Protocols

LSAPI is designed to support multiple challenge/response protocols for license authentication. By definition of being a standard, LSAPI defines a basic challenge protocol which is supported by all LSAPI-compliant license systems. The underlying algorithm is simple and satisfies basic LSAPI security goals. Furthermore, the algorithm does not require any patented cryptographic techniques. Appendix ??? outlines the protocol

Challenge Data Structure

The main data structure in the challenge/response mechanism is LS_CHALLENGE. This data structure is supported by all challenge/response protocols. This structure is used for both the challenge and challenge response of LSRequest(), and LSUpdate().

typedef struct {

LS_ULONG Protocol; // Specifies the protocol

LS_ULONG Size; // size of ChallengeData structure

LS_CHALLDATA ChallengeData; // challenge & response

} LS_CHALLENGE;

Since the LS_CHALLDATA structure can vary depending on the Protocol selected, the structure must be a single contiguous entity in memory, not to exceed Size bytes. Furthermore, he structure may not contain any indirections (pointers) within it.

The LS_CHALLDATA is used to pass in the challenge to the license system. In turn, the license system will return the challenge response in the structure. Therefore, the Size specified on entry must be large enough to accomodate the challenge response. If the structure is not large enough to accommodate the response, the error LS_BUFFER_TOO_SMALL is returned.

Since the LS_CHALLDATA structure can vary, the LSAPI will simply pass the Protocol, the Size, followed by Size bytes of data to the license system. The license system, in turn, can cast the byte sequence into the appropriate data structure based upon the Protocol specified.

Protocol IDs

Every challenge/response protocol has an assigned 32-bit protocol ID. Protocols in the range of zero through 0x0000FFFF are reserved for LSAPI. 0xFFFFFFFF is also a reserved protocol ID. Contact your license system vendor for more information.