ROCKEY5 TIME USER GUIDE
Contents
1. Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY retcode RY5_Find vendorID amp count find the certain vendor ID s dongle if retcode RY5_SUCCESS printf r n RY5_Find error error code 8X r n retcode return printf r n RY5_Find success the dongle count d r n count for i 1 i lt count i open retcode RY5 Open amp handle i open dongle i if retcode RY5 SUCCESS printf r n RY5 Open error error code 08X r n retcode return printf r n RY5 Open success Open dongle r n i Control LED retcode RY5_LEDControl handle ET_LED_ WINK LED twinkle if retcode RY5 SUCCESS printf r n RY5_LEDControl error error code 08X r n retcode return printf r n RY5_LEDControl success LED twinkle r n printf Please press any key to continue getchar retcode RY5 LEDControl handle ET LED OFF LED off if retcode RY5 SUCCESS printf r n RY5_LEDControl error error code 08X r n retcode return printf r n RY5_LEDControl success LED off r n printf Please press any key to continue getchar retcode RY5 LEDControl handle ET LED ON LED on if retcode RY5 SUCCESS printf r n RY5_LEDControl error error code 08X r n retcode return Copyright Feitian Tech2. Create Library simple LIB r After Make IV Beep When Complete I Start Debugging F Run User Program 1 frexbinsimplehexsmplebin e Fan User Program 2 re Figure 4 1 2 2 Output Options After finished all configuration steps select View gt Project window to spread the tree and right click Source Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY EY5 TIME USER GUIDE Group 1 Select Add files to Group Source Group 1 to add ROCKEY5 h and small_model LIB Last add C51 source code file into the project Please see the figure below test Mision2 D iSampTargitestimain c Bue Edit View Project Debug Flash Peripherals Tools SVCS Window Help PEA EEES A et 1 xi include main h void nain r Device for Target Target 1 Options for Group Source Group 1 Open File Targets Group Remove Group Source Group 1 and it s Files v Include Dependencies Add Files to current Project Group Figure 4 1 2 3 Add files 4 1 3 Debug After finished above processes programs move to Debug mode About KEIL uVision2 debugger please read its user manual 4 1 4 Exit a To end the debugging process _exit has to be used at the end of the debugging program Please refer section 6 1 1 Users could also select Debug gt Start Stop Debug Session
3. intial the environment context before hashing bRes _md5_init amp md5ctx if bRes 0 _set_response 1 amp bRes _exit hasing bRes _md5_update amp md5ctx text 5 if bRes 0 _set_response 1 amp bRes _exit Get MDS hashing result with 16 bytes bRes _md5 final amp md5ctx result if bRes _set_response 1 8bRes _exit _set_response 16 result _exit 6 4 13 rsa_enc BYTE_rsa_enc BYTE bMode WORD wrFilelD WORD wLen void pvData Objective Encrypt by using RSA public key Input parameters Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY bMode in RSA encryption Check Table 6 3 By default is 1024 bit wFilelD in Public key ID wLen in The length of plain text pvData in out The plain text as input and cipher text as output Note E bMode RSA encryption There are two modes for RSA RSA CALC NORMAL and RSA CALC PKCS Both of them require to use with RSA key bit RSA CALC NORMAL RSA CALC BIT 1024 and default bit is 1024 LL Name Value Explaination RSA CALC NORMAL 0x00 Without need of coding RSA_CALC_PKCS 0x02 PKCS 1 stardard encryption e O RSA_CALC_BIT_512 0x10 Encrypt with RSA 512 bit private key RSA_CALC_BIT_1024 default 0x00 Encrypt with RSA 1024 bit private key RSA_CALC_BIT_2048 0x20 Encrypt with RSA 2048 bit private key Table 6 3 E
4. 1 2 ROCKEY5 TIME Features H Compact Design The dongle is compact and portable E High Speed ROCKEY5 TIME was designed to process even very complex algorithms with minimal delay for your application Users will typically notice no degradation in application performance as a result of ROCKY5 TIME being implemented E Ease of Use ROCKEY5 TIME reduced API set simplifies the programming effort User utilities are also provided in order to make the use of ROCKEY TIME more convenient E High Security Levels ROCKEY5 TIME is a completely new model which offers a much higher level of security ROCKEY5 TIME implements a two level security system to segregate users who require read only access from those who require administrative privileges ROCKEY5 TIME adopts scrambling technology to communication It can prevent the dongle from being shared by multiple computers and the USB communication cannot be simulated It supports multi threads access ROCKEY5 TIME generates Vendor ID by seed codes The maximum length of seed is 250 bytes This enhances the security greatly ROCKEY5 TIME has a built in smart card chip and C51 virtual machine Kernel algorithms and data can be put and executed inside the dongle Thus ROCKEY5 TIME works as a small computer system and exchange data with PC over USB interface If the algorithm is enough complex it s impossible to E Internal Hardware Timer Time chip is embedded in ROCKEY5 TIME supporting the expirat
5. Check RY5_close example 7 1 2 RY5_Open DWORD WINAPI RY5_Open RY_HANDLE pHandle int Item Objective Open ROCKEY 5 TIME device RY5_Find must be called before calling this function Parameters Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY 5 TIME USER GUIDE pHandle out Handle pointer Return opened ROCKEY5 TIME handle Item in Open the specified ROCKEY5 TIME starting from 1 Note E Open successfully pHandle points to the opened ROCKEY5 TIME device handle E The function opens in sharing mode allowing other process access the ROCKEY5 TIME In this mode it supports multi process High frequency of open and close operation can reduce the program performance E For one program opens multiple ROCKEY5 TIME one should define handle array to store opened handle for next step Or operate each opened ROCKEY5 TIME in a loop E The user should call RY5_Close to release the handle after finishing the operation Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check 7 2 1 error lists Example Check RY5_Close example 7 1 3 RY5_Close DWORD WINAPI RY5_Close RY_HANDLE handle BOOL IsReset Objective Close ROCKEY5 TIME device RYS_Open should be called before calling RY5_ Close Parameters handle in Handle to ROCKEY5 TIME dongle to be closed IsReset in The safe status flag If set true
6. define define define define define define define define define define define define define define define RY5_C51_INVALID_PARAMETER RY5_C51_INVALID_ADDRESS RY5_C51_INVALID_SIZE RY5_C51_FILE_NOT_FOUND RY5 C51 ACCESS DENIED RY5 C51 FILE SELECT RY5 C51 INVALID HANDLE RY5 C51 FILE OUT OF RANGE RY5 C51 FILE TYPE MISMATCH RY5 C51 FILE SIZE MISMATCH RY5 C51 NO SPACE RY5 C51 FILE EXIST RY5 C51 INVALID KEY FORMAT RY5 C51 KEY LEN MISMATCH RY5 C51 RSA INVALID KEY FILE RY5 C51 RSA ENC DEC FAILED Ox00000011 RY5 C51 RSA SIGN VERI FAILED RY5_C51_SHA1 RY5_C51_MD5 RY5_C51_INVALID_ADDERSS RY5_C51_EEPROM RY5_C51_FUNC_EXPIRED RY5_C51_HW_CLOCK_BROKEN RY5_MALTCIOUS_UPDATE Copyright O Feitian Technologies Co Ltd Website www FTsafe com 0x00000007 0x00000008 0x0000000B 0x0000000D Ox0000000E Ox0000000F 0x00000002 0x00000003 0x00000004 0x00000005 0x00000006 0x00000009 Ox0000000C 0x00000010 0x00000012 0x00000013 0x00000014 0x00000015 0x00000016 0x00000017 0x00000018 0x00000019 ROCKEY5 TIME USER GUIDE invalid parameter invalid address invalid size file not found Access file denied open file number has reached its maximum invalid handle file out of range Ox0000000A file type mismatch file size mismatch have no enough space the file or its child directory is alre
7. in menu to stop debugging process u C51 programs will be terminated when _exit is called Users can add _exit to anywhere in C51 program to check the intermediate program value 4 1 5 Import C51 Programs C51 programs can be written into real smart card or virtual smart card Use ROCKEY5 TIME Virtual File System Manager to import BIN files into virtual smart card Please refer section 4 3 4 Use ROCKEY5 TIME User Tool to import BIN files into real smart card Please refer section 4 2 5 Or use API to import Please refer section 7 1 16 and 7 1 17 After imported use ROCKEY5 TIME User Tool or API to execute C51 programs to check result Please refer section 4 2 3 and 7 1 18 Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY EY5 TIME USER GUIDE 4 2 ROCKEY5 TIME User Tool ROCKEY5 TIME User Tool provides E Basic Functions access Data Memory zone and shared Memory zone generate random number control LED light E File Operations create write execute and clean files E Encryption and Decryption perform encryption and decryption and generate RSA key pairs E Password Management get hardware ID change Developer Password and set Vendor ID E Remote Update generate remote update package and test remote update package E Time Management get current COS expiration dates and set COS expiration dates E Batch Initialization Initialize dongles
8. printf r n RY5_Find error error code 08X r n retcode return printf r n RY5_Find success find dongle d r n count for i 1 i lt count i open retcode RY5 Open amp handle i open dongle if retcode RY5 SUCCESS printf r n RY5_Open error error code 08X r n retcode return Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE printf r n RY5_Open success open dongle r n i Change DevPin char OldPin 30 123456781234567812345678 developer pin char NewPin 30 111111111111111111111111 new pin Reset the developer pin and no retry limits retcode RY5_ChangeDevPin handle OldPin NewPin 255 if retcode RY5_SUCCESS printf r n RY5_ChangeDevPin error error code 08X r n retcode return printf r n RY5_ChangeDevPin success r n close retcode RY5_Close handle TRUE close dongle and clear safe flag if retcode RY5_SUCCESS printf r n RY5_Close error error code 08X r n retcode return printf r n RY5_Close success close dongle r n i 7 1 11 RY5_Read DWORD WINAPI RY5_Read RY_HANDLE handle int offset BYTE pOutbuf int len Objective Read the content in data area of dongle RY5_Open must be called to open the device before this function is called Parameters handle in The d
9. to show the following figure FEITIAN WE BUILD SECURITY Target File FS File ID FileSize 1024 File Type PET y File ID is in hexadecimal Value is from 1 to FFFF File size stands for the size that will be allocated in card 0 means that the file size will be automatically set by tool Figure 4 3 3 2 Create a File File ID file size and file type are needed Please note File ID is 2 bytes long Valid range is from Ox0001 to OxFFFF File size cannot exceed the remaining free space of ROCKEY5 TIME NewVfs ROCKEY5 TIME Virtual File System Manager E ROCKEYS UFS gm ROOT DIR HF Figure 4 3 3 3 After Created a File 2 Right click on Information list and select Create file to create a new internal file NewVfs ROCKEY5 TIME Virtual File System Manager File Edit View Help eee EB ROCKEYS VFS 4 ROOT DIR MF File name Size byte Properties Refresh Delete Create File Export File Figure 4 3 3 4 Create a File right Feitian Technologies Co Ltd Website www FTsafe com FEITIAN i WE BUILD SECURITY lt EY5 TIME USER GUIDE 4 3 4 Import Files Customers could import an existed file into virtual file system There are two ways to import 1 Click 6 button to import Please see figure below Import File Source File Disk File Name C Rockey5 test bin J Target FilelFS File ID File Size File Type Executab
10. BYTE write HANDLE handle WORD wOffset BYTE bLen const void pvData Objective Write file Write data into the file The function is mainly used for data file public key file and executable file Note that a prerequisite to call this function is to open the file Input parameters handle in File handle Use function open to get the handle wOffset in Offset value The position to write the file from bLen in The length of data to be written pvData in Store the address of data to be written Return value Success returns O Other return means failure For more detail check the list in section 6 12 Example word xdata wFid 0x1008 HANDLE xdata hFile 0 char xdata buffer HELLO BYTE xdata bRes 0 bRes _open wFid amp hFile Open a file whose ID is 6x1008 Copyright O Feitian Technologies Co Ltd Website www FTsafe com F EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY if bRes 0 _set response 1 8bRes _exit bRes write hFile 0 sizeof buffer buffer write Hello to ID 0x10088 starting from byte of this file if bRes _set_response 1 amp bRes _exit _close hFile Close the file whose ID is 0x10088 6 3 6 get_file_infor BYTE _get_file_infor PEFINFO pFileinfo Objective Get the file property information Input parameters pFilelnfo out The point of the File information structure which include
11. WE BUILD SECURITY Rockey5 TIME tool User mode FEITIAN cesta uposte rie WE BUILD SECURITY Add Edit Delete Set Time Update Public Key File fon Hardware ID Binding Gen Update Package Update Test Remote Update Package Ane r os Batch Initializati Figure 4 6 1 Remote Update E Generate Update Package Click Add button and fill update data Data Types EEE key Number 1 y Length Import Figure 4 2 6 2 Add data Select Data Type and input data or import data from a file Click OK to go back to Remote Update interface Click Set Time button to set expiration date or remaining hours Please see the figure below Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY Time setting Expiry time 1 1 2011 y siem Cancel The Remaining Hours Figure 4 2 6 3 Set Time After set time click OK button to continue Customers can edit or delete existed update packages by clicking Edit and Delete buttons Click alas button and choose public key file If customer inputs a hardware ID in HID binding area the update package will be only for the specified ROCKEY5 TIME dongle whose HID is the same as you input Input a file name and click Generate Update Package button to finish generating update package E Update Test Click a button and sel
12. and keys they need to be saved the public key need to be matched with the private key in dongle when updating BYTE pubBuf 140 0 BYTE priBuf 340 0 retcode RY5_GenRsaKey handle 0 pubBuf priBuf if retcode RY5_SUCCESS printf r n RY5_GenRsaKey error error code 08X r n retcode return BYTE out_buf 1024 memset out_buf sizeof out_buf retcode RY5_GenUpdatePacket handle NULL Data_TYPE_PubKey 1 buf 140 pubBuf out_buf amp len Generate update package if retcode RY5_SUCCESS printf r n RY5_GenUpdatePacket error error code 08X r n retcode return printf r n RY5_GenUpdatePacket success r n Update using private key for updating retcode RY5_Update handle out_buf len updating if retcode RY5_SUCCESS printf r n RY5_Update error error code 08X r n retcode return printf r n RY5_Update success r n close retcode RY5_Close handle TRUE close the dongle and clear the safe flag if retcode RY5_SUCCESS printf r n RY5_Close error error code 08X r n retcode return printf r n RY5_Close success close dongle r n i 7 1 30 RY5_AES DWORD WINAPI RY5_AES RY_HANDLE handle int kid int flag BYTE pBuf int len Objective Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY S TIME USER GUIDE Use AES f
13. declaration it will be in xdata area E Large mode large_mode LIB default variable declaration is in xdata area When declaring the variable xdata need to add for example int xdata i 0 Without xdata in small mode the declared variables are in 128 bytes data area For the array over 128 bytes with xdata added the variable will be allocated to 2k xdata area When assigning a constant you d better add code symbol for example const int code 8 to be allocated to code area In this way it only takes executable area rather than memory area Some tips to enhance the operating speed in dongle M Transfer some operations that efficiency cost but not related to security to the computer side to run for instance _swap E Transfer jump instruction to computer side For example swith case 6 1 Exit void _exit Objective To exit the C51 program running in ROCKEY5 TIME The program will be exited and stopped when trigger exit Input parameters Copyright O Feitian Technologies Co Ltd Website www FTsafe com F EITIAN ROCKEY5 TIME USER GUIDE N A Return value N A 6 2 Input and Output The maximum length of input and output for the executable file in ROCKEY5 TIME is both 256 bytes 6 2 1 pbinBuff and winLen define pbinBuff BYTE xdata INPUT_DATA_OFFSET 2 define winlen WORD xdata INPUT_DATA_OFFSET Objective Input data C51 program receives data from external interface
14. device handle DWORD retcode error code int count 0 the found dongle count char vendorID 10 A8C3E6FD vendor ID int i find retcode RY5_Find vendorID amp count find the certain vendor ID s dongle if retcode RY5 SUCCESS printf r n RY5_Find error error code 8X r n retcode return printf r n RY5_Find the found dongle count d r n count for i 1 i lt count i open retcode RY5 Open amp handle i open the dongle whose No is i if retcode RY5 SUCCESS printf r n RY5 Open error error code 08X r n retcode return printf r n RY5_Open success open the No d dongle r n i Verify Developer password char pInPin 30 123456781234567812345678 developer password int pRemainCount 0 developer password remain count verify developer password retcode RY5_VerifyDevPin handle pInPin amp pRemainCount if retcode RY5 SUCCESS printf r n RY5 VerifyDevPin error error code 08X pRemainCount d r n retcode pRemainCount return printf r n RY5_VerifyDevPin success verify developer password successfully r n Copyright Feitian Technologies Co Ltd Website www FTsafe com FEIT WE BUILD SECURITY x1c xf8 x2e x99 x99 x87 x75 AN ROCKEYS TIME USER GUIDE set Rsa Key int kid 1 key pair ID BYTE pubBuf 140 0x00 0x00 0x00 0x80 0xa7 0x0e 0
15. 0 device handle DWORD retcode error code int count 0 the found dongle count char vendorID 10 A8C3E6FD vendor ID int i find retcode RY5_Find vendorID amp count find the certain vendor ID s dongle if retcode RY5 SUCCESS printf r n RY5_Find error error code 8X r n retcode return printf r n RY5_Find the found dongle count d r n count for i 1 i lt count i open retcode RY5_Open amp handle i open the dongle whose No is i if retcode RY5 SUCCESS printf r n RY5_Open error error code 08X r n retcode return printf r n RY5_Open was called successfully No d dongle was Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY open r n i Nerify DevPin char pInPin 30 123456781234567812345678 developer password int pRemainCount 0 developer retry times verify developer pin retcode RY5 VerifyDevPin handle pInPin amp pRemainCount if retcode RY5 SUCCESS printf r n RY5 VerifyDevPin error error code 08X pRemainCount d r n retcode pRemainCount return printf r n RY5_VerifyDevPin verify developer pin r n Create File WORD fileID 0x1006 offset address int fileSize 100 the length of file retcode RY5 CreateFile handle fileID fileSize FILE_TYPE_DATA
16. 8 text if bRes 0 _set_response 1 amp bRes _exit encrypted text 0x9A 0xB9 0xB1 0x88 OxB1 Ox6A 0x62 0x40 _set_response 8 text _exit 6 4 2 des_dec BYTE des dec const void pvKey BYTE bLen void pvData Objective Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEYS TIME USER GUIDE WE BUILD SECURITY Decrypt data by DES It requires messages whose length is a multiple of the block size typically 8 or 16 bytes so messages have to be padded to bring them to this length The encrypt mode is ECB and for the other mode like CBC needs to be developed by oneself Input parameters pvKey in The address of DES key whose length is 8 bytes bLen in The length of decrypted data a multiple of 8 bytes pvData in out The cipher text as input and plain text as output Return value Success returns O Other return means failure For more detail check the list in section 6 12 Example BYTE xdata bRes 0 the plain text needs to be decrypted as a multiple of 8 char xdata text 8 x9A 0xB9 0xB1 0x88 0xB1 Ox6A 0x62 0x40 DES key 8 bytes BYTE xdata deskey 8 0x11 0x22 0x33 0x44 0x55 0x66 0x77 0x88 bRes des dec deskey 8 text if bRes 0 _set_response 1 amp bRes duplicate buffer _exit decrypted text 0x00 0x01 0x02 0x03 OxO4 OxO5 0x06 0x07 _set response 8 text _exit 6 4 3 aes_enc extern
17. E Vendor ID EY5 TIME USER GUIDE Vendor ID is mandatory to be input The default Vendor ID is 00000000 Please change it before using Please refer section2 2 E Bind HID If selected Bind HID the protected programs can be run only if the specified HID ROCKEY5 TIME is attached Copyright O Feitian Technologie Website www FTsafe com FEITIAN WE BUILD SECURITY Y5 TIME USER GUIDE E Background Check If selected Background Check the protected programs will be checked every period of time The time intervals should be greater than 120 seconds E Message Title Input the title of ROCKEY5 TIME error message E Error Message Input the error message of ROCKEY5 TIME E DataProtect Options There are two options The first one is to select encryption algorithm 3DES or RC4 The other one is to select OS 1 gt If selected Program follow Figure 4 3 3 Figure 4 3 4 and Figure 4 3 5 to add files Please see the figure below Feitian Shell Protect Center 1 0 11 119 00000000 No 0000000000000000 Yes 120 Figure 4 3 7 Envelope Please note For program protection there are several PE Net options Here will only introduce PE Net options Others are same as Figure 4 3 6 E Anti Debug Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY Y5 TIME USER GUIDE Add some techniques to
18. For more detail check the error list in section 6 12 Example word xdata wFid 0x1008 HANDLE xdata hFile _open wFid amp hFile Open a file ID is 0x1008 _close hFile Close a file ID is 0x1008 6 3 4 read BYTE _read HANDLE handle WORD wOffset BYTE bLen void pvData Objective Read file This function can only be called for data file and public key file For the executable file it cannot be read Note that a prerequisite to read the file is to open the file Input parameters handle in File handle which is retrieved by calling open function wOffset in Offset value The positon to read the file from bLen in The length of data to be read pvData out The output data address Return value Success returns O Other return means failure For more detail check the list in section 6 12 Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY Example word xdata wFid 0x1008 HANDLE xdata hFile 0 char xdata buffer 250 BYTE xdata bRes 0 bRes _open wFid amp hFile Open a file whose ID is 0x1008 if bRes 0 _set_response 1 amp bRes _exit bRes _read hFile 10 buffer From ID ID 0x1008 read 10 bytes to buffer starting from 9 if bRes 0 _set_response 1 amp bRes _exit li _close hFile close the file whose ID is 0x1008 6 3 5 write
19. len in The data length must be a multiple of 8 Note HM The parameter kid is set for key pair ranging from 1 to 8 E The data length must be a mutilpe of 8 The decrypted data will be padded to get the plain text The decrypt mode is ECB For other mode like CBC please modify youself E Flag definition define FLAG ENCODE 0O encryption define FLAG DECODE 1 decryption Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example RY_HANDLE handle 0 device handle DWORD retcode error code int count 0 the found dongle count char vendorID 10 A8C3E6FD vendor ID int i find retcode RY5 Find vendorID amp count find the certain vendor ID s dongle Copyright Feitian Technologies Co Ltd Website www FTsafe com EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY if retcode RY5_SUCCESS printf r n RY5_Find error error code 8X r n retcode return printf r n RY5_Find the found dongle count d r n count for i 1 i lt count i open retcode RY5 Open amp handle i open dongle i if retcode RY5 SUCCESS printf r n RY5_Open error error code 08X r n retcode return printf r n RY5_Open success open the No d dongle r n i 3DES int kid 1 key pair ID BYTE buf 16 int len 16 for int j 0 j lt sizeof bu
20. printf r n RY5 Open error error code 08X r n retcode return printf r n RY5_Open success open the No d dongle r n i verify developer pin retcode RY5 VerifyDevPin handle pInPin amp pRemainCount if retcode RY5 SUCCESS printf r n RY5_VerifyDevPin error error code 8X pRemainCount d r n retcode pRemainCount return the updating data BYTE buf 140 0x00 0x00 0x00 0x80 0xa7 0x0e 0xb4 0xBa 0x41 0x2f 0x09 0x1f 0x79 0xc5 0xe 1 0x5e xd4 xe6 Oxaa Oxca Ox71 Oxae OxaO Ox8c Ox8d Ox99 Ox7d 0x44 0x17 0x88 Oxd6 x1c 0xf8 0x76 0x0c 0x38 0x70 0xcc 0x59 0xa1 0xed 0xd1 0x47 0x49 0x1a 0xcd 0x0c 0xFf8 0x92 0xbb 0x59 0x65 0x5e 0x5c 0x1a 0x68 0x25 0xe8 0x47 0xe2 0x1f 0x4c 0xe8 0x2e 0x66 0x39 0x90 0xf7 0xb0 0x8d 0x63 0xcd 8xcc 0xa0 0x93 0xe9 0xab 0xae 0xf5 0x99 0x7b 0xa8 0x2f 0x86 0x71 0xe0 0x7Cc 0x81 0x7f 0x47 0xc9 0xe0 0x0e 0xe2 0x72a 0x99 0x10 0x9f 0x7a 0x7f 0xac 0x96 0x0d 0x5d 0xcf 0xf7 0xb4 0x6b 0xbf 0xa4 0xa4 0x87 0x84 0x81 0xb9 0x2c 0x66 0x32 0x7a 0xdc 0xcc 0x3f 0x4b 0x37 0x25 0x10 0xe5 0x75 0xe5 0xcb 0x32 0x93 0x00 0x00 0x00 0x04 0x00 0x01 0x00 0x01 Y int len generate RSA key pair for remote update Copyright O Feitian Technologies Co Ltd Website www FTsafe com ROCKEY5 TIME USER GUIDE EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY the keys will store in pubBuf and priBuf For future generating updating package
21. retcode return printf r n RY5_Find success find dongle count d r n count for i 1 i lt count i open retcode RY5 Open amp handle i open dongle if retcode RY5 SUCCESS printf r n RY5 Open error error code 08X r n retcode return printf r n RY5_Open r n i _ Nerify DevPin Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY char pInPin 30 111111111111111111111111 developer password int pRemainCount 0 pin remain count verify developer password retcode RY5_VerifyDevPin handle pInPin amp pRemainCount if retcode RY5 SUCCESS printf r n RY5 VerifyDevPin error error code 08X pRemainCount d r n retcode pRemainCount return printf r n RY5_VerifyDevPin success verify developer pin success r n Write Memery int offset offset address int len 5 data length BYTE buf 10 hello data buffer write data to the data area of dongle retcode RY5_VendorWrite handle offset buf len if retcode RY5 SUCCESS printf r n RY5_VendorWrite error error code 8X r n retcode return printf r n RY5_VendorWrite success write s r n buf close retcode RY5_Close handle TRUE close the dongle and clear the safe flag if retcode RY5 SUCCESS printf r n RY5_Close
