equals or is

less than 8 bytes during the data encrypting/decrypting
process, the error message is returned. Valid only for
Win32 and Win64 applications.Applies to Service numbers
88 and 89.
The following table lists the possible warning codes returned in

Par3 when using the LastStatus service. When Par3 returns a
warning, the execution of the service is completed regardless of
the warning.
Table 13.4 HASP4 Net Warning Codes
Code Description
1 IPX is enabled via nethasp.ini or via the

NETHASPPROTOCOL environment variable, but IPX is
not installed.
This warning occurs upon HASP4 Net login.
2 NetBIOS is enabled via nethasp.ini or via an environment

variable, but NetBIOS is not installed.
3 IPX and NetBIOS are enabled via nethasp.ini or via an

environment variable, but neither of the protocols are
installed. This warning occurs upon HASP4 Net login.
4 TCP/IP is enabled via nethasp.ini or via an environment

variable, but TCP/IP is not installed.

Code Description
5 IPX and TCP/IP are enabled via nethasp.ini or via an

environment variable, but neither of the protocols are
6 TCP/IP and NetBIOS are enabled via nethasp.ini or via an

environment variable, but neither of the protocols are not
7 IPX, NetBIOS and TCP/IP are enabled via nethasp.ini or

via an environment variable, but none of the three
protocols are installed. This warning occurs upon HASP4
Net login.
18 The HASP License Manager returned a HASP4 Net logout

status of OK, but due to timeout, a HASP4 Net logout
might not have been performed. In this case, you should
perform an additional HASP4 Net logout. If the HASP4
Net logout returns error 135, then a logout was performed
regardless of the error.
This warning occurs upon HASP4 Net logout.
19 An invalid keyword or value is defined in nethasp.ini, or a

new keyword is not recognized by an older API version.
20 TCP or UDP protocols were specified in the nethasp.ini

along with another protocol. If the HASP License
Manager’s IP address is not specified in the nethasp.ini, the
HASP4 Net client will work with the other protocol
specified, however a warning is returned to notify you that
either TCP or UDP was not employed due to the missing
IP address.
This warning occurs after using SetProtocol.
22 The HASP API cannot free memory.

This warning may occur after any HASP4 Net API service.
The HASP4 Net LastStatus codes are constantly being updated.

For the latest updates, see the HASP License Manager help file.

Part 4
Using HASP in a
Network
This part describes the HASP4 Net system and relevant tools and
procedures.
The chapter "HASP4 Net Basic Concept" (page 229) explains
terms and concepts that are important if you are protecting
software with HASP4 Net.
The chapter "Protecting Applications with HASP4 Net"
(page 241) describes how you can protect your application for
HASP4 Net use.
The chapter "Managing HASP4 Net Licenses" (page 247) explains
the installation and use of HASP License Manager which provide
HASP4 Net licenses in the network.
The chapter "Configuring HASP4 Net Clients" (page 271)
describes how an application protected for HASP4 Net - the
HASP4 Net client - can be configured with a configuration file.
The chapter "Monitoring HASP4 Net Licenses" (page 281)
explains the use of Aladdin Monitor which permits centralized
administration of the HASP License Manager applications and the
HASP4 Net keys.

Using HASP in a Network Part 4
The chapter "Adapting HASP4 Net to the Network" (page 287)

provides information on how to adapt HASP4 Net to a network
by defining the range of stations and adapting the time-out.

Part 4 - Chapter 14
HASP4 Net Basic

Concept
This chapter explains terms and concepts that are important if you
are protecting software with HASP4 Net. Before beginning the
chapter, familiarize yourself with general HASP terms and
concepts. If you are not using HASP4 Net, you can skip this
chapter.
What is HASP4 Net?

HASP4 Net is a HASP designed for networks. It lets you
effectively license your application in network environments by
controlling the number of software copies that can run at the same
time. By connecting a single HASP4 Net key to any computer in
the network, you can secure your application against unauthorized
use, and monitor the number of stations using your application
simultaneously.

HASP4 Net Basic Concept Part 4 - Chapter 14
Figure 14.1 HASP4 Net System
How Does HASP4 Net Work?

When a protected application is activated from a network station,
it accesses the HASP License Manager and requests permission to
run by performing a HASP4 Net login. The HASP License
Manager then checks that the correct HASP key is connected and
accesses the HASP4 Net memory to verify the following:
• The protected application is licensed to run.
• The number of stations allowed to run the protected
application at the same time has not been exceeded.
If all results produced by the checks are positive, the HASP
License Manager grants the protected application permission to
run, and updates the HASP4 Net log table. Otherwise, the HASP
License Manager returns an error code.
The following figures illustrate the HASP4 Net mechanism. The
network shown in these figures consists of four stations. On one
of the stations, a HASP4 Net key is connected and the HASP
License Manager is active.
Protected application number 1 is licensed to run simultaneously
on five stations. The figures illustrate the process by which
station 3 attempts to activate protected application number 1.

Using HASP in a Network HASP4 Net Basic Concept
Figure 14.2 Before a HASP4 Net login...
Stations 1 and 2 are running protected application 1, and are both

listed in the log table. Of the five stations that are licensed to run
the protected application at the same time, two are already listed in
the log table.
Figure 14.3 A HASP4 Net login is performed...
Station 3 loads protected application 1, which accesses the HASP

License Manager with a HASP4 Net login. The HASP License
Manager determines whether or not station 3 is licensed to activate
the application.

Figure 14.4 After a HASP4 Net login...
The checks performed by the HASP License Manager are positive,

and application 1 is granted a license to run on station 3. The log
table is updated and now includes station 3.
Preparing Protection
Protecting applications with HASP4 Net
When protecting your application, you can choose between
protecting your application for local use, for network use or for
both. To enable HASP4 Net, use one of the following methods:
• Enable HASP4 Net when using HASP Envelope
• Use HASP4 Net API services instead of or in addition to other
API services
For more information refer to "Protecting Applications with
HASP4 Net" (page 235).

Providing Licenses with HASP4 Net Keys

HASP4 Net keys enable you to do the following:
• Limit the number of stations for each protected application
• Limit the number of activations for each protected application
HASP4 Net keys come in several models. The HASP4 Net model
number determines the maximum number of licenses available to
each application (i.e. the maximum number of stations that can
access the application at the same time). For example,
HASP4 Net5 can allow from zero to five licenses. Other models
allow up to 10, 20, 50 or 100 licenses. With HASP4 NetU, your
application can have an unlimited number of licenses.
HASP4 Net keys are available for the parallel port and for the USB
port.
Using HASP4 Net

Installing HASP4 Net
The following steps are necessary to install HASP4 Net in a
network:
• Install the appropriate HASP device driver and connect the
HASP4 Net key.
• Install and start the HASP License Manager on the same
machine. For more information refer to "Managing
HASP4 Net Licenses" (page 241)
• Customize the HASP License Manager and the HASP4 Net
client, if necessary. For more information refer to
"Customizing the HASP License Manager" (page 252) and to
"Configuring HASP4 Net Clients" (page 263).

Managing Licenses with HASP License Manager

The HASP License Manager is the application that communicates
with the protected application and the HASP4 Net key,
functioning as a link between the two. It can communicate with
several protected applications running on the network and with
multiple HASP4 Net keys connected to the computer.
The HASP License Manager is available for the following
environments: Windows 95/98/ME,
Windows NT/2000/XP/Server 2003, Mac OS X and Linux
The HASP License Manager maintains a log table which lists all
the protected applications that have performed a HASP4 Net
login. The list identifies each protected application, and the station
that activated the application. An application and its station remain
listed in the log table until the application performs a HASP4 Net
logout.
For more information refer to "Managing HASP4 Net Licenses"
(page 241).
Requesting Licenses with HASP4 Net Client

The protected application acts as the HASP4 Net client. It
requests the HASP4 Net license and communicates with the
HASP License Manager. When you activate the protected
application, it performs a HASP4 Net login to access the
HASP License Manager with a request to run. When the protected
application is terminated, it informs the HASP License Manager
by performing a HASP4 Net logout.
Do not confuse the HASP4 Net login and logout with

the standard network login and logout.
The HASP4 Net client is available for the following environments:

Windows 3.1, Windows 95/98/ME,
Windows NT/2000/XP/Server 2003, Mac OS 8.6, Mac OS 9.x
and Mac OS X.

HASP4 Net clients can be configured individually. For more

information refer to "Configuring HASP4 Net Clients"
(page 263).
Monitoring Licenses with Aladdin Monitor

Aladdin Monitor permits centralized administration of the
HASP License Manager applications and the HASP4 Net keys.
The following options are available:
• Checking the properties of the HASP License Manager.
• Checking HASP4 Net keys.
• Starting and stopping the HASP License Manager service.
Aladdin Monitor is available for the following environments:
Windows 98/ME, Windows NT/2000/XP/Server 2003. It can
communicate via TCP/IP and IPX.
For more information refer to "Monitoring HASP4 Net Licenses"
(page 273).
Distributing HASP4 Net

Distributing HASP4 Net
Along with the protected application, you should supply your
customer with the following:
• HASP4 Net key
• HASP device driver
• HASP License Managers (with configuration file Nhserv.ini)
• Aladdin Monitor
• Configuration file for HASP4 Net client Nethasp.ini

Assisting the End-User

End User and Vendor Utilities are available to maintain and
troubleshoot deployed HASP4 Net keys.
Your customers can use the Aladdin DiagnostiX utility:
• To check for a HASP key.
• To create a report file that contains data for Aladdin devices
and other relevant system information.
In addition, the Aladdin DiagnostiX Memory Beamer is provided
to:
• prepare customized DLLs for your customers.
• access reports generated by the Aladdin DiagnostiX utility.
• Decrypt the HASP memory of deployed keys.
The two utilities are available for the following environments:
Windows 95/98/ME and Windows NT/2000/XP/Server 2003.
For more information on both utilities refer to "Assisting End-
Users & Vendors" (page 113).

Supported Protocols, Platforms and

Operating Systems
HASP4 Net is a cross-platform solution which supports the
following operating systems.
Table 14.1 HASP4 Net Supported Platforms
Windows Windows Mac Mac Mac Linux

3.x 95/98/ME OS 8.6 OS 9.x OS X
NT/2000/XP/
Server 2003
HASP4 Net available available available available available available

client
HASP License available available available available

Manager
Aladdin available
Monitor
Aladdin available available

DiagnostiX
The following protocols can be used for communication between

the HASP4 Net client and the HASP License Manager.
Table 14.2 HASP4 Net Protocols
Windows Apple Linux

Macintosh
IPX supported
TCP/IP (UDP/IP) supported supported supported
NetBIOS supported
TCP/IP is used to refer to both TCP/IP and UDP/IP.

NetBIOS support discontinued in API version 8.0.


Question Do I need to install HASP4 Net on the network file server?
Answer No. You can install the HASP4 Net key and the HASP License
Manager on any station in the network. The designated station
must be active and the HASP License Manager loaded for as
long as any application protected with HASP4 Net is running.
Question Can I see which stations are accessing a HASP4 Net key?
Answer Yes. The Aladdin Monitor utility shows you all the stations
activating an application that has performed a HASP4 Net login
to the HASP License Manager. See "Monitoring
HASP4 Net Licenses" (page 273) for details.
Question If I connect two HASP4 Net5 keys of the same developer code
to a single station, will I receive 10 licenses?
Answer No. When two HASP4 Net keys with the same developer code
are connected to the same computer, only one HASP4 Net key
responds. To enable ten licenses with two HASP4 Net5 keys,
connect each key to a separate station and run the correct HASP
License Manager. Alternatively, use a HASP4 Net10.
Question My customer already has a HASP4 Net from another software

vendor connected to a station on the network and a HASP
License Manager loaded. What must be done to install my
HASP4 Net key?
Answer All your customer needs to do is connect your HASP4 Net key to
the same computer. The already loaded HASP License Manager
serves both HASP4 Net keys.

Question Will HASP4 Net work over the Internet?
Answer Yes. HASP4 Net works over the Internet with TCP/IP.
Question If, for example, I have a HASP4 Net20 can I grant access to just
17 users?
Answer Yes, using HaspEdit you can specify any number of users up to
20.
Question When using HASP4 Net, on which station do I need to install

the HASP device driver?
Answer Only on the station with the HASP4 Net key.

The HASP device driver serves as a link between the HASP and
the protected application. Since the application protected by
HASP4 Net communicates with the HASP License Manager,
which in turn accesses the HASP4 Net key, install the HASP
device driver on the station which is running the HASP License
Manager.

Part 4 - Chapter 15
Protecting
Applications with
HASP4 Net
This chapter describes how you can protect your application with
HASP4 Net.
When protecting your application, you can choose between
protecting your application for local use, for network use or for
both. To enable HASP4 Net, use one of the following methods:
• Enable HASP4 Net when using HASP Envelope
• Use HASP4 Net API services instead of or in addition to other
API services

Protecting Applications with HASP4 Net Part 4 - Chapter 15
HASP Envelope Options for HASP4 Net

HASP Envelope enables you to protect your application without
having to alter the source code. For information on the basic
procedures refer to "Protecting with HASP Envelope" (page 51).
HASP Envelope for Win32

In addition to the usual procedure, perform the following steps:
• Enter the HASP4 Net passwords.
• Specify a number for the program.
• Specify how many licenses and activations you want to provide
for this program file. If you do not want to limit the number,
activate the Unlimited option. This information is only
relevant if you want to write it to the connected HASP4 Net
key following the protection process.
• Enter the name of the HASP4 Net configuration file, or
browse for it. For more information on the configuration file,
refer to "Configuring HASP4 Net Clients" (page 271).
If you want to protect your application for both

local and network use, you can specify the HASP4
Net parameters in addition to the parameters for
local use. Make sure you update the FAS memory
of each key using HaspEdit.

Using HASP in a Network Protecting Applications with HASP4 Net
HASP Envelope Command Line Tool

If you are using the HASP Envelope command line tool, the
following switches are relevant to enable HASP4 Net:
Table 15.1 HASP Envelope Switches for HASP4 Net
Switch Function
-nhpass <password1> <password 2> Specify the HASP4 Net

passwords.
-prgnum <program number> Specify a unique program

number from 1 to 112.
-netcfg <filename> Specify a HASP4 Net

configuration file.
HASP4 Net API Services

When protecting your application for network use by adding API
calls to your source code, you need to use the HASP4 Net
services. For a detailed description of every service refer to
"HASP4 Net Services" (page 187).
This tracking mechanism is especially useful when multiple
instances of the same protected application are running on a single
terminal. Using LoginProcess Service 110, you are able to log out
of one logged-in process without any adverse affects on the other
instances.
On Mac OS 9 there is no terminal counter, therefore

! you should use Service 110.
If you want to protect your application for both

local and network use, you need to implement
both HASP4 Net services and basic and/or
memory services.

Table 15.2 HASP4 Net API Services
40 LastStatus Check the status of the last call.

