Error deploying using ProtectedProduct

Hi,
I'm trying to add product protection to a ToGo application.

As far as I can tell I've overriden all required classes, and
inparticular the #decodingKey method.

However when I deply the application an error:
        " #decodingKey is the responibility of the subclass "
appears and I have exit the deployment.

Has anyone else had the same problem?
Cheers,Theo

===========dump snip==============
19:32:31, 27/02/2005: Dolphin.exe caused an unhandled Win32 Exception
20000002
at 7C81EB33 in module 7C800000 (C:\WINDOWS\system32\kernel32.dll)

*----> Exception Parameters <----*
0766618C #decodingKey is the responsibility of th

*----> CPU Context for thread 0x71c <----*
EAX = 00C0FB10 EBX = 0734A824 ECX = 00000000
ESI = 076CEF20 EDI = FFFFFFFF EIP = 7C81EB33
ESP = 00C0FB0C EBP = 00C0FB60 EFL = 00000202
CS = 001B SS = 0023 DS = 0023
ES = 0023 FS = 003B GS = 0000

*----> VM Context <----*
Process: {087A0004:size 137 words, suspended frame 087A04CD, priority 5,
callbacks 0
last failure 0:nil, FPE mask 3, thread nil}
Active Method: VMLibrary>>crashDump:
IP: 0739F7C6 (22)
SP: 087A0444
BP: 087A0418 (245)
ActiveFrame: {087A0420: cf 087A0401, sp 087A0430, bp 087A0418, ip 10,
VMLibrary>>crashDump:}
        receiver: a VMLibrary
        arg[0]: '#decodingKey is the responsibility of the subclass'
        temp[0]: a DWORDArray


New Method:
KernelLibrary>>raiseException:dwExceptionFlags:nNumberOfArguments:lpArguments:
Message Selector:
#raiseException:dwExceptionFlags:nNumberOfArguments:lpArguments:
================end snip===================

Theo Pronk wrote:

> However when I deply the application an error:
> " #decodingKey is the responibility of the subclass "
> appears and I have exit the deployment.

You trimmed off too much of the stack trace to see what's happening.  But it
/sounds/ as if you are somehow sending #decodingKey to your
ProtectedProductSerialNumber subclass, rather than to one of its instances.

I should warn you (and anyone else using ProtectedProduct) that while the
underlying concept of its protection is sound (in my opinon as a non-expert),
the actual implementation has a couple of bugs that make its security
considerably weaker than it looks.  I don't want to discuss the details in an
open forum[*].   My understanding is that OA's position on ProtectedProduct is
that it is an /example/ of how to do something, and maybe a basis for
constructing a production-grade implementation, but that it is not intended to
be production-grade itself.  Of course, that's only my understanding of what
Andy's said, and I may be misrepresenting him.

    -- chris

([*] and anyway, I can't remember them right now...)

After looking more carefully at the methods that needed to be override I
discovered that there were a few class method also. That fixed the
initial problem but now I have another.

The error now is "SmallInteger should not implement #size", which
appears to be related to the
SASdownloadManagerSession(ProtectedProductSessionManager), but I'm
having a hard time following the dump.

Anyone willing and able to help? I've attached the dump for you.

Thanks,
Theo

PS Chris, I got the impression that this was meant to be reasonably
secure based on the comments in the description:

"Note that if it was possible for someone to patch the image to skip
over the serial number check then the application would still not run
sucessfully (indeed it will most probably crash) because the method
bytecodes contain nonsense. "


=====================================
Chris Uppal wrote:

************************** Dolphin Virtual Machine Dump Report ***************************

00:31:44, 1/03/2005: SmallInteger should not implement #size

*----> VM Context <----*
Process: {080B0004:size 340 words, suspended frame 080B033D, priority 5, callbacks 0
last failure 0:nil, FPE mask 3, thread nil}
Active Method: SessionManager>>logError:
IP: 07373FED (13)
SP: 080B0600
BP: 080B05D8 (357)
ActiveFrame: {080B05DC: cf 080B05C1, sp 080B05F0, bp 080B05D8, ip 5, SASdownloadManagerSession(SessionManager)>>logError:}
        receiver: a SASdownloadManagerSession
        arg[0]: a Error