22. success close retcode RY5_Close handle TRUE close the dongle and clear the safe flag if retcode RY5 SUCCESS printf r n RY5_Close error error code 08X r n retcode return printf r n RY5_Close success No d dongle was closed r n i 7 1 17 RY5_WriteFile DWORD WINAPI RY5_WriteFile RY_HANDLE handle WORD FilelD int offset BYTE pbuf int Size Objective RY5_Open must be called to open the device and the verification is needed for developer pin before this function is called Parameters handle in Device handle as same as the handle returned by RY5_Open Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE FilelD in File 1D offset inJoffset address pbuf in The pointer points to the buffer for storing data to be written Size in The size of data to be written Note E The free user space of ROCKEY5 TIME is 32k E When writing data to the file ensure that the file is existed If there is no such file one needs to create a file RY5_CreateFile E File ID is 2 bytes For example 0x1002 and Ox009B For some reason some IDs can only be used internally in ROCKEY5 TIME For more details please refer to appendix Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail please check the error list in section 7 2 Example RY_HANDLE handle
23. the safe status and data in ROCKEYS TIME memory will be cleaned Else if set false the safe status and data will be kept Note The function is to close the ROCKEY5 TIME If IsReset is true it clears up the device memory Else IsReset is false it keeps the information Return value Success returns RYS SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY RY HANDLE handle 0 the device handle DWORD retcode the error code int count 0 the dongle number char vendorID 10 A8C3E6FD vendor ID int i retcode RY5 Find vendorID amp count find the certain vendor ID s dongle if retcode RY5 SUCCESS printf r n RY5_Find error error code 8X r n retcode return printf r n RY5_Find success the found dongle number d r n count for i 1 i lt count i retcode RY5 Open amp handle i open ith dongle if retcode RY5 SUCCESS printf r n RY5 Open error error code 08X r n retcode return printf r n RY5_Open success open the d dongle r n i the other operation of dongle can be written here retcode RY5_Close handle TRUE close dongle and clear safe status if retcode RY5_SUCCESS printf r n RY5_Close error the e
24. 1 time BYTE _time time_t ptime Objective Get the hardware clock time of dongle The time is UTC standard time to convert to other local time the adjustment is needed time t is unsigned long type as well as its return time Parameters ptime out The address of the read time Note Return 4 bytes value in unsigned long type Note that a reversing process is required due to the C51 return value sequence in opposite to PC return value Return value Success returns O Other return means failure For more detail check the error list in section 6 12 Example time_t xdata time BYTE xdata ret Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEYS TIME USER GUIDE WE BUILD SECURITY time 0 ret time 8time Get the current chip clock time if ret _set_response 1 amp ret _exit return time in tim_t type unsigned long Note that a reversing process is required due to the C51 return value sequence in opposite to PC return value _swap amp time 4 dir _set_response 4 amp time _exit 6 9 2 mktime BYTE_mktime time t ptime RTC_TIME_T ptm Objective Convert the struct RTC_TIME_T time to time_t type Both of the values are UTC standard time Parameters ptime out The address of converted time t time ptm in The pointer of the struct RTC_TIME_T to be converted Return value Success ret
25. Aia ar 12 2 2 VendoriD VID RN agian 12 2 3 Hardware ID HlD oniconicaniconiconidonicanido nino nidnninndco nino ndenddnndannddn adan inaia a edeaadeaadegadeaedaaadabesdedeandededeandeaeddseande 13 20 Data MEME shapesdndhesinagedagueaduvidednagetadumages danna badunds cdta dde nero Ra 13 2 5 Shared Memory wisssaiscseenseradcevadesdvequascevevedestaveeasibvevoussasedueneasabonvadesOvequusehvavedesdeveiestalevedeebsveveusertbcevadsvnceretebede 13 2 6 Hardware Based CIOCK ccsccccsssseceessssecesssseeeessseecesssssesesseeceseseeeesssueecesssseecsssseceseaseeesseuseeseseeeeseaeeeessaaes 13 2 7 WSOP MEMORY A nasa a hi na an nn sn a a 13 2 8 ROCKEY5 TIME File System R5FS cccccssccessccsssccesseecsseecessecessecessesesesesseecsseecesseceseecessecesaeeeeseeceseeeeseeeesaes 14 2 8 1 ROCKEYSTIME File Typ siss si cee eA ias 14 2 9 Other Func Suit cds 14 Chapter 3 Software Protection ParadigWMs ccccccccncnnnncnnnnnnnnnnnnnnnnnnnnncnnnnnnnnnnnnnnnncnnnnnnnnnnannnannncnnncnnnannncnnannnanos 16 3 1 Some Simple SkillS vicio aii id A EE 3 11 Confused Codes iii A dad tick da dai 3 1 2 Fake Checks ooooococococonoconococoncoonnnonnconnnononos 3 1 3 Randomize Check Points 3 2 Use ROCKEY5 TIME to Encrypt Software ccccecscccssecesceceseeeeeaeeeeaceceaeeceacecseeesaceceeaeeseaeeseaeecsaaeeneaeeeeaeenaes 17 3 2 1 New Methods 0f ROGKEYS TIME 03s si s dissa ad al A A a A A SRA A lic 3 2 2 Check Logic inside ROCKEY5 TIME 3 2 3 Mak
26. BYTE aes enc const void pvKey BYTE bLen void pvData Objective Encrypt data by AES algorithm Note AES key is 16 bytes and it requires messages whose length is a multiple of the block size 16 bytes or messages have to be padded to bring them to this length The encrypt mode is ECB and for the other mode like CBC needs to be developed by oneself Input parameters pvKey in The address of AES key whose length is 16 bytes bLen in The length of encrypted data a multiple of 16 bytes Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEYS TIME USER GUIDE WE BUILD SECURITY pvData in out The plain text as input and cipher text as output Return value Success returns O Other return means failure For more detail check the error list in section 6 12 Example BYTE xdata bRes 0 the plain text needs to be encrypted as a multiple of 16 Char xdata text 16 0x00 0x01 0x02 0x03 0x04 0x05 0x06 0x07 0x08 0x09 0x0a 0x0b 0x0c 0x0d 0x0e 0 xof AES key 16 bytes BYTE xdata aeskey 16 0x00 0x11 0x22 0x33 0x44 0x55 0x66 0x77 0x88 0x99 08xaa 0xbb 8xcc B8xdd 0xee 0 xfft bRes _aes enc aeskey 16 text duplicate buffer if bRes 0 _set_response 1 amp bRes _exit _set response 16 text _exit 6 4 4 aes_dec extern BYTE aes dec const void pvKey BYTE bLen void pvData Objective Decrypt data by AES Input parameters pvK
27. GUIDE 6 10 7 dtol BYTE _dtol long presult DOUBLE px Objective Convert double precision floating point number to 32 bit integer Parameters presult out 32 bit integer px in Double precision floating point number Return value Success returns O Other return means failure For more detail check the error list in section 6 12 6 10 8 Itod BYTE _Itod DOUBLE presult long px Objective Convert 32 bit integer to double precision floating point number Parameters presult out double precision floating point number pX in 32 bit integer Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 6 11 Structures and Constant Variables To program in C51 some structures constant and macro All of them can be found in RY5_C51 h 6 11 1 Data Type Some declarations about data type for C51 programming typedef unsigned char BOOL Boolean type typedef unsigned short word unsigned short type 16 bit 2 byte typedef unsigned short WORD unsigned short type 16 bit 2 byte typedef unsigned long dword unsigned long type 32 bit 4 byte typedef unsigned long DWORD unsigned long type 32 bit 4 byte Copyright Feitian Technologies Co Ltd Website www FTsafe com F EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY typedef unsigned char byte unsigned character 1 byte typedef unsigned char BYTE unsigned character 1
28. Input Output Maz ciclista ninel aterrado i nn EVAN Aa and Van su a 3 2 4 Build Application with 3DES and RSA ooooocccoconoconnnananoncnnnnnnonnnnnn non corno nana 19 3 2 5 Remote Updates iii an a AO e Ria ies 20 EA O da i ddesbsccesaceuss 20 Chapter 4 ROCKEYS TIME Utilities sisicessesscccssenecssessessccveunncssessoscccuuwnanssessssedcdewnnsscosesscdcnanscecdessssteesesenssassesdccuesns 22 AED ai 4 1 1 Create a Project 4 1 2 Set Project Options 413 Debuta iniciada a o A a T AE cccsissssesnicstsscaciaasiseadsecicanshicigavaacgadsddadieagacascedasaaseniscensdauadasevedisisigeeieds E ETE 4 1 5 MportC51 Programs sasssa sk ka ss u las i kenda daa 4 2 ROCKEY5 TIME User TOOL ceci a il A a drid A 21 Start aNd NN 4 2 2 BASIC FUMC ONS sooni eea e E aE A os 4 2 3 File Operat rio eiia 4 2 4 Encryption and Decryption 4 2 5 Password Management ceceeeseeseeteeeeeeeeeee 4 26 Remote Uli is aa 4 2 7 TIME Manage Miu A a de a BE ri uenis A O e o id 4 3 ROCKEY5 TIME Virtual File System Manager VFSM ccscccsccsseceseceseceseceseceseceseceseceseeaeceaeeeseseseeeseeeaeens 38 AS 1 Mats aaa Sad ia tunga ia 38 4 3 2 Create Save and Dei a Ei SR Rg 39 43 3 Create a NewinterhallFile 2 22455 cases aislada ltd delia 41 Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEIT WE BUILD SECURITY AN Y5 TIME USER GUIDE AB A CN 4 3 5 Open an Internal File 430 Edit MRE aa A ST cido pc
29. Input parameters x in The augend y in The addend Return value Return the addition result Example float xdata fx float xdata fy float xdata fResult P ils fy 2 0 fResult _addf fx fy return 0x40 0x40 0x00 0x00 _set_response 4 amp fResult _exit Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN CKEYS TIME USER GUIDE WE BUILD SECURITY OCKEY5 TIME USER GUIDE 6 8 2 subf float _subf float x float y Objective The substraction function of Single Precision Floating Point Input parameters Xx in The minuend y in The subtrahend Return value Return the result of the substraction 6 8 3 mulf float _mulf float x float y Objective The multiplication of Single Precision Floating Point Input parameters x in The multiplicand y in The multiplier Return value Return the result of multiplication 6 8 4 divf float _divf float x float y Objective The division of Single Precision Floating Point Input parameters x in The dividend y in The divisor Return value Return the result of division Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN CKEY5 TIME USER GUIDE WE BUILD SECURITY OCKEY5 TIME USER GUIDE 6 8 5 atan2f float _atan2f float x float y Objective Arctangent function of Single Precision Floating Point Input parameters Xx in The dividend y in T
30. SUCCESS printf r n RY5_Find error error code 8X r n retcode return printf r n RY5_Find the found dongle count d r n count for i 1 i lt count i open retcode RY5 Open amp handle i if retcode RY5 SUCCESS printf r n RY5 Open error error code 08X r n retcode return printf r n RY5_Open the No d dongle was closed r n i SHA1 int len 5 BYTE buf 10 hello BYTE shaiBuf 30 memset shalBuf sizeof shalBuf retcode RY5_SHA1 handle buf len sha1Buf SHA1 if retcode RY5_SUCCESS il printf r n RY5_SHA1 error error code 08X r n retcode return printf r n RY5_SHA1 encrypted data 8X r n sha1BuFf Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE close retcode RY5_Close handle TRUE close the dongle and clear the safe flag if retcode RY5_SUCCESS i printf r n RY5 Close error error code 8X r n retcode return printf r n RY5_Close the No d dongle was closed r n i 7 1 26 RY5_Set3DESKey DWORD WINAPI RY5_Set3DESKey RY_HANDLE handle int kid BYTE pKey Objective RY5_Open must be called to open the device and the developer password needs to be verified before this function is called Parameters handle in Device handle as same as the handle ret
31. The input parameter is in fixed length when using RSA_CALC_NORMAL as in the following Table 6 4 If the plain text is not in fixed length it is padded or blocked to meet the length The interface can pad O in front of the value if it is not padded Pattern Value Plain text length bytes RSA_CALC_BIT_512 0x10 64 Co Ltd FEITIAN WE BUILD SECURITY lt EY5 TIME USER GUIDE RSA_CALC_BIT_1024 default 0x00 128 RSA_CALC_BIT_2048 0x20 256 Table 6 4 RSA_CALC_NORMAL plain text length E The input parameter is in fixed length when using RSA CALC PKCS as in the following Table 6 5 hotest O Pattern value Plain text length bytes RSA_CALC_BIT_512 0x10 1 53 RSA_CALC_BIT_1024 default 0x00 1 117 RSA_CALC_BIT_2048 0x20 1 245 Table 6 5 RSA_CALC_PKCS plain text length E The cipher text calculated by RSA is fixed length Enough space needs to be allocated for pvData buffer e eee Name Value The Length of cipher bytes RSA_CALC_BIT_512 0x10 64 RSA_CALC_BIT_1024 default 0x00 128 RSA_CALC_BIT_2048 0x20 256 Table 6 6 cipher text length E To encrypt the data in RSA the plain text is required to be shorter than the public key In order to deal with this situation the first byte of plain text is set to be O pvData points to the byte whose value is 0 Return value Success returns O Other return means failure For more detail check the
32. Under Utilities folder RY5Tools exe is ROCKEY5 TIME User Tool 4 2 1 Start and Login Run RY5Tools exe tool and you ll see the dialog as the figure shown below Rockey5 TIME tool FEITIAN WE BUILD SECURITY a Basic Functions Vendor ID 00000000 Default VID 00000000 8 bytes long Login Mode fuser Developer Password a A ENC amp DEC Default Password 12345678 12345678 12345678 24 bytes long PSWD Management Remote Update Time Management Figure 4 2 1 1 ROCKEY5 TIME User Tool Copyright O Feitian Technologies Co Ltd Website www FTsafe com F EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY This tool only supports one ROCKEY5 TIME dongle Please attach a ROCKEY5 TIME dongle to PC before running this tool If there are more than one ROCKEY5 TIME dongles this tool will operate the first one When using this tool removing ROCKEY5 TIME dongle will lead the tool to go back to login dialog Input Vendor ID and Developer Password choose Login Mode There are two Login Modes If selected User Mode Developer Password is not necessary to input Some functions relevant with Developer Password cannot be used with User Mode Click Login button to continue 4 2 2 Basic Functions After successfully login ROCKEY5 TIME User Tool will enter Basic Functions interface Please see the figure below Rockey5 TIME tool User mode MMA Import Export Read Out writein r Share
33. amp stime if ret 0 _set_response 1 amp ret _exit second stime second minute stime minute hour stime hour day stime day week stime week month stime month year stime year sprintf a 2d 2d 2d year 1900 month 1 day sprintf b 2d 2d 2d hour minute second strcat a b Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY _set response 20 a _exit 6 10 Type Conversion This sector provides API for C51 proccessing data type conversion The aforemention C51 language int long float double type is in opposite order to the high level language For example Single Precision Floating Point number 1 0 in high level language presents as 0x00 0x00 0x80 Ox3F In C51 it is in opposite order Ox3F 0x80 0x00 Ox00 The DOUBLE type is stored as 8 byte array with the reverse order to PC high level language For example doubleprecision floatingpoint 1 0 in PC high level language represents 0x00 0x00 0x00 0x00 0x00 Ox00 OxFO Ox3F but in C51 Ox3F OxFO 0x00 0x00 0x00 0x00 0x00 0x00 6 10 1 dbltof BYTE _dbltof float result DOUBLE x Objective Convert double precision floating point to Single Precision Floating Point number Parameters result out The address of Single Precision Floating Point number Xx in Double precision floating point numb
34. button to input data from a file Please see figure 4 2 3 2 Input executable file ID then click Run button to execute The result will be displayed in data display area If failed to run users need to check errors based on error code Please refer section 7 2 1 Run the file Input Data Length 20 Output Data Length o 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 lt Import Export File 1D in HEX Figure 4 2 3 2 Run a File E Clean File Remove all files in ROCKEY5 TIME Click Empty button to remove all files in ROCKEY5 TIME If failed to clean users need to check errors based on error code Please refer section 7 2 1 4 2 4 Encryption and Decryption User Tool enables users to import export RSA key pairs 3DES key and AES key It can also generate RSA key pair and export it out of ROCKEY5 TIME for backup ROCKEY5 TIME can store up to 8 key pairs and one remote update key If customer wants to use RSA in software he or she needs to generate a RSA key pair firstly Users can use C51 to generate RSA key pair But in this way the private key cannot be exported out of ROCKEY5 TIME In this case each ROCKEY5 TIME contains a unique private key If customer wants to share a private key with many ROCKEY5 TIME use User Tool or API to generate RSA key pair then save them into files Please refer section 7 1 20 Then use User Tool Virtual File Manager or API to import key pair file into
35. byte typedef BYTE DOUBLE 8 double precision floating point 8 byte array typedef BYTE HANDLE handle 1 byte 6 11 2 Macro define SHA DIGEST LENGTH 20 the length of SHA1 hash value define MD5 DIGEST LENGTH 16 the length of MD5 hash value define DES KEY LENGTH 8 thelength of DES key value Hdefine TDES KEY LENGTH 16 thelength of 3DES key value define ROCKEY5_SHA_CBLOCK 64 the length of SHA1 hash block define ROCKEY5_MD5_CBLOCK 64 the length of MD5 hash block Hdefine RSA_CRYPT_NOPKCS RSA_CALC_NORMAL Encryption Hdefine RSA_CRYPT_PKCS RSA CALC PKCS encrypt in PKCS1 standard Hdefine RSA SIGN NOPH RSA CALC NORMAL sign the hash value define RSA SIGN HASH RSA CALC HASH Use SHA1 to hash and then sign the hash value define RSA SIGN PKCS RSA CALC PKCS sign the hash value in PKCS1 standard Use SHA1 to hash in PKCS1 stanard and then sign the hash value Hdefine RSA_SIGN_PH RSA_CALC_HASH RSA_CALC_PKCS Hdefine RSA VERI NOPKCS RSA CALC NORMAL verify the signature define RSA VERI PKCS RSA CALC PKCS verify the signature in PKCS1 standard define RSA CALC BIT 512 Ox10 512 bit RSA encryption define RSA_CALC_BIT_1024 0x00 1024 bit RSA encryption define RSA_CALC_BIT_2048 0x20 2048 bit RSA encryption Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY lt EY5 TIME USER GUIDE Convert double precision floating point
36. check the error list in section 6 12 Example Check the example of sha1_final 6 4 9 sha1_final BYTE _sha1_final PSHA_CONTEXT pCtx void pvResult Objective Result of SHA 1 20 bytes long Input parameters Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY pCtx in The address of the environment context pvResult out The address of hash result Note The hash result is saved in COS check section 3 2 9 a buffer in COS saves the result from last hashing Return value Success returns O Other return means failure For more detail check the error list in section 6 12 Example BYTE xdata bRes 0 char xdata result 20 BYTE xdata text HELLO SHA CONTEXT xdata shalctx The address of the environment context bRes _shal_init 8shalctx if bRes 0 _set_response 1 8bRes _exit Hashing bRes _shal_update amp shalctx text 5 if bRes 0 _set_response 1 amp bRes _exit Get the result with length of 20 bytes bRes _shal _final 8shalctx result if bRes 0 _set_response 1 8bRes _exit _set_response 20 result _exit 6 4 10 md5_init BYTE md5 init PMD5 CONTEXT pCtx Objective The initialization is required before using MD5 Input parameters Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ZEYS TIME US
37. default Product vendor ID 00000000 Developer password 123456781234567812345678 No maximum retries limits M ROCKEYS TIME is HID device with USB interface supporting Windows operating system such as Win2000 XP Vista and Win 7 And none of them requires extra driver to be installed MROCKEY5 TIME has the unique global hardware ID 64 bit 8 bytes MROCKEY5 TIME user space is 32k Rewritten time reaches 100 thousand no limit on reading Working temperature 0 C 70 C Ein Utilities folder of SDK you can find the ROCKEY5 TIME user tool RY5Tools exe which can offer multiple functions like initialization editor and modification etc Min Utilties folder of SDK you can find the ROCKEY5 TIME virtual file system manager VfsSet exe It simulates as a real dongle environment and one virtual file representing one ROCKEY5 TIME dongle E in Utilties Envelope folder of SDK you can find the enveloper encryption tool Envelop exe as a pure simple and quick way to encrypt the Win32 and Net application without any other assistance E ROCKEYS TIME also provides API for functions to encrypt you can integrate the APIs into the application intended to be protected In this way all the functionality of ROCKEY5 TIME can be developed to provide an extremely high level security MROCKEY5 TIME provides abundant programming interfaces for almost all kinds of developer tool The relevant library files can be foun
38. defined in Windows time h Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY YS TIME USER GUIDE Note struct tm inttm sec seconds after the minute 0 59 inttm min minutes after the hour 0 59 inttm hour hours since midnight 0 23 inttm_mday day of the month 1 31 inttm mon months since January 0 11 inttm year years since 1900 inttm_wday days since Sunday 0 6 inttm yday days since January 1 0 365 inttm_isdst daylight savings time flag Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 7 1 33 RY5_SetTimeLimit DWORD WINAPI RY5_SetTimeLimit RY_HANDLE handle int value BYTE policy Objective Set the time limits RY5_Open must be called to open the device and the developer password needs to be verified before this function is called Parameters handle in Device handle as same as the handle returned by RYS_Open value in The remaining hours of UTC time The length is 32 bits If it is O it means no time limits policy in The flag of limitation of time O means the limit UTC time 1 means the limit hours Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 7 1 34 RY5_GetTokenTyp
39. error list in section 6 12 Example Check rsa_gen_key example Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN EYS TIME USER GUIDE WE BUILD SECURITY gt TIME USER GUIDE 6 4 14 rsa_dec BYTE_rsa_dec BYTE bMode WORD wrFilelD WORD wLen void pvData Objective Decrypt by using RSA private key Input parameters bMode in RSA encryption mode plese refer to Table 6 7 1024 bit by default wFilelD in Private key ID wLen in The length of the cipher text pvData in out The cipher text as input and plain text as output Note E bMode RSA encryption mode check 6 4 11 rsa_enc for more detail Hw en The input parameter is in fixed length If the plain text is not in fixed length it is padded or blocked to meet the length The reverse operation is required when decrypt the cipher text Name Value The Length of cipher byte RSA_CALC_BIT_512 0x10 64 RSA_CALC_BIT_1024 default 0x00 128 RSA_CALC_BIT_2048 0x20 256 Table 6 7 cipher text length E The first byte of the plain text decrypted by RSA_CALC_PKCS is the plain text length and the rest are the plain text Retuen value Success returns O Other return means failure For more detail check the error list in section 6 12 Example Check the example of rsa_gen_key 6 4 15 rsa_gen_key BYTE rsa gen key WORD wPubID WORD wPrilD WORD wKeyBitLen Copyright Feitian Technologies Co Ltd Website w
40. figure Look in E Local Disk C y e a Ed El hina drm Ruby 192 E Config Msi symbols dell Ewmoows E Documents and Settings workspace dosh wwwhost Download Downloads EFTJavaCard Ei netpub intel localsymbols 3 MSOCache Program Files E QUARANTINE Rockey5 File name Product Pub Lf Files of type Public Key Files pub y Figure 4 2 8 5 Select Key File 4 RSA Key Pair 1 Double click 1 RSA public private ey Pair to set key value Please see the following figure Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE Rsa public key y Key Number Length Figure 4 2 8 6 Set RSA Key Value Select Data Type and get key value by directly editing hexadecimal value or importing from a file Use the same way to set RSA Key Pair 2 to 8 5 User File System Double click 20 User File System to initialize Virtual File System Please see following figure Imported from the virtual file system Figure 4 2 8 7 User File System Click import to import a virtual file A virtual file can be generated by VfsSet exe Virtual File System Manager Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY EY5 TIME USER GUIDE When finished every item click Initialize button to begin initialization User Tool will notify success when finishe
41. for software manufacturers to check whether the current ROCKEY5 TIME belongs to them To avoid others setting same Vendor ID ROCKEY5 TIME uses seed code algorithm to calculate the Vendor ID ROCKEY5 TIME takes an input code maximum length is 250 bytes in and work out a Vendor ID This process cannot be reversed Even if an illegal user got the Vendor ID he cannot copy a Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE same ROCKEY5 TIME due to he desn t know the seed code This enhances the security level greatly Software manufacturers can also use RY5_SetVendorlD interface to set Vendor ID Please refer to section 7 1 9 2 3 Hardware ID HID Each ROCKEY5 TIME has a global unique hardware ID This ID cannot be modified When software manufacturers want to protect software for a particular customer they can use this HID to achieve this goal Software manufactures can use RY5_GetHardID interface to get Hardware ID Please refer to section 7 1 4 2 4 Data Memory ROCKEY5 TIME provides 8 KB data memory space Bytes from O to 7168 belong to lower data memory zone Bytes from 7169 to 8192 belong to upper data memory zone Both software manufacturers and end users can read write in lower data memory zone While upper data memory zone only allows software manufactures to write after verifying Developer Password But both the 2 roles are allowed to read data from upper data memory
42. handle 0 device handle DWORD retcode error code int count 0 the found dongle count char vendorID 10 A8C3E6FD vendor ID int i find retcode RY5_Find vendorID amp count find the certain vendor ID s dongle if retcode RY5 SUCCESS printf r n RY5_Find error error code 88X r n retcode return printf r n RY5_Find the found dongle count d r n count for i 1 i lt count i open retcode RY5 Open amp handle i open the dongle whose No is i if retcode RY5 SUCCESS printf r n RY5 Open error error code 08X r n retcode return printf r n RY5_Open success open the No d dongle r n i Nerify DevPin char pInPin 30 123456781234567812345678 developer password int pRemainCount 0 pin remain count verify developer password retcode RY5 VerifyDevPin handle pInPin amp pRemainCount if retcode RY5 SUCCESS Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE printf r n RY5_VerifyDevPin error error code 08X pRemainCount d r n retcode pRemainCount return printf r n RY5_VerifyDevPin verify developer password r n Rsa Key int kid 1 key pair ID retcode RY5_GenRsaKey handle kid NULL NULL generate key pair 1 if retcode RY5_SUCCESS printf r n RY5_GenRsaKe