Use this service after each call
to the hasp( ) routine.
42 Login Request permission from the

HASP License Manager to
activate the application.
Unless you use services 85 or
96, login must be your first call
to the hasp( ) routine.
43 Logout Request HASP4 Net session

termination from the HASP
License Manager.
44 ReadWord Read one word of data from

the HASP4 Net memory.
45 WriteWord Write one word of data to the

HASP4 Net memory.
46 HaspID Get the HASP4 Net ID

number.
48 IdleTime Set a maximum time frame for

idle stations.

HASP4 Net memory.
53 WriteBlock Write a block of data to the

HASP4 Net memory.
85 SetConfigFilename Set name of HASP4 Net

configuration file.

Using HASP in a Network Protecting Applications with HASP4 Net
88 HaspEncodeData Encode data sent to the

connected HASP4 Net key.
Use in conjunction with
HaspDecodeData to verify that
a specific HASP4 Net key is
present on the network.
89 HaspDecodeData Decode data sent to the

connected HASP4 Net key.
Use in conjunction with
HaspEncodeData to verify that
a specific HASP4 Net key is
present on the network.
96 SetServerByName Set the name of the HASP

License Manager to which the
protected application will
perform a HASP4 Net login.
110 LoginProcess Determines whether

activations will be decremented
per station or per process.
230 GetCurrentServer Retrieves the address of the

currently used HASP License
Manager.

LoginProcess Functionality
LoginProcess Service 110 offers a more efficient approach to
managing HASP4 Net licenses. This service activates a tracking
mechanism that counts number of “process” logins to an
application via a HASP4 Net key.
LoginProcess Service 110 tracks the number of

‘process’ logins while Login Service 42 tracks the
number of terminal logins. Service 110 efficiently
debits a license to each login into a protected
application even if multiple logins originate from
the same terminal.
This tracking mechanism is especially useful when multiple

instances of the same protected application are running on a single
terminal. Using LoginProcess Service 110, you are able to log out
of one logged-in process without any adverse affects on the other
instances.
On Mac OS 9 there is no terminal counter, therefore

! you should use Service 110.

Part 4 - Chapter 16
Managing
HASP4 Net Licenses
This chapter describes how to manage HASP4 Net licenses with
the HASP License Manager.
The HASP License Manager is the application that communicates
with the protected application and the HASP4 Net key,
functioning as a link between the two. It can communicate with
several protected applications running on the network and with
multiple HASP4 Net keys connected to the computer.
The HASP License Manager is available for the following
environments: Windows 95/98/ME, Windows NT/2000/XP/
Server 2003, Mac OSX and Linux.

Managing HASP4 Net Licenses Part 4 - Chapter 16
How does the HASP License Manager

Work?
The HASP License Manager maintains a log table which lists all
the protected applications that have performed a HASP4 Net
login. The list identifies each protected application, and the station
that activated the application. An application and its station remain
listed in the log table until the application performs a HASP4 Net
logout.
The HASP License Manager uses the log table to keep track of the
number of stations running a protected application at the same
time. It ensures that the number of stations does not exceed the
maximum number licensed by the software developer. By default
the login table can track logins for up to 250 applications.

Using HASP in a Network Managing HASP4 Net Licenses
HASP License Manager for Windows

The HASP License Manager for Windows is available as an
executable for Windows 95/98/ME/NT/2000/XP/Server 2003
and as a service for Windows NT/2000/XP/Server 2003.
The HASP License Manager for Windows can communicate via
TCP/IP, IPX and NetBIOS. The protocols can be loaded and
unloaded using the HASP License Manager graphical user
interface or command-line switches.
NetBIOS support discontinued in API Version 8.0.
Installing HASP License Manager under Windows

Both types of HASP License Managers can be installed with the
setup file lmsetup.exe.
Install the appropriate HASP License Manager on the station the
HASP4 Net key is connected to.
The installation can be customized using the following methods:
• Start the HASP License Manager with switches, see "Switches
for the HASP License Manager" (page 258).
• Use the configuration file nhsrvw32.ini, see "Settings in nhsrv.ini
Configuration File" (page 259).
• Use the License Manager Installation API (only Win32
service), see "Settings for the IPX Protocol (Win32 only)"
(page 263).
On a Windows 95/98/ME Station

The HASP License Manager for Windows is nhsrv.ini. Use the
setup file lmsetup.exe to install the License Manager.
1. Install the HASP device driver and connect the HASP4 Net key
to a station.

2. Install the HASP License Manager by running lmsetup.exe from

your HASP CD and following the instructions of the
installation wizard.
On a Windows NT/2000/XP/Server 2003 Station

The HASP License Manager for Windows
NT/2000/XP/Server 2003 is nhsrvice.exe. Use the setup file
lmsetup.exe to install it.
It is recommended that you install the HASP License Manager as
an NT service, so there is no need to log in to the station to
provide the functionality.
1. Install the HASP device driver and connect the HASP4 Net key
to a station.
2. Install the License Manager by running lmsetup.exe from your
HASP CD and following the instructions of the installation
wizard. As installation type, select Service.
You can also integrate the HASP License Manager

service installation into your application by using the
HASP License Manager Install API, which can be
found in the utility\servers \win32\service\lmapi directory.
Activating and Deactivating HASP License Manager

HASP License Manager Application
To activate the HASP License Manager application, start it from
the Start menu or Windows Explorer. The HASP License
Manager application is always active when any protocol is loaded
and a HASP4 Net key is connected.
To deactivate it, select Exit from the main menu.
HASP License Manager Service

To activate the HASP License Manager service, start it from the
Start menu or Windows Explorer.

To deactivate the HASP License Manager service, use the standard

Windows Service administration in the Control Panel.
You can also use Aladdin Monitor to start and stop the HASP
License Manager service.
Operating the HASP License Manager

You can operate the HASP License Manager by using the
graphical user interface. Alternatively you can operate it as a
command-line tool.
To open the main window of the graphical user interface, double-
click the icon of the red HASP4 Net key in the system tray.
The HASP License Manager main window displays the following

information:
• HASP License Manager version number
• Status of each protocol (loaded, unloaded, or failed to load)
and the date and time of the last change of status
• Status of the HASP License Manager (active or not active)
You can close the HASP License Manager main window by
clicking the close button at the right corner of the title bar.
However, the HASP License Manager will continue to run, and its
icon will remain in the system tray.
To exit the program, choose Exit from the menu bar. If the HASP
License Manager is installed as a Windows NT service, you cannot
exit using this menu option.
Loading Protocols
To enable a protocol, select it in the Load menu. You can only
enable protocols which have been installed on the machine.
Unloading Protocols
To disable a protocol, select it in the Remove menu.

Viewing the Activity Log

To view a log of the HASP License Manager activity, select
Activity Log from the menu bar. The Activity Log window is
opened.
To view the log for a specific protocol, select the protocol from
the drop-down list.
Multiple Network Adapters

HASP LM always binds to the first available network adapter. To
allow the LM to serve requests arriving at other network adapters
on a multi-homed system, IP Forwarding must be enabled within
the Windows networking configuration.
The HASP LM binds itself to the default Windows network
adapter.
When using the HASP LM on Windows operating

! systems, please note that the default network adapter
can vary from one Windows version to another.

HASP License Manager for Mac

The HASP License Manager for Mac is available for Mac OS X. It
can communicate via TCP/IP.
The HASP License Manager for Mac consists of a daemon and a
graphical user interface. The HASP License Manager for Mac can
be operated by using the graphical user interface. Alternatively you
can operate the daemon as a command-line tool.
Installing HASP License Manager

To install HASP License Manager under MAC OS X use the
HASP License Manager Install installation utility.
To install HASP License Manager you need to log on as

administrator.
1. Double-click the HASP License Manager Install file in the HASP

License Manager directory on the HASP CD.
2. Enter your administrator password.
3. Choose a location.
4. Select Install to perform installation.
Activating and Deactivating HASP License Manager

To activate the HASP License Manager, start the application from
the applications menu and start the daemon by choosing Start
Daemon in the application window. Alternatively you can start the
daemon using the installation script.
To load the HASP License Manager automatically,

activate the Activate in system startup option.

Operating HASP License Manager

You can operate the HASP License Manager by using the
graphical user interface. Alternatively you can operate it as a
command-line tool, see "Switches for the HASP License Manager"
(page 258).
The HASP License Manager for Mac displays the following
information:
• Server name and IP address of the server
• Available switches
• If the daemon is started during system startup
• The daemon status
• Setting switches (only when the daemon process is not
running)
• Starting and stopping the daemon
• Activating the daemon at start up
Setting a Server Name

You can assign up to six server names to the HASP License
Manager.
You cannot assign server names to a running daemon,

because the names are assigned when the daemon is
started.
To assign a server name, stop the daemon if it has already been

started. Activate the SRVNAMES option and enter up to six
names. Separate the names with semicolons, colons, or spaces. The
names will be assigned when the daemon is started.
Avoid using non-ASCII characters in server names,

since their codes differ form system to system. Server
names are not case-sensitive.

Setting a Configuration File

You can configure the HASP License Manager for Mac using a
configuration file. To set name and path of the configuration file,
activate the CFGFILE option and enter path and name. For
information about the configuration file refer to "Settings in
nhsrv.ini Configuration File" (page 259).
Starting and Stopping the Daemon

To start and stop the daemon, use the buttons in the application
window.
Activating the Daemon Automatically

You have the option to activate the daemon automatically at
system start up. To do this, activate the Activate in system
startup option.

HASP License Manager for Linux

The HASP License Manager (LM) for Linux is available for all
distributions of Linux. RPM packages are however only available
for the following Linux distributions:
• Red Hat 7.2 and RedHat 7.3
• SuSE7.3 and SuSE 8.0.
The HASP LM for Linux consists of a daemon. It communicates
with the TCP/IP protocol and serves Linux, Win32, Win64 and
Mac Clients.
Installing HASP License Manager

You can automatically install the HASP LM for Linux using RPM
packages for the distributions listed above.
Before installing the LM on Linux, you must first install

! the HASP driver and aksusbd daemon.
To install HASP LM on SuSE7.3 or 8.0

Use the following SuSe RPM package:
rpm -i hasplm-suse-8.08-1.i386.rpm
To install HASP LM on RedHat 7.2 or 7.0

Use the following RedHat RPM package:
rpm -i hasplm-redhat-8.08-1.i386.rpm
To install HASP LM on other Linux Distribution

You must install the HASP LM manually.
1. Unpack the archive using:
tar-xzf [path/]linuxlm_8_08.tar.gz
The ‘linux-hasplm_8_08’ directory is created.

2. Change into this directory and execute as root:

./dinst
This will install the HASP LM and configure the system to
automatically start the daemon at system boot.
Activating and Deactivating the HASP License Manager

If properly installed, the HASP LM should automatically be
activated once the system is rebooted.
To deactivate the HASP LM, you must uninstall the daemon. For
example, to uninstall the HASP LM running on RedHat 7.3 enter
the following:
rpm -e hasplm-redhat

Customizing the HASP License Manager

When installing and operating the HASP License Manager you
may want to adapt it to the network environment. You can use one
the following methods:
• Operate the HASP License Manager with switches.
• Use the configuration file nhsrv.ini.
• Use the License Manager Installation API (Win32 only).
Switches for the HASP License Manager

The HASP License Manager can be activated with various
switches that instruct the HASP4 Net system which protocols to
use and how to serve the HASP4 Net clients.
Table 16.1 HASP License Manager Switches
Switch Explanation
Windows
Linux
-c Specify the location of the configuration file for the yes no Mac
yes
HASP License Manager.
-help Display a list of available switches. yes no yes

Settings in nhsrv.ini Configuration File

To configure the HASP License Manager you can use the
configuration file nhsrv.ini. A copy of nhsrv.ini is included with the
HASP utilities.
Search Order
You can place nhsrv.ini and the executable of the HASP License
Manager in the same directory or in any other location in
accordance with the nhsrv.ini search order described in the table
below.
Table 16.2 Search Order for nhsrv.ini
Operating System Search Order
Windows 95/98/ME Executable file directory

Current directory
Windows system directory
Windows directory
Path
Windows NT4/2000/ Executable file directory

XP/Server 2003 Current directory
Windows 32-bit system directory
Windows 16-bit system directory
Windows directory
Path
Linux To use a configuration file, you must set

the name and the path for the
configuration file using the -c switch.
Mac To use a configuration file, you must set

the name and the path for the
configuration file using the -c switch.

Server settings
Server parameters are specified in the nhsrv.ini.file and not on the
command line. This way, parameter specification for the License
Manager service is made easier, and configuration is simplified and
consolidated within a single file.
For Win32 platforms, the nhsrv.ini. should reside in the same
directory from where the program executable is deployed. For
Linux and Mac platforms there is no default storage place for the
file; you must specify which configuration file to use. For example:
./hasplm -c /etc/nhsrv.ini
nhsrv.ini. Settings
The Win32 NetHASP License Manager configuration file requires
HASP LM version 8.2 or higher to function. Boolean switches
may have the following values:
Table 16.3 Boolean Values for HASP LM nhsrv.ini.
1 yes true enabled
0 no false disabled
Global LM Settings
You can fine tune settings for the HASP License Manager in its
configuration file. The HASP License Manager configuration file,
nhsrv.ini, contains the [NHS_SERVER] section which is used to
set global License Manager settings. The following is a list of
keywords in the [NHS_SERVER] section:
Keyword NHS_IP_USERLIST
Description Maximum number of concurrent logins to LM. Maximum number

is 65520.
Default 1000
Example NHS_IP_USERLIST =1000

Keyword NHS_IP_SERVERNAMES
Description Server name to match the name a client requests. Maximum of 6

names. Maximum 7 characters per name. Multiple names separated
by comma.
Default none
Example NHS_IP_SERVERNAMES= cad, 3242e3
Keyword NHS_HIGHPRIORITY
Description Runs LM at high priority. Default runs the LM on normal priority.