New Method: VMLibrary>>dump:path:stackDepth:walkbackDepth:
Message Selector: #dump:path:stackDepth:walkbackDepth:

*----> Stack Back Trace <----*
{080B05DC: cf 080B05C1, sp 080B05F0, bp 080B05D8, ip 5, SASdownloadManagerSession(SessionManager)>>logError:}
        receiver: a SASdownloadManagerSession
        arg[0]: a Error

{080B05C0: cf 080B05A5, sp 080B05D0, bp 080B05BC, ip 4, SASdownloadManagerSession(SessionManager)>>unhandledException:}
        receiver: a SASdownloadManagerSession
        arg[0]: a Error

{080B05A4: cf 080B0589, sp 080B05B4, bp 080B05A0, ip 4, SASdownloadManagerSession(SessionManager)>>onUnhandledError:}
        receiver: a SASdownloadManagerSession
        arg[0]: a Error

{080B0588: cf 080B0571, sp 080B0598, bp 080B0588, ip 5, Error>>defaultAction}
        receiver: a Error

{080B0570: cf 080B055D, sp 080B0580, bp 07F6F390, ip 57, Error(Exception)>>_propagateFrom:}
        receiver: a Error
        arg[0]: a ExceptionHandler
        temp[0]: nil
        temp[1]: a ExceptionHandler
        temp[2]: nil
        temp[3]: a Process('Main' base 080B0000 [ACTIVE] in SessionManager>>logError: sp=00000000 ip=8 list=nil)
        temp[4]: nil

{080B055C: cf 080B0541, sp 080B056C, bp 080B0558, ip 6, Error(Exception)>>_propagate}
        receiver: a Error
        temp[0]: nil

{080B0540: cf 080B0529, sp 080B0550, bp 080B0540, ip 12, Error(Exception)>>signal}
        receiver: a Error

{080B0528: cf 080B050D, sp 080B0538, bp 080B0524, ip 7, Error(Exception)>>signal:}
        receiver: a Error
        arg[0]: 'SmallInteger should not implement #size'

{080B050C: cf 080B04F1, sp 080B051C, bp 080B0508, ip 5, Error class(Exception class)>>signal:}
        receiver: Error
        arg[0]: 'SmallInteger should not implement #size'

{080B04F0: cf 080B04D5, sp 080B0500, bp 080B04EC, ip 4, SmallInteger(Object)>>error:}
        receiver: 67469654
        arg[0]: 'SmallInteger should not implement #size'

{080B04D4: cf 080B04B9, sp 080B04E4, bp 080B04D0, ip 18, SmallInteger(Object)>>shouldNotImplement}
        receiver: 67469654
        temp[0]: SmallInteger>>size

{080B04B8: cf 080B04A1, sp 080B04C8, bp 080B04B8, ip 3, SmallInteger>>size}
        receiver: 67469654

{080B04A0: cf 080B0489, sp 080B04B0, bp 080B04A0, ip 4, SASdownloadManagerSession(SessionManager)>>argc}
        receiver: a SASdownloadManagerSession

{080B0488: cf 080B0471, sp 080B0498, bp 080B0488, ip 3, SASdownloadManagerSession(SessionManager)>>applicationName}
        receiver: a SASdownloadManagerSession

{080B0470: cf 080B045D, sp 080B0480, bp 07F6F748, ip 10, [] in MessageBox class>>defaultCaption:}
        receiver: MessageBox
        arg[0]: 16

{080B045C: cf 080B0439, sp 080B046C, bp 080B0450, ip 12, LookupTable>>at:ifAbsent:}
        receiver: a LookupTable
        arg[0]: 16
        arg[1]: [] @ 7 in MessageBox class>>defaultCaption:
        temp[0]: 2

{080B0438: cf 080B0425, sp 080B0448, bp 07F6F748, ip 12, MessageBox class>>defaultCaption:}
        receiver: MessageBox
        arg[0]: 16

