Scribd
Upload
63 views

Installation Guide

Uploaded by

bracechu23
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
63 views

Installation Guide

Uploaded by

bracechu23
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 122

Sentinel LDK 8.

4
INSTALLATION GUIDE
Revision History

Document Number 007-012163-001 Revision G, 2202-1


Disclaimer and Copyrights

All information herein is either public information or is the property of and owned solely by Thales DIS France S.A.
and/or its subsidiaries or affiliates who shall have and keep the sole right to file patent applications or any other kind of
intellectual property protection in connection with such information.
Nothing herein shall be construed as implying or granting to you any rights, by license, grant or otherwise, under any
intellectual and/or industrial property rights of or concerning any of Thales DIS France S.A. and any of its subsidiaries
and affiliates (collectively referred to herein after as “Thales”) information.
This document can be used for informational, non-commercial, internal and personal use only provided that:
• The copyright notice below, the confidentiality and proprietary legend and this full warning notice appear in all copies.
• This document shall not be posted on any network computer or broadcast in any media and no modification of any
part of this document shall be made.
Use for any other purpose is expressly prohibited and may result in severe civil and criminal liabilities.
The information contained in this document is provided "AS IS" without any warranty of any kind. Unless otherwise
expressly agreed in writing, Thales makes no warranty as to the value or accuracy of information contained herein.
The document could include technical inaccuracies or typographical errors. Changes are periodically added to the
information herein. Furthermore, Thales reserves the right to make any change or improvement in the specifications
data, information, and the like described herein, at any time.
Thales hereby disclaims all warranties and conditions with regard to the information contained herein,
including all implied warranties of merchantability, fitness for a particular purpose, title and non-
infringement. In no event shall Thales be liable, whether in contract, tort or otherwise, for any indirect,
special or consequential damages or any damages whatsoever including but not limited to damages
resulting from loss of use, data, profits, revenues, or customers, arising out of or in connection with the use
or performance of information contained in this document.
Thales does not and shall not warrant that this product will be resistant to all possible attacks and shall not
incur, and disclaims, any liability in this respect. Even if each product is compliant with current security
standards in force on the date of their design, security mechanisms' resistance necessarily evolves
according to the state of the art in security and notably under the emergence of new attacks. Under no
circumstances, shall Thales be held liable for any third party actions and in particular in case of any
successful attack against systems or equipment incorporating Thales products. Thales disclaims any
liability with respect to security for direct, indirect, incidental or consequential damages that result from any
use of its products. It is further stressed that independent testing and verification by the person using the
product is particularly encouraged, especially in any application in which defective, incorrect or insecure
functioning could result in damage to persons or property, denial of service or loss of privacy.

Copyright © 2022 Thales Group. All rights reserved. Thales, the Thales logo and Sentinel are trademarks and
service marks of Thales and/or its subsidiaries and affiliates and are registered in certain countries. All other
trademarks and service marks, whether registered or not in specific countries, are the properties of their
respective owners.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 2
CONTENTS

Preface 5
About This Guide 5
What's Included in Sentinel LDK 5
Installing Sentinel LDK 5
Configuring Sentinel LDK to Recognize Your Vendor Code 5
Installing Sentinel LDK Run-time Environment 5
Post-Installation Software Updates 6
Training 6

Chapter 1: Sentinel LDK Software Package 7


Entitlement Management Systems 7
Sentinel EMS 7
Sentinel LDK-EMS 8
Sentinel LDK Vendor Suite 8
Vendor Tools 8
Sentinel LDK APIs 9
Sentinel LDK Run-time Environment 10

Chapter 2: Installing Sentinel LDK 11


Installing Sentinel LDK with Sentinel EMS (Thales-Hosted) 11
Installing Sentinel LDK Vendor Suite with Sentinel LDK Launcher 12
Installing a Launcher for Sentinel EMS 13
Configuring Sentinel LDK to Work With Sentinel EMS 15
Installing Sentinel LDK with Sentinel LDK-EMS (Thales-Hosted) 16
Installing Sentinel LDK Vendor Suite with Sentinel LDK Launcher 16
Installing a Launcher for Sentinel LDK-EMS 18
Configuring Sentinel LDK to Work With Sentinel LDK-EMS 20
Upgrading Sentinel Vendor Suite From Earlier Versions 21
Installing Sentinel LDK with Sentinel LDK-EMS (On-Premises) 21
Installing Sentinel LDK-EMS on Your Machine 22
Installing Sentinel LDK Vendor Suite 33
Installing a Remote Launcher for Sentinel LDK-EMS 35
Configuring Sentinel LDK to Work With Sentinel LDK-EMS on Your Network 37
Upgrading From Earlier Versions 38
Sentinel LDK-EMS Network Configuration Options 42
Troubleshooting a Sentinel LDK-EMS Installation 47