Switch applies only to Win32. When this switch is set to yes, check
to see how performance of other services (file server, web server,
etc.) running on the same machine is affected.
Default no – runs at normal priority.
Example NHS_IP_HIGHPRIORITY= no
Settings for the IP Protocol

nhsrv.ini, contains the [NHS_IP] section which is used to define
settings for the IP protocol. The following is a list of keywords in
the [NHS_IP] section:
Keyword NHS_USE_UDP
Description Setting can be either enabled or disabled.
Default enabled
Example NHS_USE_UDP=enabled

Keyword NHS_USE_TCP
Default enabled
Example NHS_USE_TCP=enabled
Keyword NHS_IP_PORTNUM
Description IP port number. This switch applies only to Win32. Port number
475 is the exclusively registered IANA number for Aladdin LM.
Default 475
Example NHS_IP_PORTNUM=475
Clients must use the same port!
!
Keyword NHS_IP_LIMIT
Description Specifies the range stations which are allowed to access the
currently activated HASP LM. The last byte may be a range.
Multiple entries should be separated by commas.The list may be
split through several lines. The following wildcard (asterisk) byte
combinations are possible:4th,4th,3rd or 4th,3rd,2nd. An
additional bitmask can be specified as the number of one-bits (e.g.
10.0.0.0/8).
Default none
Example NHS_IP_LIMIT = 10.242.18-99,10.1.1.9/16

10.25.0.0/
24192.0.0*,194.0*,*,11.*,*,*10.24.7.8-12/30,
10.24.2.17

Settings for the IPX Protocol (Win32 only)

nhsrv.ini, contains the [NHS_IPX] section which is used to define
settings for the IPX protocol. The following is a list of keywords
in the [NHS_IPX] section:
Keyword NHS_USE_IPX
Default enabled
Example NHS_USE_IPX= yes

Keyword
Keyword NHS_ADDRPATH
Description Path to haspaddr.dat file. The IPX address of the current LM will
be written to haspaddr.dat in the specified directory. Clients can
specify this file in their nethasp.ini file.
Default current directory
Example NHS_ADDRPATH=c:\temp
Keyword NHS_APPENDADDR
Description Appends address data to the hapaddr.dat. If enabled, the current

LM’s address is added to an existing haspaddr.dat. This is
particularly useful when multiple HASP License Managers exist.
All the LMs can be searched by the client. The LM does not search
for duplicates when adding an address.
Default replace
Example NHS_APPENDADDR=no

Keyword NHS_USESAP
Description Setting can be enabled or disabled to allow the HASP LM to

announce itself to the network via the Service Advertising
Protocol (SAP). SAP enables clients to find the LM for different
subnets. IPX is normally configured to run a virtual subnet on
Win NT/2000/XP/Server 2003 machines, therefore SAP is
essential in enabling clients to find the LM.
Default enabled
Example NHS_USESAP=enabled
Keyword NHS_IPX_SOCKETNUM
Description The IPX socket number. All clients must use the same default
socket number. The number should not be altered. Note: clients
must use the same port!
Default 0x7483
Example NHS_IPX_SOCKETNUM= 0x7483
Settings for the NetBIOS ProtocoL

nhsrv.ini, contains the [NHS_NETBIOS] section which is used to
define settings for the NetBIOS protocol. The following is a list of
keywords in the [NHS_NETBIOS] section:
Keyword NHS_USE_NETBIOS
Description Setting can be enabled or disabled. If you are certain that you do
not need NetBIOS for LM communication, disable the switch to
save network and memory resources.
Default enabled
Example NHS_USE_NETBIOS=enabled

Keyword NHS_NBNAME
Description Use switch to alter name. Note: Clients must use the same name
which must be unused in your NetBIOS name space. Names must
follow NetBIOS naming conventions.
Do not use this switch unless you are certain you

! need to specify a new NetBIOS name
Default enabled
Example NHS_NBNAME=MyNBName
Keyword NHS_USE_LUNA_NUMS
Description Included only for the sake of compatibility with older versions.
Default all (automatic)
Example NHS_USE_LUNA_NUMS=3,0,7,2

HASP License Manager Installation API

The custom API provides a set of functions with which you can
install and remove the HASP License Manager service.
Installing with HaspLMInstall()
Purpose Installs and/or enters the correct registry settings for the HASP
License Manager Windows NT service.
Structure DWORD HaspLMInstall(

DWORD InstallMode //Installation mode
LPSTR LMPath //Path to HASP License Manager
LPSTR CmdLineSwitches //Command-line switches
);
Parameters
InstallMode Sets the characteristics of the installation
process.
LMPath Full path to the location where the HASP
License Manager program file nhsrvice.exe
resides. It is used by the Service Control
Manager to locate the HASP License Manager.
If you pass a Null string, then the function uses
the path to the DLL, appending the default
name of the HASP License Manager executable,
"nhservw32.exe".
It is recommended that the path be to the file
which on the HASP CD is found at:
Utilities\Servers\Win32\Service\nhsrvice.exe.
CmdLineSwitches Empty string or other string containing
command-line switches used in loading the
HASP License Manager. See "Switches for the
HASP License Manager" (page 258).

InstallMode
Options LM_SERVICE_INSTALL Installs the HASP License Manager as
a Windows NT service.
LM_SERVICE_START While LM_SERVICE_INSTALL
installs the HASP License Manager as
a Windows NT service, this option
enables you to run the HASP License
Manager without reboot. Call
HaspLMInstall() with this parameter
after you first call with
LM_SERVICE_INSTALL, or call this
parameter ORED
LM_SERVICE_INSTALL.
Return Values If successful, the function returns the value LM_SUCCESS. If it

failed, the function returns the value LM_FAIL. You can retrieve
the error details by calling HaspLMLastError().
Special This function does not copy HASP License Manager files.
Considerations
Removing with HaspLMRemove()
Purpose Removes the registry settings for the HASP License Manager
service or uninstalls the service.
Structure DWORD HaspLMRemove(

DWORD RemoveMode //Removal mode
LPSTR LMPath //For future use
);
Parameters
RemoveMode Sets the characteristic of removal process.
LMPath For future use. Currently, the value is NULL.

RemoveMode
Options LM_REMOVE_ Removes the HASP License Manager
SERVICE Windows NT service.
LM_REMOVE_ Removes the HASP License Manager
SERVICE_UNLOAD Windows NT service from memory. The
service remains installed and will run again
upon the next restart.

failed, the function returns the value: LM_FAIL. You can retrieve
the error details by calling HILastErrorEx().
Special Removing the HASP License Manager Windows NT service sends

Considerations a command to the HASP License Manager to close if it is running.
Displaying Information with HaspLMInfo()
Purpose Receives information related to the installed

HASP License Manager Windows NT service and other general
information.
Structure DWORD HaspLMInfo(

LPLMINFO lpLMInfo, //Address of structure of information
);
Parameters
lpLMInfo Points to a LMINFO structure that receives
information relating to the installed HASP
License Manager service.
Return Values If successful the function returns the value LM_SUCCESS. If

failed the function returns the value: LM_FAIL. You can retrieve
the error details by calling HILastErrorEx().

Requesting Status with HaspLMLastError()
Purpose Retrieves information about the last call to one of the

HASP License Manager API functions.
Structure DWORD HaspLMLastError(

DWORD *System Error //Address of location of system error
LPSTR ErrorStr //Address of error description buffer
DWORD ErrorStrSize //Size of error description buffer
);
Parameters
*System Error Points to a variable containing the system
error number.
ErrorStr Points to a buffer to receive the last error
description of the HASP License Manager
Windows NT service.
ErrorStrSize Size of ErrorStr buffer (in bytes).

failed, the function returns the value LM_FAIL.
Error Messages
The HASP LM Installation functions return the following error
messages:
Table 16.4 HASP LM Installation API Error Codes
Error Description
CLOSE_KEY_FAIL Failed to close the key.
CLOSE_SERVICE_FAIL Failed to close the service.
CLOSE_SERVICE_MANAGER_FAIL Failed to close the service database manager.

Error Description
CONTROL_SERVICE_FAIL Failed to control the service
CREATE_SERVICE_FAIL Failed to create the service.
DELETE_SERVICE_FAIL Failed to delete the service
FREE_LIB_FAIL Failed to free the DLL.
GET_DATE_FAIL Failed to get date.
GET_PROC_ADDR_FAIL Failed to get an address from the DLL.
INVALID_PARAM Invalid parameter.
LOAD_LIB_FAIL Failed to load the DLL.
OPEN_KEY_FAIL Failed to open the key.
OPEN_SERVICE_FAIL Failed to open the service.
OPEN_SERVICE_MANAGER_FAIL Failed to open the service database manager.
SERVICE_NOT_SUPPORTED This service is not supported.
SET_VALUE_FAIL Failed to set a value.
START_SERVICE_FAIL Failed to start the service.

Part 4 - Chapter 17
Configuring
HASP4 Net Clients
This chapter describes how an application protected for
HASP4 Net - the HASP4 Net client - can be configured with a
configuration file.
If the client finds its respective configuration file, it reads the file
and uses the information. If not, default values are used.
In the HASP4 Net client configuration file you can fine-tune how
the HASP4 Net client searches for the HASP License Manager.
The default filename of the HASP4 Net configuration file is
nethasp.ini. A copy of nethasp.ini is included with the HASP utilities
and also with each HASP API. If you want to change the name,
you need to implement the new name when protecting the
application with HASP Envelope or the HASP API.
Search Sequence for Configuration File

The search sequence for the file depends on the operating system
and the type of application.
The protected application searches for the configuration file when
the first HASP4 Net service is accessed. It searches for the HASP4
Net client configuration file in the following locations:

Configuring HASP4 Net Clients Part 4 - Chapter 17
Table 17.1 nethasp.ini Configuration File Search Order
Application Type/ Search Sequence

Operating System
Win16 Current directory → Windows directory →

Windows system directory → Executable
file directory → Path
Win32 Executable file directory → Current

directory → Windows system directory →
Windows directory → Path
Mac OS 8.6, 9.1, Current directory

Mac OS X (only
Carbon applications)
Mac OS X Current directory → Home directory of

the current user → /etc. directory
Under Mac OS X, nethasp.ini is searched without a

leading dot. If you are using a case-sensitive system on
Mac OS X, make sure the filename nethasp.ini is in
lowercase.
Sections in the Configuration File

The HASP4 Net client configuration file consists of four sections,
each of which is optional:
• [NH_COMMON] for general settings
• [NH_IPX] for the IPX protocol
• [NH_NETBIOS] for the NetBios protocol
• [NH_TCPIP] for the TCP/IP protocol
The [NH_COMMON] section contains global settings for all
configuration file sections. Each of the other sections contains
settings which fine-tune operations for the specific protocol.

Using HASP in a Network Configuring HASP4 Net Clients
Specifying Keywords
In each section, you can specify either general or section-specific
keywords. If you set a general keyword in one of the three protocol
sections, you override the setting in the [NH_COMMON] section
(for that protocol only).
Use the section-specific keywords to adjust additional settings for
a particular protocol.
API and Envelope settings override configuration file settings.
Every line of the HASP configuration file you receive with the
HASP software is preceded by a semicolon (;). To use a line,
remove the semicolon. If you want to add comments, precede
them with a semicolon.
Names of HASP4 Net configuration files and their

keywords are not case-sensitive (except for the filename
under Mac OS X if a case-sensitive file system is used).
The following sections describe each section in the HASP4 Net

client configuration file. For each keyword, the possible values and
a short description are included. When a default value exists, it is
listed.

[NH_COMMON]
Section-Specific Keywords for [NH_COMMON]
nh_ipx
Possible values enabled, disabled
Description Use the IPX protocol.
nh_netbios
Description Use the NetBIOS protocol.
nh_tcpip
Possible value enabled, disabled
Description Use the TCP/IP protocol.
General Keywords for [NH_COMMON]
nh_session
Possible values <number>
Description Set the maximum length of time during which
the protected application tries to establish
communication with the HASP License
Manager.
Default 2 seconds

nh_send_rcv
Description Set the maximum length of time for the HASP
License Manager to send or receive a packet.
Default 1 second
[NH_IPX]
Section-Specific Keywords for [NH_IPX]
nh_use_bindery
Description: Use IPX with bindery. Ignored under Win32
API. This switch replaces the older switch
named NH_USE_SAP.
Default: disabled
nh_use_broadcast
Description Use the IPX Broadcast mechanism.
Default enabled
nh_bc_socket_num
Description Set the socket number for the broadcast
mechanism. The number is hexadecimal.
Default 7483H

nh_use_int
Possible values 2F_NEW, 7A_OLD
Description 2F_NEW means that the IPX protocol will use
interrupt 2Fh ONLY. 7F_OLD means that the
IPX protocol will use interrupt 7Ah ONLY.
disabled
Default 2F_NEW
nh_server_name
Possible values <name1>, <name2>,...
Description Communicate with the HASP License Manager
with the specified name.
Maximum: 6 names, up to 7 case insensitive
characters each.
nh_search_method
Possible values localnet, internet
Description Determine whether the protected application
communicates with only HASP License
Managers on the local network, or with any
HASP License Manager on the internetwork.
Default internet
nh_datfile_path
Possible values <path>
Description Specify the location of the HASP License
Manager’s address file.
General Keywords for [NH_IPX]

nh_session
Manager.
Default 2 seconds
nh_send_rcv
Default 1 second

[NH_NETBIOS]
Section-Specific Keywords for [NH_NETBIOS]
nh_nbname
Possible values <name>
Description Assign a name to the HASP License
Manager.Maximum: 1 name, up to 8 characters
(not case-sensitive).
nh_uselananum
Description Assign a lana number to be used as a
communication channel.
General Keywords for [NH_NETBIOS]
nh_session
Manager.
Default 2 seconds
nh_send_rcv
Default 1 second

[NH_TCPIP]
Section-Specific Keywords for [NH_TCPIP]
nh_server_addr
Possible values <address1>, <address2>
Description Set IP addresses of all the HASP License
Managers you want to search. Unlimited
addresses and multiple lines are possible.
Possible address format examples include:
IP address: 192.114.176.65
Local hostname: ftp.aladdin.co.il
nh_server_name
Possible values <name1>, <name2>,...
Description Communicate with the HASP License Manager
with the specified name(s). Maximum: 6 names,
up to 7 characters each (not case-sensitive).
nh_port_number
Description Set the TCP/IP port number (optional).
Default 475
nh_tcpip_method
Possible values TCP, UDP
Description Send a TCP packet or a UDP packet.
Default UDP

nh_use_broadcast
Description Use the UDP Broadcast mechanism.
Default enabled
General Keywords for [NH_TCPIP]
nh_session
Manager.
Default 2 seconds
nh_send_rcv
Default 1 second

Part 4 - Chapter 18
Monitoring
HASP4 Net Licenses
Aladdin Monitor permits centralized administration of the
HASP License Manager applications and the HASP4 Net keys.
• Checking the properties of the HASP License Manager.
• Checking HASP4 Net keys.
• Starting and stopping the HASP License Manager service.
Aladdin Monitor is available for the following environments:
Windows 98/ME, Windows NT/2000/XP/Server 2003. It can
communicate via TCP/IP and IPX.
Distributing Aladdin Monitor

Supply your customers with Aladdin Monitor. The Aladdin
Monitor comes with a online help file.
You can configure Aladdin Monitor with a HASP4 Net

client configuration file, see "Configuring
HASP4 Net Clients" (page 271)

Monitoring HASP4 Net Licenses Part 4 - Chapter 18
Installing Aladdin Monitor

You can install Aladdin Monitor on any station in the network. It
is not necessary to install a HASP License Manager on the same
station.
To install Aladdin Monitor use the installation utility aksmon.exe.
and follow the instructions of the installation wizard.
Settings for Aladdin Monitor

You can adapt the following program settings to meet your
requirements:
• The language used (German or English).
• The refresh frequency for the dialog box (default setting every
2 seconds).
• The frequency of network queries (default setting every 3
minutes).
• If you want to use the Hardlock mode, the HASP mode or
both.
• If you want to use the nethasp.ini configuration file.
To change the settings, select Settings from the File menu. The
changes become active after the program is restarted.