43. if retcode RY5 SUCCESS printf r n RY5_CreateFile error error code 8X r n retcode return printf r n RY5 CreateFile success create file successfully Write File int offset 0 offset BYTE buf 30 hello retcode RY5_WriteFile handle fileID offset buf fileSize if retcode RY5 SUCCESS printf r n RY5_WriteFile error error code 08X r n retcode return printf r n RY5 WriteFile success write file successfully close retcode RY5 Close handle TRUE close the dongle and clear the safe flag if retcode RY5 SUCCESS printf r n RY5_Close error error code 8X r n retcode return printf r n RY5 Close success close dongle successfully r n i Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY S TIME USER GUIDE 7 1 18 RY5_ExecuteFile file DWORD WINAPI RY5_ExecuteFile RY_HANDLE handle WORD FilelD BYTE pinBuf int InSize BYTE pOutBuf int pOutSize Objective Execute the certain file RY5 Open must be called to open the device and the developer password needs to be verified before this function is called Parameters handle in Device handle as same as the handle returned by RYS_Open FilelD in File 1D oInBuf in The pointer points to the buffer for storing input to the C51 executable file InSize in The data length pOutBuf out
44. in batch Click Batch Initialization button to show following figure Copyright O Feitian Technologies Co Ltd Website www FTsafe com F EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY Rockey5 TIME tool FEITIAN Developers seed code password and VendorID k Data storage area Remote upgrade with the RSA public private key pair 1 RSA public private key pair 2 RSA public private key pair 3RSA public private key pair 4RSA public private key pair 5 RSA public private key pair 6 RSA public private key pair 7 RSA public private key pair 8 RSA public private key pair 1 3DES key 2 3DES key 3 3DES key 4 3DES key 5 3DES key 6 3DES key PSWD Management 7 3DES key 8 3DES key User file system Basic Functions Remote Update O Time management J Automatic Batch Initialization LED will be blinking when initializing Change dongles when LED is off Figure 4 2 8 1 Initialization ROCKEY5 TIME setting panel shows all items that can be initialized 1 Developer Password and Vendor ID Double click the first item 1 Developer seed code Password and Vendor ID to show the following figure Current Vendor ID fooooo000 The Current Developer Password 12345678 12345678 12345678 New Developer Password Maximum Retry Times 255 1 255 which 255 for unlimited New Vendor ID Figure 4 2 8 2 Developer Password and Vendor ID The default Vendor ID is 00000000 and the default Developer P
45. key pair ID int len 128 data length BYTE buf 128 hello retcode RY5_PublicEncrypt handle kid buf len RSA public key encryption if retcode RY5 SUCCESS printf r n RY5_PublicEncrypt error error code 8X r n retcode return printf r n RY5_PublicEncrypt success r n Public Encrypt BYTE rbuf 128 store the decrypted data memset rbuf sizeof rbuf retcode RY5_PrivateDecrypt handle kid rbuf len RSA private key decryption if retcode RY5_SUCCESS printf r n RY5_PrivateDecrypt error error code 8X r n retcode return printf r n RY5_PrivateDecrypt success the decrypted data 08X r n rbuf close Copyright Feitian Technologies Co Ltd Website www FTsafe com FEIT WE BUILD SECURITY AN ROCKEY5 TIME USER GUIDE 7 1 24 RYS_MD5 retcode RY5 Close handle TRUE close the dongle and clear the safe flag if retcode RY5 SUCCESS printf r n RY5_Close error error code 08X r n retcode return printf r n RY5_Close success the No d dongle was closed r n i DWORD WINAPI RY5_MD5 RY_HANDLE handle BYTE pBuf int len BYTE pMD5 Objective Use MDS for encryption RYS_Open must be called to open the device before this function is called Parameters handle in Device handle as same as the handle returned by RY5_Open pBuf in The pointer points to the
46. n retcode return printf r n RY5_Open success Open dth dongle r n i Get HardID memset buf sizeof buf retcode RY5_GetHardID handle buf get the hardware ID if retcode RY5_SUCCESS 1 printf r n RY5_GetHardID error error code 88X r n retcode return Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE printf r n RY5_GetHardID success hardware ID s r n buf close retcode RY5_Close handle TRUE close dongle and clear the flag if retcode RY5 SUCCESS printf r n RY5_Close error error code 08X r n retcode return printf r n RY5_Close success close dth dongle r n i 7 1 5 RY5_GenRandom DWORD WINAPI RY5_GenRandom RY_HANDLE handle int len_need BYTE pOutbuf Objective Get the specified length random number RY5_Open must be called before using this function Parameters handle in The device handle which is as same as the one returned by RY5_Open len_need in The length of random number pOutbuf out The random number pointer Note The maximum length of random number is 16 bytes If the length is longer than 16 bytes the system only returns 16 bytes random number without error report Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check section 7 2 Example ia RY_HANDL
47. retcode RY5 SUCCESS printf r n RY5_Close error error code 8X r n retcode return printf r n RY5_Close success the No d dongle was closed r n i 7 1 22 RY5_PublicEncrypt DWORD WINAPI RY5_PublicEncrypt RY_HANDLE handle int kid BYTE pBuf int len Objective RSA encryption by using public key RYS_Open must be called to open the device before this function is called Parameters handle in Device handle as same as the handle returned by RY5_Open kid in The key pair ID that ranges from 1 to 8 pBuf in The pointer point to the buffer for storing the data to be encrypted len in The data length must be a multiple of 128 Note Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY S TIME USER GUIDE E The key pair ID ranging from 1 to 8 E The data length must be a multiple of 128 E For RSA RY5_PublicEncrypt is usually for encrypting but also working for decrypting of public key Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example Check RY5_PrivateDecrypt example 7 1 23 RY5_PrivateDecrypt DWORD WINAPI RY5_PrivateDecrypt RY_HANDLE handle int kid BYTE pBuf int len Objective RSA decryption by using private key RYS_Open must be called to open the device before this function is called Parameters handle in Device handl
48. safe flag if retcode RY5 SUCCESS printf r n RY5_Close error error code 08X r n retcode return printf r n RY5_Close success close dongle r n i 7 1 10 RY5_ChangeDevPin DWORD WINAPI RY5_ChangeDevPin RY_HANDLE handle char pOldPin char pNewPin int TryCount Objective Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE Reset vendor ID to get the regarding permission RY5_Open must be called to open the device before this function is called Parameters handle in Device handle which is the same as the one returned by RY5_Open pOldPin in The pointer points to the old developer password pNewPin in The pointer points to the new pin TryCount in The retry count Note E TryCount is the retry times ranging from 1 to 255 255 means no limits E Reset the pin interface includes the verification of developer password function regarding to password lock Please check RY5_VerifyDevPin for more detail Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example RY HANDLE handle 0 device handle DWORD retcode error code int count 0 the dongle count char vendorID 10 A8C3E6FD vendor ID int i find retcode RY5 Find vendorID amp count find vendor ID if retcode RY5 SUCCESS
49. shared memory is 32 bytes The user can operate the shared area to prevent multiple clients from accessing dongle and prevent USB data communication simulation Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example RY_HANDLE handle 0 device handle DWORD retcode error code int count 0 the found dongle count char vendorID 10 A8C3E6FD vendor ID Copyright O Feitian Technologies Co Ltd Website www FTsafe com EITIAN ROCKEYS TIME USER GUIDE WE BUILD SECURITY int i find retcode RY5_Find vendorlD amp count find the certain vendor ID s dongle if retcode RY5 SUCCESS printf r n RY5_Find error error code 8X r n retcode return printf r n RY5_Find the found dongle count d r n count for i 1 i lt count i open retcode RY5 Open amp handle i open dongle if retcode RY5 SUCCESS printf r n RY5 Open error error code 08X r n retcode return printf r n RY5_Open success open dongle r n i Write Share int offset 0 offset address int len 5 the length of data to be written BYTE buf 10 hello data to be written retcode RY5 WriteShare handle offset buf len if retcode RY5 SUCCESS printf r n RY5_WriteShare error error code 8X r n retcode return pri
50. still in programs Hence what we need to do is trying to hide or protect these codes 3 1 1 Confused Code Generally speaking programmers and crackers believe that every piece of code in software must be useful They believe no junk code in software Crackers usually trace every code and try to understand what this code does This method intentionally adds lots of junk code to make the software more and more complex Lots of junk codes will confuse crackers and waste lots their time on analyzing junk code 3 1 2 Fake Checks In software intentionally check conditions with some incorrect values If check result is correct it means that the software is being cracked Then try to exit programs or go on confusing etc Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE 3 1 3 Randomize Check Points Figure 3 1 3 1 The Time of Check Points Try to randomize check points in software Finding all check points is not an easy work for crackers 3 2 Use ROCKEY5 TIME to Encrypt Software Customers had better design their own software protection solution Do not share with others or use well known solutions Following samples show how to use ROCKEY5 TIME to protect software 3 2 1 New Methods of ROCKEY5 TIME Many traditional software protection methods use software protection dongles just as storage devices Put some data into dongle and read out f
51. then click New Please see figure below NewVfs ROCKEY5 TIME Virt Figure 4 3 2 1 Create a New File Second way Click button on tool bar to create a new file 2 There are two ways to save files First way Click File in menu bar and click Save Please see figure below NewVfs ROCKEY5 TIME Virtu Figure 4 3 2 2 Save a File Then select save and input correct path to save files into hard disk Please see the figure below FEITIAN ce O WE BUILD SECURITY Save as ROCKEY5 TIME Virtual File System File vfs Figure 4 3 2 3 Save a File Dialog Second way Click g button on menu bar to save files 3 There are two ways to open an existed file First way Click File in menu bar and then select Open Please see the figure below NewVfs ROCKEY5 TIME Vi E File Edit View Help Figure 4 3 2 4 Open a File Then input correct path in the pop up dialog to open an existed file Please see the figure below FEITIAN WE BUILD SECURITY File name Figure 4 3 2 5 Open a File Second way Click Se button on tool bar to open an existed virtual file Input correct path to open files 4 3 3 Create a New Internal File There are two ways to create a new internal file 1 Click Edit in menu bar and select Create File Please see figure below E NewVis ROCKER TIME Viri Figure 4 3 3 1 Create a File Select Create file
52. then pass to ROCKEYS TIME After ROCKEY5 TIME finished calculating server application transports data to client lt 3 gt Client application contained a RSA public key Client application generates a random number to use as the key of 3DES Then client uses public key to encrypt the 3DES key and transports to server application Server application passes this data into ROCKEY5 TIME ROCKEY5 TIME uses private key to decrypt the data and store the 3DES key as an internal file After this all communication data will be encrypted by this 3DES key For some experienced crackers they can modify the client application For example a cracker buys a ROCKEY5 TIME and writes his private key into in Then he uses his own public key to replace the one which is stored in client application So software manufacturers had better to add some specific algorithms into ROCKEY5 TIME so that even the private key public key has been replaced crackers still cannot crack the software Two things need to be considered 1 Inside the ROCKEY5 TIME there must be an algorithm that relate with key pairs If the key pair is replaced the algorithm returns wrong result 2 All check points should be placed into ROCKEY5 TIME Server application is only used for transportation Copyright O Feitian Technologies Co Ltd Website www FTsafe com F EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY 3 2 5 Remote Update Software manufacturers could use remote up
53. to Single Precision Floating Point number define _dtof result x _dbltof result x Convert double precision floating point to 32 bit signed integer define _dtol result x _dbltol result x Convert Single Precision Floating Point number to double precision floating point define _ftod result x _ftodbl result x Convert 32 bit signed integer to double precision floating point define _Itod result x _Itodbl result x short int short int reversing define _swap_ul6 pvData _swap pvData 2 long type and float type reversing define swap u32 pvData _swap pvData 4 assign Single Precision Floating Point number y to double precision floating point x define DOUBLE_INIT x y _ftodbl x y 6 11 3 Structures and Enumerations HM SHA1 context structure typedef struct tagSHA CONTEXT DWORD hl5 DWORD dwTotalLength BYTEbRemainLength BYTEpbRemainBuf ROCKEY5_SHA_CBLOCK JSHA_CONTEXT PSHA_CONTEXT typedef SHA_CONTEXT ShaContext SHA_CONTEXT structure type typedef ShaContext PShaContext The pointer pointing to SHA_CONTEXT E MDS hash context structure Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY EY5 TIME USER GUIDE typedef struct tagMD5 CONTEXT DWORD h 4 DWORD dwTotalLength BYTE bRemainLength BYTE pbRemainBuf ROCKEYS MD5_CBLOCK MD5_CONTEXT PMD5_CONTEXT typedef MD5 CONTEXT Md5Context MD5_CONTEXT structur
54. www FTsafe com FEITIAN ROCKEYS TIME USER GUIDE WE BUILD SECURITY 6 2 2 set_response BYTE set response WORD wLen void pvData Objective Get output data After the program has run out of ROCKEY5 TIME the function returns the result to the external program Note that the maximum length is 256 bytes Input parameters wLeb in the length of output data pvdata in the address of output data Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 Example 1 When output data is in type of int long word dword float and double the reversing process is needed due to the sequence of C51 program storage To implement the reversing an external function can be called or using C51 language swap interface introduced in section 6 2 3 In C51 o int xdata a a 1 2 _set response 2 8a Memory 0x00 0x03 In C reversing function void FlipBuffer unsigned char pBuf unsigned long ulLen unsigned char ucTemp for unsigned long i i lt ulLen gt gt 1 i ucTemp pBuf i pBuf i pBuf ulLen i 1 pBuf ulLen i 1 ucTemp int main int argc char argv assign the result from ROCKEY4 TIME to i the memory of i now is 0x00 0x03 FlipBuffer unsigned char amp i 2 after reversing 0x03 0x00 printf d n i The print result is as expected 3 Copyright Feitian Technolog
55. 5 SUCCESS printf r n RY5 Open error error code 08X r n retcode return printf r n RY5 Open success open dongle r n i Read Share int offset 0 offset address int len 10 read length BYTE buf 30 the data buffer memset buf sizeof buf read the data in shared area retcode RY5 ReadShare handle offset buf len if retcode RY5 SUCCESS Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE printf r n RY5_ReadShare error error code 08X r n retcode return printf r n RY5_ReadShare 08X r n buf close retcode RY5_Close handle TRUE close the dongle and clear the safe flag if retcode RY5_SUCCESS printf r n RY5_Close error error code 8X r n retcode return printf r n RY5_Close r n i 7 1 15 RY5_WriteShare DWORD WINAPI RY5_WriteShare RY_HANDLE handle int offset BYTE pbuf int len Objective Write the data to the shared memory of dongle RYS_Open must be called to open the device before this function is called Parameters handle in Device handle as same as the handle returned from RY5_Open offset in offset address The position writting data from pbuf in The pointer points to the buffer for storing the data to be written len in The length of data to be written Note The size of
56. D SECURITY Return value Success returns O Other return means failure For more detail check the error list in section 6 12 6 7 19 tanh BYTE _tanh DOUBLE result DOUBLE x Objective The hyperbolic tangent function Input parameters result out The result x in The radian value Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 6 7 20 ceil BYTE _ceil DOUBLE result DOUBLE x Objective The smallest integer not less than the double precision floating point number Input parameters result out The result xX in The double precision floating point number Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 6 7 21 floor BYTE _floor DOUBLE result DOUBLE x Objective The just integer number not more than the double precision floating point number Input parameters result out The result of the function Xx in The double precision floating point number Return value Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY Success returns O Other return means failure For more detail check the error list in section 6 12 6 7 22 abs BYTE _abs DOUBLE result DOUBLE x Objective The absolute value Input parameters result out The result of the funciton Xx in The double precision floating point number Return val
57. D5 success the encrypted data 8X r n md5Buf close retcode RY5 Close handle TRUE close the dongle and clear the safe flag if retcode RY5 SUCCESS printf r n RY5_Close error error code 08X r n retcode return printf r n RY5_Close success the No d dongle was closed r n i 7 1 25 RY5_SHA1 DWORD WINAPI RY5_SHA1 RY_HANDLE handle BYTE pBuf int len BYTE pSHA1 Objective Use SHA1 for encryption RY5_Open must be called to open the device before this function is called Parameters handle in Device handle as same as the handle returned by RY5_Open pBuf in The pointer points to the buffer for storing data len in The data length pSHA1 out The pointer points to the buffer for storing the calculation result whose length is 20 bytes Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY Note E Hash result will be saved in COS and a buffer in COS is used to save the last hashing result Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example RY_HANDLE handle 0 device handle DWORD retcode error code int count 0 the found dongle count char vendorID 10 A8C3E6FD vendor ID int i find retcode RY5_Find vendorID amp count find the certain vendor ID s dongle if retcode RY5
58. DWORD retcode error code int count 0 the dongle count char vendorID 10 A8C3E6FD the certain vendor ID int i find retcode RY5 Find vendorID amp count find the certain vendor ID if retcode RY5 SUCCESS printf r n RY5_Find error error code 8X r n retcode return Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY printf r n RY5_Find success find the dongle count d r n count for i 1 i lt count i open retcode RY5_Open 8handle i open dongle if retcode RY5_SUCCESS printf r n RY5_Open error error code 08X r n retcode return printf r n RY5_Open success open dongle r n i Write Memery int offset 0 offset address int len 5 the readin data length BYTE buf 10 hello data buffer retcode RY5 Write handle offset buf len write data into data area of dongle if retcode RY5 SUCCESS printf r n RY5_Write error error code 08X r n retcode return printf r n RY5 Write success write content s r n buf close retcode RY5_Close handle TRUE close dongle and clear the safe flag if retcode RY5_SUCCESS printf r n RY5_Close error error code 08X r n retcode return printf r n RY5_Close success close the dongle r n i 7 1 13 RY5_Ve
59. E handle 0 the device handle DWORD retcode error code int count 0 the dongle count char vendorID 10 A8C3E6FD the certain vendor ID BYTE buf 18 the return random number int i find retcode RY5 Find vendorID amp count search the certain vendor ID dongle if retcode RY5_SUCCESS Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY printf r n RY5_Find error error code 8X r n retcode return printf r n RY5_Find success search the dongle count d r n count for i 1 i lt count i open retcode RY5_Open 8handle i open dongle ith if retcode RY5 SUCCESS printf r n RY5 Open error error code 08X r n retcode return printf r n RY5_Open success open dongle r n i Get Random memset buf sizeof buf retcode RY5_GenRandom handle 10 buf get the 10 byte random number if retcode RY5_SUCCESS printf r n RY5_GenRandom error error code 08X r n retcode return printf r n RY5_GenRandom success random number 8x r n buf close retcode RY5_Close handle TRUE close dongle and clear safe flag if retcode RY5_SUCCESS printf r n RY5_Close error error code 08X r n retcode return printf r n RY5_Close success close dongle r n i 7 1 6 RY5_
60. ER GUIDE WE BUILD SECURITY EY5 TIME USER GUIDE pCtx in The address of the environment context MD5 CONTEXT Environment context structure typedef struct tagMD5 CONTEXT DWORD h 4 DWORD dwTotalLength BYTE bRemainLength BYTE pbRemainBuf ROCKEY5_MD5_CBLOCK JMD5_CONTEXT PMD5_CONTEXT Return value Success returns O Other return means failure For more detail check the error list in section 6 12 Example Check md5_final example 6 4 11 md5_update BYTE md5 update PMD5 CONTEXT pCtx const void pvData BYTE bLen Objective Perform MDS calculation Input parameters pCtx in The address of the environment context pvData in Hash data bLen in Hash data length Return value Success returns O Other return means failure For more detail check the error list in section 6 12 Example Check md5_final example 6 4 12 md5_final BYTE_md5_final PMD5_CONTEXT pCtx void pvResult Objective Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY Get MD5 result The result is 16 bytes long Input parameters pCtx in The address of the environment context pvResult in The address of hash result Return value Success returns O Other return means failure For more detail check the error list in section 6 12 Example BYTE xdata bRes 0 char xdata result 16 BYTE xdata text HELLO MD5_CONTEXT xdata md5ctx
61. Example RY_HANDLE handle device handle DWORD retcode error code int count 0 the found dongle count char vendorID 10 A8C3E6FD vendor ID int i find retcode RY5_Find vendorID amp count ind the certain vendor 1D s dongle if retcode RY5 SUCCESS printf r n RY5_Find error error code 8X r n retcode return printf r n RY5_Find the found dongle count d r n count for i 1 i lt count i open retcode RY5_Open 8handle i open dongle whose No is i if retcode RY5_SUCCESS printf r n RY5 Open error error code 08X r n retcode return printf r n RY5_Open success open the No d dongle r n i Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY Nerify DevPin char pInPin 30 123456781234567812345678 developer password int pRemainCount 0 pin remain count verify developer password retcode RY5 VerifyDevPin handle pInPin amp pRemainCount if retcode RY5 SUCCESS printf r n RY5_VerifyDevPin error error code 08X pRemainCount d r n retcode pRemainCount return printf r n RY5_VerifyDevPin verify developer password r n Erase All Files retcode RY5_EraseAllFile handle delete file if retcode RY5_SUCCESS printf r n RY5_EraseAllFile error error code 08X r n
62. FEITIAN WE BUILD SECURITY v1 0 Feitian Technologies Co Ltd Website http www ftsafe com FEIT AN WE BUILD SECURITY Histroy Date Version Content Nov 2011 v1 0 The first version FEITIAN ROCKEYS TIME USER GUIDE WE BUILD SECURITY Software Developer s Agreement All Products of Feitian Technologies Co Ltd Feitian including but not limited to evaluation copies diskettes CD ROMs hardware and documentation and all future orders are subject to the terms of this Agreement If you do not agree with the terms herein please return the evaluation package to us postage and insurance prepaid within seven days of their receipt and we will reimburse you the cost of the Product less freight and reasonable handling charges 1 Allowable Use You may merge and link the Software with other programs for the sole purpose of protecting those programs in accordance with the usage described in the Developer s Guide You may make archival copies of the Software 2 Prohibited Use The Software or hardware or any other part of the Product may not be copied reengineered disassembled decompiled revised enhanced or otherwise modified except as specifically allowed in item 1 You may not reverse engineer the Software or any part of the product or attempt to discover the Software s source code You may not use the magnetic or optical media included with the Product for the p
63. FTsafe com FEITIAN ROCKEYS TIME USER GUIDE WE BUILD SECURITY including the string ending 0x48 0x45 0x4C 0x4C 0x4F 0x00 char cBuffer 6 HELLO In C51 char xdata buffer 250 memcpy buffer pbInBuff 6 assign 6 bytes HELLO 0x48 0x45 x4C x4C 0x4F 0x00 to buffer 3 Assign value to multiple variables for instance assign long char array and double to C51 program In C int main int argc char argv BYTE pbInData 18 0 long 1CData 8 FlipBuffer unsigned char amp lCData 4 char cBuffer 6 HELLO double dCData 8 0 FlipBuffer unsigned char amp dCData 8 memcpy pbInData amp lCData 4 memcpy pbInData 4 cBuffer 6 memcpy pbInData 10 amp dCData 8 import pbInData to ROCKEY5 TIME 18 bytes In C51 long xdata lData char xdata buffer 250 double xdata dData if wInLen 18 _exit if the length is over 18 bytes memcpy amp lData pbInBuff 4 assign digit 8 0x00 0x00 0x00 xe8 to iData the serial number in pbInBuff is from to 3 4 bytes memcpy buffer pbInBuff 4 6 assign HELLO 0x48 0x45 x4C 0x4C x4F 0x00 to buffer the serial number in pbInBuff is from 4 to 9 6 bytes memcpy amp dData pbInBuff 10 8 assign 8 0 0x40 0x20 0x00 0x00 Oxee Oxee Oxee Oxe to dData the serial number in pbInBuff is from 10 to 17 8 bytes Copyright Feitian Technologies Co Ltd Website