{080B0424: cf 080B0409, sp 080B0434, bp 080B0424, ip 6, MessageBox>>defaultCaption}
        receiver: a MessageBox

{080B0408: cf 080B03F1, sp 080B041C, bp 07F707F0, ip 20, MessageBox>>basicOpen}
        receiver: a MessageBox
        temp[0]: a UserLibrary
        temp[1]: nil
        temp[2]: nil
        temp[3]: nil

{080B03F0: cf 080B03D9, sp 080B0404, bp 080B03F0, ip 4, MessageBox>>open}
        receiver: a MessageBox

{080B03D8: cf 080B03BD, sp 080B03E8, bp 080B03D4, ip 10, MessageBox>>errorMsg:}
        receiver: a MessageBox
        arg[0]: 'The following error occurred while stripping. \0D\\0A\The image MUST exit immediately, but see crash dump (if configured).\0D\\0A\\0D\\0A\SmallInteger does not understand #new:'

{080B03BC: cf 080B039D, sp 080B03CC, bp 080B03B4, ip 16, ImageStripper>>onError:}
        receiver: a ImageStripper
        arg[0]: a MessageNotUnderstood
        temp[0]: 'SmallInteger does not understand #new:'

{080B039C: cf 080B0389, sp 080B03AC, bp 0A0C8F28, ip 266, [] in ImageStripper>>stripAndSaveNotifying:}
        receiver: a ImageStripper
        arg[0]: a Array
        temp[0]: 'C:\Documents and Settings\Theo Pronk\My Documents\Smalltalk_Development\Projects\SASdownload.exe'
        temp[1]: a WeakIdentitySet
        temp[2]: 'C:\Documents and Settings\Theo Pronk\My Documents\Smalltalk_Development\Projects\SASdownload.exe'
        temp[3]: a MessageNotUnderstood
        temp[4]: a Notification

{080B0388: cf 080B036D, sp 080B0398, bp 07F6F358, ip 33, [] in MessageNotUnderstood(Exception)>>_evaluateHandler:in:}
        receiver: a MessageNotUnderstood
        arg[0]: [] @ 250 in ImageStripper>>stripAndSaveNotifying:
        arg[1]: a ExceptionHandlerSet
        temp[0]: nil
        temp[1]: a ExceptionHandlerSet
        temp[2]: nil
        temp[3]: nil
        temp[4]: a Process('Main' base 080B0000 [ACTIVE] in SessionManager>>logError: sp=00000000 ip=8 list=nil)
        temp[5]: nil

{080B036C: cf 080B0359, sp 080B0384, bp 07F6F208, ip 17, BlockClosure>>ifCurtailed:}
        receiver: [] @ 134381574 in nil
        arg[0]: [] @ 38 in Exception>>_evaluateHandler:in:
        temp[0]: nil
        temp[1]: nil
        temp[2]: nil

{080B0358: cf 080B0339, sp 080B0368, bp 080B0350, ip 4, BlockClosure>>ensure:}
        receiver: [] @ 15 in Exception>>_evaluateHandler:in:
        arg[0]: [] @ 38 in Exception>>_evaluateHandler:in:
        temp[0]: nil

{080B0338: cf 080B0325, sp 080B0348, bp 07F6F358, ip 47, MessageNotUnderstood(Exception)>>_evaluateHandler:in:}
        receiver: a MessageNotUnderstood
        arg[0]: [] @ 250 in ImageStripper>>stripAndSaveNotifying:
        arg[1]: a ExceptionHandlerSet
        temp[0]: nil
        temp[1]: a ExceptionHandlerSet
        temp[2]: nil
        temp[3]: nil
        temp[4]: a Process('Main' base 080B0000 [ACTIVE] in SessionManager>>logError: sp=00000000 ip=8 list=nil)
        temp[5]: nil

{080B0324: cf 080B0311, sp 080B0334, bp 07F6F2E8, ip 44, MessageNotUnderstood(Exception)>>_propagateFrom:}
        receiver: a MessageNotUnderstood
        arg[0]: a ExceptionHandlerSet
        temp[0]: a ExceptionHandlerSet
        temp[1]: a ExceptionHandlerSet
        temp[2]: nil
        temp[3]: a Process('Main' base 080B0000 [ACTIVE] in SessionManager>>logError: sp=00000000 ip=8 list=nil)
        temp[4]: [] @ 250 in ImageStripper>>stripAndSaveNotifying:

{080B0310: cf 080B02F5, sp 080B0320, bp 080B030C, ip 6, MessageNotUnderstood(Exception)>>_propagate}
        receiver: a MessageNotUnderstood
        temp[0]: nil

{080B02F4: cf 080B02DD, sp 080B0304, bp 080B02F4, ip 12, MessageNotUnderstood(Exception)>>signal}
        receiver: a MessageNotUnderstood

{080B02DC: cf 080B02BD, sp 080B02EC, bp 080B02D4, ip 13, MessageNotUnderstood class>>receiver:message:}
        receiver: MessageNotUnderstood
        arg[0]: 67469656
        arg[1]: Message selector: #new: arguments: a Array

{080B02BC: cf 080B02AD, sp 080B02CC, bp 080B02B8, ip 5, SmallInteger(Object)>>doesNotUnderstand:}
        receiver: 67469656
        arg[0]: Message selector: #new: arguments: a Array

{080B02AC: cf 080B0295, sp 080B02B0, bp 080B02AC, ip 7, SASdownloadManagerSession(???a Array)>>???0}
        receiver: a SASdownloadManagerSession
        arg[0]: 67469642
        arg[1]: 6
        arg[2]: 67469656
        arg[3]: Message selector: #new: arguments: a Array
        arg[4]: 67469654
        temp[0]: 8
        temp[1]: 67469670
        temp[2]: Object>>doesNotUnderstand:
        temp[3]: 67469660
        temp[4]: MessageNotUnderstood
        temp[5]: 67469656
        temp[6]: Message selector: #new: arguments: a Array
        temp[7]: 67469662
        temp[8]: 16
        temp[9]: 67469686
        temp[10]: MessageNotUnderstood class>>receiver:message:
        temp[11]: 67469674
        temp[12]: a MessageNotUnderstood
        temp[13]: 67469678
        temp[14]: 15
        temp[15]: 67469698
        temp[16]: Exception>>signal
        temp[17]: 67469690
        temp[18]: a MessageNotUnderstood
        temp[19]: nil
        temp[20]: 67469690
        temp[21]: 9
        temp[22]: 67469712
        temp[23]: Exception>>_propagate
        temp[24]: 67469702
        temp[25]: 67469704
        temp[26]: 47
        temp[27]: 67469722
        temp[28]: Exception>>_propagateFrom:
        temp[29]: a MethodContext for: Exception>>_propagateFrom: frame: 80b0325 receiver: a MessageNotUnderstood
        temp[1e]: 4058192
        temp[1f]: 32
        temp[20]: 40581a4
        temp[21]: Exception>>_evaluateHandler:in:
        temp[22]: a MethodContext for: Exception>>_evaluateHandler:in: frame: 80b0339 receiver: a MessageNotUnderstood
        temp[23]: [] @ f in Exception>>_evaluateHandler:in:
        temp[24]: [] @ 26 in Exception>>_evaluateHandler:in:
        temp[25]: nil
        temp[26]: 405819c
        temp[27]: 7
        temp[28]: 40581b4
        temp[29]: BlockClosure>>ensure:
        temp[2a]: 40581a8
        temp[2b]: 40581ac
        temp[2c]: 14
        temp[2d]: 40581c2
        temp[2e]: BlockClosure>>ifCurtailed:
        temp[2f]: a MethodContext for: BlockClosure>>ifCurtailed: frame: 80b036d receiver: [] @ 8028006 in nil
        temp[30]: [] @ f in Exception>>_evaluateHandler:in:
        temp[31]: [] @ 6 in BlockClosure>>ifCurtailed:
        temp[32]: 40581b6
        temp[33]: 24
        temp[34]: 40581cc

{080B0294: cf 080B0279, sp 080B02A4, bp 080B0290, ip e, SASdownloadManagerSession(ProtectedProductSessionManager)>>initializeFromSessionManager:}
        receiver: a SASdownloadManagerSession
        arg[0]: a DevelopmentSessionManager