Chapter 3: Introducing Your Sentinel Vendor Keys to Sentinel LDK 52


Master Wizard Functions 52
Methods of Introducing a Vendor Key 53

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 3
Remote Connection of Vendor Keys 54
Selecting the Version-Enforcement Option 54
Using the Master Wizard to Introduce a Sentinel Vendor Key 56

Chapter 4: Installing Sentinel LDK Run-time Environment 63


Installing Sentinel LDK Run-time Environment for Mac 63
Installing Sentinel LDK Run-time Environment 63
Installed Files 64
Modifying the Behavior of the Daemons 64
Installing Sentinel LDK Run-time Environment for Linux 66
Installing Sentinel LDK Run-time Environment 67
Installed Files 70
Uninstalling Sentinel LDK Run-time Environment 70
Upgrading HASP HL Key Firmware 71
Installing Sentinel LDK Run-time Environment for Windows 71
HASPUserSetup.exe Utility 72
haspdinst.exe Utility 73
Multiple Installations on a Single End User’s Computer 74

Chapter 5: Installing Software Updates 75

Chapter A: Modifying and Uninstalling Sentinel LDK 77


Modifying the Installed Sentinel LDK Components 77
Uninstalling Sentinel LDK Vendor Suite 77
Uninstalling Sentinel LDK-EMS (On-Premises) 78

SENTINEL LDK PRODUCT END USER LICENSE AGREEMENT 79

Exhibit A - Third-Party Software 85

Exhibit B - Third-Party Software for Sentinel LDK-EMS 120

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 4
Preface

This guide describes how to install all required components of Sentinel LDK.

About This Guide


The guide contains the sections and appendixes described below.

What's Included in Sentinel LDK


> "Sentinel LDK Software Package" on page 7

Describes the Sentinel LDK software package.

Installing Sentinel LDK


> "Installing Sentinel LDK with Sentinel EMS (Thales-Hosted)" on page 11

For companies who subscribe to Sentinel EMS (hosted by Thales), describes how to install and configure the
required Sentinel LDK components.

> "Installing Sentinel LDK with Sentinel LDK-EMS (Thales-Hosted)" on page 16

For companies who subscribe to Sentinel LDK-EMS (hosted by Thales), describes how to install and
configure the required Sentinel LDK components.

> "Installing Sentinel LDK with Sentinel LDK-EMS (On-Premises)" on page 21

For companies who work with Sentinel LDK-EMS installed on the company network, describes how to install
and configure the required Sentinel LDK components.

Configuring Sentinel LDK to Recognize Your Vendor Code


> "Introducing Your Sentinel Vendor Keys to Sentinel LDK" on page 52

Describes how to introduce your Sentinel Vendor keys to the Sentinel LDK system. This ensures that your
applications are protected and licensed with the unique codes that have been assigned to you.

Installing Sentinel LDK Run-time Environment


> "Installing Sentinel LDK Run-time Environment for Mac" on page 63

Describes how to install the Sentinel LDK Run-time Environment on a machine with a Mac operating system.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 5
Preface

> "Installing Sentinel LDK Run-time Environment for Linux" on page 66

Describes how to install the Sentinel LDK Run-time Environment on a machine with a Linux operating
system.

> "Installing Sentinel LDK Run-time Environment for Windows" on page 71

Describes additional options for installing Sentinel LDK Run-time Environment.

Post-Installation Software Updates


> "Installing Software Updates" on page 75

This section describes how the Sentinel LDK software manager checks for software updates to ensure that
you are always working with the latest version of Sentinel LDK.

> "Modifying and Uninstalling Sentinel LDK" on page 77

Describes how to completely uninstall Sentinel LDK.

Training
For additional information and training about Sentinel LDK implementation issues, contact our team of
international consultants who can provide you with tailored training sessions on the following:

> Integration of Sentinel LDK into your product

> Analysis of the best protection strategy for your applications

> Assistance in implementation of your protection and licensing models

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 6
CHAPTER 1: Sentinel LDK Software Package

The software described in this section is hosted on Thales servers or is provided on your Sentinel LDK
Installation Drive.