64. GetFreeSize DWORD WINAPI RY5_GetFreeSize RY_HANDLE handle int pSize Objective Get the free user space RY5_Open must be called to open the device before this function is called Parameters handle in The device handle which is as same as the one returned by RY5_Open Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE pSize out The pointer pointing to the free user space Note Check the free user space of dongle Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example RY_HANDLE handle 0 the device handle DWORD retcode error code int count 0 search the dongle number char vendorID 10 A8C3E6FD find the vendor ID int pSize return the size of the free space int i find retcode RY5 Find vendorID amp count find the certain vendor ID if retcode RY5 SUCCESS printf r n RY5_Find error error code 8X r n retcode return printf r n RY5_Find success find the dongle count d r n count for i 1 i lt count i open retcode RY5 Open amp handle i open dongle if retcode RY5 SUCCESS printf r n RY5_Open error error code 08X r n retcode return printf r n RY5_Open success open the dongle r n i Get FreeSize retcode RY5_GetFreeSi
65. Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY M Digital signature A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document A valid digital signature gives a recipient reason to believe that the message was created by a known sender and that it was not altered in transit Digital signatures are commonly used for software distribution financial transactions and in other cases where it is important to detect forgery or tampering 6 4 1 des_enc BYTE_des_enc const void pvKey BYTE bLen void pvData Objective Encrypt data by DES It requires messages whose length is a multiple of the block size 8 bytes or messages have to be padded to bring them to this length The encrypt mode is ECB and for the other mode like CBC needs to be developed by oneself Input Parameters pvKey in The address of DES key whose length is 8 bytes bLen in The length of encrypted data a multiple of 8 bytes pvData in out The plain text as input and cipher text as output Return value Success returns O Other return means failure For more detail check the list in section 6 12 Example BYTE xdata bRes 0 the plain text needs to be encrypted as a multiple of 8 char xdata text 8 0x00 0x01 0x02 0x03 0x04 0x05 0x06 0x07 DES key 8 bytes BYTE xdata deskey 8 0x11 0x22 0x33 0x44 0x55 0x66 0x77 0x88 bRes _des_enc deskey
66. PC side program to process in ROCKEY5 TIME pbInBuff is a address pointing to the input data winLen is the length of input data Input parameters N A Return value N A Example 1 In C51 program to assign a value to a variable in the type of int long word dword float and double the high order byte is ordered first and then the low order byte By contrast in PC the low order byte is order first other than the high order byte reversing the order is needed when inputing To implement the reversing an external function can be called or using C51 language swap interface introducted in 6 2 3 The following code demonstrates inputing a digit 8 to C51 program external language is C Reversing void FlipBuffer unsigned char pBuf unsigned long ulLen unsigned char ucTemp for unsigned long i 0 i lt ulLen gt gt 1 i ucTemp pBuf i pBuf i pBuf ulLen i 1 pBuf ulLen i 1 ucTemp Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEYS TIME USER GUIDE WE BUILD SECURITY int main int argc char argv i short sCData 8 Memory 0x08 0x00 long 1CData 8 Memory 0x08 x Oxee exee float fCData 8 0 Memory 0x00 0x00 Ox00 0x41 double dCData 8 0 Memory 0x00 0x00 Ox00 OX0O OXO Ox00 0x20 0x40 BYTE pbInData 18 0 import short long float and double 18 bytes in total FlipBuffer unsigned ch
67. RY5 SUCCESS printf r n RY5_VerifyDevPin error error code 08X pRemainCount d r n retcode pRemainCount return printf r n RY5_VerifyDevPin success verify developer password success r n set 3DES Key int kid 1 key pair ID BYTE buf 16 key for int j 0 j lt sizeof buf j buf j 3 retcode RY5_Set3DESKey handle kid buf 3DES key pair 1 if retcode RY5_SUCCESS 1 printf r n RY5_Set3DESKey error error code 88X r n retcode return printf r n RY5_Set3DESKey rin close retcode RY5_Close handle TRUE close the dongle and clear the safe flag if retcode RY5_SUCCESS if printf r n RY5_Close error error code 8X r n retcode Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY Y5 TIME USER GUIDE return printf r n RY5_Close success close the NO d dongle r n i 7 1 27 RY5_3DES DWORD WINAPI RY5_3DES RY_HANDLE handle int kid int flag BYTE pinBuf int len Objective Use 3DES to encrypt decrypt data RYS Open must be called to open the device before this function is called Parameters handle in Device handle as same as the handle returned by RY5_Open kid in Key pair ID that ranges from 1 to 8 flag linlEncrypt decrypt flag olnBuf in out The buffer pointer stores data input the cipher text and output the plain text
68. Return value Success returns O Other return means failure For more detail check the error list in section 6 12 6 7 10 Idexp BYTE _Idexp DOUBLE result DOUBLE x WORD exp Objective The exponentiation of 2 times of double precision floating point number Input parameters result out The result Xx in The double precision floating point number exp in The exponent of 2 Return value Success returns O Other return means failure For more detail check the error list in section 6 12 6 7 11 sin BYTE_sin DOUBLE result DOUBLE x Objective The sine function Input parameters result out The result x in The radian value Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 6 7 12 cos BYTE _cos DOUBLE result DOUBLE x Objective Cosine function Input parameters Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY SM result out The result x in The radian value Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 6 7 13 tan BYTE _tan DOUBLE result DOUBLE x Objective The tangent function Input parameters result out The result x in The radian value Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 6 7 14 asin BYTE _asin DOUBLE resul
69. The pointer points to output buffer for storing data output from the C51 executable pOutSize in out The length of data returned from C51 Executable file Note E File ID is 2 bytes For example 0x1002 Ox009B For some reason some IDs can only be used by ROCKEY5 TIME internally Users cannot use these internal IDs Mit is the size of the output buffer pointed by pointer pOutBuf When it is shorter than the returned length from the executable file from ROCKEY 5 TIME it returns error Return value Success returns RY5_ SUCCESS 0x00000000 Other return means failure For more detail check the error list in 7 2 Example RY_HANDLE handle 0 device handle DWORD retcode error code int count 0 the found dongle count char vendorID 10 A8C3E6FD the vendor ID int i Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY find retcode RY5_Find vendorID amp count find the certain vendor ID s dongle if retcode RY5_SUCCESS printf r n RY5_Find error error code 88X r n retcode return printf r n RY5_Find the found dongle count d r n count for i 1 i lt count i open retcode RY5 Open amp handle i open the dongle whose No is i if retcode RY5 SUCCESS printf r n RY5 Open error error code 08X r n retcode return printf r n RY5_Open succes
70. _response 1 8bRes _exit _set_response 8 bSN exit 6 6 Clock Function 6 6 1 get_time_limit extern BYTE _get_time_limit DWORD value BYTE policy Objective Get the COS time limitation Input parameters Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEYS TIME USER GUIDE WE BUILD SECURITY value out The address of expired time or remaining hours determinted by the type of COS expired time policy out Flag of data type If O COS stored expiry date If 1 COS stored remaining hours Return value Success returns O Other return means failure For more detail check the error list in section 6 12 6 7 Double precision Floating point Calculation C51 lanuage itself does not support the double precision floating point but the ROCKEY 5 TIME does The symbol like X can not be directly used when computing in double precision floating point except using the interface from ROCKEY5 TIME The expression of the double precision floating point in C51 differs from common PC language For example the double precision floating point of 1 0 in PC shows address as 0x00 0x00 0x00 0x00 0x00 0x00 OxFO Ox3F but in C51 shows as Ox3F OxFO 0x00 0x00 Ox00 Ox00 Ox00 Ox00 instead A reversing process is needed We offer a tool Double2Byte exe that can converts 2 types between double precision floating point and 8 byte array Note that to ensure the double precisio
71. aa ld 102 eC RT ER RFI SI E E SEN E E GIRT PPS AIR VAR EUR 102 OS TOLCOS EEE aa a BY ba UM JA aga fd a a a BARN TE Ep FI ii a fasa E Vu a a 102 A O 103 A A E O e o O O 103 G68 E ee AI oo o E A 103 6 8 14 atanf 104 6815 Mi IRIS A ST E ET RT ET 104 AP E 104 A A RS En E E E E ENN Si an gasi es eT EET EE 104 8 LS GO sg skakki AE T aaa a ds A 105 SA ak ha a ee 105 6 8 20 absf 6 8 21 expf 6 8 22 logf 6 38 23 OB 0 i AEE A EES PEE E E a A 106 EAS an an ii A A A A aAA 106 6 9 Time Func aa Af af 107 EIT A A dia 107 O E E 108 COM ii iii 109 6 10 Type CONVELSION s r ka Ra A EI 110 Oo ol 10 IE RN ON 110 6102 Moli o A A Al ow in NR FER na 111 6 10 3 lO iii a Aia 111 6 10 4 Itodbl welll GOES 1 POPE OOOO ON 112 A A O E 112 Al AAA AA N 113 RE 113 6 11 Structures and Constant Variables Eta AR LEA 113 Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY GAL TODA Ty Pe viitiiiaaii ki sana an LI a fk Sk aa ri a aha Hnakk fh 5 UTD Tel KA o 6 11 3 Structures and Enumerations 6 12 Error COE escocia pi oa a aa la A Bi BRE BER ER vend levees SS ER aE Chapter 7 ROCKEY5 TIME API For PC ssssscsssessssecssseesssssessseeessseessesesssesssssesssessssssesssssessseesssssessssessseees 119 PLAP FUNCIONS usina AAA a I BR BR OTR a Raai FAR ASS RINA NR NO NN 7 1 2 RY5 Open 7 1 3 RY5 Close FA RYS Get H f lDisssss sni
72. ady existed invald RSA key format mismatched the length of key file type invalid failed in RSA encryption or decryption failed in RSA verification SHA1 computing error MD5 computing error invalid memory pointer EEPROM error COS expired hardware clock broken update package expired FEITIAN WE BUILD SECURITY S TIME USER GUIDE Chapter 7 ROCKEY5 TIME API For PC 7 1 API Functions 7 1 1 RY5_Find DWORD WINAPI RY5_Find char pVendoriID int pCount Objective Search the connected ROCKEY 5 TIME device Parameters pVendorlD in out String pointer pointing to the string of vendor ID and the vendor ID length is 8 bytes pCount out Int pointer to the number of attached ROCKEY5 TIME Note E The function gets the device number of ROCKEY5 TIME for certain vendor ID if pVendorlD is assigned as O then pCount return O H The maximum number of ROCKEY 5 TIME attached to PC is 32 at the same time E The function is at least needed to be called once for initalzation and setup the device list when the program gets started E if the program is multi thread it is better to call this function once before the main thread gets started E The attaching and detaching of dongle will not affect the number of device Return value Success returns RYS_ SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example
73. ar amp sCData 2 memory 0x00 0x08 FlipBuffer unsigned char amp lCData 4 Memory x x x0O Oxe8 FlipBuffer unsigned char amp fCData 4 Memory x41 0x00 0x00 Oxee FlipBuffer unsigned char amp dCData 8 Memory 0x40 0x20 0x00 0x00 Oxee Ox8O OXO OxeO memcpy pbInData amp sCData 2 memcpy pbInData 2 81CData 4 memcpy pbInData 6 amp fCData 4 memcpy pbInData 1 amp dCData 8 import pbInData to ROCKEY5 TIME 18 bytes In C51 if wInLen 18 _exit if the length is over 18 bytes C51 int type is 2 bytes but in C is short int xdata iData assign digit 8 to iData the serial number for first two byte in pbInBuff is 0 1 memcpy amp iData pbInBuff 2 C51 long type is identical to C 4 bytes long xdata lData assign digit 8 to iData the serial number in pbInBuff is from 2 to 5 4 bytes memcpy amp lData pbInBuff 2 4 C51 float type is identical to C 4 bytes float xdata fData assign digit 8 0 to iData the serial number in pbInBuff is from 2 to 5 4 bytes memcpy amp fData pbInBuff 6 4 C51 Double type is 8 bytes DOUBLE xdata dData assign digit 8 0 to iData the serial number in pbInBuff is from 10 to 17 8 bytes memcpy amp dData pbInBuff 10 8 2 The reversing is not required when assign to string type In C int main int argc char argv Copyright Feitian Technologies Co Ltd Website www
74. assword is 123456781234567812345678 After Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE input new Developer Password click OK button and the User Tool will find ROCKEYS TIME with the current Vendor ID If no ROCKEY5 TIME is found User Tool will notify waiting for attaching ROCKEY5 TIME Current Developer Password will be used to verify login If failed to verify User Tool will notify Failed to verify Developer Password error code is OxFOOOOCFF Please note The default retry time is unlimited If customer has set a retry time please input Developer Password carefully Once the retry time is reached ROCKEY5 TIME will be locked In this case the only way to unlock ROCKEY5 TIME is to send back to FEITIAN Please refer section BA A 2 Data Storage Area Double click 2 Data Storage Area will show the following figure Data Types Figure 4 2 8 3 Data Storage Area Customers can directly edit hexadecimal value or ASCII value 3 Key Paris for Remote Update Double click 3 Key Pairs for Remote Update to show the following figure Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEYS TIME USER GUIDE WE BUILD SECURITY Figure 4 2 8 4 Key Pair for Remote Update Select Data Type and get key value by directly editing hexadecimal value or importing from a file Please see the following
75. avoid being debugged E Check Parent Protected programs will detect debugger process If there is a debugger process protected programs cannot be run E Replace Code Replace some code of programs E Section Align Align the program sections E File Protect Check the integrity of the protected file to avoid files being modified button to encrypt a single file Click button to encrypt all files If error occurred please follow below steps 1 Check whether Vendor ID is correctly input 2 Check whether the file type is supported Please use C WINDOWS NOTEPAD EXE to test Co Ltd FEITIAN ROCKEY5 TIME USER GUIDE Chapter 5 Advanced Use of ROCKEY5 TIME Previous chapter described how to use ROCKEY5 TIME to protect software In this chapter we will give a sample to show the advanced use of ROCKEY5 TIME The sample is a program that updates internal data from 15 bytes long to 18 bytes long tinclude stdafx h Hinclude lt stdio h gt tinclude lt windows h gt include RY5_APT h unsigned char A e 9 10 5 8 4 2 1 6 3 7 9 10 5 8 4 2 1 CORA 1 E SACO ES ZA jhe void pa A ID 15 char newID 18 Conversion algorithm i int i j s s 0 memcpy newID 1D 6 newID 6 1 newID 7 9 memcpy newID 8 ID 6 9 for i 0 1i lt 17 i j newID i 48 Wi i s j s 11 newID 17 Ai s void main int argc char argv char cOldID 16 110105720924001 15 bytes long data char cN
76. bFileType in The file type 1 byte for more detail check Table 6 1 bFlag in The file flag byte 1 byte check Table 6 2 pHandle out File handle If the file is open it returns the file handle Name Value Explationation FILE_TYPE_EXE 0x00 Executable file Wrt FILE_TYPE_DATA 0x01 Internal data file R W FILE_TYPE_RSA_PUB 0x02 RSA public key file R W FILE_TYPE_RSA_SEC 0x03 RSA private key Wrt Table 6 1 File Type Check Table 6 1 for more about file type In C51 program the executable file in ROCKEY5 TIME And the file properties are in following Excutable file enable to be modified by the other executable file but impossible to be read in any circumstances Internal data file enable to be read or written by executable file RSA public key file enable to be read or written by executable file RSA private key file enable to be modified by executable file but impossible to be read in any circumstances CREATE_OPEN_ALWAYS 0x00 If the file already exists it opens file otherwise creates and then opens CREATE_FILE_NEW 0x01 Create and open the new file if the Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEIT IAN ROCKEYS TIME USER GUIDE file already exists it returns an error CREATE_OPEN_EXISTING 0x02 Open the existed file similar to _open Table 6 2 File Flags Return value Success returns O Other return mea
77. buffer for storing data len in The data length pMD5 out The pointer points to the buffer for storing the calculation result whose length is 16 bytes Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example RY_HANDLE handle 0 device handle DWORD retcode error code int count 0 the found dongle count char vendorID 10 A8C3E6FD vendor ID int i find retcode RY5_Find vendorID amp count find the certain vendor ID s dongle gt if retcode RY5 SUCCESS printf r n RY5_Find error error code 08X r n retcode return printf r n RY5_Find the found dongle count d r n count for i 1 i lt count i Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY open retcode RY5_Open 8handle i open dongle i if retcode RY5_SUCCESS printf r n RY5 Open error error code 08X r n retcode return printf r n RY5_Open success open the No d dongle r n i MD5 int len 5 the data length BYTE buf 10 hello the data to be encrypted BYTE md5Buf 20 memset md5Buf sizeof md5Buf retcode RY5_MD5 handle buf len md5Buf MD5 if retcode RY5_SUCCESS printf r n RY5_MD5 error error code 08X r n retcode return printf r n RY5_M
78. c3 0 0x76 0xda 0x27 0xf2 0x1a 0xb0 0x7f 0xea 0x6d 0xda 0x7b 0x13 0x29 0x82 0xa9 0 0xa4 0xf3 0x9c 0x6e 0xcb 0x18 0x5b 0xe8 0x13 0xaa 0xf2 0xf4 0x29 0x85 0x09 0 exfc 0xbc 08x5d 0x12 0xa5 0x64 0xbc 0xd6 0x37 0xbe 0xf3 0x7d 0xfc 0x06 0x16 0 0x66 0x99 0x25 0x44 0xc0 0xce 0xf4 0x73 0xa5 0x7f 0xa5 0x91 0x00 0x00 0x00 0 0x30 0x7e 0x13 0xd8 0xfa 0x11 0xee 0x07 0x0f 0x3a 0x34 0x05 0x0b 0x35 0x66 0 0x41 0x69 0x7f 0x18 0x89 0x2e 0xc3 0x77 0x78 0x6d 0xd5 0xa0 0x25 0x59 0x6d 0 Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE 0x15 0x90 0x86 0xcc 0x99 0xfe 0x8f 0xb8 0x97 0x9d 0xfb 0xa1l 0xff 0x89 0x08 0 ea 0x29 0xd4 0x4d 0xd7 0x89 0xc8 0x12 0x27 0xe6 0xc4 0x19 0x4c 0x4c 0xdc 0x80 0 ati 0x00 0x00 0x00 0x40 0x9e 0x20 0x54 0x80 0x49 0x6e 0xc7 0x8d 0x39 0x87 0x61 0 sis 0xc5 0x7f 0xb4 0x47 0xb2 0xaa 0x21 0x7b 0xce 0x73 0x4f 0x3d 0xa5 0x35 0x39 0 ao 0x69 0xdc 0x1d 0x3b 0xe4 0x90 0xa9 0xad 0xb0 0x48 0xf5 0x46 0x8e 0x80 0x83 0 oa 0x3d 0x3f 0xc3 0x18 0xaf 0xdb 0x72 0xf6 0x3b 0x3a 0xe7 0x60 0xe0 0x2a 0x54 0 x2e oxff 0xb0 0x1a 0x91 private key retcode RY5_SetRsaKey handle kid pubBuf priBuf generate key pair 1 if retcode RY5_SUCCESS 1 printf r n RY5_SetRsaKey error error code 8X r n retcode return printf r n RY5_SetRsaKey success r n close retcode RY5 Close handle TRUE close the dongle and clear the safe flag if
79. ccess returns O Other return means failure For more detail check the list in section 6 12 Example BYTE xdata bRes 0 the plain text needs to be encrypted as a multiple of 8 char xdata text 8 0x00 0x01 0x02 0x03 0x04 0x05 0x06 0x07 3DES 16 bytes BYTE xdata tdeskey 16 0x00 0x11 0x22 0x33 0x44 0x55 0x66 0X77 0x88 0x99 OxAA OxBB O xCC xDD xEE xFF bRes _tdes enc tdeskey 8 text duplicate buffer if bRes _set_response 1 amp bRes _exit encrypted text 0x5D 0x99 0x07 0x87 OxBO Ox67 0x37 0x87 _set response 8 text _exit Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY 6 4 6 tdes_dec BYTE tdes dec const void pvKey BYTE bLen void pvData Objective 3DES decryption function 3DES key is 16 bytes and it requires messages whose length is a multiple of the block size 16 bytes so messages have to be padded to bring them to this length The encrypt mode is ECB and for the other mode like CBC needs to be developed by oneself Input parameters pvKey in The 16 bytes buffer store 3DES key bLen in The plain data length pvData lin out The cipher text as input and plain text as output Return value Success returns O Other return means failure For more detail check the error list in section 6 12 Example BYTE xdata bRes 0 the cipher text needs to be decry
80. d At this point tick Automatic Batch Initialization to initialize ROCKEY5 TIME in batch ROCKEY5 TIME LED is blinking when initializing Change to a new ROCKEY5 TIME when LED is off 4 3 ROCKEY5 TIME Virtual File System Manager VFSM When software manufacturers develop C51 programs KEIL and ROCKEY5 TIME Virtual File System Manger are needed VFSM is a virtual environment that simulates real ROCKEY5 TIME Customers do not need ROCKEY5 TIME when developing programs VFSM can provide all ROCKEY5 TIME functions VFSM generates Virtual Files vfs which can be used to create file system for real ROCKEY5 TIME VFSSet exe is VFSM which can be found under Utilities folder in DK 4 3 1 Main Interface ROCKEY5 TIME VFSM includes menu bar tool bar Tree View and information list Please see the figure below NewVfs ROCKEY5 TIME Virtual File System Manager DER File Edit View Help E ROCKEYS UFS ROOT DIR HF Figure 4 3 1 1 ROCKEY5 TIME VFSM Menu bar main functions are here Tool bar Same as menu bar Provides buttons for convenience Tree view List folders of virtual file Information list List detailed information of virtual file Copyright Feitian Technologies Co Ltd Website www FTsafe com F EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY 4 3 2 Create Save and Open 1 There are two ways to create a new virtual file First way Click File in menu bar
81. d Memory Area volatile LED Control 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C On 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Read Out PSWD Management 00 00 00 00 C off Write In A gt Flicker i Remote Update P g s r gt Figure 4 2 2 1 Basic Functions E Data Storage Area Users can directly edit data in data display area Click Write in button to save into Data Storage Area If failed to write users need to check errors based on error code Please refer section 7 2 1 Click Read out to display data which are stored in Data Storage Area Data will be displayed in data display area Click Import button and select a file in pop up dialog Data stored in the file will be displayed in data display area Then click Write in button to write them into Data Storage Area Click Export button to save data into a file Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY WE BUILD SECURITY 5 TIME USER GUIDE Eri E Shared Memory Area Users can directly edit data in data display area Click Write in button to save data into Shared Memory Area If failed to write users need to check errors based on error code Please refer section 7 2 1 Click Read out to display data which are stored in Shared Memory Area Data will be displayed in data display area E LED Control Select On Off o
82. d in API folder of SDK APTABCB Delphi RY5 cbc lib C Builder Static Link Library API Com Rockey5Com dll Com components pre register is required 1 Copy Rockey5Com dll to Windows system32 2 Register in terminal regsvr32 Rockey5Com dll 3 Unstall component regsvr32 u Rockey5Com dll API BCB_Delphi ROCKEY5 Delphi obj Delphi Library file API Dynamic Rockey5 dll Dynamic link library API Dynamic Rockey5 lib LIB file for dynamic link library Include RY5 API h Header file API Java RY5Java dll JAVA s jni interface API Java RY5jni jar JAVA library file Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY API Static Rockey5 lib C static link library E C51 folder in SDK stores C51 program s library and header file E f you need ROCKEY5 TIME to develop or test please contact the company from website http www FTsafe com FEITIAN ROCKEYS TIME USER GUIDE WE BUILD SECURITY Chapter 1 ROCKEY5 TIME Introduction 1 1 About ROCKEY5 TIME The ROCKEY5 TIME is based on smart card technology enduring 100 thousand hardware writting over 10 years preserve working temperature 0 C 70 C ROCKEY5 TIME integrates dongle and smart card technology with driverless design multiple functions and cost effective pricing targeting various areas such as software proctection authentication E business and information security
83. d_offset have different presentations due to the type If type Data_TYPE_Memory kid_offset represents offset adderss of user space 8192 bytes If type is O 1 2 kid offset represents the key pair ID to be update ranging 1 to 8 m If the data type to be update is public key data type Data_TYPE_PubKey the parameter len must be 140 bytes Else if the data type to be updated is private key data type Data_TYPE_PriKey len must be 340 bytes And if the data type is 3DES key data type Data_TYPE_3DesKey len must be 16 bytes Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure for more detail check the error list in section 7 2 Example RY_HANDLE handle 0 device handle DWORD retcode error code int count 0 the found dongle count char vendorID 10 A8C3E6FD vendor ID int i char pInPin 30 123456781234567812345678 developer password int pRemainCount 0 developer password retry times find retcode RY5_Find vendorID amp count find the certain vendor ID s dongle if retcode RY5_SUCCESS printf r n RY5_Find error error code 8X r n retcode return Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY printf r n RY5_Find the found dongle count d r n count for i 1 i lt count i open retcode RY5 Open amp handle i open dongle if retcode RY5 SUCCESS
84. date function to update ROCKEY5 TIME contents for end users Following parts can be updated 8KB Data Memory 8 pairs RSA keys 8 3DES keys 8 AES keys expiry date and total use hours 32KB user memory cannot be updated It needs users to modify by them Please note The update package for updating expiry date or total use time can be only updated once There is an UTC time stamp inside the update package If the time stamp is invalid ROCKEY5 TIME refuses to update Update process 1 When released protected software ROCKEY5 TIME stores internal executable files internal data and another executable file that is used for update Here we called this file as UP file When executing update keep all transmitted data encrypted We use RSA to encrypt data so the private key is needed to store inside ROCKEY5 TIME For example inside the ROCKEY5 TIME memory there are several files file A executable file file B internal data PRI private key and a UP executable file file 2 When software is updated software manufacturers need to encrypt new file A and new file B with public key After this send the encrypted package to end users Please note Public key should not be stored inside ROCKEY5 TIME due to security issue 3 When end users received update package use UP file to decrypt A and B with private key Then use C51 file operation interface to replace old A and B Update package can bind hardware ID so that