Using HASP in a Network Monitoring HASP4 Net Licenses
Checking the Properties of

HASP License Manager
In the left-hand part of the window, click the
HASP License Manager for which you want to check the login
information.
If HASP License Manager is not displayed, first double-

click the HASP LM folder or refresh the view by
selecting File/Rescan.
The HASP License Manager information is displayed in the right-

hand part of the window.
HASP License Managers listening to NetBIOS only are

currently not recognized by Aladdin Monitor.
The following information about the selected

HASP License Manager is displayed:
• General information about the selected
HASP License Manager (Table 18.1).
• Information about the HASP4 Net keys being managed
(Table 18.2).
Table 18.1 HASP License Manager Information
Box Meaning
Name Name of the computer on which

HASP License Manager is running.
Version Version of the HASP License Manager.
IP IP address of the computer

Box Meaning
IPX IPX address of the computer
LM Type Version of HASP License Manager
TCP/IP, Here, you can see which protocols are used.

IPX
Table 18.2 HASP Key Information
Box Meaning
HASP # Cumulative number of the HASP key.
HASP Maximum possible number of licenses.

Model
Current Stations currently logged in.

Stations
Checking HASP Keys

In the left-hand part of the window, click the HASP key for which
you want to check the login information. The HASP key can only
be checked, if a login has been performed.
If the key is not displayed, first double-click the

HASP License Manager which is making the key
available, or refresh the view by selecting File/Rescan.
The HASP information is displayed in the right-hand part of the

window.
The following information about the selected HASP key is
displayed:
• General information about the HASP key (Table 18.3).
• An overview of the programs (Table 18.4).
• An overview of logins for the individual programs (Table 18.5).

Using HASP in a Network Monitoring HASP4 Net Licenses
Table 18.3 HASP Information
Box Meaning
HASP # Cumulative number of the HASP key.
Table 18.4 Program Table
Box Meaning
Program No. Number representing the protected program.
Current Stations Stations currently logged in.
Maximum Stations Maximum possible number of stations.
Activations Maximum number of program activations.
Table 18.5 Login Table
Box Meaning
No. Cumulative number of the login.
Login ID Address under which the station logged in.
Protocol Protocol used.
Timeout Time which must elapse without activity until

the login entry is deleted or cancelled (in
seconds).

Starting and Stopping HASP License

Manager as a Service
The HASP License Manager service enables you to administer
HASP4 Net keys on an NT workstation.
You can use the Aladdin Monitor to start and stop the
HASP License Manager service on the local computer.
Starting the Service

Select Start HASP LM Service in the HASP LM Service menu
or the Services/HASP menu. Alternatively, you can use the
traffic light symbol. The service is started and can now make
available locally connected HASP4 Net keys within the network.
Alternatively, you can start the service using the context-sensitive
menu. To do this, right-click the HASP LM folder and select
Start HASP LM.
Stopping the Service

Select Stop HASP LM Service in the HASP LM Service menu
or the Services/HASP menu. Alternatively, you can use the
traffic light symbol.
The service is stopped. The view is then refreshed. This may take
some time since it involves searching through the entire network.
Alternatively, you can stop the service using the context-sensitive
menu. To do this, right-click the HASP LM folder and select Stop
HASP LM.

Part 5 - Chapter 19
Adapting HASP4 Net

to the Network
This section describes additional HASP License Manager switches
and nethasp.ini keywords you can use to further adjust the HASP4
Net system to your network environment.
Defining the Range of Stations under

IPX
With IPX, you can allow specific stations on a different segment to
access the HASP License Manager.
To allow access from a different segment:

1. Load the HASP License Manager with the -ipxnosap switch.
This ensures that the address of the HASP License Manager is
not advertised using the SAP mechanism, and is advertised in
the HASP4 Net address file newhaddr.dat.
2. Edit the nethasp.ini file as follows:
• In the [NH_COMMON] section, set NH_IPX = Enabled
• In the [NH_IPX] section, set NH_USE_BROADCAST =
Disabled

Adapting HASP4 Net to the Network Part 5 - Chapter 19
• In the [NH_IPX] section, set NH_USE_BINDERY =

Disabled
These settings instruct the protected application running on
stations in the range to search for the address file and read the
address of the HASP License Manager.
3. Copy the protected application and the nethasp.ini file to the
same directory. Make sure that each station in the range, and
only stations in the range, load the application from this
directory.

TCP/IP
There are two methods to define the range of stations under TCP/
IP. You can either specify the range of stations that the HASP
License Manager serves, or you can specify that the range of
stations search for a particular HASP License Manager.
Specifying the Range Using nhsrv.ini

The HASP License Managers for Windows, Win32 and Mac can
read a configuration file - nhsrv.ini. You can edit this file to specify
the range of stations the HASP License Manager serves under
TCP/IP.
To specify the range of stations, edit the nhsrv.ini

file as follows:
• In the [NHS_SERVER] section, NHS_IP_LIMIT = <ipaddr>
[,<ipaddr....]
Sample Formats for <ipaddr>

When you specify the range of stations using nhsrv.ini, you can use
any of the following formats:
• 10.1.2.3

Using HASP in a Network Adapting HASP4 Net to the Network
The HASP License Manager serves only the station with the
specified IP address.
• 10.1.2.*
The HASP License Manager serves only stations that match the
specified IP address mask, i.e. 10.1.2.0 through 10.1.2.255.
• 10.1.*.*
The HASP License Manager serves only stations that match the
specified IP address mask, i.e. 10.1.0.0 through 10.1.255.255.
To allow only some of the stations to access the

HASP4 Net in a TCP/IP-based network:
1. Edit nhsrv.ini and set the range of stations.
2. Copy nhsrv.ini to a location accessible by the HASP License
Manager.
Specifying the Range Using nethasp.ini

You can edit the HASP4 Net configuration file to specify the
HASP License Manager (according to address) for which a range
of stations searches.
To specify the HASP License Manager for which a

range of stations searches:
1. Edit the nethasp.ini file: In the [NH_TCPIP] section, set
NH_SERVER_ADDRESS= <address of HASP License
Manager>
2. Copy the nethasp.ini to a location accessible only to the desired
range of stations.

Adapting HASP4 Net to the Network Part 5 - Chapter 19

NetBIOS
To allow only some of the stations to access the
key in a NetBIOS-based network:
1. Load the HASP License Manager with the -nbname switch set
to a name of your choice (up to 8 characters, not case-sensitive).
This defines the NetBIOS name of the HASP License
Manager.
For example, to load haspserv.exe and define the NetBIOS name
of the station as firstsrv, enter:
haspserv -nbname = firstsrv
2. Edit the nethasp.ini file:
• In the [NH_COMMON] section, set NH_NETBIOS =
Enabled
• In the [NH_NETBIOS] section, set NH_NBNAME =
firstsrv
This links the stations to the NetBIOS name.
3. Copy the protected application and the nethasp.ini file to the
same directory. Make sure that each station in the range, and
only stations in the range, load the application from this
directory.
You cannot have two stations with the same NetBIOS

name. If you want to load the HASP License Manager
on more than one station, you must define a different
NetBIOS name for each HASP License Manager.

Using HASP in a Network Adapting HASP4 Net to the Network
Adapting the Timeout Length

The HASP License Manager cannot serve more than one request
at a time. The timeout length determines how long a protected
application repeatedly tries to access the HASP License Manager
before giving up.
In almost all networks, the default timeout values are sufficient, so
you only need to change the default values in networks that have a
HASP4 Net connected to a slow or busy station.
To define the timeout length:

In the appropriate section of the nethasp.ini file, set:
NH_SESSION = <m>
NH_SEND_RCV = <n>
where m and n are measured in seconds. By default, m is 2
seconds and n is 1 second.
Defining the Number of Protected

Applications Served
With the HASP License Manager, you can change the default
number of protected applications served. By default the HASP
License Manager can serve a maximum of 250 (NLM) or 1000
(Win32, Mac) protected applications.
The HASP License Manager allocates memory space for the
maximum number of protected applications. If necessary, you can
save memory space by changing this default value.
To change the default memory space allocation:

Load the HASP License Manager with the switch:
nhsrvw32 -userlist = n
where n is the number of protected applications it serves.
The -userlist switch is only available for Win32.

Part 5
Using the Remote
Update System
This part provides you with information on the Remote Update
System, which enables you to update the memory of HASP keys
already in your customers’ possession.
The chapter "Remote Update System" (page 295) describes the
RUS concept and relevant tools.
The chapter "Remote Update System API" (page 315) contains
information on the API which can be used to update keys
remotely.

Part 5 - Chapter 20
Remote Update
System
The HASP Remote Update System (RUS) is an advanced utility
for secure, remote updating of a customer’s HASP key(s).
RUS enables you to update the memory of HASP keys already in
your customers’ possession. You encrypt the additions and
changes you make to the memory and then send them to your
customer via telephone, fax or e-mail.
Your revisions to the memory enable or modify the execution of
software modules. For example, with the new parameters you set,
the customers can upgrade a demo application to a fully licensed
version.
With RUS, you are able to update the memory of the HASP4 M1,
HASP4 M4, HASP4 Time and HASP4 Net models.

Remote Update System Part 5 - Chapter 20
Implementing RUS
Implementation of RUS involves the two following stages:
• Creating the RUS Utilities
• Updating your customer’s HASP
RUS Utilities
With RUS, you create two utilities:
• Vendor utility
• Customer utility
Keep the Vendor utility for use at your site and supply the
Customer utility to your customer.
To update the HASP, you and your customer each use your
respective RUS utilities to update the HASP memory.
Update Procedure
To update the HASP memory:
1. The customer uses the Customer utility to retrieve the ID
number of the key which requires updating and informs you of
the number.
2. Enter the ID number and the updated data in the Vendor
utility.
3. Generate the RUS passwords in the Vendor utility, and supply
them to your customer.
4. Your customer enters the RUS passwords into the Customer
utility and updates the memory of the HASP key.

Using the Remote Update System Remote Update System
The process of updating a customer's HASP key is

completely secure. All data passed between you and
your customer is randomly encrypted. In addition, RUS
passwords are specific to the key for which they were
generated, and cannot update any other key but that
one.
Stages of the Remote Update System

The illustrations that follow display the two stages involved in the
remote updating of HASP keys:
Figure 20.1 Stage 1: Creating the RUS Utilities

Figure 20.2 Updating the HASP Memory

Creating the RUS Utilities

When you generate the two separate utilities - one for you and one
for your customer - you use two RUS installation programs:
vendinst.exe and custinst.exe.
Specifically, vendinst.exe generates the Vendor utility, vendor.exe, and
the custinst.exe generates the Customer utility, customer.exe.
Both vendinst.exe and custinst.exe are located in the RUS directory.
The RUS directory also contains two subdirectories. The IBM
subdirectory contains BIN files needed to generate the RUS
utilities for IBM computers and compatibles. The NEC
subdirectory contains BIN files needed to generate the RUS
utilities for Japanese NEC computers. When you generate the
utilities, you copy the contents of the appropriate subdirectory to
the RUS directory.
You should supply your customers with customer.exe and

customer.hlp.
Generating the RUS Utilities

When you generate the RUS utilities, make sure that the files
vendinst.exe, vendor.bin, custinst.exe and customer.bin are located in the
same directory:
• If you intend to run the RUS utilities on an IBM, copy the
contents of the IBM subdirectory to the RUS root directory.
• If you intend to run the RUS utilities on an NEC computers,
copy the contents of the NEC subdirectory to the RUS root
directory.
To generate the RUS utilities:

1. Connect your application’s HASP key to your computer.
2. Enter the following from the DOS command line to generate
the Vendor utility:
vendinst <password1> <password2> [target pc]

3. Enter the following from the DOS command line to generate

the Customer utility:
custinst <password1> <password2> [target pc]
You have now generated the RUS utilities
As the Vendor and Customer utilities are generated with

passwords belonging to a specific HASP key (or a batch
of keys with the same developer code), they are
customized to update only this particular HASP key (or
batch of keys).
RUS Installation Parameters

When you generate the RUS utilities from the DOS command
line, specify the following parameters:
password1, password2
The passwords of the required HASP key.
target pc
An optional switch which specifies the type of computer on which
the RUS utility is to run:
Switch Function
-ibm The target computer is an IBM PC or compatible. It

is the default.
-nec The target computer is a Japanese NEC computer.

The Vendor Utility

You use the Vendor utility to specify the new data for your
customer’s HASP key.
This new data is transferred in the form of RUS passwords which
you generate and supply to your customer.
Refer to "The Customer Utility" (page 310) to see how your
customer later uses these RUS passwords to update the HASP key.
Generating RUS Passwords

To generate RUS passwords:
1. Type the following DOS command line to activate vendor.exe:
vendor
The Vendor main screen appears:
2. Click the arrow to the right of the HASP Type field and select
your customer’s HASP model from the drop-down list.
3. Enter the HASP ID number of your customer’s key in the ID
Number field.

This number is supplied to you by your customer, who uses the

Customer utility to retrieve it. For more details, see "The
Customer Utility" on page 310.
4. Enter the data with which you want to update your customer’s
key. There are two ways to enter data, FAS mode and Direct
mode.
• Click FAS to enter new Full Authorization System (FAS)
protection parameters. The screen displays the FAS
parameters for the HASP model you selected. See the
section below, "Entering Data in FAS Mode"for further
instructions.
• Click Direct to edit the HASP memory. See the section
below, "Entering Data in Direct Mode"for further
instructions.
During a single RUS session you can either enter FAS
parameters or edit the key’s memory, but you cannot do both.
5. Click Config if you want to use a configuration file. In the
window that opens, you can:
• Save the parameters you have set to a configuration file.
Type the filename, or choose a file by clicking Browse, and
then click Save.
• Load previously saved parameters from a configuration file.
Type the filename, or choose a file by clicking Browse, and
then click Load.
6. Click Generate to generate the RUS passwords and then OK
to display the RUS passwords. There can be as many as 11 RUS
passwords.
You can save the RUS passwords to a file by checking Save
RUS passwords to a File, entering the name of a file, and then
clicking OK. This file can then be used with the Customer
utility to load the RUS passwords automatically.

Now supply the RUS passwords to your customer, who can then
update the HASP key by using them with the Customer utility.
Entering Data in FAS Mode

With settings for the Full Authorization System (FAS), you can set
the protection parameters of your program(s). See page 22 and
page 112 for details on FAS.
The following are the FAS parameters you can set in RUS:
Program Number
Each program is assigned its own number. If you are updating the
protection parameters of a program, specify the number you
previously assigned it. If you are adding a new program, give it a
new number.
You can set FAS parameters for only one

program during a single RUS session. You
generate RUS passwords separately for each
program you update.
Do not assign a value greater than the maximum number of

programs which can be saved in the HASP key. The following is
the range of numbers you can assign the different keys:
• 1-16 for HASP4 M1
• 1-112 for HASP4 M4
• 1-8 for HASP4 Time
• 1-112 for HASP4 Net
Number of Authorized Activations

This value is the maximum number of activations you allow a
protected application. Enter a number of your choice in this field.
Alternatively, enter U to authorize an unlimited number of
activations. You can specify this parameter when using HASP4
M1, M4 and HASP4 Net.