NOTE FOR MAC AND LINUX This document describes how to install Sentinel LDK on a
Windows platform. To set up Sentinel LDK Vendor Tools on a Mac or Linux platform, see:
> For Sentinel LDK with Sentinel EMS: Sentinel LDK Getting Started Guide for Mac or
Sentinel LDK Getting Started Guide for Linux
> For Sentinel LDK with Sentinel LDK-EMS (on-premises or Thales-hosted) or an alternate
entitlement management system: Sentinel LDK Getting Started Guide for Mac or Sentinel
LDK Getting Started Guide for Linux
> For Sentinel LDK with an alternate entitlement management system: Sentinel LDK Getting
Started Guide for Mac or Sentinel LDK Getting Started Guide for Linux

Entitlement Management Systems


Sentinel LDK uses one of the entitlement managements systems described in this section.

Sentinel EMS
Sentinel EMS is a back-office server application that enables you to define, produce and update Sentinel
protection keys and to define and process entitlements (customer orders).

Sentinel EMS is a new, enterprise-level version entitlement management system. This improved version of
Sentinel EMS provides an advanced user interface and REST API to manage resources. Sentinel EMS supports
multiple methods of enforcement, including custom and third-party enforcement types. Sentinel EMS REST API
enables you to integrate the entitlement and production functionality of Sentinel EMS in your own back-office
management software. For details, see
https://docs.sentinel.thalesgroup.com/softwareandservices/ems/default.htm.

You subscribe to Sentinel EMS as a service from Thales. Thales installs a dedicated instance of Sentinel EMS
for your organization and sets up the Sentinel EMS database on its own servers.

The instance of Sentinel EMS can be accessed throughout your organization using web browsers. The Sentinel
EMS database contains all the licensing and entitlement information for your customers.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 7
Chapter 1: Sentinel LDK Software Package

Sentinel LDK-EMS
Sentinel LDK-EMS is a back-office server application that enables you to define, produce and update Sentinel
protection keys and to define and process entitlements (customer orders).

Sentinel LDK-EMS supports the Sentinel LDK method of enforcement. The Sentinel LDK-EMS database
contains all the licensing and entitlement information for you customers. Sentinel LDK-EMS Web Services
enable you to integrate the entitlement and production functionality of Sentinel LDK-EMS in your own back-office
management software. For details, see https://docs.sentinel.thalesgroup.com/ldk/ldk-ems.htm.

Sentinel LDK-EMS is set up in one of the following manners:

> Sentinel LDK-EMS (Thales-hosted): You can subscribe to Sentinel LDK-EMS as a service from Thales. In
this case, Thales installs Sentinel LDK-EMS and sets up the Sentinel LDK-EMS database on its own servers.

> Sentinel EMS (on-premises): You can install Sentinel LDK-EMS locally and set up the Sentinel LDK-
EMS database on your own server.

In either case, the instance of Sentinel LDK-EMS can be accessed throughout your organization using web
browsers. The Sentinel LDK-EMS Customer Portal can be accessed from customer sites to activate software
licenses by entering Product Keys or to update licenses automatically.

NOTE For the Demo version of Sentinel LDK, you must install Sentinel LDK-EMS on your own
server.

Sentinel LDK Vendor Suite


The Sentinel LDK installer described in this document enables you to install Sentinel LDK Vendor Suite for use
by software developers. Sentinel LDK Vendor Suite consists of the elements described below.

Vendor Tools
Vendor Tools are used to implement protection and licensing for your applications. The most-used Sentinel LDK
Vendor Tools are:

> Sentinel LDK Envelope

Applies security to your software within a protective shield. Available for Windows, Mac, and Linux platforms.

> Sentinel LDK ToolBox

Enables you to familiarize yourself with the Sentinel Licensing API and to generate code to include in your
software’s source code. Available for Windows platforms.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 8
Chapter 1: Sentinel LDK Software Package

Sentinel LDK APIs


The primary APIs are the following:

> Sentinel Licensing API

Enables you to protect your application by inserting calls to a Sentinel protection key throughout your source
code.

On the machine where Sentinel LDK Vendor Tools are installed, a Sample folder contains samples for
various compilers and programming languages. Each sample includes:

• Libraries that must be linked to your application

• A sample application that demonstrates the use of the API

Sample folders are also provided in the Sentinel LDK directory structures for Linux and macOS.

These samples enable you to integrate protection into your own software using a variety of programming
languages.

> Sentinel Admin API

Sentinel Admin API provides the functionality available in Admin Control Center and Admin License Manager
in the form of callable API functions. You can call functions to retrieve information from local or remote
License Managers and to perform actions in these License Managers.