85. dit View Help E ES ROCKEY5 UFS wm ROOT DIR HMF Import File Export File Figure 4 3 6 3 Edit a File Copyright O Feitian Technologie Website www FTsafe com F EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY 4 3 7 Export a File There are three ways to export an internal file 1 Right click a file in information list and select Export File to export a file NewVfs ROCKEY5 TIME Virtual File System Manager i File Edit View Help ROCKEYS UFS File name Size byte Properties gm ROOT DIR MF B 1002 100 Data File Create File Edit File Import File Export File Figure 4 3 7 1 Export a File 2 Click S button to export a file 3 Export data into a file in edit interface Please see figure below Edit File 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000 Figure 4 3 7 2 Export to File FEITIAN WE BUILD SECURITY 4 3 8 Delete a File There are three ways to delete files in virtual file system 1 Click Edit in menu bar and select Delete File Please see the figure below NewVfs ROCKEY5 TIME Virtual File System Manager Create File Edit File Import File Export to disk Figure 4 3 8 1 Delete a File 2 Select a file and then click x button on tool bar to delete 3 Right click a file and select Delet
86. e DWORD WINAPI RY5_GetTokenType RY_HANDLE handle int type Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY 5 TIME USER GUIDE Objective Get the token type RY5_Open must be called to open the device and the developer password needs to be verified before this function is called Parameters handle in Device handle as same as the handle returned by RY5_Open type in out The token type 1 represents ROCKEY5 TIME and 2 represents others Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Error Code define RY5_SUCCESS 0x00000000 successfully done define RY5_NOT_FOUND OxFO000001 device Not found Hdefine RY5_INVALID_PARAMETER OxF0000002 invalid parameter Hdefine RY5_COMM_ERROR OxF0000003 comunication error define RY5_INSUFFICIENT_BUFFER OxF0000004 not enough buffer space define RY5_NO_LIST OxF0000005 the device list not find define RY5 DEVPIN NOT CHECK OxF0000006 no verification of developer pin define RY5 USERPIN NOT CHECK OxF0000007 no verification of user pin Hdefine RY5_RSA_FILE_FORMAT_ERROR OxF0000008 error format of RSA file define RY5 DIR NOT FOUND OxF0000009 directory not found define RY5_ACCESS_DENIED OxF000000A access denied define RY5_ALREADY_INITIALIZED OxF000000B Initialized define RY5_INCORRECT_PIN OxF0000C00
87. e Executable files are programmed in C51 and be executed inside ROCKEY5 TIME External programs call ROCKEY5 TIME API to pass parameters to executable file which runs inside ROCKEY5 TIME and will return results to external programs Executable files can be modified by other executable files Software manufacturers can create and write executable files after verifying Developer Password The content of executable files cannot be read by anyone Remote update function can also modify internal executable files Please refer to section 3 2 7 E internal Data File Internal Data File is used to store user data Software manufacturers can use API to write data file but cannot read it Another way is using other internal executable files to read and write Internal Data File That is application call internal execuable file over API to read and write Internal Data File E Key File Key File is used to store RSA key pairs public key and private key Customers with Developer Password can write public keys Internal executable files can read and write public keys For private keys customers with Developer Password can write But nobody can read private keys Use ROCKEY5 TIME utilities to generate RSA key pairs Please refer section to 4 2 File types and privilege Developer Password Executable File Executable File Write Write Internal Data File Write Read Write Public key Write Read Write Key File Private key Write W
88. e to delete a file Please see the figure below NewVfs ROCKEY5 TIME Virtual File System Manager DER i Fie Edit View Help ROCKEYS UFS gy ROOT DIR MF Create File Edit File Import File Export File Figure 4 3 8 2 Delete a File 4 3 9 Other Functions 1 Open recent virtual files Click File in menu bar customers will find recent files listing on drop down menu Please see the figure below NewVfs vfs ROCKEY5 TIME Virtual File System Manager Edit View Help New Ctri N Open Ctri O Save Ctrl S Figure 4 3 9 1 Open Recent Files Copyright O Feitian Technologies Co Lt Si es oe Website ww F EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY 2 Hide Tree View Click 3 button to hide Tree View 3 View Menu To show or hide tool bar Tree View and status bar NewVfs vfs ROCKEY5 TIME Virtual File System Manager Tool Bar Status Bar Device Dir Tree Data File 1004 122 Exe File Figure 4 3 9 2 View 4 Refresh Sometimes when files or directories are changed customers need to refresh the tool Click button to refresh Please see the figure below NewVfs vfs ROCKEY5 TIME Virtual File System Manager File Edit View Help 4 3 10 Menu Bar and Tool Bar ROCKEYS UFS File name Size byte Properties ww ROOT DIR MF Bi1002 100 Data File 1004 122 Exe File Open Delete Create File Ed
89. e firstly generate a random number Then Process hardware information with the random number Pass the result into ROCKEY5 TIME In ROCKES TIME work out the hardware information and compare it with hardware information which is obtained by C51 interface Cracker will only get some random values since an algorithm is inside dongle The software cannot be cracked 3 2 3 Make Input Output Maze Some crackers use USB analyzer to catch transported data between dongles and PC Even the communication Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY between ROCKEY5 TIME and PC is encrypted it is strongly recommended to add some customized security algorithms For example encrypt arguments before passing to internal programs Internal programs firstly decrypt arguments then begin to calculate 3 2 4 Build Application with 3DES and RSA ROCKEY5 TIME uses 32 bit smart card chip which provides high performance 3DES and RSA calculation capacity 3DES and RSA can be used for C S B S software as well as single version software Here take the C S software for example lt 1 gt ROCKEYS TIME Private Key Public Key lt 1 gt ROCKEY5 TIME is attached on server It contained user defined algorithm and RSA private key lt 2 gt Server Algorithm Figure 3 2 6 1 3DES and RSA lt 2 gt Server application processes data which come from clients and
90. e www FTsafe com
91. e Please see the figure below Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN lt EY5 TIME USER GUIDE WE BUILD SECURITY EY5 TIME USER GUIDE File Path Select a File Type Figure 4 4 3 Select a File File Type There are two file types Program and Data If customers want to protect programs please add PE files or Net files such as EXE DLL ARX VB Net and C Net If select data please add PDF Flash and Video files 1 gt If select Data click button to add files Please see the figure below O ROCKEY video v 2 ega en Fash protecton wn Flash protection WMV PDF protection ePass WMV PDF protection avi RS time avi R4Smart remote update WMV R6S WMV Vedio Protection_en wmv Video Protection in IE en wmv Figure 4 4 4 Add Files After selected Envelope will automatically generate output path Please see this figure Website www FTsafe com FEITIAN WE BUILD SECURITY File Path Select a File Type Data Nj Input C Documents and Settings Fei ti an Deskt op Rockey Output C Documents and Settings Feitian Desktop enc_Ro Figure 4 4 5 File Path Click OK to continue and you ll see the figure below Feitian Shell Protect Center 1 0 11 119 00000000 No 0000000000000000 Figure 4 3 6 Envelope In left panel there are several options
92. e as same as the handle returned by RY5_Open kid in The key pair ID that ranges from 1 to 8 pBuf out The pointer points to the buffer for storing the data to be decrypted len in The data length must be a multiple of 128 Note E The key pair ID ranging from 1 to 8 E The data length must be a multiple of 128 E For RSA RY5_PublicDecrypt is usually for decryption but also working for decrypting of private key Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example RY_HANDLE handle 0 device handle DWORD retcode error code int count 0 the found dongle count char vendorID 10 A8C3E6FD vendor ID int i Copyright Feitian Technologies Co Ltd Website www FTsafe com EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY find retcode RY5_Find vendorID amp count find the certain vendor ID s dongle if retcode RY5_SUCCESS printf r n RY5_Find error error code 8X r n retcode return printf r n RY5_Find the found dongle count d r n count for i 1 i lt count i open retcode RY5 Open amp handle i open the dongle whose No is i if retcode RY5 SUCCESS printf r n RY5 Open error error code 08X r n retcode return printf r n RY5_Open success open dongle r n i Public Encrypt int kid 1
93. e type typedef Md5Context PMd5Context The pointer pointing to MD5_CONTEXT m File structure typedef struct _FILE_INFO WORD wFilelD File ID BYTE bFileType File type WORD wFileSize File size EFINFO PEFINFO M File type enum FILE_TYPE_EXE 0x00 executable file FILE_TYPE_DATA data file FILE_TYPE_RSA_PUBLIC RSA public key file FILE TYPE RSA PRIVATE RSA private key file MH Create file enum FEITIAN WE BUILD SECURITY lt EYS TIME USER GUIDE if the file is already existed open the file Otherwise create it and then open CREATE OPEN ALWAYS 0x00 create and open the new file if the file is existed then return error CREATE FILE NEW open existed file as open CREATE_OPEN_EXISTING E Hardware information enum GLOBAL_SERIAL_NUMBER 0x00 get 8 byte series GLOBAL_CLIENT_NUMBER get 4 byte vendor ID GLOBAL COS VERSION get 2 byte COS version E Encryption Decryption and signature enum RSA_CALC_NORMAL 0x00 no encoding and just calculate RSA_CALC_HASH Hash the imported value and encrypt by private key RSA_CALC_PKCS encrypt by PKCS 1 standard 6 12 Error Code Error code define RY5 C51 SUCCESS 0x00000000 Success define RY5_C51_UNKNOWN 0x00000001 unknow error Website www FTsafe com FEITIAN WE BUILD SECURITY define define define define define define define define define
94. ect an update package Then click Update Test button to test If failed to test users need to check errors based on error code Please refer section 7 2 1 Due to ROCKEY5 TIME needs private key to decrypt update package customers must import private key before updating Please refer section 4 2 4 Public key is not recommended to be imported in dongle 4 2 7 Time Management For detailed information about Time Management please refer section 3 2 6 This section will introduce how to use Time Management in User Tool Click Time Management button to show the following figure Copyright Feitian Technologies Co Ltd Website www FTsafe com F EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY Rockey5 TIME tool User mode FEITIAN xx Basic Functions PSWD Management 21 13 2011 3 02 58 pr Setting 7 Remote Update 2 The Resaininy Hous V Time limit on COS Time management Figure 4 2 7 1 Time Management E Current Time Setting Click Read button to get the current time setting in COS E Set Expiration Date Customers could set COS expiration date or remaining hours Click Setting button to finish setting If failed to set users need to check errors based on error code Please refer section 7 2 1 Note Only Developer Mode supports setting time in COS 4 2 8 Initialization Software can use Bath Initialization function to initialize ROCKEY5 TIME
95. en KEY iia laica CAOS Na e an 6 4 17 rsa verify NN ES A NN 6 6 Clock FUNCION iia Desc 6 7 Double precision Floating point Calculation 6 6 1 get_time_limit OLMO poa obio Da A NN 6 7 6 mod Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEIT WE BUILD SECURITY AN Y5 TIME USER GUIDE 6 7 10 Idexp DA I sacnstapiedeiautvecevevses OSADO ti n FAS Rr sotdebnerseasdevaveus E ERE 6 7 14 asin 6 7 15 acos 6 7 16 atan 6 7 17 sinh 6 7 18 cosh 6 7 19 tanh X Chee ABO O A Y Ar a E Lo OPE PS OO II NS ER earn eee eRe eee 67 2 A E E cee ceereecr rer eererencpeecere PS scccvevcccte EE EA EE tere seeevdsoderandescuduaceuevaddecuestvesadensedsncsubes bas stesverecovsaesosacend ovaeenssevevesweueens DAN OB esc cece aes tant E E hes cate Cove eagan ea aut E E stave aay E iene testa eimea tee aera ee 6 7225 NOB 10 iii A Seta ER RE ee deeds Shae Bete 98 6 7 26 sqrt 6 7 27 cmp 6 8 Single Precision Floating Point Calculation cescceeseeceseeeeeeeeeaceceaeeceseecesceeaeceeaeeeeaeeseaeeceaeeeteaeeseaeenaes 99 ol ea icon 99 A A A 100 ON aio la acia 100 A A A a E costa cc an te0s aancaassnvegs ot a e sk ch scsi cususneessevnise Sates E edt esac 100 6 8 5 atan2f 101 ENTEL OP Eo go A E 101 6 B27 P W sa hissa r r aaa A a a Ra al la a 101 BO assa kaka aaa Erin ua ua a ai BA gn Hl AN BERG AGNAR ab BR ung a
96. ent offset address 0 read length 10 if retcode RY5_SUCCESS printf r n RY5_Read error error code 08X r n retcode return printf r n RY5_Read success read content 08X r n buf close retcode RY5 Close handle TRUE close dongle and clear safe flag if retcode RY5 SUCCESS Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE printf r n RY5_Close error error code 08X r n retcode return printf r n RY5_Close success close dongle r n i 7 1 12 RY5_Write DWORD WINAPI RY5_Write RY_HANDLE handle int offset BYTE pinbuf int len Objective Write data to the low data area of dongle RY5_Open must be called to open the device before this function is called Parameters handle in Device handle which is the same as the handle returned by RY5_Open offset in Offset address pInbuf in The pointer points to the buffer for storing the content to be written len in The written data length Note The data area is 8192 byte 0 7168 bytes are in the lower zone 7169 8192 bytes are in upper zone This function can only be called to write data in lower zone 0 7168 Return value Success returns RYS_ SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example i RY_HANDLE handle device handle
97. er Return value Success returns O Other return means failure For more detail check the error list in section 6 12 Example BYTE xdata bRes 0 float xdata fRes DOUBLE xdata dx dx 1 0 0x00 0x00 OX00 OXB0 Ox OxB0 OXFO Ox3F DOUBLE_INIT dx 1 0 bRes dbltof amp fRes dx if bRes 0 _set_response 1 amp bRes _exit _set_response 4 amp fRes output 0x3F 0x80 0x00 exee _exit Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY 6 10 2 ftodbl BYTE ftodbl DOUBLE result float x Objective Convert Single Precision Floating Point number to double precision floating point Parameters result out Double precision floating point number Xx in Single Precision Floating Point number Return value Success returns O Other return means failure For more detail check the error list in section 6 12 6 10 3 dbltol BYTE _dbltol long result DOUBLE x Objective Convert double precision floating point to 32 bit signed int Parameters result out The address of 32 bit signed int Xx in Double precision floating point Return value Success returns O Other return means failure For more detail check the error list in section 6 12 6 10 4 Itodbl BYTE _Itodbl DOUBLE result long x Objective Convert 32 bit signed int to double precision floating point Parameters result out Double precision floating
98. error error code 8X r n retcode return printf r n RY5_Close success close dongle r n i 7 1 14 RY5_ReadShare DWORD WINAPI RY5_ReadShare RY_HANDLE handle int offset BYTE pbuf int len Objective Read the share memory area of dongle RYS_Open must be called to open the device before this function is called Parameters handle in Device handle as same as the handle returned from RY5_Open Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY offset in offset address The position to read data from pbuf out The pointer points to the buffer for storing the read content len in Read length Note The size of the shared memory is 32 bytes Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example RY_HANDLE handle 0 device handle DWORD retcode error code int count 0 the found dongle count char vendorID 10 A8C3E6FD vendor ID int i find retcode RY5 Find vendorID amp count search the certain vendor ID s dongle if retcode RY5 SUCCESS printf r n RY5_Find error error code 88X r n retcode return printf r n RY5_Find the found dongle count d r n count for i 1 i lt count i open retcode RY5_Open 8handle i open dongle i if retcode RY
99. evice handle which is the same as the one returned by RY5_Open offset in Offset address where reading operation starts from pOutbuf out The buffer pointer len in Read length Note Memory space is 8 KB 0 7178 bytes are in lower zone 7168 8192 bytes are in upper zone Return value Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example RY_HANDLE handle 0 device handle DWORD retcode error code int count 0 the dongle count char vendorID 10 A8C3E6FD the vendor ID int i find retcode RY5 Find vendorID amp count search certain vendor ID s dongle if retcode RY5 SUCCESS printf r n RY5_Find error error code 8X r n retcode return printf r n RY5_Find success the dongle count d r n count for i 1 i lt count i open retcode RY5 Open amp handle i open dongle i if retcode RY5 SUCCESS printf r n RY5_Open error error code 08X r n retcode return printf r n RY5_Open success open dongle r n i Read Memery int offset 0 offset address int len 10 read length BYTE buf 30 store the data memset buf sizeof buf retcode RY5_Read handle offset buf len read the data area cont
100. ewID 19 0 18 bytes long data ConvertID cOldID cNewID go to convert printf s n cNewID Here we re write the conversion algorithm in a C51 manner tinclude RY5_C51 h tinclude lt string h gt unsigned char ze 1d 9 10 char Ai 11 1 x 9 8 void main void ine i j S byte ID 15 newID 18 s 0 Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY if wInLen 15 Whether the length of input data is 15 bytes long _exit memcpy ID pbInBuff 15 Store input data into an array memcpy newID 1D 6 newID 6 1 newID 7 9 memcpy new1D 8 ID 6 9 for i 0 1 lt 17 i j newID i 48 wi i s s 11 newID 17 Ai s _set_response 18 newID Output new data _exit Exit In C51 program there are two parameters winLen and pblnBuff winLen stores the length of the data which is passed by external programs pbinBuff stores input data Please refer section 6 2 1 Customers can use KEIL to compile C51 programs and build binary files Binary files can be burned into ROCKEY5 TIME by using the following two methods 1 Use ROCKEY5 TIME utilities Please refer section 4 2 2 Use ROCKEY5 TIME API Please refer section 7 1 16 and 7 1 17 In this example we imported the binary into ROCKEY5 TIME and set the File ID to Ox0001 Here is the modified external program i
101. exit RSA decrypts with length of 128 bytes Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY bRes rsa dec RSA CALC PKCS RSA CALC BIT 1024 wPriKeyFilelD 128 ciphertext if bRes 0 _set_response 1 8bRes _exit _set_response 128 ciphertext _exit 6 4 16 rsa_sign BYTE_rsa_sign BYTE bMode WORD wFilelD WORD wLen void pvData Objective Sign the data by using RSA private key Input parameters bMode in Signature mode Check Table 6 8 wFilelD in Private Key ID wLen in The length of the signing data pvData in out Input is the data to be signed and output is the signed data Note E The signature generating requires hash computing The hash algorithm for this function is SHA1 and generates 20 bytes output data The signature requires following PKCS 1 standard padding 108 bytes 0x00 0x01 OxFF 0x00 in front of the hashed value 20 bytes and then going to be signed In order to meet the Microsoft CAPI standard padding 15 bytes 0x30 0x21 0x30 0x09 0x06 0x05 Ox2b Ox0e 0x03 0x02 Oxla 0x05 0x00 0x04 0x14 instead And then pad 93 bytes 0x00 0x01 OxFF 90 times Ox00 to sign There are four signature modes Each mode should be used with a matched RSA key length Please refer to the table below Name Value Description The length of data to be signed bytes RSA CALC NORMAL 0x00 Sign
102. ey lin out The 16 bytes buffer for storing AES key bLen in The cipher data length pvData in out Pointer points to the cipher text buffer Return value Success returns O Other return means failure For more detail check the error list in section 6 12 Example BYTE xdata bRes 0 the cipher text needs to be decrypted as a multiple of 16 Char xdata text 16 0x9A 0xB9 0xB1 0x88 0xB1 0x6A 0x62 0x40 0x8A 0x52 0x49 0x96 0x8A 0XB8 0XB2 0 AES key 16 bytes BYTE xdata aeskey 16 Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEYS TIME USER GUIDE WE BUILD SECURITY 0x00 0x11 0x22 0x33 0x44 0x55 0x66 0x77 0x88 0x99 08xaa 0xbb 8xcc B8xdd 0xee 0 sane bRes _aes dec aeskey 16 text duplicate buffer if bRes 0 _set_response 1 amp bRes _exit _set_response 16 text _exit 6 4 5 tdes_enc BYTE _tdes_enc const void pvKey BYTE bLen void pvData Objective 3DES encryption function 3DES key is 16 bytes and it requires messages whose length is a multiple of the block size 16 bytes Or messages have to be padded to bring them to this length The encrypt mode is ECB and for the other mode like CBC needs to be developed by oneself Input parameters pvKey in The 16 bytes buffer store 3DES key bLen in The cipher data length pvData lin out The plain text as input and cipher text as output Return value Su
103. f j buf j j retcode RY5_3DES handle kid FLAG_ENCODE buf len 3DS encode if retcode RY5 SUCCESS printf r n RY5_3DES FLAG_ENCODE error error code 08X r n retcode return printf r n RY5_3DES FLAG_ENCODE success r n memset buf sizeof buf retcode RY5_3DES handle kid FLAG_DECODE buf len 3DES decode if retcode RY5_SUCCESS printf r n RY5_3DES FLAG_DECODE error error code 08X r n retcode return printf r n RY5_3DES FLAG_DECODE success r n close retcode RY5_Close handle TRUE close the dongle and clear the safe flag if retcode RY5_SUCCESS Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY 5 TIME USER GUIDE printf r n RY5_Close error error code 8X rin retcode return printf r n RY5_Close success the No d dongle was closed r n i 7 1 28 RYS_ Update DWORD WINAPI RY5_Update HANDLE handle BYTE pbuf int len Objective Remote update the data on dongle RYS_Open must be called to open the device before this function is called Parameters handle in Device handle as same as the handle returned by RYS_Open pBuf in out The pointer points to the buffer for storing the data to be updated len in The data length Note E The data structure of update package typedef struct BYTE sn 8 hardware ID FFFFFFFFFFFFFFFF represe
104. float x Objective The common logarithm of Single Precision Floating Point number Input parameters Xx in Single Precision Floating Point number Return value Return the result of the function 6 8 24 sqrtf float _sqrtf float x Objective The square root of Single Precision Floating Point number Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY IME USER GUIDE Input parameters xX in Single Precision Floating Point number Return value Return the result of the function 6 9 Time Functions ROCKEY5 TIME with built in clock chip as independent timing system does not reply on the computer system time This way enhances the encryption security greatly The secure design for hardware ensures tampering internal time on chip is impossible The program in dongle can not run unless the setup time is older than the time in dongle The time in ROCKEY5 TIME is UTC standard time and the time error is less than 10 minutes per year For one who needs to change to the local time one should set up by oneself For example get the timer chip clock as 10 00 AM change it to Beijing local time UTC 08 00 as 18 00 The battery in dongle can work more than three years Besides that when the dongle connects to the computer there is no electric consuming for the battery Even through the battery is out of work the function not related to timing can still work 6 9
105. for application E Software security The user s kernel algorithm can be put in the smart card and runs inside the smart card Under the smart card OS the program can be partly executed in ROCKEY5 TIME and the algorithm only exchange data with computer through USB port The developer s program is unable to be cracked due to its invisibility in computer and impossible to get the code running in ROCKEYe3 TIME Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY Chapter 2 Basic Concepts of ROCKEY5 TIME 2 1 Developer Password ROCKEY5 TIME provides Developer Password for software manufacturers When a ROCKEY5 TIME is re attached to a PC the security level will be reset to no authenticated status Please note When a ROCKEY5 TIME dongle is closed such as calling RYS_Close RY_HANDLE handle BOOL IsReset function if the IsReset parameter is TRUE the data stored in device memory and the security status will be all cleaned If the IsReset is FALSE nothing will be cleaned Developer Password 24 bytes is used for software manufacturers The main function of Developer Password is to configure the ROCKEY5 TIME hardware such as creating files deleting files and so on The length of the Developer Password is 24 bytes The default value is 123456781234567812345678 and the hexadecimal value is 0x31 0x32 0x33 0x34 0x35 0x36 0x37 0x38 0x31 0x32 0x33 0x34 0x35 0x36 0