Expiry Date
This parameter, which is relevant only for the HASP4 Time keys,
indicates the date after which the protected program cannot run.
Enter two-digit numbers for the day, month and year of the
application’s expiry date. Type “00-00-00” if you want to set an
unlimited expiry date.
Number of Authorized Stations

This parameter, which is relevant only for the HASP4 Net keys,
indicates the number of stations authorized to run the protected
application at the same time.
Assign a value no greater than the maximum number of stations
supported by your customer’s HASP4 Net model (i.e., 5 for
HASP4 Net5, and 10 for HASP4 Net10 etc.). If you have a
HASP4 NetU, you can enter U to authorize an unlimited number
of stations.
Note: It is recommended that the number of stations
used for HASP4 NetU not exceed 200.
Entering Data in Direct Mode

When you enter data in Direct mode, you can edit up to 16
consecutive memory cells.
The Edit Memory in Direct Mode screen appears as follows:

Enter data in the following fields:
Start Address
At this address, you begin updating the HASP memory. Enter a
decimal value. Do not leave this field empty.
Data Cells
The 16 data cells are displayed in three modes (Characters,
Decimal, and Hexadecimal), each in a separate pane. Enter data
in any one of the three panes in the format of that pane.
Entering data in one pane updates simultaneously the
corresponding cells in the other panes with analogous values.
To move between panes, click the mouse on any one of the cells in
the desired pane.
You can enter data in fewer than 16 cells. However, do

not leave an empty memory cell between any two cells
containing values.

Activating the Vendor Utility with Switches

Using DOS command line switches can save you time and
keystrokes. Switches also enable you to execute the Vendor utility
from batch files or from within your own applications without
going through the utility screens.
Vendor Utility Command-Line Switches

The following table lists the command-line switches and a brief
description of each. You can use the full string of a switch or its
brief notation represented by the upper-case characters contained
within the string. For example, you can enter either -HT or -
HaspType.
Table 20.1 Vendor Utility Command Line Switches
Switch Function
-Help Displays a list of all switches and a brief explanation of each.
-HaspType <HASP type> Enter the type of HASP key your customer uses.
Possible values are:
memo For HASP4 M1, M4 keys
time For HASP4 Time
netFor HASP4 Net keys
-IDnum <HASP ID The hexadecimal value of the customer's HASP ID number.

number>
-CfgFile <configuration The full path and name of a configuration file in which some or
filename> all of the parameters set in the Vendor utility were previously
saved.
-DiRect Indicate that the data is entered in Direct mode.
-Fas The data with which you set FAS parameters.
-GenPassFile <filename> The name of the file to which you save the RUS passwords.
-PrgNum <program The number you assign the program.

number>

Switch Function
-STations <number of The number of stations authorized to activate a program. This

stations> FAS parameter is relevant to HASP4 Net keys only.
-ACtivations <number of The maximum number of activations for a program. Enter U to

activations> allow an unlimited number of activations. This FAS parameter is
applicable to HASP4 M1, M4 and HASP4 Net keys.
-ExpDate <mm-dd-yy> The program’s expiry date. Enter 00-00-00 to set an unlimited
expiry date. This FAS parameter is relevant only to HASP4 Time.
-StartAddr <start address> The start address for editing memory in Direct mode.
-DataD Up to 16 decimal values with which you edit the HASP memory.
<dataD1>.<dataD16>
-DataH Up to 16 hexadecimal values with which to edit the HASP

<dataH1>.<dataH16> memory.
-DataS <"string" > The number of characters (up to 32 for HASP4 M1, M4 and
HASP4 Net keys, and up to 16 for HASP4 Time) with which to
update the HASP memory. Enter the string using quotation
marks.
-BatcH Runs the Vendor utility in batch mode without entering the utility
screens.
Sample Use of Command Line Switches

The following examples demonstrate the activation of the Vendor
utility from the command line:
vendor -bh -ht memo -id 7a37381e -f -pn 5 -ac u -gpf
ruspass.txt
Run the Vendor utility (vendor) in batch mode (-bh) without
entering the utility screen. The customer’s key which requires
updating is a HASP4 M1, M4 (-ht memo), whose ID number
is 7a37381e (-id 7a37381e). Update it using FAS (-f), setting for
program number 5 (-pn 5) an unlimited number of authorized
activations (-ac u). Generate the RUS passwords, saving them
to a file named ruspass.txt (-gpf ruspass.txt)

The file ruspass.txt can be used in conjunction

with the Customer utility to load the RUS
passwords automatically.
vendor -ht net -dr -dd 12 15 25

Run the Vendor utility (vendor) to update a HASP4 Net (-ht
net). Edit the memory (-dr) so that the first three memory cells
(-dd) receive 12, 15, and 25 as decimal values. (The character
and hexadecimal data fields receive the corresponding values
automatically.)
Vendor Utility Error Codes

The Vendor utility returns the DOS error level codes listed in the
table below:
Table 20.2 Vendor Utility Error Codes
Code Description
2, 5 Invalid/missing ID number
3, 4 Invalid/missing Hasp key type
7, 8 Invalid/missing program number for FAS
9, 10 Invalid/missing number of authorized activations for

FAS
11, 12 Invalid/missing number of authorized stations
13, 14, 16 Invalid/missing start address
15, 20 Invalid/missing data arguments
17, 18 Data argument is out of range
22 Missing data string
23, 24 Data string is too long
25 Only one data switch may be entered (DataD, DataH,

or DataS)

Code Description
26, 27 Invalid/missing expiry date for FAS
29 Impossible to use CfgFile switch from within a

configuration file
30 Missing configuration file name
31, 35 Error opening/reading configuration file
32, 39 Cannot create/missing RUS passwords file
33 Out of memory when reading file
34 This is not a Vendor utility configuration file
36 Missing data entry mode (FAS/Direct)
40 Too many data words
41 Invalid switch
52 Invalid ID number
55, 56 Cannot use FAS switches for direct mode and vice
versa
59 The range for activations is 0-65534, or U for

unlimited
60 The range for stations is 1-65534, or U for unlimited

The Customer Utility

In order for your customers to be able to update the HASP key,
you must supply them with the Customer utility, customer.exe. The
following instructions explain how customers should install the
utility at their work sites.
You should supply these instructions to your customers together
with the help file customer.hlp.
Using the Customer Utility

When you or your customer use the Customer utility, there are two
main steps:
• Retrieving the HASP ID number
• Updating the HASP key
Retrieving your HASP ID Number

In this step, you check the ID number of your HASP key, and
supply that number to your vendor.
To retrieve the HASP ID number:

1. Connect your HASP key to the computer.
2. From the DOS command line enter:
customer
The customer utility main screen appears.
3. Click Get ID to retrieve the HASP ID number (and to see the
HASP type).
The HASP ID number screen appears, displaying the HASP ID
number and HASP type:

4. If you want to save these two parameters to a configuration file,

click Save and enter the name of the file, or click Browse and
choose a file from your directories, and then click OK.
Supply your vendor with your key’s ID number and HASP type
either by reporting them directly or by sending the configuration
file. With this data, the vendor can generate the RUS passwords
you need to update your HASP key.
Updating your HASP Key with RUS Passwords

In this step, you get the RUS passwords from your vendor. These
passwords contain the data which will be saved to the HASP key’s
memory.
To update your HASP key with RUS passwords:

1. Connect the HASP key to the computer.
2. From the DOS command line enter:
customer
The Customer utility main screen appears.
3. Enter the RUS passwords you received from your vendor into
the Customer utility either:

• By clicking Manual and typing the passwords in the

following screen:
• By clicking Config, typing the name of the configuration

file containing the RUS passwords (or clicking Browse to
find it) and clicking OK. This procedure loads the
passwords automatically from a configuration file supplied
by your vendor.
The RUS passwords are displayed.
4. Click Update after the passwords have been entered or loaded
from the configuration file in order to update your HASP key.
Activating the Customer Utility with Switches

Using DOS command line switches can save you time and
keystrokes. Switches also enable you to execute the Customer
utility from batch files or from within your own applications
without going through the utility screens.
Customer Utility Command-Line Switches

The following is a list of the command line switches and a brief
description of each. You can use the full string of a switch or its
brief notation represented by the upper-case characters contained
within the string. For example, you can enter -UP or -UPdate.

Table 20.3 Customer Utility Command Line Switches
Switch Function
-Help Displays a list of all the switches with a brief explanation of

each.
-GetId Displays the HASP ID Number.
-VenFile <filename> Name of a file to which the HASP ID number will be saved.
-UPdate <pass1>.<pass11> Updates the HASP key by means of the specified RUS
passwords. There can be up to 11 passwords.
-CfgFile <configuration Name of the configuration file containing the RUS passwords.
filename>
-BatcH Runs the Customer utility in batch mode without entering the
utility screens.
-NoBatch Disables batch mode (for instance, when loading the RUS
passwords from a configuration file).
Sample Use of Command Line Switches

The following examples demonstrate the activation of the
Customer utility from the command line:
customer -bh -cf ruspass.txt
Run the Customer utility (customer) in batch mode (-bh)
without entering the utility screen. Update the HASP key by
retrieving the RUS passwords from a configuration file named
ruspass.txt (-cf ruspass.txt).
customer -cf ruspass.txt -nb
Run the Customer utility (customer). Enter the utility screen (-
nb) and update the HASP by retrieving the RUS passwords
from a configuration file named ruspass.txt (-cf ruspass.txt).

Customer Utility Error Codes

The Customer utility returns the DOS error level codes listed in
the table below:
Table 20.4 Customer Utility Error Codes
Code Description
1, 2 Invalid/missing RUS passwords

4 Missing configuration file name
6 Error opening configuration file
7 Not a legal configuration file
8 Out of memory reading configuration file
12 Incorrect HASP key is connected
13 Impossible to generate file without ID number
14 Missing filename for saving the ID number
18 Error opening/creating file for saving ID number
19 Invalid switch
101 HASP key not found
104 Wrong HASP ID number
106 Invalid start address
107 Too many data words
108 Incorrect RUS passwords
109 Error reading from HASP memory

Part 5 - Chapter 21
Remote Update
System API
Win32 Remote Update System API
With RUS Win32 API you can remotely update the memory of
HASP4 M1, M4, HASP4 Time and HASP4 Net keys. The update
generates a secure set of strings which can be sent to the user, to
be interpreted in conjunction with a specified key. The following
components are relevant when updating HASP keys using this
interface. The RUS API directory on the HASP CD contains the
following files:
RUS Win32 is not compatible with RUS for DOS!

!
haspdev.dll
Dynamic Link Library for the vendor. This library offers two
different functions to create update strings for HASP keys: one for
a general memory update, the second for a FAS memory update.

Remote Update System API Part 5 - Chapter 21
haspclnt.dll
Dynamic Link Library for the customer. This library offers two
different functions that are relevant for updating HASP keys: one
for integrating memory updates into the customer's HASP keys,
the second for retrieving the IDs of HASP keys.
Customization Utility
The customization utility (confdll.exe) is a command line
application for integrating HASP passwords into the customer
DLL, haspclnt.dll, and spawning the HASP Envelope.
Sample Applications
The Win32 API is released with sample applications to help you
implement the Win32 RUS into your application.
The following sections describe how to implement the Win32 API
into your application and how to perform updates using the
Win32 API.
Implementing RUS
Before updating HASP keys using the Win32 RUS API, you
should familiarize with the RUS concepts. To do this, take a closer
look at the sample applications provided.
Implementation of Win32 RUS involves the following stages:
Stage 1: Preparing Your Application for RUS

1. Customize the haspclnt.dll with your HASP passwords. The
customized DLL can be shipped together with your
application. See page 324, Customization Utility.
2. Implement the RUS update client routines into your
application. See sample applications.
Stage 2: Performing Updates

1. Use the haspclnt.dll (customer DLL) to retrieve the ID number
of the key to be updated.

Using the Remote Update System Remote Update System API
2. Use the haspdev.dll from your production environment to

create the necessary update strings.
Send the update data to your customer to enter it into the
application.

Functions Provided in Vendor DLL

The Dynamic Link Library hasdev.dll is the Win32 API for vendors.
It provides the following two functions:
• signed int RUS_CreateUpdateDirect for general memory
updates, and
• signed int RUS_CreateUpdateFAS for FAS memory updates.
Both functions generate update strings, which is then sent to the
customer for updating their HASP key memory.
RUS_CreateUpdateDirect
Description When using this function, no HASP key has to be connected.
This function creates a string for general memory updates
using a memory image.
Syntax signed int RUS_CreateUpdateDirect (
DWORD IdNum,
int Password1,
int Password2,
int KeyType,
int Address,
int NumOfBytesToUpdate,
char *MemoryImage,
int CodeBufferSize,
char *Code,
void *sKey)
Parameters Used
IdNum ID number of the customer's HASP key. Enter the unique 32-
bit ID number of your customer's HASP key. If you want to
generate data for keys without checking the ID number during
the update process, enter 0. This will update all keys with the
passwords specified below.
Password1, Passwords of the HASP keys to be updated.
Password2

KeyType Type of HASP key. Possible key types are HASP4 M1, M4,
HASP4 Net or HASP4 Time.
Address Start address of HASP memory at which you begin updating
the HASP memory.
NumOfBytesToUpdate Number of bytes to be updated in the HASP memory.
MemoryImage Pointer to the data you want to write to the HASP memory.
CodeBufferSize Length of buffer provided.
Code Pointer to the data area which is to hold the ASCIIZ (ASCII
zero terminated string) string of generated codes.
sKey Parameter (pointer) reserved for future use. Currently must be

set to NULL.
Return Values Please refer to the chapter “Return Values” below.

RUS_CreateUpdateFAS
Description When using this function, no HASP key has to be connected.
The function is available for HASP4 Net, HASP4 Time and
HASP4 M1, M4 keys. This function creates a string for general
memory updates using FAS licensing parameters.
Syntax signed int RUS_CreateUpdateFAS (
DWORD Idnum,
int Password1,
int Password2,
int KeyType,
int ProgramNumber,
int Activations,
int Year,
int Month,
int Day,
int Stations,
int CodeBufferSize,
char *Code,
void *sKey)
Parameters Used
IdNum ID number of the customer's HASP key. Enter the unique 32-
bit ID number of your customer's HASP key. If you want to
generate data for keys without checking the ID number during
the update process, enter 0. This will update all keys with the
passwords specified below.
Password1, Passwords of the HASP keys to be updated.
Password2
KeyType Type of HASP key. Possible key types are HASP4 M1, M4,
HASP4 Net or HASP4 Time.
ProgramNumber Each program is assigned its own number. If you are updating
the protection parameters of a program, specify the number
you previously assigned it. If you are adding a new program,
give it a new number.

Activations Number of authorized activations you allow a protected

application. Relevant for updates of HASP4 Net and HASP4
M1, M4 only. Set to 65535 to authorize an unlimited number of
activations.
Year, Month, Day Expiration date. Relevant for HASP4 Time only. Note that the
year must be given in the range 1992 - 2091. Set all values to 0
for unlimited date.
Stations Number of authorized stations. Relevant for HASP4 Net only.
This parameter indicates the number of stations authorized to
run the protected application at the same time. Set to 0 to
authorize an unlimited number of stations.
CodeBufferSize Length of buffer provided.
Code Pointer to the data area which is to hold the ASCIIZ string of
generated codes.
sKey Parameter (pointer) reserved for future use. Currently must be
set to NULL.