> Sentinel License Generation API

For sites that already have a licensing infrastructure in place or that prefer to implement an alternative to
Sentinel EMS or Sentinel LDK-EMS, Sentinel LDK offers a standalone licensing solution.

You can use Sentinel License Generation API together with your existing licensing server software and ERP
and CRM back-office systems for maximum flexibility and control over your business processes.

Sentinel License Generation API provides the functionality required to generate and maintain Sentinel
protection keys, but without any of the back-office services that are provided by Sentinel EMS or Sentinel
LDK-EMS. All the required services are provided by the system that you choose to implement. You would use
Sentinel LDK only to handle the protection and Feature-control functions for your applications.

**WARNING**
Sentinel License Generation API cannot be used in parallel with Sentinel EMS or
Sentinel LDK-EMS to update licenses for a given customer.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 9
Chapter 1: Sentinel LDK Software Package

For links to these API references:

> If your company subscribes to Sentinel EMS (hosted by Thales), see


https://docs.sentinel.thalesgroup.com/softwareandservices/ldk/default.htm. (Excludes the Sentinel License
Generation API, which is not applicable for this subscription.)

> If your company works with Sentinel LDK-EMS (hosted by Thales or installed on the company network), see
https://docs.sentinel.thalesgroup.com/ldk/apis.htm.

Sentinel LDK Run-time Environment


Sentinel LDK Run-time Environment is the main link between a Sentinel protection key and a protected
application or data file following its deployment at a customer’s site. Depending on the type of protection key
used, end users may need to have Sentinel LDK Run-time Environment installed in order to run the protected
application or to access a protected data file.

You can integrate the Sentinel LDK Run-time Environment installer into the installation of your protected
application.

Sentinel LDK Run-time Environment is also required by Sentinel LDK Vendor Tools and by Sentinel EMS and
Sentinel LDK-EMS to update protection keys. The Sentinel LDK Installer installs the Run-time Environment on
your machines when you install any of the Sentinel LDK components.

Sentinel Admin Control Center is included in the Run-time Environment. Sentinel Admin Control Center is a
customizable, Web-based, vendor and end-user utility that enables centralized administration of
Sentinel License Managers and Sentinel protection keys.

Use Sentinel Admin Control Center to monitor licenses and sessions when a protected application or data file is
operating, to manage cloud licensing, and to manage detachable licenses.

For links to the Sentinel LDK Run-time Environment readme files:

> If your company subscribes to Sentinel EMS (hosted by Thales), see


https://docs.sentinel.thalesgroup.com/softwareandservices/ldk/default.htm.

> If your company works with Sentinel LDK-EMS (hosted by Thales or installed on the company network), see
https://docs.sentinel.thalesgroup.com/ldk/rte.htm.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 10
CHAPTER 2: Installing Sentinel LDK

This section describes how to install Sentinel LDK with one of the following "Entitlement Management
Systems" on page 7.

> "Installing Sentinel LDK with Sentinel EMS (Thales-Hosted)" below

For companies who subscribe to Sentinel EMS (hosted by Thales), describes how to install and configure the
required Sentinel LDK components.

> "Installing Sentinel LDK with Sentinel LDK-EMS (Thales-Hosted)" on page 16

For companies who subscribe to Sentinel LDK-EMS (hosted by Thales), describes how to install and
configure the required Sentinel LDK components.

> "Installing Sentinel LDK with Sentinel LDK-EMS (On-Premises)" on page 21

For companies who work with Sentinel LDK-EMS installed on the company network, describes how to install
and configure the required Sentinel LDK components.

Installing Sentinel LDK with Sentinel EMS (Thales-Hosted)


This section is intended for vendors who want to work with Sentinel LDK and have subscribed to Sentinel EMS
hosted on Thales servers.

This section describes how to install Sentinel LDK on a Windows machine, including a launcher for Sentinel
EMS.

For a description of the various components that comprise Sentinel LDK, see "Sentinel LDK Software
Package" on page 7.

The following procedures are described:

> "Installing Sentinel LDK Vendor Suite with Sentinel LDK Launcher" on the next page

This procedure describes how to install Sentinel LDK Vendor Suite with the Sentinel LDK launcher for starting
Sentinel EMS.

> "Installing a Launcher for Sentinel EMS" on page 13

This procedure describes how to install the Sentinel LDK launcher for starting Sentinel EMS.