106. fyDevPin success r n close retcode RY5_Close handle TRUE close dongle and clear the safe flag if retcode RY5_SUCCESS printf r n RY5_Close error error code 08X r n retcode return printf r n RY5_Close success close dongle r n i Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE 7 1 9 RY5_SetVendorlD DWORD WINAPI RY5_SetVendorID RY_HANDLE handle char pSeed int len char pOutVendorID Objective Set vendor ID RY5_Open must be called to open the device and the developer password needs to be verified before this function is called Parameters handle in The device handle return value is the same as the one returned by RY5_Open pSeed in The pointer points t o the seed len in The length of seed pOutVendorlD out The pointer points to vendor ID Note E The vendor ID from user is a string with the maximum length of 250 bytes E The developer ID must be verified before this function is called Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example RY_HANDLE handle 0 the device handle DWORD retcode error code int count 0 dongle count char vendorID 10 A8C3E6FD vendor ID char pInPin 30 123456781234567812345678 the developer password int pRemainCount 0 the retry
107. he divisor Return value Return the result of arctangent calculation 6 8 6 fmodf float _fmodf float x float y Objective The modulo function of Single Precision Floating Point Input parameters Xx in The dividend y in The divisor Return value The result of the modulo function 6 8 7 powf float _powf float x float y Objective The power function of Single Precision Floating Point Input parameters x in The base number y in The index number Return value The result of the power function Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY lt EY5 TIME USER GUIDE 6 8 8 cmpf char _cmpf float x float y Objective The comparsion of two Single Precision Floating Point Input parameters Xx in Single Precision Floating Point number y in Single Precision Floating Point number Return value Return O representing equality Returns 1 representing x lt y Returns 1 representing x gt y Example float xdata fx float xdata fy char xdata cRes e 499 fy 2 0 cRes _cmpf fx fy _set_response 1 amp cRes return OxFF 1 _exit 6 8 9 sinf float _sinf float x Objective The sine function Input parameters x in Radian value Return value Return the result of the function 6 8 10 cosf float _cosf float x Objective The cosine function Input parameters Copyright Feitian Technolog
108. ia caia 437 EXPOrta laa A aa A o O 4 3 9 Oth r FUNCTIONS ninna ana ab a cee awe de eee Sees Se ER AREA ee EE RI A nS 4 3 10 Menu Bar and Tool Bat cccsccsscssssesssecssecssecsscecsnecsseeseeeccseecsueseneesacescaeeseeeseaeecsuecesesaseeseneeeseeseeeseaeeseseseeessesseeseneese 49 4 4 ROCKEYS TIME Envelope siss tn i A A dia 50 Chapter 5 Advanced Use of ROCKEYS TIME cccccsssssssscsccceccscssssssceccccccscassssccecsssscscssssssesessssnsssssssssssssseasesss DO Chapter 6 ROCKEY5 TIME System Function C51 00000 e 0000 0000 eens DO S A D h a asna rings FJ R an na rn RN vin luti 6 2 Input and Output 6 2 1 pbInBuff and winLen 6 252 SEL_TES PONS irc ida 6 2 3 SWAP aseesta enir o aaia ia ee a i sae cudaascedudeesdavabesnaaechvseiesababien EEEa i aE aE naaa 6 3 File Op rati mancanii na Eaa aa aE aE E SRE M E NA 6 3 3 close mE E A E tussa klaga din sandinn sa A aa a SE aa E ch BAR Gap Ea En sal anal sd b ai ad v 6 3 6 Bet file info ecaro susana A A a n BA Ea EE aaa E E a Taa Gr Eaa E EEE RENEA AEE DAN eo aa E a RE ici 6 5 System Functions 6 4 1 des_enc 6 4 2 des_dec 6 4 3 aes_enc 6 4 4 aes_dec a ST TUES LOINC ETT A E meee aneeeene SR A E E E A E E AT oa ti Shad Mite tees co E A a BSR a E E AT RO A A E E E ld R A Ry Sa EAS 6 4 9 Shad TiAl E E E a al E FEB SKE 6 4 10 md5_init e CALL MOS UP aia AA NA A A NN A NE GA 15 50 B
109. ies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY x in Radian value Return value Return the result of the function 6 8 11 tanf float _tanf float x Objective Tangent function Input parameters Xx in Radian value Return value Return the result of the function 6 8 12 asinf float _asinf float x Objective Arctsine function Input parameters Xx in The sine value Return value Return the result of the function 6 8 13 acosf float _acosf float x Objective Arccosine function Input parameters Xx in The cosine value Return value Return the result of the function FEITIAN WE BUILD SECURITY EY5 TIME USER GUIDE 6 8 14 atanf float _atanf float x Objective Arctangent function Input parameters Xx in A tangent value Return value Return the result of the function 6 8 15 sinhf float _sinhf float x Objective The hyperbolic sine function Input parameters X in Radian value Return value Return the result of the function 6 8 16 coshf float _coshf float x Objective The hyperbolic cosine function Input parameters x in Radian value Return value Return the result of the function 6 8 17 tanhf float _tanhf float x Objective The hyperbolic tangent function FEITIAN WE BUILD SECURITY Y5 TIME USER GUIDE Input parameters x in Radian value Return value Return the result of the functi
110. ies Co Ltd Website www FTsafe com FEITIAN RO WE BUILD SECURITY lt EY5 TIME USER GUIDE 2 The string does not need reversing In C51 char xdata buffer HELLO _set_response 6 buffer Pass HELLO In C int main int argc char argv char cBuffer 1024 pass the result from ROCKEYS TIME to cBuffer printf s n cBuffer The output print is HELLO 6 2 3 swap void swap void pvData unsigned short wLen Objective Reverse the data sequence When import the data in type of int long word dword float and double reversing is required Sugguestion To enhance the performance reversing process is better running in external program Input parameters pvData in the storage address for reversing data wLen in the length of data Return value N A Example char xdata buffer HELLO _swap buffer 5 After reversing buffer is OLLEH 6 3 File Operation 6 3 1 create BYTE _create WORD wFilelD WORD wsSize Copyright Feitian Technologies Co Ltd Website www FTsafe com F EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY BYTE bFileType BYTE bFlag HANDLE pHandle Objective Create file The user is enabled to create the data file executable file and key file in ROCKEY5 TIME Input parameters wFilelD in The file ID 2 bytes wSize in The size of the file 2 bytes
111. incorrect pin define RY5_DF SIZE OxF000000D not enough space for target directory Hdefine RY5_FILE_EXIST OxF000000E the file already exists define RY5_UNSUPPORTED OxF000000F unsupported function or system define RY5_FILE_NOT_FOUND OxF0000010 file not found define RY5_ALREADY_OPENED OxF0000011 already opened Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY Hdefine Hdefine Hdefine Hdefine Hdefine Hdefine define define define define define define RY5_DIRECTORY_EXIST RY5_CODE_RANGE RY5_INVALID_POINTER RY5_GENERAL_FILESYSTEM RY5_OFFSET_BEYOND RY5_FILE_TYPE_MISMATCH RY5_PIN_BLOCKED RY5_INVALID_HANDLE RY5_ERROR_UNKNOWN RY5_FUNC_EXPIRED RY5_HW_CLOCK_BROKEN Oxf0000cxXx OxF0000012 OxF0000013 OxF0000014 OxF0000015 OxF0000016 OxF0000017 OxF0000018 OxF0000019 OxFFFFFFFF 0x00000017 0x00000018 Oxf0000cXX YS TIME USER GUIDE the directory already exists memory overflow the invalid pointer of virtual machine the error of general file system the offset beyond the size of file mismatch of the file type pin locked invalid handle unknown error COS expired hardware clock broken the failure of the pin verification xx represents the remaining time ranging from O to OxFF OxFF means no limits Copyright O Feitian Technologies Co Ltd Websit
112. ind the certain vendor ID s dongle if retcode RY5_SUCCESS printf r n RY5_Find error error code 8X r n retcode return printf r n RY5_Find the found dongle count d r n count for i 1 i lt count i open retcode RY5_Open 8handle i open the dongle whose No is i if retcode RY5 SUCCESS printf r n RY5_Open error error code 08X r n retcode return Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY printf r n RY5_Open success open dongle No d r n i Nerify DevPin char pInPin 30 123456781234567812345678 developer password int pRemainCount 0 developer password retry times verify developer password retcode RY5 VerifyDevPin handle pInPin amp pRemainCount if retcode RY5 SUCCESS printf r n RY5 VerifyDevPin error error code 08X pRemainCount d r n retcode pRemainCount return printf r n RY5_VerifyDevPin success r n Create File WORD fileID 0x1002 offset address int fileSize 100 thelength of data to be written To create internal data file in dongle File ID 1002 length 100 bytes retcode RY5 CreateFile handle fileID fileSize FILE_TYPE_DATA if retcode RY5 SUCCESS printf r n RY5_CreateFile error error code 8X r n retcode return printf r n RY5_CreateFile
113. ion mode and remainder time mode When the software is expired the user will be unable to use the software except remote updating from Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY IME USER GUIDE developer to restart the function E Comprehensive System Support The ROCKEY5 TIME dongle supports various Windows operating systems The encrypted application programs support the following platforms Windows 2000 XP Server 2003 Vista 2008 Windows 7 E Various Software Interfaces Software interfaces are available for almost all popular development tools such as PB DELPHI VB VC C BUILDER C and Java C51 etc 1 3 Software Protection ROCKEY TIME uses many advanced encryption technologies and it s the top software protection dongle E Hardware security ROCKEY5 TIME dongle uses smart card as the hardware kernel Smart card is used in bank finance and other fields Security is the most important Smart card factory uses special hardware design to ensure anti crack anti trace and other safety precautions The new generation smart card contains CPU RAM EPROM FLASH and other modules It s same with a mini computer This feature is the foundation for us to use vary complicate security protocol E Hardware compatibility ROCKEY5 TIME dongle is designed as driverless HID device without any requirement for additional driver installation but provides high speed
114. it File Import File Export File Figure 4 3 9 3 Refresh New Create a new virtual file Open Open an existed virtual file Save Save virtual file in default type Save as Save virtual file in other type Exit Exit VFSM Table 4 3 10 1 Menu Delete Delete a file New File Create a file Edit File Edit a file Import File Import a file Export File Export a file Table 4 3 10 2 Edit Tool bar Hide Show tool bar Status bar Hide Show status bar Tree View Hide Show Tree View Copyright Feitian Technologies Co Ltd Website www FTsafe com Table 4 3 10 3 View F EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY New Open Save Hide Show Tree View Delete Edit Import Export Refresh S G A x 0 0 About Table 4 3 10 4 Tool Bar 4 4 ROCKEY5 TIME Envelope ROCKEY5 TIME provides Envelope to protect software Envelope enables to protect software without writing any code Even a non technical person he or she can protect software in several minutes Envelope provides a flexible and strong protection ROCKEY5 TIME Envelope supports lots of encryption techniques E Compressing encrypting and re building PE files Envelope uses high performance compression algorithm to compress code segment data segment import table resource segment and Envelope itself Compressed programs are smaller and hard to be re
115. it is only for specified ROCKEY5 TIME 3 2 6 Time Management Time Management is new feature of ROCKEY5 TIME With Developer Password customers can set expiry date of COS Time Management function provides two types of time limitation methods 1 Set software expiry date Software manufacturers set an expiry date UTC time into ROCKEY5 TIME If the expiry date is reached the decryption function will be locked and software cannot be executed anymore 2 Set software total use hours Software manufacturers set total user hours into ROCKEY5 TIME It records the elapsed time when software is running If the elapsed time is reached total hours the decryption function will be locked and software cannot be executed anymore Here are functions APIs that will be locked when software expired Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY 7 1 22 RY5_PublicEncrypt 7 1 27 RY5_3DES 7 1 23 RY5_PrivateDecrypt 7 1 30 RY5_AES 7 1 24 RY5_MD5 7 1 5 RY5_GetRandom 7 1 25 RY5_SHA1 Table 3 2 6 1 FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY Chapter 4 ROCKEY5 TIME Utilities Previous chapter demonstrate a whole process of using ROCKEY5 TIME In this chapter we will introduce the ROCKEY5 TIME utilities such as KEIL IDE ROCKEY5 TIME User Tool ROCKEY5 TIME Virtual File System Manager and ROCKEY5 TIME Envelope 4 1 KEIL IDE The internal executable
116. le file FilelD is in hex alue is from 1 to FFFF File size stand for the size that will be alloc in card 0 means that the file size will be automatically set by tool If the file name is empty the file size will be based on the input to create an empty file tea Figure 4 3 4 1 Import a File Input a file in Source File Disk field File size will be automatically filled in When manually input a file size if input file size is bigger than actual file size file will be padded with O If input file size is smaller than actual file size file will be cut 2 Right click on information list and select Import File to import a file Please see the figure below Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY NewVfs ROCKEY5 TIME Virtual File System Manager File Edit View Help Open Refresh Delete Create File Edit File Import File Export File Figure 4 3 4 2 Import a File 4 3 5 Open an Internal File There are two ways to open an internal file 1 Double click files in information list to open files Please see the figure below NewVfs ROCKEY5 TIME Virtual File System Manager i File Edit View Help E ROCKEYS UFS File name Size byte Properties A ap BOOT BIRCH lt 1004 122 Exe File Figure 4 3 5 1 Double Click to Open Open file to edit Later we will introduce how to edi
117. lt _set_response 128 signtext _exit 6 5 System Functions 6 5 1 rand BYTE_rand void pvData BYTE bLen Objective Get the random number Input parameters pvData out Get the address of random number bLen in The length of the random number Return value Success returns O Other return means failure For more detail check the error list in section 6 12 Example BYTE xdata bRes 0 BYTE xdata bRand 8 memset bRand 0 8 bRes _rand bRand 8 if bRes 0 _set_response 1 amp bRes exit _set_response 8 bRand _exit 6 5 2 get_version BYTE_get_version BYTE bFlag void pvData BYTE bLen Objective Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY lt EY5 TIME USER GUIDE Get hardware information Input parameters bFlag in Flag For the description of bFlag please refer to Table 6 10 pvData out The buffer address of storing information bLen in The buffer size GLOBAL_SERIAL_NUMBER serial number GLOBAL_CLIENT_NUMBER Vendor ID GLOBAL_COS_VERSION COS version Table 6 10 The hardware flag information Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 Example BYTE xdata bRes 0 BYTE xdata bSN 8 memset bSN 8 bRes get version GLOBAL SERIAL NUMBER bSN 8 if bRes 0 _set
118. n The dividend pMod in The divisor Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY Return value Success returns O Other return means failure For more detail check the error list in section 6 12 6 7 7 pow BYTE _pow DOUBLE result DOUBLE x DOUBLE pExp Objective The power operations of double precision floating point Input parameters result out The result of the power operations x in The base number pExp in The exponent number Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 6 7 8 modf BYTE _modf DOUBLE remain DOUBLE x DOUBLE intpart Objective Divide the double precision floating point number into integer part and the decimal fraction part Input parameters remain out The divided decimal fraction part x in The divided number intpart out The integer part Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 6 7 9 frexp BYTE _frexp DOUBLE result DOUBLE x WORD pExp Objective Divide the the double precision floating point into the exponentiation of 2 times of a decimal fraction Input parameters result out The decimal fraction part Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY x in The divided number oExp out Exponent number
119. n floating point please do not use DOUBLE_INIT function assign the double precision floating point variable in array way for example DOUBLE A to assign A to 1 0 memcpy amp A x3F xFO x00 x00 x00 x00 x00 x00 8 6 7 1 add BYTE _add DOUBLE result DOUBLE x DOUBLE y Objective The addition function of double precision floating point Input parameters result out The result of addition function x in The augend y in The addend Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 Example BYTE xdata bRes DOUBLE xdata dx dy dResult dxH1 0 0x00 0x00 Ox00 OXO xXOO xX O OxFO Ox3F DOUBLE_INIT dx 1 0 dy 2 0 0x00 Ox00 OXO OXO0 OXO0 OXBO OXO Ox40 DOUBLE_INIT dy 2 0 Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY EY5 TIME USER GUIDE bRes _add dResult dx dy if bRes 0 _set_response 1 8bRes _exit return double precision floating point 3 0 0x00 0x00 Oxee 4x0 Oxee Oxee 0x08 0x40 _set_response 8 amp dResult _exit 6 7 2 sub BYTE _sub DOUBLE result DOUBLE x DOUBLE y Objective Substraction function of the double precision floating point Input parameters result out The result of substraction function x in The minuend y in The subtrahend Return value Success returns 0 Other re
120. nclude stdafx h tinclude lt stdio h gt include lt windows h gt include RY5_API h void main int argc char argv 1 BYTE cOldID 16 110105720924001 BYTE cNewID 20 0 int newLen 19 char vendorID 10 A8C3E6FD RY_HANDLE handle DWORD dwRet 0 int dwCount 0 Find attached ROCKEY5 TIME and returns the number of attached ROCKEY5 TIME dwRet RY5_Find vendorlD g8dwCount if dwRet RY5_SUCCESS 88 dwRet printf RY5 Find Error x 8x n dwRet return Copyright Feitian Technologies Co Ltd Website www FTsafe com F EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY Open ROCKEY5 TIME dwRet RY5_Open ghandle 1 if dwRet RY5 SUCCESS printf RY5 Open Error x 8x n dwRet return Execute internal executable file File ID is 0x0001 dwRet RY5 ExecuteFile handle x 1 cOldID 15 cNewID amp newLen if dwRet RY5 SUCCESS printf RY5 ExecuteFile Error x 8x n dwRet return Close ROCKEY5 TIME RY5_Close handle true Print out the result printf s n cNewID From this example it is obviously that we cannot find any clues about the conversion algorithm All algorithm entity is inside ROCKEY5 TIME Crackers trying to crack on PC will only get old data and new data They cannot reverse the algorithm And the new data will be got only when ROCKEY5 TIME is attached Due to the highest security level smart card chip the internal pr
121. ndorWrite DWORD WINAPI RY5_VendorWrite RY_HANDLE handle int offset BYTE plnbuf int len Objective The developer writes data to the data area The function is only used by developer RY5_Open must be called to open the device and the developer password needed to be verified before this function is called Parameters Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE handle inDevice handle which is the same as the one returned by RY5_Open offset inThe offset address pInbuf in The pointer points to the buffer for storing data to be written len in Write length Note MH The data area is 8192 byte 0 7168 byte is the low level store area 7169 8192 byte is high level store area EM This function can write data to all data area Only developer can call this function and RY5_VerifyDevPin needs to be called before calling this function Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example RY_HANDLE handle 0 device handledevice handle DWORD retcode error code int count 0 the dongle count char vendorID 10 A8C3E6FD vendor ID int i find retcode RY5_Find vendorlD amp count find the certain vendor ID s dongle if retcode RY5 SUCCESS printf r n RY5_Find error error code 8X r n
122. nologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE printf r n RY5_LEDControl success LED on r n close retcode RY5_Close handle TRUE close dongle and clear the safe flag if retcode RY5_SUCCESS printf r n RY5_Close error error code 08X r n retcode return printf r n RY5_Close success close the dongle r n i 7 1 8 RY5_VerifyDevPin DWORD WINAPI RY5_VerifyDevPin RY_HANDLE handle char pinPin int pRemainCount Objective Verify the developer password RY5_Open must be called to open the device before this function is called Parameters handle in The device handle which is as same as the one returned by RY5_Open plnPin in The pointer points to the string of developer password pRemainCount out The pointer points to retry times of developer password Note E The developer pin has not retry limits by default If developersets set the retry times the dongle can be locked when reaching retry times The default developer password is 123456781234567812345678 M fitis successful called pRemainCount returns O E Returned error code OxFOOOOCXX means developer password error and the last two bits XX is the retry limits The return value of pRemainCount is the developer password retry times 0 locked 1 254 the remain time 255 no limits E When the function return other error code pRemainCo
123. ns failure for more detail check the error list in section 6 12 Example HANDLE xdata hFile 0 BYTE xdata bRes 0 Create a data file of 16 bytes x1 and ID as 0x1008 bRes create 0x1008 0x10 FILE_TYPE_DATA CREATE_OPEN_ALWAYS 8hFile if bRes 0 _set_response 1 8bRes _exit 6 3 2 open BYTE _open WORD wFilelD HANDLE pHandle Objective Open file Open the file in ROCKEY5 TIME E The data file and public key file can be read or written when opened E The private key file and executable file can be only written rather than read Input parameters wFilelD in File ID 2 bytes pHandle out Return file handle Return value Success returns 0 Other return means failure for more detail check the error list in section 6 12 Example word xdata wFid 0x1008 HANDLE xdata hFile 0 BYTE xdata bRes 0 bRes _open wFid amp hFile Open file Id is 0x1008 Copyright O Feitian Technologies Co Ltd Website www FTsafe com F EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY if bRes 0 _set response 1 8bRes _exit 6 3 3 close BYTE _close HANDLE handle Objective Close file To complete the operation of file close function is needed Note that a prerequisite to close the file is to open the file Input parameters handle in File handle which is retrieved by calling open function Return value Success returns 0 Other return means failure
124. ntf r n RY5_WriteShare was called successfully Written data s r n buf close retcode RY5 Close handle TRUE close the dongle and clear the safe flag if retcode RY5 SUCCESS printf r n RY5 Close error error code 8X r n retcode return printf r n RY5_Close was called successfully No d dongle was closed r n i Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY S TIME USER GUIDE 7 1 16 RY5_CreateFile DWORD WINAPI RY5_CreateFile RY_HANDLE handle WORD FilelD int Size int Type Objective Create file RYS Open must be called to open the device and the developer password needs to be verified before this function is called Parameters handle in Device handle as same as the handle returned by RYS_Open FilelD in File 1D Size out File size Type in File type Note E The free user space of ROCKEY5 TIME is 32k E File ID is 2 bytes For example 0x1002 and Ox009B Some IDs can only be used internally in ROCKEY5 TIME For more details please refer to appendix The file size not including the file property information 16 bytes needs to be defined when creating file For example creating a 100 bytes file size 100 the actual obtained space is 100 16 116 bytes E Type is used to set file type Please check the table below FILE_TYPE_EXE The executable file lt can be written once developer passw
125. nts no restriction of hardware ID BYTE type 0 public key file 1 private key file 2 key file 3 the 1024 byte read only area BYTE item tem 0 8 the key file for updating WORD offset offset address BYTE len the read in data length lt 115 byte BYTE data 115 the 115 byte data block UpdateData E The private key will be called to decrypt the update package when updating ROCKEY5 TIME It needs to be ensured that the private key for remote updating is located in the dongle The user can use the user tool in ROCKEY5 TIME to generate and import or use exsited API Note that the remote public key is not recommended to write to the dongle Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY YS TIME USER GUIDE E For more detail about the remote update please check 3 2 7 here introduces the APIs for remote updating Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example Ckeck RY5_GenUpdatePacket example 7 1 29 RY5_GenUpdatePacket DWORD WINAPI RY5_GenUpdatePacket RY_HANDLE handle char pLicSN int type int kid_offset BYTE pbuf int len BYTE pUPubKey BYTE pOutData int pOutLen Objective Generate the remote updating package RY5_Open must be called to open the device and the verification is needed for developer
126. ograms cannot be obtained by any person even the dongle manufacturers The ROCKEY5 TIME cannot be cracked if internal programs are complex enough and internal programs have not been leaked out Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEYS TIME USER GUIDE WE BUILD SECURITY Chapter 6 ROCKEY5 TIME System Function C51 The features have been described above including tool demonstration and encryption process In the following section the ROCKEY5 TIME system function interface is introduced The program on ROCKEY5 TIME is based on C51 which is basically identical to C As a subset of C it is specialized on hardware development with rich libraries There are three different modes when using C51 library compact mode compact_mode LIB small mode small_mode LIB and large mode large_mode LIB Small mode or large mode is highly recommended Due to the limit addressing range compact mode needs to be carefully used Note that to set different libraries just modify Memory Model check 4 1 2 for more detail The memory is divided into three areas 128 bytes data area 128 bytes idata area and 2k 256bytes xdata area The data area and xdata area stores C51 s variable and parameter The idata area is for exchanging argument in register if program declaration in this area it may be lost E Small mode small_mode LIB default variable declaration is in data area except adding xdata when