Functions Provided in Client DLL

The Dynamic Link Library HASPCLNT.DLL provides the
following functions which are to be called on the PC with the
corresponding key connected:
• signed int RUS_PerformUpdate to update the memory of the
customer's HASP.
• signed int Get_KeyID to retrieve the ID of the connected
HASP key.
Before calling one of the above functions, the DLL must have
been customized. See "Customization Utility" on page 326.
RUS_PerformUpdate
Description This function updates the memory of one or more HASP keys.
In case the update is ID-number dependent, the ID number,
the key type and the passwords are checked for correctness.
Otherwise, only the key type and the passwords are checked.
Syntax signed int RUS_PerformUpdate (char *Code)
Parameters Used
Code ASCIIZ data string for update (generated using the
corresponding function of the vendor DLL).

Get_KeyID
Description
This function retrieves the ID number of the connected key.
This function is similar to the corresponding HASP API
function, but is provided in the DLL for completeness.
Syntax
signed int Get_KeyID (unsigned int *KeyID)
Parameters Used
KeyID Returns the ID of the key currently connected.

Return Values
General
l
SUCCESS The function was executed successfully.

HASP_ERROR_IN_LOW_WORD Unexpected error occurred during a HASP call.
The HASP API error code is returned in the low
word.
OPERATION_FAILED The operation isn’t performed successfully.
DLL_NOT_CUSTOMIZED The Dynamic Link Library has not been
customized.
RUS ID
HASP_NOT_FOUND The key could not be found.
UNDEFINED_HASP The HASP key could not be identified.
HASP_3_DETECTED A HASP 3 key has been detected.
BATTERY_DEAD_OR_MEMORY_ The battery of the key doesn’t work or the memory
CORRUPT is corrupt.

RUS Update
INVALID_CODE The string specified in the Code parameter is not
valid.
INVALID_KEY_ID The update is ID-number dependent; the ID of the
connected key does not match.
KEY_NOT_FOUND No HASP key found with this password.
KEY_TYPE_MISMATCH The connected HASP key does not match the
specified key type.
Memory Update
BUFFER_TOO_SMALL The length of the buffer specified in the
CodeBufferSize parameter is too small.
ILLEGAL_MODULE_NUMBER The program number is out of range for the
specified key type.
INVALID_PARAMETER At least one input parameter is invalid, e.g.
passwords not specified.
ILLEGAL_KEYTYPE The type of key specified in the KeyType parameter
is unknown.
DETECTED_TAMPERING A manipulation of the license information has been
detected.
HASH_MEMORY_OVERFLOW The buffer which holds the hash is too small.

Each vendor generates a unique DLL with the necessary functions
for remote key updates. This DLL contains the HASP passwords
and is protected with the HASP Win32 Envelope against reverse
engineering. To customize the DLL, a simple command line utility
(confdll.exe) must used:
Syntax
confdll <DLL name> <Password 1> <Password2>
<Envelope>
Example
confdll.exe C:\demo\haspclnt.dll 15417 9632
D:\demo\instw32.exe
In the above example, the DLL will be customized with the HASP
Demo passwords and secured using the win32 HASP Envelope
engine, instw32.exe from the CD. Another option is to edit the
convert.bat batch file with your key’s passwords and run it from
the command line.

RUS API for Mac Applications

With the Remote Update System (RUS) API for Mac, you can
remotely update the memory of HASP4 M1, M4, HASP4 Time
and HASP4 Net keys. A complete listing of all API functions is
provided in the Win32 Remote Update System API section
starting on page 315.
The update generates a secure set of strings which can be sent to
the user, to be later interpreted by a specified key. The following
components are relevant when updating HASP keys using this
interface. The RUS directory for Mac applications on the HASP
CD contains the following files.
haspdev shared library

Shared library for the vendor. This library offers two different
functions to create update strings for HASP keys: one for a
general memory update, the second for a FAS memory update.
haspclnt shared library

Shared library for the customer. This library offers two different
functions that are relevant for updating HASP keys: one for
integrating memory updates into the customer's HASP keys, the
second for retrieving the IDs of HASP keys.
The customization utility (confdll) is a command line application
for integrating HASP passwords into the customer shared library.

The table below reviews the names of components as they are

used the three Mac systems supported by the RUS API.
Component OS X (Native) Carbon Classic
Customer haspclnt.dylib haspclnt_carbon. haspclnt_classic.s

shared library shlib hlib
Vendor shared haspdev.dylib haspdev_carbon. haspdev_classic.s

library shlib hlib
Customization confdll confdll confdll

utility
The confdll component is a Mac OS X native

application, but it can be used to customize the carbon
and classic shared libraries.

Appendix A
Troubleshooting
The first part of this appendix offers a check-list that can help you
solve some of the most common problems you might encounter
when using HASP. The second part helps you by listing specific
problems you or your customers may experience, along with the
solutions.
The HASP product line conforms to the highest standards of
quality assurance. However, like any other PC peripheral device, it
might not operate on certain PC configurations due to faulty
equipment or improper installation. This appendix on
troubleshooting can assist you if you encounter such a situation.
In addition to the information contained in this chapter,
customers can access the Aladdin Knowledge Base at:
http://www.hasp.com/kb2
The Knowledge Base contains a comprehensive listing of
solutions to general and specific problems. Please contact your
local HASP representative for access passwords and further
details. To avoid difficulties, make sure you are using current
HASP software versions. Contact your local HASP representative
for the latest updates or refer to Aladdin’s international downloads
page at:
http://www.hasp.com/download
If problems persist, check if the HASP sample, test and
DiagnostiX applications work. Then, communicate the results to
your local HASP representative.

Appendix A: Troubleshooting
Check List
If one of your customers reports a problem, check the following
list:.
• When applicable, note the returned error code or message. For
more information see "Status Codes for All HASP Keys" on
page 217.
• Does the same problem occur with another HASP?
If not, then replace the faulty key with a new one.
• Is the HASP key connected properly to the parallel port?
• Is a printer connected to the HASP?
If yes, and it works properly, disconnect the printer and check
whether the HASP works without it.
If it does, check the quality of the cable, and ensure it conforms
to IEEE standards. This is often printed on to the cable itself.
If the cable conforms to standards, but the HASP does not
work properly, try to use or install a second parallel port for the
HASP to circumvent any problem the printer may be causing.
If the problem still occurs, try to replace the original printer
card or use another parallel port.
• Is there a printing problem? If so, test with another printer on
the same computer to determine whether the problem is
printer-specific. Run hinstall with the switches -i -cnt=yes.
• Is your customer’s PC or system experiencing technical
difficulties such as device manager collisions, system events,
bootlog failures, etc.?
• Can Aladdin DiagnostiX access the HASP key? Try to create a
diagnostic report. See "Assisting End-Users & Vendors" on
page 117.
• Does the problem occur when the protected application runs
on another PC of the same model?

Appendix A Troubleshooting
Problems and Solutions

Problem HASP is connected but the protected application cannot find it.
Solution Although every effort has been made to ensure the highest level
of communication, on rare occasions a call to the hasp( ) routine
might not be activated or transmitted well. We recommend that
you call the hasp( ) routine with a service several times before
assuming the HASP is not connected.
Problem You get printer errors when trying to print from a protected
Windows application.
Solution This situation is due to a conflict between printer access and

HASP access. To avoid conflicts between HASP and other
parallel devices (such as printers), install the HASP device driver.
Problem A HASP is connected to the printer and Windows 3.x warns that
the printer is inaccessible or that there is a device conflict.
Solution 1. Select Main from the Program Manager.

2. Select Control Panel.
3. Select 386 Enhanced.
4. Select LPT1 in the Device Contention frame and click Never
Warn.
5. Repeat step 4 for LPT2 and LPT3.
6. Click OK.

Problem You try to use hinstall.exe to install the HASP device driver under
Windows NT/2000/XP/2003 but receive error 9121.
Solution If you try to activate the Hinstall utility under Windows NT/
2000/XP/2003 without administrator privileges, you receive this
error. Make sure you have administrator privileges.
Problem You try to activate a HASP4 M1/M4-protected application under

Windows NT/2000/XP/2003 and Windows 95/98/ME, but the
application cannot find the key.
Solution Make sure the HASP device driver is installed. If the problem
persists when the HASP device driver is installed, run:
hinstall -info
The Hinstall utility displays the version number, installation date,
and computer type. Contact your local HASP representative with
the details of these parameters.
Problem Your 16-bit application is protected with HASP4 Net and the
Envelope. Although the number of stations activating the
application is less than the number of licenses issued, when an
additional station tries to activate it, you receive a “too many
users” error.
Solution A 16-bit application, protected only with HASP4 Net and the
Envelope, does not perform a HASP4 Net logout. When such an
application terminates, it remains listed in the log table, and
therefore the license is not released.
Protect your application again using either the HASP API alone
or together with HASP Envelope to perform a HASP4 Net
logout. This removes the application from the log table and frees
the license.

Problem You protected an application for both stand-alone PCs and

network environments by using HASP4 M1/M4 and HASP4 Net.
Now you discover that one more station than the number you
have licensed can activate the application.
Solution This situation occurs because an application first tries to access

the local port to find a HASP4 M1/M4. If the developer codes of
your HASP4 M1/M4 and HASP4 Net are the same, an
application activated from the station with the HASP4 Net
connected finds the local HASP4 Net. The application treats the
local HASP4 Net as if it were a stand-alone key and does not
record the activation in the HASP4 Net log table. Therefore, the
application does not use a license.
To avoid this situation, make sure the HASP4 M1/M4 and
HASP4 Net have different developer codes.
Problem Your HASP4 Net-protected Windows application returns HASP4

Net LastStatus Error 21.
Solution DOS extender and Windows applications require an average of 8

KB of DOS memory. The HASP4 Net API requires 1 KB of
DOS memory.
HASP4 Net LastStatus Error 21 is issued when the amount of
DOS memory is less than 1 KB and therefore insufficient for the
HASP4 Net system. In such cases, not only HASP4 Net-protected
applications, but other Windows applications are disabled.
To solve this problem, either remove some TSRs or exit some
open Windows applications. You would use the same solution
with any application that complains about insufficient DOS
memory.

Problem Your application is running on a station that does not have

network drivers loaded. The station stops responding when the
application performs a HASP4 Net login.
Solution This happens when the HASP4 Net configuration file enables a
specific protocol. The HASP4 Net system tries to use the
specified protocol without checking if it is actually present. If the
station does not have the protocol drivers installed, it stops
responding.
The solution is to delete the HASP4 Net configuration file. Or, if
you need the HASP4 Net configuration file, load the network
drivers.
Problem Accessing the parallel port causes the computer to hang.
Solution Parallel ports of IBM PCs and compatibles are assigned to one of
the following I/O ports: 3BCh, 378h, or 278h.
Network cards usually take up 10h or 20h I/O ports
consecutively from their base address.
When the I/O port of a network card overlaps that of a parallel
card, accessing the parallel port can cause the computer to stop
responding. For example: printing, accessing software protection
keys, and accessing peripherals connected to the parallel port may
all cause the computer to hang.
It is therefore essential to avoid overlapping the I/O ports by
changing the I/O base of the network card.
There are two ways to change a network card I/O base:
• Some network cards let you assign the I/O base with jumpers.
See the documentation supplied with the card for a
description of the jumper positions for a given I/O base.
• With newer cards, you can change the I/O base using the
software supplied with the cards.

Problem Your application takes a long time to find the HASP4 Net on a
large TCPIP network.
Solution In this case, it is recommended to customize the search

mechanism. Use the HASP4 Net configuration file to specify the
UDP or TCP search method and to set the IP address of the
HASP License Manager. By doing so, the HASP4 Net client
searches for the HASP License Manager with the specified IP
address, which is much faster.
Problem You receive error 8 with HASP4 Net.
Solution Error 8 means that query reached the HASP License Manager, but
that the HASP4 Net client did not receive an answer back. To
solve this, try increasing the time frame in which the HASP4 Net
client waits for the answer. Do so by increasing the time-out
length in the HASP4 Net configuration file.
Problem You receive error 15 with HASP4 Net under TCPIP or IPX?
Solution Error 15 under TCPIP/IPX occurs only when you use the
broadcast search mechanism. Error 15 means that a broadcast
was made by the HASP4 Net client, but no HASP License
Manager was found.
Increase the timeout length in the nethasp.ini file to 8 seconds. If
after doing so, Error 15 still returns, it is due to one of the
following:
• A HASP License Manager was not loaded.
• If the TCPIP protocol was used, then the HASP License
Manager is in a different subnetwork.
• If the IPX protocol was used, then SAP is not supported.
If you repeatedly receive Error 15, try using another search
mechanism.

Problem You are using a HASP4 Net5 and authorized your application five
licenses, but only three users can activate the application.
Solution First use HaspEdit and make sure that your application is
programmed for five licenses in the HASP4 Net. If it is, it is
possible that it escaped your notice that all five licenses are being
used. Use the Aladdin Monitor to confirm which stations are
actually using licenses.

Appendix B
HASP Demo
Passwords
When you order HASP keys, you are assigned a unique developer
code and unique HASP passwords. You receive the passwords
together with your HASP keys.
The following tables list the passwords you use with the HASP
demo key you receive in your HASP Developer’s Kit.
Table B.1 Passwords of HASP Demo Memory Keys
Developer Code First Password Second Password
DEMOMA 15417 9632
DEMOMB 29875 28774
DEMOMC 29313 23912
Table B.2 Passwords of HASP4 Std Demo Keys
Developer Code First Password Second Password
DEMO3A 5932 25657
DEMO3B 20580 22012
DEMO3C 10038 15697

Appendix C
Technical
Specifications
Table C.1 General Specifications for All HASP keys
Plastic case material ABS

Operating temperature 0° - 55° C (32° - 131° F)
Storage temperature -25° - 70° C (-13° - 158° F)
Humidity rating 0 - 100% without condensation
UL-6C61 1950 standard 94-V0
ASIC operating voltage range* 1.8 - 5.5V
Daisy chaining (not applicable to HASP4 USB) up to 10 units
Number of times a HASP memory cell can be at least 1,000,000
rewritten
HASP memory data retention at least 10 years

Appendix C: Technical Specifications
Table C.2 Specifications for HASP4 Std, HASP4 M1, HASP4 M4, HASP4 Net
Dimensions 39 x 53 x 17 mm
Weight ~33 g
Connectors DB25
Lines used D0-D7, INIT, ATFDXT, PE
Read/write memory
HASP4 without memory none
HASP4 M1 112 bytes
HASP4 M4 496 bytes
HASP4 Net 496 bytes
Batteries/external power none
Table C.3 Specifications for HASP4 Time
Weight ~50 g
Connectors DB25
Lines used D0-D7, INIT, ATFDXT, PE
Read/write memory 512 bytes
HASP4 Time clock counts hour, minute, second, year, month, day
HASP4 Time clock accuracy 2 hours per year
Battery lifetime 4+ years

Appendix C Technical Specifications
Table C.4 Specification for USB models

Weight ~7 g
Connectors USB Type A
Lines used Power, ground, two data lines
Read/write memory
HASP4 USB none
HASP4 USB M1 112 bytes
HASP4 USB M4 496 bytes
HASP4 USB Net 496 bytes
Batteries / external power none
Table C.5 HASP PC-Card
Dimensions Type II
Weight ~25g
Operating temperature 0° - 70° C (32° - 158° F)
Humidity rating 20 - 80% relative humidity
Power consumption < 100 mA (typically 50 mA)
Operating voltage 5V
Batteries / external power none
ASIC technology CMOS 2µA with E2 cells
Number of programming cycles > 100 000
Data retention > 10 years

Appendix C: Technical Specifications
Table C.6 AladdinCARD ISA
Dimensions 113 mm x 100 mm

Weight ~105g (including adapter cables)
Connector ISA Bus 8-bit slot
internal DB25 female
IO addresses 278h, 378h, 3BCh
IRQ None, IRQ5, IRQ7
Operating voltage 4.5 V. 5.5 V
Table C.7 AladdinCARD PCI

Dimensions 180 mm x 124 mm
Weight 105 g (including adapter cables)
Connector PCI connector 32-bit /33 MHz /5 V
internal DB25 female
IO addresses dynamically assigned
IRQ dynamically assigned
Operating voltage 5V

Glossary
Activations The number of times a HASP-protected application can be
started.
Address File A search mechanism in which the HASP4 Net client accesses a file
Search to retrieve the address of the HASP Net License Manager.
Mechanism
Aladdin A tool used to check and report all information in your system
DiagnostiX related to HASP.
ASIC The Application Specific Integrated Circuit (ASIC) of the HASP is

a propriety, full-custom chip containing a unique algorithm.
Background Ongoing checks for the presence of the HASP key performed by
HASP Checks the HASP Envelope during application run time.
Bindery Search A search mechanism in which the HASP4 Net client searches the
Mechanism Novell bindery to find the HASP Net License Manager.
Broadcast A method of communicating across a network by sending

(broadcasting) messages to every workstation..
Broadcast A search mechanism in which the HASP4 Net client uses a SAP
Search broadcast to find the HASP Net License Manager.
Mechanism
Daisy-chaining The connecting of HASP keys one after the other. Only applicable
to parallel-port HASP keys that have different passwords.

