PDA

View Full Version : Client-side trusted storage



sandhi
01-14-2010, 05:22 PM
Hi again,

I am working through "Getting Started with Trusted Storage–Based
Licensing". Our demo license has expired so I'm using our vendor-specific keys etc.

I got server-side trusted storage working as detailed in "Adding License Rights to a License Server". Now I'm trying to get client-side trusted storage working. I adapted the 1day_student.asr file by:
1. using our own PublisherID
2. copying the "features" section into a license file, running lmcrypt on it and copying the result back
3. running xmlsign on the document
This all seemed to work.

However, when I try to load the license into trusted storage using appactutil -local, I get the following error:
ERROR: flxActCommonLocSpcAddASRs - (50017,71526,29).

The "C/C++ Function Reference" says 50017 means "Failed to add ASR to trusted storage" but I have no idea what the other numbers signify. Are minor and system error numbers documented anywhere? If not can you tell me what this error means?

Thanks!

RobertDickau
01-14-2010, 08:03 PM
I imagine the issue is mismatched trusted configuration data (encryption and security settings): the data in the sample ASR is from the "demo" publisher, which doesn't match your publisher ID and settings. The data should come from the <AsrConfig>...<Data> element in your equivalent of platform/publisher/DemoTrustedConfigOut.xml, and goes in <ClientConfig>...<Data> in the ASR.

It might simpler to generate an ASR using asrgen, as described in the Programming and Reference Guide for Trusted Storage-based Licensing (ProgReg-TS.pdf); setting up the trusted configuration data should be described there, too.

sandhi
01-14-2010, 09:39 PM
Thanks, using asrgen I managed to load license rights into client-side trusted storage and check out features of ezcalc using them.

I then loaded a trial license for our application into client-side trusted storage and tried to use it from our (java) app. Once I add the <platform> directory to java.library.path, I get the following error:

Native Method Call Failed (-530,3103) (tsGetFeatureLines: flxInitLoad failed.: 1)

According to FlxInit.h, 1 means "Unable to locate security runtime", but I can't find any mention of a "security runtime" in the Knowledge Base. What is it and what do I need to do to use it? Is there any documentation on using Trusted Storage with the Java API beyond TSExample.java?

RobertDickau
01-15-2010, 07:31 PM
I think that refers to tsJavaAcc.dll and tsJavaAcc_libFNP.dll (there's a tsJavaAcc.dll target in makefile.act) on Windows, or a similar pair of .so files on other systems. Since trusted storage access uses native OS functionality, Java can't access it directly, and so these JNI libraries act as a bridge between the two. Those libraries will need to be in the same directory as the Java app.

sandhi
01-18-2010, 01:06 AM
Thanks, it's working now