127. on 6 8 18 ceilf float _ceilf float x Objective The just integer not less than the Single Precision Floating Point number Input parameters xX in Single Precision Floating Point number Return value Return the just integer not less than the Single Precision Floating Point number 6 8 19 floorf float _floorf float x Objective The just integer not more than Single Precision Floating Point number Input parameters Xx in Single Precision Floating Point number Return value Return the just integer not more than Single Precision Floating Point number 6 8 20 absf float _absf float x Objective The absolute value of Single Precision Floating Point number Input parameters Xx in Single Precision Floating Point number Return value Return the absolute value of Single Precision Floating Point Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY Y5 TIME USER GUIDE 6 8 21 expf float _expf float x Objective Calculate the power of a number with e as base number and Single Precision Floating Point as index Input parameters x in The index number Return value Return the result of the function 6 8 22 logf float _logf float x Objective Natural logarithm of Single Precision Floating Point number Input parameters Xx in Single Precision Floating Point number Return value Return the result of the function 6 8 23 log10f float _log10f
128. ons for Target Target1 to get high efficiency and use default setting small model in Target Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY TIME USER GUIDE menu Please see the figure below Options for Target Target 1 Device Target Output Listing C51 A51 BL51 Locate BL51 Misc Debug Utities Intel 80C51BH Xal MHz 129 J Use On chip ROM Ox OxFFF Memory Model Small variables in DATA y Code Rom Size zz 64K program J Code Banking Start End far memory type support Banks B z Bank Area 2 0000 FF JP Save address extension SFR in interrupts Figure 4 1 2 1 Choose Small Model In Options for Target Target 1 page click Output page and tick both Create HEX File and Run User Program 1 Input hexbin exe test hex test bin in the text box The name test hex and test bin will be changed according to the name of the project Please copy hexbin exe in Utilities folder to the project folder Hexbin exe file is used to transfer the hexadecimal files into binary files Binary files are used to be imported into ROCKEY5 TIME Please see the figure below Options for Target Target 1 Device Target Output Listing C51 A51 BL51 Locate BL51 Misc Debug Utities Y Debug Information IV Browse Information Merge32K Heile IV Create HEX File HEX Format JHEX 20 y
129. or checking when needed There are also many developers only detect the existence of hardware such encryption ways are very easy to be cracked Later software protection dongles allow writing user defined algorithm However due to hardware limitation imported algorithms only accept addition subtraction left rotation right rotation calculations etc The most important thing is it cannot implement specific function of software Due to the smart card technology involved ROCKEY5 TIME can be used to implement some functions that only PC can support Software manufacturers could follow several steps to encrypt their software 1 Use high level programming language to develop software 2 Convert critical algorithms into C51 and build binaries Put converted binaries into ROCKEY5 TIME 3 Converted binaries are running inside ROCKEY5 TIME External programs pass arguments into ROCKEY5 TIME and receive results from ROCKEY5 TIME Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE Externa app ication Core Algorithm Figure 3 2 1 1 ROCKEY5 TIME Scheme Lots of business softwares such as CAD software project budget software and financial software contain lots of mathematical formulas It is very easy to protect these kinds of software with ROCKEY5 TIME ROCKEY5 TIME has capacity of calculating double precision floating point so it can calculate com
130. or encrypting decrypting data RY5_Open must be called to open the device before this function is called Input parameters handle in Device handle as same as the handle returned by RY5_Open Kid in The key pair 1D that ranges from 1 to 8 flag in O represents encryption and 1 represents decryption pBuf in out The pointer points to the buffer for storing the encrypted decrypted data len in The data length that must be a multiple of 16 Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 7 1 31 RY5_SetAESKey DWORD WINAPI RY5_SetAESKey RY_HANDLE handle int kid BYTE pKey Objective Set AES keys RY5_Open must be called to open the device before this function is called Parameters handle in Device handle as same as the handle returned by RY5_Open kid in The key pair ID that ranges from 1 to 8 pKey in out The pointer points to the buffer for storing 16 byte AES keys Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 7 1 32 RY5_GetRTCTime DWORD WINAPI RY5_GetRTCTime RY_HANDLE handle struct tm pRTC Objective Get the dongle time RYS_Open must be called to open the device before this function is called Parameters handle in Device handle as same as the handle returned by RY5_Open pbRTC in out It points to the struct tm
131. ord is verified or from other executable file in ROCKEYS TIME This file cannot be read in any circumstances FILE_TYPE_DATA Internal data file Write the data by executable file in ROCKEY5 TIME The external operation can delete and write but not rea after the verification of developer password FILE TYPE RSA PUBLIC RSA public key file The public key file can be written after the verification of developer password or just from the executable file in ROCKEY5 TIME Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE FILE TYPE RSA PRIVATE RSA private key file The private key file can be written after the verification of developer password or just from the executable file in ROCKEYS TIME No way to read private key Table 7 1 File type File type definition Hdefine FILE_TYPE_EXE O executable file Hdefine FILE_TYPE_DATA 1 data file Hdefine FILE TYPE RSA PUBLIC 2 RSA public key file Hdefine FILE_TYPE_RSA_PRIVATE 3 RSA private key file Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example E RY_HANDLE handle 0 device handle DWORD retcode error code int count 0 the found dongle count char vendorID 10 A8C3E6FD vendor ID int i find retcode RY5_Find vendorID amp count f
132. other ROCKEY5 TIME Click ENC amp DEC button in User Tool dialog the Encryption and Decryption interface will show as below Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USE WE BUILD SECURITY GUIDE Rockey5 TIME tool User mode FEITIAN ees onsinoatiey Action importing RSA pubjpri key Rd Key ID fi y Execute Standard Padding Import PSWD Management Remote Update Time management Algorithm RSA public key encryption v Key ID fi APP tn 9 Batch Initializes Figure 4 2 4 1 Enc and Dec interface E Generate and import key pair Customers can generate a key pair or import an existed key pair into ROCKEY5 TIME Select Operation and input the key number Then specify a file to be written for generated key pair or a file that contains existed key pair Click Execute button to generate or import If failed to run users need to check errors based on error code Please refer section 7 2 1 E Encryption and Decryption Input data length and directly edit data display area Or click Standard Padding to automatically write data Or import data from a file After this select an algorithm and specify a key to perform encryption decryption If failed to run users need to check errors based on error code Please refer section 7 2 1 4 2 5 Password Management Click Password Management to open the Pas
133. pin before this function is called Parameters handle in Device handle as same as the handle returned by RY5_Open pLicSN in The pointer points to the buffer for storing the hardware serial number type in The data type for updating kid_offset in The group ID of key pair to be updated or offset address pbuf in The pointer points to the buffer for storing the updating data len in The data length for updating pUPubKey in The buffer pointer stores the public key data pOutData out The pointer points to the buffer for storing the returned updating package Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE pOutLen out The pointer points to the buffer for storing the returned updating package length Note E If the package is only for certain dongle the parameter pLicSN needs to be set as its dongle s hardware serial number Else if pLicSN is NULL there is no restriction for hardware serial number E Definition of parameter type and the data type to update define Data_TYPE_PubKey O public key data Hdefine Data_TYPE_PriKey 1 private key data Hdefine Data_TYPE_3DesKey Data_TYPE_AESKey 2 3DES and AES share the same key data define Data TYPE Memory 3 8192 bytes data area define Data TYPE Time 4 update time limits pbuf value is the time 4 bytes time type 1 byte update time stamp 4 bytes E The parameter ki
134. plex trigonometric functions Based on this feature algorithms which can be only run in PC before now can be run inside ROCKEY5 TIME Crackers could only get the input and output but cannot know what was done inside ROCKEY5 TIME Without attaching ROCKEY5 TIME the calculation is not correct so that the software cannot continue Please note 1 The algorithm should be complex enough If the algorithm is too simple for instance an addition calculation crackers can guess it 2 As ROCKEY5 TIME is 32 bit smart card chip based it is fast enough for normal calculation If the algorithm is very complex customers can put part of the algorithm inside ROCKEY5 TIME 3 The algorithm should not be an open algorithm or leaked out algorithm 4 The returned result of internal algorithm should be taken part in calculation Do not use it for determine conditions Determine position is very easy to be found by cracker Above all are the most efficient ways to protect software Use ROCKEY5 TIME as a black box and pay more attention on protection skills If so the software will not be cracked 3 2 2 Check Logic inside ROCKEY5 TIME Software manufacturers can use API or C51 interface to get hardware information such as HID or VID As hardware information is unique software manufacturers should check them inside ROCKEY5 TIME to avoid being cracked Adding some random numbers into software will greatly increase the software complexity For exampl
135. point Xx in 32 bit signed integer Return value Success returns O Other return means failure For more detail check the error list in section 6 12 Copyright O Feitian Technologies Co Ltd Website www FTsafe com F EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY 6 10 5 dtof BYTE _dtof float presult DOUBLE px Objective Convert double precision floating point to Single Precision Floating Point number Parameters presult out Single Precision Floating Point number px in Double precision floating point Return value Success returns O Other return means failure For more detail check the error list in section 6 12 Example BYTE xdata bRes 0 float xdata fRes DOUBLE xdata dx dx is 1 0 0x00 0x00 0x00 Ox00 OXB0 Ax00 OXFO OX3F DOUBLE_INIT dx 1 0 bRes _dtof amp fRes dx if bRes 0 _set_response 1 amp bRes exit _set_response 4 amp fRes exit 6 10 6 ftod BYTE _ftod DOUBLE presult float px Objective Convert Single Precision Floating Point number to double precision floating point Input parameters presult out Double precision floating point pX in Single Precision Floating Point number Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY EY5 TIME USER
136. programs of ROCKEY5 TIME are written in C51 The grammar of C51 and C language is basically same C51 is mostly used in hardware programming field KEIL IDE compiles C51 source code and builds to bin file Bin files can be imported into ROCKEY5 TIME and be executed by calling API Please refer section 7 1 15 C51 IDE from KEIL Software Company is named uVision Customers can download the trail version from KEIL website http www keil com 4 1 1 Create a Project To create a new project open Project of KEIL uVision2 and click New Project Input the project name in the pop up dialog box and save it Choose 51 serial CPU when Options for Target Target1 appears Users need to re choose CPU for the existing project without 51 serial CPU Please see this figure Options for Target Target 1 Device Target Output Listing C51 A51 BL51 Locate BL51 Misc Debug Utities Database Genenc CPU Data Base Vendor Intel Device 80C51BH Use Extended Linker LX51 instead of BL51 Family MCS 51 Use Extended Assembler 4351 instead of 451 E 80 87L54 IMCS 51 CMOS single chip 8 bit microcontroller with 80 87L58 1 0 lines 2 Timers Counters 5 priority levels E 20314H Bytes ROM 128 Bytes on chip RAM 8032AH 8051AH 8052AH 80C152JA 20C152J8 80C152JC 80C152JD E 20C318H 80C32 CESE BA RNCKIFA Figure 4 1 1 1 Select 51 serial CPU 4 1 2 Set Project Options Click Project gt Opti
137. pted as a multiple of 8 char text 8 x5D 0x99 0x07 0x87 OxBO Ox67 0x37 0x87 3DES key 16 bytes BYTE xdata tdeskey 16 0x00 0x11 0x22 0x33 0x44 0x55 0x66 0X77 0x88 0X99 xAA OxBB O xCC xDD xEE xFF bRes _tdes_dec tdeskey 8 text duplicate buffer if bRes _set_response 1 amp bRes _exit the decrypted text 0x00 0x01 0x02 0x03 0x04 0x05 0x06 0x07 _set_response 8 text _exit 6 4 7 sha1_init BYTE _sha1_init PSHA_CONTEXT pCtx Objective The initialaztion is required before using SHA1 Input parameters pCtx in The address of the environment context SHA CONTEXT Environment context structure Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY lt EY5 TIME USER GUIDE typedef struct tagSHA CONTEXT DWORD h 5 DWORD dwTotalLength BYTEbRemainLength BYTEpbRemainBuf ROCKEY5_SHA_CBLOCK JSHA_CONTEXT PSHA_CONTEXT Return value Success returns O Other return means failure For more detail check the error list in section 6 12 Example Check the example of sha1_final 6 4 8 sha1_update BYTE sha1 update PSHA CONTEXT pCtx const void pvData BYTE bLen Objective SHA1 hash algorithm Input Parameters pCtx in The address of the environment context pvData in The hash data bLen in The length of hash data Return value Success returns O Other return means failure For more detail
138. r Flicker to control ROCKEY5 TIME s LED light E Generate Random Number Input the length of desired random number and click Generate button to get a random number Click Export button to save this number into a file 4 2 3 File Operation Click File Operations button to enter File Operations interface Please see figure below Rockey5 TIME tool User mode FEITIAN wren Operator cote nd wits ie Re ve pst O x File Type Executable fle y File Length gt FiewtHex Write Basic Functions gt File Operations G ENC amp DEC PSWD Management 4 Remote Update Time management Figure 4 2 3 1 File Operations E Write to File Select Operation File Path File Type and input file size and file ID one by one Then click Write button Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY KEY5 TIME USER GUIDE to write files into ROCKEY5 TIME If failed to write users need to check errors based on error code Please refer section 7 2 1 Operation create file write file create empty file import file from Virtual File System File Type executable file data file public key file and private key file Please refer section 2 7 1 E Execute a File Only executable files can be executed At first input the length of input data Then go to the data display area to input data Or click Import
139. r to section 4 2 6 or API refer to section 7 1 28 and 7 1 29 to generate and send an update package to end users and end users use a corresponding tool to to update internal files refer to section 3 2 7 In this way ROCKEY5 TIME dongles needn t to be sent back to software manufactures Such an update tool is included in SDK Different internal executable files share the shared memory zone They use shared memory zone to share data This way is more efficiency and cost less hardware consumption Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEYS TIME USER GUIDE WE BUILD SECURITY Chapter 3 Software Protection Paradigms In the previous chapter we have introduced many functions of ROCKEY5 TIME How can these functions be used to protect applications This chapter will introduce some software protection techniques and paradigms All protection methods in this chapter can be found on the Internet or from books So the best software protection solution is that customers design their own unique protection method 3 1 Some Simple Skills For software protection knowing assembly language or system knowledge is not a necessary requirement Whatever the software protection skill is chosen the key point is to check some conditions If the condition is met programs can be allowed to continue running Otherwise report some messages and exit Whatever customers try to remove these codes these codes are
140. recision floating point number Return value Success returns O Other return means failure For more detail check the errol list in section 6 12 6 7 27 cmp char _cmp DOUBLE x DOUBLE y Objective The comparsion of the two double precision floating point numbers Input parameters Xx in Double precision floating point number y in Double precision floating point number Return value Return 0 representing equality Returns 1 representing x lt y returns 1 representing x gt y Example Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY char xdata cRes 0 DOUBLE xdata dx dy dx is 1 0 0x00 0x00 Ox OXO OXB00 BXO0 OXFO Ox3F DOUBLE_INIT dx 1 0 dy is 2 0 0x00 0x00 Ox00 OxXB00 OxB00 OXO OxXB0 Ox4e DOUBLE_INIT dy 2 0 cRes _cmp dx dy _set_response 1 amp cRes return xFF _exit 6 8 Single Precision Floating Point Calculation Single Precision Floating Point presents identically as high level language on PC with 4 byte but reversing sequence For example the address of single precision floating point 3 0 is 0x00 0x00 0x40 0x40 but in C51 it represents as 0x40 0x40 Ox00 Ox00 For better performance we suggest that the reverse process operates in high level language 6 8 1 addf float _addf float x float y Objective The addication function of Single Precision Floating Point
141. retcode return printf r n RY5_EraseAllFile success delete file successfully close retcode RY5_Close handle TRUE close the dongle and clear the safe flag if retcode RY5_SUCCESS printf r n RY5_Close error error code 08X r n retcode return printf r n RY5_Close the No d dongle was closed r n i 7 1 20 RY5_GenRsaKey DWORD WINAPI RY5_GenRsaKey RY_HANDLE handle int kid BYTE pPubBakup BYTE pPriBakup Objective Generate RSA key pair RY5 Open must be called to open the device and the developer password needed to be verified before this function is called Parameters handle in Device handle as same as the handle returned by RY5_Open Kid in The key pair 1D ranging from O to 8 pPubBakup out The public key buffer pointer output 140 bytes public key as backup Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE pPriBakup out The private key buffer pointer output 140 bytes private key as backup Note E key pair ID It ranges from Oto 8 0 means upgrading key pair and 1 8 means key pair ID E if pPubBakup or pPriBakup is NULL it means no backup MRSA key pair generated by the function only supports 1024 bit Return value Success returns RY5_ SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example RY_HANDLE
142. rite Table 2 1 File types and privilege 2 9 Other Functions ROCKEY5 TIME encrypts communication between USB and dongle ROCKEY5 TIME has hardware based RSA algorithm 512 1024 2048 bit It also provides DES and 3DES encryption Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY KEY5 TIME USER GUIDE algorithms Symmetri key is exchanged securily by using RSA algorithm Please note If use C51 to do RSA calculation it accepts the length of RSA keys is 512 1024 or 2048 If use API to do RSA calculation it only accepts 1024 bits long Please refer to section 6 4 11 6 4 12 6 4 13 7 1 20 and 7 1 21 ROCKEY5 TIME also provide MD5 and SHA 1 algorithms ROCKEY5 TIME provides AES encryption algorithm 128 bits Because ROCKEY5 TIME can do floating point and double precision floating point arithmetic software manufacturers can burn some formulas into ROCKEY5 TIME The floating point and double precision floating point arithmetics related to the formulas can be executed inside the hardware of ROCKEY TIME and the performace is better than in C51 There are 3 status of LED light on off and blinking Software manufacturers can use API to control the LED light to confuse illegal users For example the LED light blinking may not mean that the ROCKEY5 TIME is executing internal programs ROCKEY5 TIME provides remote update function Software manufacturers use a tool refe
143. rror code 08X r n retcode return printf r n RY5_Close suceess close No d dongle r n i 7 1 4 RY5_GetHardID DWORD WINAPI RY5_GetHardID RY_HANDLE handle char pbuf Objective Get the serial number of ROCKEY5 TIME dongle RY5_Open must be called before the function is called Parameters Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY handle in The device handle which is as same as RY5_Open return value pbuf out The pointer of hardware serial number Note The return hardware serial number is a 16 byte string Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example RY_HANDLE handle 0 the device handle DWORD retcode the error code int count 0 the count of found dongle char vendorID 10 A8C3E6FD vendor ID char buf 20 to store the return hardware ID int i find retcode RY5_Find vendorID amp count find the dongle of the certain Nendor ID if retcode RY5 SUCCESS printf r n RY5_Find error error code 08X r n retcode return printf r n RY5_Find suceess find dongle count d r n count for i 1 i lt count i open retcode RY5 Open amp handle i open dongle ith if retcode RY5 SUCCESS printf r n RY5 Open error error code 98X r
144. s open No d dongle r n i Execute File WORD fileID 0x2001 file ID int inSize 10 input data length int outSize 10 output data length BYTE inBuf 30 1 BYTE outBuf 30 e retcode RY5 ExecuteFile handle fileID inBuf inSize outBuf amp 0utSize run the executable file if retcode RY5 SUCCESS printf r n RY5_ExecuteFile error error code 98X r n retcode return printf r n RY5_ExecuteFile success return result s r n outBuf close retcode RY5 Close handle TRUE close the dongle and clear the safe flag if retcode RY5 SUCCESS printf r n RY5 Close error error code 8X r n retcode return printf r n RY5_Close success the No d dongle was closed r n i Copyright Feitian Technologies Co Ltd Website www FTsafe com FEIT WE BUILD SECURITY AN ROCKEY5 TIME USER GUIDE 7 1 19 RY5_EraseAllFile DWORD WINAPI RY5_EraseAllFile RY_HANDLE handle Objective Delete all the files RYS_Open must be called to open the device and the developer password needed to be verified before this function is called Input parameters handle in Device handle as same as the handle returned from RY5_Open Note This function is called to delete all the files Return value Success returns RY5_ SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2
145. s File 1D File Type and size EFINFO file information structure defines as following typedef struct FILE INFO WORD wFilelD D BYTE bFileType file type please check table 6 1 for details WORD wkileSize file size EFINFO PEFINFO Return value Success returns O Other return means failure For more detail check the list in section 6 12 Example EFINFO xdata fInfo BYTE xdata bRes 0 fInfo wFileID 0x1008 bRes get file infor 8fInfo Get ID 6x18008 information Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEYS TIME USER GUIDE WE BUILD SECURITY if bRes 0 _set_response 1 amp bRes _exit 6 4 Algorithms A brief introduction is given for the cryptography conception E Symmetric encryption algorithms Symmetric encryption algorithms Symmetric key encryption algorithms use the same key for encryption and decryption Symmetric key encryption algorithms can be divided into Stream algorithms Stream ciphers and Block algorithms Block ciphers M ECB and CBC The simplest of the encryption modes is the electronic codebook ECB mode The message is divided into blocks and each block is encrypted separately In the cipher block chaining CBC mode each block of plaintext is XORed with the previous cipher text block before being encrypted This way each cipher text block is dependent on all plaintext blocks processed up to tha
146. s sanna a de it EBE ET da E Sie 121 A RYS GER ANO Mcdonald ana SERA ER RA s 123 TELLO A dei iEciis 124 FAL RYSALEDCONt OL saa si a a aa a a i a Ra a AR R 0 a paa a eee 126 TAS RY5 Very DS Plica italian 128 i dele A E rre renee 130 7 AIO RYS Change DevPinis isis evs eel a eesti tia 131 DAL RR a e e a e O FALA RYS Wi aa taa dt rita FALLI RYS Vendo Witt iia 7 ALLA RAS ROS iii RI I T 7 1 15 RY5_WriteShare TALLO RYS Create File norni aisa O tati AR e o dde PATS RYS Exec OR RI 71 19 RYS ESC AI A A A ANN SARA aa E Riad 7 1 20 RY5_GenRsaKey AS AO A 7 1 22 RY5_PublicEncrypt 7 1 23 RYS Private Decry Plinio e r PR 0 156 AA 2A MODO A A A ita 158 FAQS RYS SHA iii RA 159 71 26 RYS SEt3DESKEY ioe a aa E coeeuvucceeetqss saccuctechasceseueeceoeen sek gacceg segue cyavees coueveee ducengsuaaecassaceeneeedevessuecuiauea e 161 71 27 RY SKSJD SI FT Raw es 163 7128 RY5 Update conca apa Bana Ea JA aa aa nn ann 165 7 129 RYS GenUpdatePacket siss sannara kis Bi a a a 166 E ctatecelt ace upucanacueaveissvanesunaensauceccuesusvacccnuguuguace coud sess E E occ usdasueaveensavsoeenaseougene 7131 RYS PPP O HMS RYS GOrRTCTIMEO ti AAA ER IL VISS 7 1 33 RY5_SetTimeLimit 7 1 34 RYS GetlokenTYpe iii ai Ia A citrico D2 A A O T Copyright O Feitian Technologies Co Ltd Website www FTsafe com F EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY Quick Start and Hints E ROCKEYS TIME factory