Glossary
DataHASP A feature of the HASP Envelope utility that you use to protect
data files.
DemoMA One of the developer codes used by demo keys.
Developer Code A unique code assigned to each software developer and burnt into
the ASIC component of the HASP.
Expiration Date The date after which the protected application can no longer run.
Full A powerful feature that allows you to protect multiple applications

Authorization with a single key, and to specify the conditions under which each
System (FAS) application can be used.
HASP Hardware against software piracy (HASP) is a hardware-based

system for software protection.
HASP3 Generation 3 of the HASP system. Within HASP documentation

you may encounter HASP3 names that are compatible with newer
HASP4 types as described in the table below:
HASP3 to HASP4 Compatibility
HASP3 HASP4 Std.

MemoHASP-1 HASP4 M1
MemoHASP-4 HASP4 M4
TimeHASP-4 HASP4 Time
NetHASP HASP4 Net
HASP4 Generation 4 of the HASP system that supports hardware

encoding of data.
HaspEdit A utility used to access the HASP and edit the memory of HASP
memory keys.
HASP An interface to a HASP object file or DLL that you link to your
Application application, allowing you to insert calls to the HASP throughout
Programming your code.
Interface (API)

Glossary
HASP Demo Key A HASP key with demo passwords (15147 and 9632 for DemoMA
keys) and developer code DemoMA that you use to evaluate the
HASP protection system.
HASP A package that contains everything needed to evaluate the HASP

Developer’s Kit protection system.
HASP Device A driver that interfaces between HASP-protected applications and

Driver the HASP, commonly referred to as HDD.
HASP Device A property of the HASP Device Driver which enables it to load
Driver Dynamic without the need to reboot your system.
Load
HASP Envelope A HASP a patcher utility that injects code into a compiled
executable file. The HASP Envelope wraps an application in a
protective shield and ensures that the protected application cannot
run unless the correct HASP is connected to the computer.
HASP Envelope A step-by-step guide through the protection process using the
Wizard HASP Envelope.
HASP ID A unique number assigned to each HASP memory key during the
Number manufacturing process.
HASP Memory Internal read/write memory contained in the HASP, the amount
of which depends upon the particular HASP model.
HASP Memory HASP memory keys have internal read/write memory, the size of
Key which varies depending on the model. The following HASP
models contain a memory: HASP4 M1 (112 bytes), HASP4 M4
(496 bytes), HASP4 Time (496 + 16 bytes), HASP4 Net
(496 bytes)
HASP Passwords Two unique passwords assigned to each developer code, enabling
access to the HASP key. A software developer would normally
require a single developer code, but more codes can be ordered if
required.
hasp( ) Routine The HASP API routine that accesses the HASP key.

Glossary
HASP Stand- HASP keys, sometimes referred to as local keys, designed for
Alone Key stand-alone computers.
HASP Starter’s A package containing everything needed to evaluate and

Kit immediately protect your software.
HASP Test Utilities for testing the HASP API and HASP4 Net operations.
Utilities
HASP4 Time A HASP stand-alone key containing an ASIC chip, an internal real-
time clock, and depending on the model, up to 512 bytes of
internal/write memory.
Hinstall A Windows-based command line application that installs the

HASP Device Driver.
Idle Time The period after which a station is considered inactive in accessing
a HASP4 Net.
HASP4 Net The default method by which the HASP4 Net protected
Automatic application searches for the HASP Net License Manager.
Search
HASP4 Net The station activating a HASP4 Net-protected application.

Client
HASP4 Net Files that contain settings for the fine-tuning of HASP4 Net client
Configuration and HASP Net License Manager behavior on the network.
Files
HASP4 Net A customized method by which the HASP4 Net client searches
Custom Search for the HASP Net License Manager.
HASP Net Commonly referred to as LM, this application communicates

License between the protected application and the HASP4 Net key,
Manager functioning as a link between the two.
HASP4 Net Log A list of all protected applications that have performed a HASP4
Table Net Login and the stations from which they were activated.

Glossary
HASP4 Net The process by which a HASP4 Net-protected application

Login requests permission to run from the HASP Net License Manager.
HASP4 Net The process by which a HASP4 Net-protected application informs

Logout the HASP Net License Manager that it is no longer using its
license.
HASP4 Net The series of HASP4 Net keys which allow different maximum
Models numbers of licenses for a protected application.
HASP4 Net A tool used to track the use of HASP4 Net-protected applications
Monitor on a network. (monitor.exe)
Memory Beamer The Memory Beamer is a vendor utility that serves as a channel for
transferring secured data between vendors and their customers.
The utility is used to prepare customized DLLs for end users, and
to decrypt the memory of deployed HASP keys.
nethasp.ini The HASP4 Net configuration file for the protected application. It
contains settings for fine-tuning HASP4 Net behavior on the
network.
nhsrv.ini The configuration file for the HASP Net License Manager. It
contains settings for fine-tuning the HASP Net License Manager.
Number of The number of times a protected application can run.

Activations
Number of The number of stations that can run the protected application at
Licenses the same time.
PC-CardHASP An advanced software protection card that is inserted to PC-Card

(PCMCIA) slots found on most notebook PCs.

Index
A B
Access to HASP key.......................... 37 - 38 Background HASP checks....................... 80
Activations ................................................ 112 Basic services............................................ 157
Adapt timeout length............................... 291 Batch code. See Developer Code
AKS Monitor. See Aladdin Monitor Battery in HASP4 Time............................ 25
aksparlnx.o .................................................. 40 Big Endian................................................ 168
aksusbd ........................................... 37, 40, 46
Aladdin DiagnostiX ................................. 117 C
Checking for a HASP Key .............. 119
-c .................................................................. 73
Configuring nethasp INI files......... 121
Cascading. See Daisy-chaining
instructions................................. 121
-cfgfile ......................................................... 73
Creating reports ................................ 122
Chaining. See Daisy-chaining
Create Report Settings.............. 122
Check
Diagnosing HASP Keys .................. 119
clock date .......................................... 181
Checking for a HASP key ............... 119
clock time .......................................... 179
Key Access History Panel ............... 120
for HASP presence.......................... 160
Table............................................ 120
HASP ID number..... 98, 172, 186, 200
Aladdin Monitor... 235, 238, 281 - 286, 336
HASP type ........................................ 161
Anti debug modules................................... 73
port..................................................... 161
Anti-debugging........................................... 80
status of call to HASP4 Net ........... 193
API ....................................................... 21 - 22
Checksumming ........................................ 152
Application activations, limit........... 23, 303
Clearing the memory............................... 107
Application programming interface ...... 129
Clock
Application protection, prepare............... 83
check date.......................................... 181
ASCIIZ ...................................................... 322
check time ......................................... 179
ASIC........................................................ 5, 19
setting date ........................................ 180
setting time........................................ 178

Index
Compilers, support .................................. 145 DOS extender ............................................ 76

Configuration file ....................................... 73 DOS, memory requirements.................. 333
Conflicts with parallel devices, avoid .... 331 Driver .......................................................... 38
Crash, reactivating after........................... 194 -drvwait ....................................................... 74
Create templates ....................................... 111
custinst.exe. See Customer utility E
Customer utility .. 296 - 297, 300, 310 - 314
Editing HASP memory........................... 130
Status codes ....................................... 314
Editing memory ......................................... 98
HASP4 M1/M4.................................. 99
D HASP4 Net ....................................... 101
Daemon ....................................................... 37 Remote Update System.......... 302, 304
Daisy-chaining ............................................ 26 -enc .............................................................. 74
Data -enclevel ...................................................... 74
decode ....................................... 166, 210 Encode ...................................................... 152
encode .............................. 149, 165, 208 Encode data.................... 130, 149, 165, 208
Data files, protecting. See DataHASP with HASP Edit.......................... 87, 108
DataHASP............................................ 26, 68 Encode of HASP memory ..................... 152
Dates. See Clock Encryption key........................................... 74
Decode data ..................................... 166, 210 endian ........................................................ 168
DecodeData service................................... 17 Envelope. See HASP Envelope
Defining range of stations ........... 287 - 290 Error codes. See Status codes
Demo applications ................................... 129 Error messages
Demo key passwords............................... 337 HASP Envelope ................................. 72
Demo keys ................................................ 337 Errors
Determine HASP ID........................ 89, 108 error 15 .............................................. 335
Determining HASP ID ........................... 130 error 21 .............................................. 333
Developer code .......... 17, 19, 238, 333, 337 error 8 ................................................ 335
Device conflict, avoiding ........................ 331 error 9121 .......................................... 332
Device driver. See HASP device driver HASP not found .............................. 332
-dhfilter ........................................................ 73 Expiration dates....................................... 112
-dhfilterx ...................................................... 74 Expiry date................................................ 304
-dhkey .......................................................... 74 -exsecnum ................................................... 74
dinst.............................................................. 37
Disk space requirements ........................... 52 F
Distribution
FAS ............................................................ 112
preparing for........................................ 83
HASP Envelope ................................. 54
DLLs
-fas................................................................ 74
protecting........................................... 145
FAS area.................................................... 113

Index
-fasprgnum.................................................. 74 for Mac OS X..................................... 37

File pattern.................................................. 73 HASP Edit........................................ 83 - 114
Full Authorization System....... 22 - 24, 112 configuration file................................ 85
program list ................................. 91 - 97 prepare for application protection 108
Remote Update System ......... 302 - 303 retrieve HASP ID ...................... 89, 108
setting preferences ........................... 107
G template files..................................... 110
HASP Envelope ......... 21 - 22, 51 - 82, 155
GetDate..................................................... 181
and API protection............................ 51
GetHaspID............................................... 186
error messages .................................... 72
GetTime .................................................... 179
for Linux ............................................. 79
Getting started.............................................. 1
for Mac Applications......................... 78
Instw16.exe ......................................... 73
H Instw32.exe ......................................... 73
-h3pass......................................................... 74 protecting Linux applications .......... 79
Hard disk space .......................................... 88 Protecting Mac Applications............ 78
Hardware....................................................... 9 switches ............................................... 73
HASP ? ..................................................... 74
in a network......................................... 26 c..................................................... 73
interfaces............................................ 129 cfgfile............................................ 73
problems ............................................ 329 createcfg....................................... 73
software updates............................... 329 dhfilter.......................................... 73
HASP API ................. 21 - 22, 31, 129 - 146 dhfilterx........................................ 74
basic services ..................................... 157 dhkey ............................................ 74
HASP4 Net services ........................ 187 drvwait ......................................... 74
HASP4 Time services............ 175 - 186 enc................................................. 74
Memory services..................... 167 - 174 enclevel......................................... 74
status codes ............................. 217 - 225 exsecnum ..................................... 74
HASP basic concept.................................. 15 fas.................................................. 74
HASP daemon .................................. 37, 130 fasprgnum.................................... 74
HASP Demo .............................................. 31 h3pass........................................... 74
HASP demo keys..................................... 107 hasp4 ............................................ 74
HASP Developer Kit ................................ 12 help ............................................... 74
HASP Device Driver ..................... 235, 332 highsecoff .................................... 74
for Windows NT .............................. 332 highsecon..................................... 75
removing.............................................. 34 interval.......................................... 75
HASP device driver................................... 30 loader............................................ 75
HASP driver .............................. 37 - 38, 130 loginprocess................................. 75
for Mac OS 8.6, 9 ............................... 38 loginx............................................ 75

Index
mhid .............................................. 75 Mac..................................................... 253

mhpass .......................................... 75 switches..................................... 258, 287
netcfg............................................. 75 Windows............................................ 249
nhpass ........................................... 75 HASP License Manager configuration file ..
nodbgcheck .................................. 75 288
noenc............................................. 75 HASP memory........................................... 23
nofas.............................................. 75 options ................................................. 20
nohasp4......................................... 75 HASP memory, encode of ..................... 152
norandomsize .............................. 75 HASP passwords ................ 19, 25, 300, 337
nores.............................................. 76 changing............................................... 25
nospecial ....................................... 76 hiding ................................................. 153
novir .............................................. 76 HASP protection keys ................................ 9
out.................................................. 76 HASP software, overview ................ 29 - 31
ovl .................................................. 76 HASP Starter Kit ....................................... 13
pcs.................................................. 76 HASP test utilities...................................... 31
prg.................................................. 76 HASP Tools
prgnum.......................................... 76 Aladdin DiagnostiX ......................... 117
quiz ................................................ 76 End User Utilities
randomsize ................................... 76 Aladdin Diagnostix Memory
special............................................ 76 Beamer......................... 125
special1.......................................... 76 HASP Envelope
vir................................................... 76 Win32 Envelope ......................... 79
window................................................. 53 hasp( ) routine ....... 131, 144, 147, 157, 167,
with HASP4 Net............................... 332 175, 187, 217, 331
HASP hardware............................................ 9 and TCP/IP ...................................... 189
HASP ID number. 19, 25, 86, 89, 108, 296 time required to call ......................... 144
and HASP API protection .............. 130 -hasp4 .......................................................... 74
and HASP Envelope protection ...... 66 HASP4 key models.................................... 11
calculating .......................................... 146 HASP4 key types ....................................... 10
check........................... 98, 172, 186, 200 HASP4 M1 ............................................. 9, 11
entering in Vendor utility ................ 301 services..................................... 167 - 174
retrieving with Customer utility...... 310 HASP4 M1/M4 ......................................... 27
HASP key editing memory................................... 99
check presence of ............................... 17 HASP Envelope ................................. 54
HASP keys update................................................... 27
demo ................................................... 337 HASP4 M4 ...................................... 9, 11, 99
HASP License Manager 194, 212, 220, 235, services..................................... 167 - 174
287 HASP4 Net.......................... 12, 63, 229, 239
Linux................................................... 256 and the HASP Envelope................. 332