{080B0278: cf 080B025D, sp 080B0288, bp 080B0274, ip 10, SASdownloadManagerSession class(SessionManager class)>>installNew}
        receiver: SASdownloadManagerSession
        temp[0]: a DevelopmentSessionManager

{080B025C: cf 080B0245, sp 080B026C, bp 080B025C, ip 4, ImageStripper>>installRuntimeSessionManager}
        receiver: a ImageStripper

{080B0244: cf 080B0231, sp 080B0254, bp 0A0C8F28, ip 42, [] in ImageStripper>>stripAndSaveNotifying:}
        receiver: a ImageStripper
        arg[0]: a Array
        temp[0]: 'C:\Documents and Settings\Theo Pronk\My Documents\Smalltalk_Development\Projects\SASdownload.exe'
        temp[1]: a WeakIdentitySet
        temp[2]: 'C:\Documents and Settings\Theo Pronk\My Documents\Smalltalk_Development\Projects\SASdownload.exe'
        temp[3]: a MessageNotUnderstood
        temp[4]: a Notification

{080B0230: cf 080B021D, sp 080B0240, bp 07F708D0, ip b, ExceptionHandlerSet(ExceptionHandlerAbstract)>>markAndTry}
        receiver: a ExceptionHandlerSet
        temp[0]: nil

{080B021C: cf 080B0201, sp 080B022C, bp 07716198, ip 15, [] in ExceptionHandlerSet(ExceptionHandlerAbstract)>>try:}
        receiver: a ExceptionHandlerSet
        arg[0]: [] @ 5 in ImageStripper>>stripAndSaveNotifying:
        temp[0]: a ExceptionHandler
        temp[1]: nil
        temp[2]: a Process('Main' base 080B0000 [ACTIVE] in SessionManager>>logError: sp=00000000 ip=8 list=nil)

{080B0200: cf 080B01ED, sp 080B0218, bp 07F70908, ip 11, BlockClosure>>ifCurtailed:}
        receiver: [] @ 8028006 in nil
        arg[0]: [] @ 22 in ExceptionHandlerAbstract>>try:
        temp[0]: nil
        temp[1]: nil
        temp[2]: nil

{080B01EC: cf 080B01CD, sp 080B01FC, bp 080B01E4, ip 4, BlockClosure>>ensure:}
        receiver: [] @ f in ExceptionHandlerAbstract>>try:
        arg[0]: [] @ 22 in ExceptionHandlerAbstract>>try:
        temp[0]: nil

{080B01CC: cf 080B01B9, sp 080B01DC, bp 07716198, ip 27, ExceptionHandlerSet(ExceptionHandlerAbstract)>>try:}
        receiver: a ExceptionHandlerSet
        arg[0]: [] @ 5 in ImageStripper>>stripAndSaveNotifying:
        temp[0]: a ExceptionHandler
        temp[1]: nil
        temp[2]: a Process('Main' base 080B0000 [ACTIVE] in SessionManager>>logError: sp=00000000 ip=8 list=nil)

{080B01B8: cf 080B019D, sp 080B01C8, bp 080B01B4, ip 4, BlockClosure>>onDo:}
        receiver: [] @ 5 in ImageStripper>>stripAndSaveNotifying:
        arg[0]: a ExceptionHandlerSet

{080B019C: cf 080B0175, sp 080B01AC, bp 080B018C, ip d, BlockClosure>>on:do:on:do:}
        receiver: [] @ 5 in ImageStripper>>stripAndSaveNotifying:
        arg[0]: Error
        arg[1]: [] @ fa in ImageStripper>>stripAndSaveNotifying:
        arg[2]: Notification
        arg[3]: [] @ 111 in ImageStripper>>stripAndSaveNotifying:

{080B0174: cf 080B0161, sp 080B0184, bp 0A0C8F28, ip 124, ImageStripper>>stripAndSaveNotifying:}
        receiver: a ImageStripper
        arg[0]: a Array
        temp[0]: 'C:\Documents and Settings\Theo Pronk\My Documents\Smalltalk_Development\Projects\SASdownload.exe'
        temp[1]: a WeakIdentitySet
        temp[2]: 'C:\Documents and Settings\Theo Pronk\My Documents\Smalltalk_Development\Projects\SASdownload.exe'
        temp[3]: a MessageNotUnderstood
        temp[4]: a Notification

{080B0160: cf 080B0149, sp 080B0170, bp 080B0160, ip b, ImageStripper>>stripAndSaveWithProgress}
        receiver: a ImageStripper

{080B0148: cf 080B0131, sp 080B0158, bp 080B0148, ip 6, MessageSend(MessageSendAbstract)>>value}
        receiver: a MessageSend

{080B0130: cf 080B0109, sp 080B0140, bp 080B0120, ip 2c, InputState>>loopWhile:}
        receiver: a InputState
        arg[0]: [] @ 6 in InputState>>mainLoop
        temp[0]: a MSG
        temp[1]: true
        temp[2]: a MessageSend

{080B0108: cf 080B00F5, sp 080B0118, bp 0B2F5390, ip c, InputState>>mainLoop}
        receiver: a InputState

{080B00F4: cf 080B00E1, sp 080B0104, bp 0B2F2F28, ip d, [] in InputState>>forkMain}
        receiver: a InputState

{080B00E0: cf 080B00CD, sp 080B00F0, bp 0B2F2AC8, ip b, ExceptionHandler(ExceptionHandlerAbstract)>>markAndTry}
        receiver: a ExceptionHandler
        temp[0]: nil

{080B00CC: cf 080B00B1, sp 080B00DC, bp 0B2F2FD0, ip 15, [] in ExceptionHandler(ExceptionHandlerAbstract)>>try:}
        receiver: a ExceptionHandler
        arg[0]: [] @ 8 in InputState>>forkMain
        temp[0]: nil
        temp[1]: nil
        temp[2]: a Process('Main' base 080B0000 [ACTIVE] in SessionManager>>logError: sp=00000000 ip=8 list=nil)

{080B00B0: cf 080B009D, sp 080B00C8, bp 0B2F2D68, ip 11, BlockClosure>>ifCurtailed:}
        receiver: [] @ 8028006 in nil
        arg[0]: [] @ 22 in ExceptionHandlerAbstract>>try:
        temp[0]: nil
        temp[1]: nil
        temp[2]: nil

{080B009C: cf 080B007D, sp 080B00AC, bp 080B0094, ip 4, BlockClosure>>ensure:}
        receiver: [] @ f in ExceptionHandlerAbstract>>try:
        arg[0]: [] @ 22 in ExceptionHandlerAbstract>>try:
        temp[0]: nil

{080B007C: cf 080B0069, sp 080B008C, bp 0B2F2FD0, ip 27, ExceptionHandler(ExceptionHandlerAbstract)>>try:}
        receiver: a ExceptionHandler
        arg[0]: [] @ 8 in InputState>>forkMain
        temp[0]: nil
        temp[1]: nil
        temp[2]: a Process('Main' base 080B0000 [ACTIVE] in SessionManager>>logError: sp=00000000 ip=8 list=nil)

{080B0068: cf 080B0049, sp 080B0078, bp 080B0060, ip 7, BlockClosure>>on:do:}
        receiver: [] @ 8 in InputState>>forkMain
        arg[0]: ProcessTermination
        arg[1]: [] @ c in BlockClosure>>newProcess

{080B0048: cf 00000001, sp 080B0058, bp 0B2F2D30, ip 11, [] in BlockClosure>>newProcess}
        receiver: [] @ 8 in InputState>>forkMain
        temp[0]: nil

<Bottom of stack>

***** End of dump *****

Theo Pronk wrote:
> PS Chris, I got the impression that this was meant to be reasonably
> secure based on the comments in the description:
The general message in regards to this implementation can be found here:
http://groups-beta.google.com/group/comp.lang.smalltalk.dolphin/browse_frm/thread/6cb63e17e9de07e0/951ee1af8e7851e1?q=ProtectedProductSessionManager&_done=%2Fgroups%3Fq%3DProtectedProductSessionManager%26&_doneTitle=Back+to+Search&&d#951ee1af8e7851e1

I'm not sure, whether this is fixed either:
http://groups-beta.google.com/group/comp.lang.smalltalk.dolphin/browse_frm/thread/d1d2ef94f83f8926/aae25104704583f4?q=ProtectedProductSessionManager&_done=%2Fgroups%3Fq%3DProtectedProductSessionManager%26&_doneTitle=Back+to+Search&&d#aae25104704583f4

CU,

Udo

Theo,

> Anyone willing and able to help? I've attached the dump for you.