147. sword Management interface Please see the figure below Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ER GUIDE Rockey5 TIME User Tool User mode FEITIAN The Hardware ID WE BUILD SECURITY BA0064110F000010 Change Developer Password The Old Password File Operations Default password 123456781234567812345678 6 New Password ENCADEC Confirm New Password Maximum Retry Times 255 1 7 255 which 255 for unlimited Password Management Reset Vendor ID Remote Uparade amp Please Enter A Seed Time management Generated Vendor ID E Batch wal Figure 4 2 5 1 Password Management E Change Developer Password Input old password new password twice and click Change button to change Developer Password If failed to change users need to check errors based on error code Please refer section 7 2 1 E Reset Vendor ID Input a seed and click Reset button to get a new Vendor ID If failed to set users need to check errors based on error code Please refer section 7 2 1 4 2 6 Remote Update For detailed information about remote update please refer section 3 2 5 This section will introduce how to use User Tool to update remotely Click Remote Update button to show the following figure Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEYS TIME USER GUIDE
148. t DOUBLE x Objective The arcsine function Input parameters result out The result xX in The sine value Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 6 7 15 acos BYTE _acos DOUBLE result DOUBLE x Objective The arc cosine function Input parameters result out The result Copyright Feitian Technologie Website www FTsafe com FEITIAN Y5 TIME USER GUIDE WE BUILD SECURITY Y5 TIME USER GUIDE x in The cosine value Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 6 7 16 atan BYTE_atan DOUBLE result DOUBLE x Objective The arctangent function Input parameters result out The result x in The tangent Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 6 7 17 sinh BYTE _sinh DOUBLE result DOUBLE x Objective The hyperbolic sine function Input parameters result out The result x in The radian value Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 6 7 18 cosh BYTE _cosh DOUBLE result DOUBLE x Objective The hyperbolic cosine function Input parameters result out The result x in The radian value Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUIL
149. t a file www FTs FEITIAN WE BUILD SECURITY File Edit View Help EB ROCKEYS VFS ROOT DIR HF Create File Edit File Import File Export File Figure 4 3 5 2 Open a File 4 3 6 Edit a File In virtual file system customers can edit any files There are three ways to edit files 1 Select a file and then go to menu bar select Edit file Please see figure below NewVfs ROCKEY5 TIME Virtual File System Manager On Delete Create File Import File Export to disk Figure 4 3 6 1 Edit File Here is the Edit interface yright O Fe WWW F EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY 000 00 SSS SOT 00 00 0020 00 00 00 00 00 00 0030 00 00 00 00 00 00 eae 0040 00 00 00 00 00 00 00 00 0050 00 00 00 00 00 00 00 00 c oooocooooooo o 0060 00 00 00 00 Figure 4 3 6 2 Edit Interface Customers can directly edit the hexadecimal data or ASCII data Import button allows customers to import a file into virtual file system Ifimported file is bigger than current file imported file will be cut Ifimported file is smaller than the current file remaining part will be kept Export button will export the current file to hard disk 2 Select a file and then click button to edit 3 Right click a file then select Edit file to edit Please see the figure below NewVfs ROCKEY5 TIME Virtual File System Manager i File E
150. t point Also to make each message unique an initialization vector must be used in the first block E Padding Many classical ciphers arrange the plaintext into particular patterns e g squares rectangles etc and if the plaintext doesn t exactly fit it is often necessary to supply additional letters to fill out the pattern E Cryptographic hash function A cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed size bit string the cryptographic hash value such that an accidental or intentional change to the data will change the hash value The data to be encoded is often called the message and the hash value is sometimes called the message digest or simply digests E Asymmetric cryptography Asymmetric cryptography refers to a cryptographic system requiring two separate keys one to lock or encrypt the plaintext and the other to unlock or decrypt the cipher text Neither key will do both functions One of these keys is published or public and the other is kept private If the lock encryption key is the one published then the system enables private communication from the public to the unlocking key s owner If the unlock decryption key is the one published then the system serves as a signature verifier of documents locked by the owner of the private key ROCKEY5 TIME supports hardware implemented RSA 512 1024 2048 bits RSA calculation Copyright Feitian Technologies Co
151. that caused the damages or are the subject of or indirectly related to the cause of action In no event shall Feitian be liable for any damages caused by your failure to meet your obligations nor for any loss of data profit or savings or any other consequential and incidental damages even if Feitian has been Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY UGALI 3 IVI UE advised of the possibility of damages or for any claim by you based on any third party claim 6 Termination This Agreement shall terminate if you fail to comply with the terms herein Items 2 3 4 and 5 shall survive any termination of this Agreement FEITIA WE BUILD SECURITY ROCKEY5 TIME USER GUIDE Content ROCKEYS TIME USER GUIDE codi Ai 1 QuickStart and Hits iii Aia aia aa NNUR UNNT 8 Chapter 1 ROCKEY5 TIME Introduction ccmccccnccnccnnnnnnnnnnnnnncnnncnnnnconannnnnnncnnnnnnnnnnnnnnncnnnnnnnnnnnanenanananancnancnnanos 10 1 1 About ROCKEYS TIME cuoccaiciiccnaincacacainidcornnncata a a bana a a fata ta bab a a acabada ii 10 1 2 ROCKEY5 TIME FeatUresSa ss a a a a a a a a dd 10 1 3 Software Protect coincidan Aa dk a an AS A dean 11 Chapter 2 Basic Concepts of ROCKEY5 TIME ccssccscccssccseeceecceecceeceseceeeceeseeeseesceeaceesceeaseseceeseeesceeeseeseeseeeaeees 12 2 1 Developer Pass Wo distinta ita deste ai N EA a
152. the hash value 20 from SHA1 by private key Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY RSA_CALC_HASH 0x01 Hash the imported Data length needs data by SHA1 and to be shorter than then sign the value 2k which is the card memory size RSA CALC PKCS 0x02 Sign the hash value 20 from SHA1 following PKCS 1 standard RSA_CALC_HASH RSA_CALC_PKCS 0x03 Hash the imported Data length needs data by SHA1 and to be shorter than then sign the value 2k which is the card following PKCS 1 memory size standard RSA_CALC_BIT_512 0x10 Sign with 512 bit private key RSA_CALC_BIT_1024 default 0x00 Sign with 1024 bit private key RSA_CALC_BIT_2048 0x20 Sign with 2048 bit private key Table 6 8 Signature mode E The export signed data differs in terms of the length of private key The pvData buffer needs to be allocated for space e oO O RSA private key The signed data length 512 64 1024 128 2048 256 Table 6 9 RSA signed data length Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 FEITIAN ROCKEYS TIME USER GUIDE WE BUILD SECURITY Example Check rsa_verify example 6 4 17 rsa_verify BYTE _rsa_verify BYTE bMode WORD wFilelD WORD wLen void pvData Objective Verify the signature by RSA public key Inp
153. times of developer password int i find retcode RY5 Find vendorID amp count find the certain vendor ID s dongle if retcode RY5 SUCCESS printf r n RY5_Find error error code 88X r n retcode return printf r n RY5_Find success find the dongle count d r n count for i 1 i lt count i open Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY retcode RY5 Open amp handle i open the dongle if retcode RY5 SUCCESS printf r n RY5 Open error error code 08X r n retcode return printf r n RY5_Open r n i Nerify DevPin retcode RY5 VerifyDevPin handle pInPin amp pRemainCount verify developer pwd if retcode RY5 SUCCESS printf r n RY5_VerifyDevPin error error code 08X pRemainCount d r n retcode pRemainCount return printf r n RY5_VerifyDevPin success r n set vendorID char seed 10 12345 seed char buf 10 store 8 byte vendor ID memset buf sizeof buf set vendor ID retcode RY5_SetVendorID handle seed lstrlen seed buf if retcode RY5_SUCCESS 1 printf r n RY5_SetVendorID error error code 8X r n retcode return printf r n RY5_SetVendorID success vendor ID s r n buf close retcode RY5_Close handle TRUE close the dongle and clear the
154. turn means failure For more detail check the error list in section 6 12 6 7 3 mul BYTE _mul DOUBLE result DOUBLE x DOUBLE y Objective The multiplication function for the double precision floating point Input parameters result out The result of the mutiplication x in The multiplicand y in The multiplier Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY 6 7 4 div BYTE _div DOUBLE result DOUBLE x DOUBLE y Objective Division function for double precision floating point Input parameters result out The result of the division x in The dividend y in The divisor Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 6 7 5 atan2 BYTE _atan2 DOUBLE result DOUBLE x DOUBLE y Objective Arctangent function for double precision floating point number Input parameters result out The result of arctangent function x in The dividend y in The divisor Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 6 7 6 mod BYTE _mod DOUBLE result DOUBLE x DOUBLE pMod Objective Modulo function for double precision floating point number Input parameters result out The result of the modular operation x i
155. ue Success returns O Other return means failure For more detail check the error list in section 6 12 6 7 23 exp BYTE_exp DOUBLE result DOUBLE x Objective The power with base number e and double precision floating point number as index number Input parameters result out The result of the function x in The index number Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 6 7 24 log BYTE_log DOUBLE result DOUBLE x Objective The natural logarithm of the double precision floating point number Input parameters result out The result of the function x in The double precision floating point number Return value Success returns 0 Other return means failure For more detail check the error list in section 6 12 Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY 6 7 25 log10 BYTE_log10 DOUBLE result DOUBLE x Objective Common logarithm of of double precision floating point number Input parameters result out The result of the function Xx in The double precision floating point number Return value Success returns O Other return means failure For more detail check the error list in section 6 12 6 7 26 sqrt BYTE _sqrt DOUBLE result DOUBLE x Objective The square root of the double precision floating point Input parameters result out The result Xx in The double p
156. unt returns O E The length of developer password must be 24 bytes Return value Success returns RY5_SUCCESS 0x00000000 Other return value means failure For more detail check the error list in section 7 2 Example Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY RY_HANDLE handle 0 device handle DWORD retcode error code int count 0 the dongle count char vendorID 10 A8C3E6FD the vendor ID char pInPin 30 123456781234567812345678 the developer password int pRemainCount 0 the retry times of the developer password int i find retcode RY5_Find vendorID amp count find the certain vendor ID if retcode RY5_SUCCESS printf r n RY5_Find error error code 8X r n retcode return printf r n RY5_Find success the dongle count d r n count for i 1 i lt count i open retcode RY5 _Open amp handle i Open the dongle whose number is i if retcode RY5 SUCCESS printf r n RY5_Open error error code 08X r n retcode return printf r n RY5_Open success open dongle r n i Nerify DevPin retcode RY5_VerifyDevPin handle pInPin 8pRemainCount verify developer ID if retcode RY5_SUCCESS printf r n RY5_VerifyDevPin error error code 08X pRemainCount d r n retcode pRemainCount return printf r n RY5_Veri
157. urned by RYS_ Open kid in Key pair ID that ranges from 1 to 8 pKey in The pointer points to the buffer for storing key value Note E The key pair ID ranging from 1 to 8 E The key length is fixed in 16 bytes Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example RY_HANDLE handle 0 device handle DWORD retcode error code int count 0 the found dongle count char vendorID 10 A8C3E6FD vendor ID int i find retcode RY5_Find vendorID amp count find the certain vendor ID s dongle if retcode RY5 SUCCESS printf r n RY5_Find error error code 08X r n retcode Copyright Feitian Technologies Co Ltd Website www FTsafe com EITIAN ROCKEY5 TIME USER GUIDE WE BUILD SECURITY return printf r n RY5_Find the found dongle count d r n count for i 1 i lt count i open retcode RY5 Open amp handle i open the dongle i if retcode RY5 SUCCESS printf r n RY5 Open error error code 08X r n retcode return printf r n RY5_Open success open the NO d dongle r n i Verify Developer password char pInPin 30 123456781234567812345678 developer password int pRemainCount 0 password remain count verify developer password retcode RY5_VerifyDevPin handle pInPin amp pRemainCount if retcode
158. urns 0 Other return means failure For more detail check the error list in section 6 12 Example BYTE xdata ret time_t xdata exptime RTC_TIME_T xdata exp 0 0 0 20 0 5 110 2010 6 20 convert the expired time to time_t type ret _mktime amp exptime amp exp if ret _set_response 1 amp ret _exit Check if the dongle time is order than the setup time if it is expired returns error if time gt exptime if time is expired return error _set response 1 amp ret Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEYS TIME USER GUIDE WE BUILD SECURITY _exit i4 it is OK run the rest code _set_response 4 amp time _exit 6 9 3 gmtime BYTE_gmtime time_t ptime RTC_TIME_T ptm Objective Convert the time_t time into RTC_TIME_T time Both of them are UTC standard time Parameters ptime in The address of time t time to be converted ptm in The converted RTC_TIME_T time Return value Success returns 0 Other return means failure For more detail check the errol list in section 6 12 Example BYTE xdata ret time_t xdata time RTC_TIME_T xdata stime char xdata a 64 char xdata b 64 int xdata second int xdata minute int xdata hour int xdata day int xdata week int xdata month int xdata year convert time_t time to RTC_TIME_T time and return ret _gmtime amp time
159. urposes of transferring or storing data that was not either an original part of the Product or a Feitian provided enhancement or upgrade to the Product 3 Warranty Feitian warrants that the hardware and Software storage media are substantially free from significant defects of workmanship or materials for a time period of twelve 12 months from the date of delivery of the Product to you 4 Breach of Warranty In the event of breach of this warranty Feitian s sole obligation is to replace or repair at the discretion of Feitian any Product free of charge Any replaced Product becomes the property of Feitian Warranty claims must be made in writing to Feitian during the warranty period and within fourteen 14 days after the observation of the defect All warranty claims must be accompanied by evidence of the defect that is deemed satisfactory by Feitian Any Products that you return to Feitian or a Feitian authorized distributor must be sent with freight and insurance prepaid EXCEPT AS STATED ABOVE THERE IS NO OTHER WARRANTY OR REPRESENTATION OF THE PRODUCT EXPRESSED OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 5 Limitation of Feitian s Liability Feitian s entire liability to you or any other party for any cause whatsoever whether in contract or in tort including negligence shall not exceed the price you paid for the unit of the Product
160. ut parameters bMode in Signature mode wFilelD in Public key ID wLen in The length of the signature 64 128 256 pvData in The signed data Note E f the sign mode is RSA_CALC_NORMAL and RSA_CALC_HASH when using rsa_sign to sign both of the two modes sign the hash value calculated by SHA1 The verification mode is RSA_CALC_NORMAL E f the sign mode is RSA_CALC_PKCS or RSA_CALC_HASH RSA_CALC_PKC the verification mode is RSA_CALC_PKCS E The buffer in COS stores the hash value from the previous computation Return value Success returns O Other return means failure For more detail check the error list in section 6 12 Example char xdata text HELLO BYTE xdata signtext 128 BYTE xdata bRes 0 WORD xdata wPubKeyFileID 0x1002 public key ID WORD xdata wPriKeyFileID 0x1004 private key ID memset signtext 0 128 memcpy signtext text 6 First has the value by SHA1 and sign then sign the value following PKCS 1 standard and return 128 byte result bRes _rsa_sign RSA_CALC_HASH RSA_CALC_PKCS wPrikeyFileID 6 signtext if bRes 0 _set_response 1 amp bRes _exit Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY EY5 TIME USER GUIDE verification by RSA public key bRes rsa verify RSA CALC PKCS wPubKeyFileID 128 signtext if bRes 0 _set_response 1 amp bRes _exit return the signed resu
161. versed E MDS to ensure the integrity of protected files Envelope uses MD5 algorithm to get a hash code This hash code is called the fingerprint of the file If protected files have been modified the fingerprint will be changed This way is used to avoid programs being modified E Anti debug and anti trace Envelope uses lots of anti trace and anti debug methods Such as parent process checking memory checking Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY TIME US and forbidding debug instructions E Memory checking Envelope creates a monitor thread to check memory If the read only code segment or Envelope code has been modified the protected program will be terminated Envelope is under Utilities Envelope folder in DK This tool needs RockeyCmdShell exe It is recommended to protect software with both Envelope and API The Envelope is Envelope exe Here is the figure of Envelope Feitian Shell Protect Center 1 0 11 119 DER Project Ele Protect Language View Help Tratar gt 0000000000000000 Yes 120 Error Cannot find dongle Figure 4 4 1 Envelope Select languages in menu bar to change language interface Feitian Shell Protect Center 1 0 11 119 Project File Protect MENTA View Help 00000000 Figure 4 4 2 Language aa Click File gt Add file or click button to add files In the adding file dialog select a file typ
162. ww FTsafe com FEITIAN WE BUILD SECURITY Objective Generate RSA key pair Input parameters ROCKEY5 TIME USER GUIDE wPubID in Public key ID wPrilD in Private key ID wKeyBitLen in The length of RSA key 512 1024 2048 Note E Considering the encrypt strength and operational speed the common length of RSA private key is 1024 bit The different private key length maps to the related data check 6 4 11 and 6 4 12 for more detail E wPubID and wPrilD must use unoccupied ID in the current directory This function will create two new file Return value Success returns O Other return means failure For more detail check the error list in section 6 12 Example char xdata plaintext HELLO BYTE xdata ciphertext 128 BYTE xdata bRes 0 WORD xdata wPubKeyFileID 0x1002 Public key ID WORD xdata wPriKeyFileID 0x1004 Private key ID WORD xdata wKeyLen 1024 RSA key length Generate key bRes _rsa_gen_key wPubKeyFileID wPrikeyFileID wKeyLen if bRes 0 _set_response 1 amp bRes exit memset ciphertext 0 128 Assign O to cipher text Copy HELLO to cipher text Set the first byte as in case that the plain text is over key length memcpy ciphertext 1 plaintext 6 RSA encryption the 128 bytes result is in cipher text bRes _rsa_enc RSA_CALC PKCS RSA CALC BIT 1024 wPubKeyFilelD 6 0 _set_response 1 amp bRes ciphertext if bRes _
163. x37 0x38 0x31 0x32 0x33 0x34 0x35 0x36 0x37 0x38 With the Developer Password customers can create and delete files but cannot get any internal data from dongle So it is strongly recommended to change the Developer Password before using in order to prevent being obtained illegally Notes on Developer Password E The length of Developer Password must be 24 bytes MThere is no retry limitation for Developer Password To avoid brute force attack we recommend customers to set a maximum retry times This value can be set from 1 to 254 Please refer chapter 7 1 10 the detailed information for RY5_ChangePin If customers set this value to 255 OxFF it means that there is no retry limitation Please note If the maximum retry time has been reached the ROCKEY5 TIME will be locked In this case the only way to unlock the dongle is to send back to FEITIAN So please keep the Developer Password carefully Min case of losing the Developer Password the ROCKEY5 TIME can also keep the protected software secure With the Developer Password illegal users can only write or delete data in ROCKEY5 TIME but cannot get any data from ROCKEY5 TIME So they cannot use simulator to attack ROCKEY5 TIME But we still suggest developers keep their Developer Password carefully 2 2 Vendor ID VID The default value of Vendor ID 8 bytes long is 00000000 Software manufacturers can use ROCKEY5 TIME utilities or API to set the Vendor ID The Vendor ID is used
164. xb4 0x0a 0x41 0x2f 0x09 0x1f 0x79 0xc5 0xel 0x5e 0xd4 0xe6 0xaa 0xca 0x71 0xae 0xa0 0x8c 0x8d 0x99 0x7d 0x44 0x17 0x88 0xd6 0 0xf8 0x76 0x0Cc 0x38 0x70 0xcc 0x59 0xa1 0xed 0xd1 0x47 0x49 0x1a 0xcd 0x0c 0 0x92 0xbb 0x59 0x65 0x5e 0x5c 0x1a 0x68 0x25 0xe8 0x47 0xe2 0x1f 0x4c 0xe8 0 0x66 0x39 0x90 0xf7 0xb0 0x8d 0x63 0xcd 0xcc 0xa0 0x93 0xe9 0xab 0xae 0xf5 0 0x7b 0xa8 0x2f 0x86 0x71 0xe0 0x7C 0x81 0x7f 0x47 0xc9 0xe0 0x0e 0xe2 0x7a 0 0x10 0x9f 0x7a 0x7f 0xac 0x96 0x0d 0x5d 0xcf 0xf7 0xb4 0x6b 0xbf 0xa4 0xa4 0 0x84 0x81 0xb9 0x2c 0x66 0x32 0x7a 0xdc 0xcc 0x3f 0x4b 0x37 0x25 0x10 0xe5 0 0xe5 0xcb 0x32 0x93 0x00 0x00 0x00 0x04 0x00 0x01 0x00 0x01 public key BYTE priBuf 340 0x01 0x00 0x00 0x40 0xd3 0x6b 0xd4 0x80 0xac 0xe7 0x95 0x15 0xdc 0xcC2 0x2d 0xa0 x18 xe3 xdd x62 x40 x4e x08 x83 xcb x30 xfc x40 x23 xf8 0xae 0xe3 0xd9 0x79 0xd0 0x63 0x9d 0xad 0xab 0x44 0xe5 0x56 0xca 0xb2 0x07 0 0xbd 0x59 0x2b 0xeb 0x34 0x4f 0xc6 0xe6 0x1f 0x99 0xd0 0x0b 0x71 0xab 0x03 0 0x87 0x62 0xe7 0xb0 0xbd 0x66 0xbb 0xe8 0x06 0xbf 0x9d 0x40 0xe3 0x62 0x32 0 0xd6 0x53 0x3b 0x29 0x00 0x00 0x00 0x40 0xca 0x48 0x30 0x79 0xfa 0x58 0x27 0 0x18 0x8f 0x50 0x02 0x55 0x74 0x61 0x30 0xa1 0x96 0x31 0x67 0xa7 0x16 0x38 0 0x75 0x67 0xcf 0xdd 0xc3 0xe6 0x4f 0x1e 0x05 0xd7 0xe3 0xaa 0x90 0xc7 0x14 0 0x23 0x02 0x72 0xbe 0x88 0x3c 0xbf 0xd1 0xe5 0x5d 0xcd 0x0f 0xb7 0xc6 0xf8 0 0x18 0xd5 0x21 0x75 0x6f 0x8C 0x33 0x5b 0x00 0x00 0x00 0x40 0x10 0x57 0xC
165. y error error code 08X r n retcode return printf r n RY5_GenRsaKey success r n close retcode RY5_Close handle TRUE close the dongle and clear the safe flag if retcode RY5_SUCCESS printf r n RY5_Close error error code 08X r n retcode return printf r n RY5_Close the No d dongle was closed r n i 7 1 21 RY5_SetRsaKey DWORD WINAPI RY5_SetRsaKey RY_HANDLE handle int kid BYTE pPubKey BYTE pPriKey Objective Set RSA key pairs RYS Open must be called to open the device and the developer password needs to be verified before this function is called Parameters handle in Device handle as same as the handle returned by RY5_Open kid in Key pair ID ranges from O to 8 pPubKey in Public key buffer pointer 140 bytes public key is input for writing pPriKey in Private key buffer pointer 340 bytes private key is input for writing Note E The key pair ID It ranges from Oto 8 0 means upgrading key pair and 1 8 means key pair ID E If pPubKey or pPriKey is NULL it means no writing Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY ROCKEY5 TIME USER GUIDE MRSA only supports 1024 when this function is called Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example RY_HANDLE handle 0
166. ze handle amp pSize get the free space size if retcode RY5_SUCCESS printf r n RY5_GetFreeSize error error code 08X r n retcode return Copyright Feitian Technologies Co Ltd Website www FTsafe com FEITIAN WE BUILD SECURITY Y5 TIME USER GUIDE printf r n RY5_GetFreeSize success free space d byte r n pSize close retcode RY5 Close handle TRUE close dongle and clear the safe flag if retcode RY5 SUCCESS printf r n RY5_Close error error code 08X r n retcode return printf r n RY5_Close success close dongle r n i 7 1 7 RY5 LEDControl DWORD WINAPI RY5_LEDControl RY_HANDLE handle int flag Objective LED controller RY5 Open must be called to open the device before this function is called Parameters handle in The device handle which is as same as the one returned by RY5_Open flag in Instruction Please refer to the following for more information Note LED definition Hdefine ET_LED_ON 1 LED on Hdefine ET_LED_OFF 2 LED off define ET_LED_WINK 3 LED twinkle Return value Success returns RY5_SUCCESS 0x00000000 Other return means failure For more detail check the error list in section 7 2 Example RY_HANDLE handle 0 device handle DWORD retcode error code int count 0 the found dongle count char vendorID 10 A8C3E6FD the vendor ID int i find
167. zone even without verifying Developer Password Software manufacturers can use RY5_VendorWrite interface to write date to data memory Please refer to section 7 1 13 2 5 Shared Memory ROCKEY5 TIME contains a 32KB Shared Memory zone which enables all internal programs to run with sufficient memory Software manufacturers can use RY5_ReadShare and RY5_WriteShare to read and write shared memory zone Please refer to section 7 1 4 2 6 Hardware Based Clock ROCKEY5 TIME contains a hardware based clock chip and a battery The UTC time has been set when produced Both end users and software manufacturers cannot modify it The clock chip cannot be duplicated or simulated due to its security design Software manufacturers can use RY5_GetRTCTime interface or C51 time interface to get internal UTC time Please refer section 7 1 32 or 6 9 1 2 7 User Memory ROCKEY5 TIME provides 32KB user memory Users can store their files here Please refer section 2 7 Copyright O Feitian Technologies Co Ltd Website www FTsafe com FEITIAN ROCKEYS TIME USER GUIDE WE BUILD SECURITY 2 8 ROCKEY5 TIME File System R5FS ROCKEY5 TIME file system is similar to Windows file system The R5FS includes executable files data files and key files Each file has a unique File ID The File ID is 2 bytes long for example 0x1002 and 0x100A Customers can use C51 interface or API to operate the R5FS 2 8 1 ROCKEYS TIME File Type E Executable Fil
Download Pdf Manuals
Related Search