Index
client configuration file.......... 271 - 280 I

editing memory................................. 101 I/O base, changing ................................. 334
error 21 .............................................. 333 IBM ..................................................... 62, 300
HASP Envelope ................................. 54 ID number............................................ 19, 25
Internet .............................................. 239 Identify key................................................. 17
key........................................................... 9 Idle time...................................................... 77
LastStatus codes ..................... 220 - 225 IdleTime.................................................... 201
LastStatus service ............................. 193 Implementing API .................................. 131
License Manager............................... 235 Installation.................................................. 29
log table............ 194, 196, 202, 234, 248 customize under Linux ......... 42, 44, 47
login........................................... 194, 334 customize under Mac OS X ............. 37
logout .................................. 77, 196, 332 customize under Windows ............... 34
program list ........................ 96, 199, 206 Linux.................................................... 40
services............................................... 187 Mac............................................... 37 - 39
HASP4 Net configuration files.............. 287 Windows ..................................... 33 - 35
client ......................................... 271 - 280 Installing
setting the name................................ 207 driver.................................................... 38
HASP4 Standard........................................ 11 Installing HASP Drivers
HASP4 Std.............................................. 9, 11 Automatic Installation of HASP for
HASP4 Time ................................... 9, 11, 25 Linux on Itanium ................ 45
clock ................................................... 101 HASP on IA64 Platforms ................ 35
HASP Envelope ................................. 54 HASP Win64 for Itanium................. 34
setting clock....................................... 107 Manual Installation of HASP for Linux
HASP4 Time services ................... 175 - 186 on Itanium............................ 46
HASP4 without memory .......................... 91 Installing HASP Drivers HASP for Linux
HaspDecodeData ........................... 166, 210 on Itanium ................................... 45
HaspDemo Utility ................................... 143 Instdos.exe.................................................. 73
haspdemo.exe................................................ 143 Instw16.exe................................................. 73
HaspEdit. See HASP Edit Instw32.exe................................................. 73
HaspEncodeData..................................... 208
haspenv.exe................................................. 53
HaspID............................................. 172, 200
HaspQueryLicense .................................. 213
HaspStatus ................................................ 161
HDD16.EXE ............................................. 33
HDD32.EXE ............................................. 33
-highsecoff .................................................. 74
-highsecon................................................... 75
Hinstall utility .................................... 34, 332

Index
Interfaces ................................................... 129 editing................................................... 98

-interval........................................................ 75 HASP4 Net reserved ...... 114, 199, 206
IPX protocol................................................... . reading..... 170, 173, 183, 185, 198, 203
defining range of stations ................ 287 remote update..................................... 27
IsHasp........................................................ 160 update................................................... 27
writing to 171, 174, 182, 184, 199, 205
K Memory Beamer ...................................... 125
reading report files ........................... 126
kernel mode driver..................................... 40
Sending Passwords to Your Customers
125
L sending Passwords to Your Customers
Languages 125
support ............................................... 145 Memory services ............................ 167 - 174
LastStatus .................................................. 193 -mhid ........................................................... 75
codes........................................ 220 - 225 -mhpass ....................................................... 75
error 21............................................... 333 Micro ............................................................. 5
Licensing.......................... 63, 238, 332 - 333 Micro-controller........................................... 5
Limit Multi key programming tool .................. 111
application activations........................ 23
Limiting N
applications served ........................... 291
NEC
licenses.................................................. 63
as target computer............................ 300
number of licences ............................. 63
NetBIOS protocol
Linux ............................................................ 40
defining range of stations................ 290
Little Endian ............................................. 168
station name...................................... 290
-loader .......................................................... 75
-netcfg.......................................................... 75
Loading time ............................................... 80
NetHASP
Log table......... 194, 196, 202, 234, 248, 332
login.................................................... 234
Login ........................................ 194, 234, 334
logout ................................................. 234
LoginProcess Service 110 ....................... 214
NetHASP Monitor. See Aladdin Monitor
-loginx .......................................................... 75
Network cards.......................................... 334
Logout................................ 77, 196, 234, 332
Networks and HASP4 Net ........... 229, 239
LptNum..................................................... 133
New Envelope Configuration ................. 53
NH_COMMON............................. 272, 274
M NH_IPX ................................................... 275
Mac 9.x......................................................... 38 NH_NETBIOS ....................................... 278
Mac OS 8.6.................................................. 38 NH_TCPIP .............................................. 279
Mac OS X.................................................... 37 -nhpass ........................................................ 75
Memory ....................................................... 23

Index
-nodbgcheck ............................................... 75 Programming multiple keys ........... 104, 111

-noenc.......................................................... 75 Programming single HASP keys . 110 - 111
-nofas ........................................................... 75 Protect Application ............................. 54, 58
-nohasp4...................................................... 75 Protect icon ................................................ 54
-norandomsize............................................ 75 Protection
-nores ........................................................... 76 for networks and stand-alone keys 142
-nospecial .................................................... 76 for networks and stand-alones....... 333
-novir ........................................................... 76 HASP API .......................... 21, 31 - 146
Number of Licenses field HASP Envelope................................. 21
HASP4 Net ......................................... 63 main stages.......................................... 32
maximizing...................... 147 - 155, 241
O methods............................................... 21
of data files.......................................... 26
Open Envelope Configuration ................ 53
of DLLs............................................. 145
-out............................................................... 76
quick reference ................................... 32
Overlay File field........................................ 62
Protection parameters............................. 112
Overlay handling........................................ 76
-ovl ............................................................... 76
Q
P -quiz............................................................. 76
Parallel keys................................................. 10
Parallel port...................................... 133, 334 R
Parameters RAM............................................................ 88
hasp( ) routine. 132, 157, 167, 175, 187 -randomsize................................................ 76
Passwords. See HASP passwords Reactivating, after crash ......................... 194
PC-Cards ..................................................... 10 Read/write memory.................................. 11
PCMCIA ..................................................... 10 ReadBlock................................ 173, 185, 203
-pcs............................................................... 76 ReadByte................................................... 183
Port, check ................................................ 161 Reading memory... 170, 173, 183, 185, 198,
Prepare for application protection ........ 108 203
Preparing HASP keys.............................. 109 ReadWord......................................... 170, 198
-prg............................................................... 76 Real-time clock .......................................... 11
-prgnum....................................................... 76 Remote Update System . 27, 293, 295 - 315
Printing problems .......................... 330 - 331 client DLL......................................... 322
Problems ................................................... 329 Customer utility.. 296 - 297, 300, 310 -
Program list........................ 91 - 97, 199, 206 314
Program number............. 59, 74, 76, 93 - 98 customization utility ..... 316, 324, 326 -
Remote Update System ................... 303 327
Programming HASP keys....................... 109 DLL for customer ................... 316, 327

Index
DLL for vendor ....................... 315, 327 Service 230 ........................................ 215
editing memory ........................ 302, 304 Service 3............................................. 170
Full Authorization System.... 302 - 303 Service 4............................................. 171
passwords......................... 296, 301, 311 Service 40 .......................................... 193
performing updates .......................... 316 Service 42 .......................................... 194
preparing your application .............. 316 Service 43 .......................................... 196
sample applications .......................... 316 Service 44 .......................................... 198
switches .............................................. 312 Service 45 .......................................... 199
vendor DLL....................................... 318 Service 46 .......................................... 200
Vendor utility ....... 296 - 297, 301 - 309 Service 48 .......................................... 201
Retrieve HASP ID ............................ 89, 108 Service 5............................................. 161
Return codes Service 50 .......................................... 173
hiding.................................................. 153 Service 51 .......................................... 174
Rmote Update System Service 52 .......................................... 203
preparing your application .............. 316 Service 53 .......................................... 205
RUS API Service 6............................................. 172
for Mac ............................................... 327 Service 60 .......................................... 165
haspclnt shared libary ............... 327 Service 61 .......................................... 166
haspdev shared library .............. 327 Service 70 .......................................... 178
RUS API for Mac Applications Service 71 .......................................... 179
Customization Utility ....................... 327 Service 72 .......................................... 180
haspdev shared library ..................... 327 Service 73 .......................................... 181
RUS. See Remote Update System Service 74 .......................................... 182
Service 75 .......................................... 183
S Service 76 .......................................... 184
Service 77 .......................................... 185
Sample applications ................................. 129
Service 78 .......................................... 186
Scanning for connected keys.................. 108
Service 8............................................. 163
Searching, parallel port ............................ 133
Service 85 .......................................... 207
Security, enhancing ....................... 147 - 155
Service 88 .......................................... 208
Serial number.See HASP ID
Service 89 .......................................... 210
Services
Service 9............................................. 164
basic .................................................... 157
Service 96 .......................................... 212
HASP Memory....................... 167 - 174
SetConfigFilename .................................. 207
HASP4 Net........................................ 187
SetDate...................................................... 180
HASP4 Time .......................... 175 - 186
SetServerByName.................................... 212
LoginProcess functionality.............. 246
SetTime ..................................................... 178
Service 1 ............................................. 160
Setting
Service 104......................................... 213
clock date........................................... 180

Index
clock time .......................................... 178 Timeout length ........................................ 291

FAS Program List for HASP4 M1/M4 Troubleshooting ...................................... 329
92
FAS Program List for HASP4 Time 94 U
HASP License Manager name........ 212
Unprotected File.................................. 54, 56
HASP4 Net configuration file........ 207
Update HASP keys.......................... 293, 315
HASP4 Time clock .......................... 101
Update System ................................. 293, 315
number of licences ............................. 63
USB enumeration .................................... 134
Setup utility ................................................. 33
USB HASP .................................................... 5
setup.exe. See Setup utility
USB keys..................................................... 10
Software
USB port number.................................... 134
HASP, overview ......................... 29 - 31
Use HASP4 Security Features field ........ 62
updates ............................................... 329
Using API................................................. 131
-special ......................................................... 76
Using Full Authorization System.......... 112
-special1....................................................... 76
Specifying the port................................... 133
Specifying USB port number ................. 134 V
Stand-alone HASP keys in a network..... 26 vendinst.exe. See Vendor utility
Start HASP Wizard.................................... 53 Vendor utility .............. 296 - 297, 301 - 309
Status codes status codes....................................... 308
Customer utility ................................ 314 switches ................................... 306 - 308
HASP API............................... 217 - 225 Verify
HASP4 Net LastStatus .......... 220 - 225 presence of HASP ............................. 17
Vendor utility .................................... 308 -vir................................................................ 76
Switches
Customer utility ................................ 312 W
HASP Envelope ................................. 73 Win32 data files
HASP License Manager ......... 258, 287 protecting ............................................ 55
Remote Update System ................... 312 Working with templates ......................... 110
Vendor utility .......................... 306 - 308 WriteBlock............................... 174, 184, 205
WriteByte.................................................. 182
T WriteWord........................................ 171, 199
TCP/IP protocol Writing to HASP keys ............................ 109
and hasp( ) routine ........................... 189 Writing to memory 171, 174, 182, 184, 199,
defining range of stations................ 288 205
Technical support .................................... 122
Template files ........................................... 110
Time. See Clock

Hasp4 PG V12.1 PDF

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Hasp4 PG V12.1 PDF

Hochgeladen von

Copyright:

Verfügbare Formate

Securing the

HASP4 Programmer’s Guide i

All attempts have been made to make the information in this

ii © Aladdin Knowledge Systems, 2003

HASP4 Programmer’s Guide iii

iv © Aladdin Knowledge Systems, 2003

HASP4 Programmer’s Guide v

vi © Aladdin Knowledge Systems, 2003

8. Exclusion Of Consequential Damages

HASP4 Programmer’s Guide vii

10. No Other Warranties

viii © Aladdin Knowledge Systems, 2003

12. Governing Law & Jurisdiction

13. Third Party Software

HASP4 Programmer’s Guide ix

ISO 9001:2000 Certification

x © Aladdin Knowledge Systems, 2003

HASP4 Programmer’s Guide xi

About the HASP4 Programmer’s Guide. . . . . . . . . . . . . . . . . . . . . xxi

Part 1: Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Basic Concept . . . . . . . . . . . . . . . . . . . . . . . . . . . .15

Installing HASP . . . . . . . . . . . . . . . . . . . . . . . . . . .29

HASP4 Programmer’s Guide xiii

Part 2: Using HASP Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

Protecting with HASP Envelope . . . . . . . . . . . . . 51

Accessing Keys with HaspEdit . . . . . . . . . . . . . . 83

Assisting End-Users & Vendors . . . . . . . . . . . . . 117

Part 3: Using the HASP API . . . . . . . . . . . . . . . . . . . . . . . . . . . 127

Protecting with the HASP API . . . . . . . . . . . . . . 129

Protection Strategies. . . . . . . . . . . . . . . . . . . . . 147

Basic HASP Services . . . . . . . . . . . . . . . . . . . . . . 157

xiv © Aladdin Knowledge Systems, 2003

Service 8: CheckHaspGeneration . . . . . . . . . . . . . . . . . . . . . 163

HASP4 Memory Services . . . . . . . . . . . . . . . . . . .167

HASP4 Time Services . . . . . . . . . . . . . . . . . . . . . .175

HASP4 Net Services . . . . . . . . . . . . . . . . . . . . . . .187

HASP4 Programmer’s Guide xv

Service 230: GetCurrentServer . . . . . . . . . . . . . . . . . . . . . . .215

HASP API Status Codes . . . . . . . . . . . . . . . . . . . 217

Part 4: Using HASP in a Network . . . . . . . . . . . . . . . . . . . . . . 227

HASP4 Net Basic Concept . . . . . . . . . . . . . . . . . 229

Protecting Applications with HASP4 Net . . . . . 241

Managing HASP4 Net Licenses. . . . . . . . . . . . . 247

Configuring HASP4 Net Clients . . . . . . . . . . . . 271

Monitoring HASP4 Net Licenses. . . . . . . . . . . . 281

xvi © Aladdin Knowledge Systems, 2003

Checking HASP Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284

Adapting HASP4 Net to the Network . . . . . . . .287

Part 5: Using the Remote Update System. . . . . . . . . . . . . . . 293

Remote Update System . . . . . . . . . . . . . . . . . . .295

Remote Update System API . . . . . . . . . . . . . . .315

HASP Demo Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337

Technical Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339

HASP4 Programmer’s Guide xvii

HASP4 Programmer’s Guide xix

xx © Aladdin Knowledge Systems, 2003

HASP4 Programmer’s Guide xxi

HASP Programmer’s Guide Symbol Guide

To help you understand the HASP system in greater depth,

xxii © Aladdin Knowledge Systems, 2003

HASP4 Programmer’s Guide 1

HASP4 Programmer’s Guide 3

Advantages of the HASP System