That stack trace appears to be of a corrupted (or at least scrambled) stack, so
it's not at all clear what's going wrong :-(

The SmallInteger SNI #size is just a secondary error that's happening when
Dolphin tries to report the primary error, which -- unfortunately -- is just
the bit of the stack that's scrambled.  Still, it seems that everything worked
normally up until the call to
ProtectedProductSessionManager>>initializeFromSessionManager: and may have
failed in the resulting self-send of #serialNumberClass.  I wonder if you have
provided an override of that method (as you are expected to) ?

AFAIK, you are expected to provide overrides of 6 methods in your classes. In
your subclass of SessionManager, your must have instance-side overrides of:
    #encryptedPackageNames
    #productRegistrationKey
    #serialNumberClass
In your subclass of ProtectedProductSerialNumber, you must have instance-side
overrides of:
    #encodingKey
and class-side overrides of:
    #decodingKeyHash
    #decodingKey

(The last of those methods is only used during deployment and is automatically
removed from the image before it is saved as a .EXE -- in fact your system is
falling over just as it attempts to do that.)


> PS Chris, I got the impression that this was meant to be reasonably
> secure based on the comments in the description: [...]

It /should/ work well, but unfortunately there are several bugs that combine to
make it much easier to "hack" than it looks.

    -- chris

Theo,

It is not a good idea to use the ProtectedProduct stuff to secure your
own applications. There are some holes in the implementation that were
actually pointed out privately to us some time ago by Chris. You'd be
better off looking for an alternative protection solution for the time
being at least.

Best regards

Andy Bower
Dolphin Support
www.object-arts.com

So far I've not been able to get past the "small integer error" but will
  persover a little longer.

Even though there are some holes in the ProtectedProduct classes it
would help to some degree. Eg I've deployed a few small apps without any
protection, because I don't have the time (at the moment) to develop a
scheme of my own. When I discovered these classes I thought my problem
was solved.


Thanks Chris for your assistance. I also went through the dump a few
times and couldn't figure it out, I've some notes to your last reply.

Tnanks also to Udo and Andy for letting me know about the problems with
possible holes in the security (first to me by Chris I must say).


========================================
Chris Uppal wrote:

> Theo,
>
>>Anyone willing and able to help? I've attached the dump for you.
>
> That stack trace appears to be of a corrupted (or at least scrambled) stack, so
> it's not at all clear what's going wrong :-(

I also thought it was a corrupted image so reinstalled it and reloaded
all of the packages, but the same error appears.

Needles to say I did have all of the above methods overridden (the
second time round that is).

=======================================

Theo Pronk wrote:

> So far I've not been able to get past the "small integer error" but will
> persover a little longer.

I can't think of anything much else to suggest; can you deploy the 'protected
scribble' example ?

Come to that, you /are/ deploying from a completely clean image, aren't you ?

    -- chris

Hi Chris,
As suggested I tried deploying the protected scrible package and it
worked fine, which lead me to look at it's structure and now I've
discovered what the problem was.

I had all classes in the same package ie the application and the
protected classes as well. Now I've created a second package for the
protected component classes I don't have a problem any more.

Sorry for the wild goose chase...
Theo
=============================

Chris Uppal wrote:

Theo Pronk wrote:

> I had all classes in the same package ie the application and the
> protected classes as well. Now I've created a second package for the
> protected component classes I don't have a problem any more.

Ah, so the protection stuff was trying to encypt /itself/.  Now that's what I
call secure ;-)

Good to hear it's working now.

    -- chris