> "Configuring Sentinel LDK to Work With Sentinel EMS" on page 15

This procedure describes how to set the Sentinel EMS URL for integration with Sentinel LDK.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 11
Chapter 2: Installing Sentinel LDK

Installing Sentinel LDK Vendor Suite with Sentinel LDK Launcher


Follow the instructions below to install Sentinel LDK Vendor Suite with a Sentinel LDK launcher for starting
Sentinel EMS.

(Otherwise, if you want to install only a Sentinel LDK launcher for starting Sentinel EMS, go to "Installing a
Launcher for Sentinel EMS" on the next page.)

To install Sentinel LDK Vendor Suite with a Sentinel LDK launcher:

1. Ensure that you do not have any Sentinel Vendor keys or Sentinel HL keys connected to your machine.

2. Connect the Sentinel LDK Installation Drive to your machine.

3. Depending on how your computer is set up, a dialog box may be displayed. If it does, select Open folder to
view files.

4. Browse to the Windows folder on the Sentinel LDK Installation Drive. Double-click setup.exe.

5. Click Start the Sentinel LDK Setup. The Sentinel LDK Installation Wizard welcome window is displayed.

6. Click Next. You are asked to accept the license agreement.

7. Accept the agreement and click Next. The Installation Options screen is displayed:

8. Ensure that the following options are selected:

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 12
Chapter 2: Installing Sentinel LDK

• Vendor Suite

• Entitlement Management System

– Sentinel EMS – hosted by Thales

Click Next.

9. Follow the instructions to install Sentinel Vendor Suite.

After the Installation Wizard has completed, Sentinel LDK Software Manager checks automatically to
determine if a later version of any of the Sentinel LDK software is available. If a later version is found, a
message similar to the following is displayed:

10.You can click Install to install the update. For more information regarding this message, see "Installing
Software Updates" on page 75.

11.When the installation process is completed: Configure the Sentinel LDK launcher to start Sentinel EMS as
described in "Configuring Sentinel LDK to Work With Sentinel EMS" on page 15.

Installing a Launcher for Sentinel EMS


If you are not installing Sentinel Vendor Suite on the machine, use the procedure below to install a Sentinel LDK
launcher for starting Sentinel EMS.

(Otherwise, if you want to install both Sentinel LDK Vendor Suite and a Sentinel LDK launcher for starting
Sentinel EMS, go to "Installing Sentinel LDK Vendor Suite with Sentinel LDK Launcher" on the previous page.)

To install a launcher for Sentinel EMS:

1. Ensure that you do not have any Sentinel Vendor keys or Sentinel HL keys connected to your machine.

2. Connect the Sentinel LDK Installation Drive to your machine.

3. Depending on how your computer is set up, a dialog box may be displayed. If it does, select Open folder to
view files.

4. Browse to the Windows folder on the Sentinel LDK Installation Drive. Double-click setup.exe.

5. Click Start the Sentinel LDK Setup. The Sentinel LDK Installation Wizard welcome window is displayed.

6. Click Next. You are asked to accept the license agreement.

7. Accept the agreement and click Next. The Installation Options screen is displayed:

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 13
Chapter 2: Installing Sentinel LDK

8. Ensure that only the following options are selected:

• Entitlement Management System

– Sentinel EMS – hosted by Thales

Click Next.

9. Follow the instructions to install the Sentinel LDK launcher.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 14
Chapter 2: Installing Sentinel LDK

10.When the installation process has completed: Configure the Sentinel LDK launcher to start Sentinel EMS as
described in "Configuring Sentinel LDK to Work With Sentinel EMS" below.

Configuring Sentinel LDK to Work With Sentinel EMS


Follow the instructions below to configure Sentinel LDK to work with Sentinel EMS on a Windows machine.

To configure Sentinel LDK to work with Sentinel EMS:

1. From the Start menu, select Thales > Sentinel LDK. The Sentinel LDK Launcher is displayed.

2. Set the Sentinel EMS URL.

a. In the navigation pane, next to Sentinel EMS, click the edit button . The Set Up Access to Sentinel EMS
screen is displayed.

b. Enter the URL for Sentinel EMS and click Save.

3. Set the Sentinel EMS URL for Sentinel Admin Control Center.

a. From the navigation pane, click Additional Tools > Admin Control Center. Sentinel Admin Control
Center opens.

b. In the Options pane, click Configuration. The Configuration page is displayed.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 15
Chapter 2: Installing Sentinel LDK

c. From the top of the page, click the Network tab. The Network page is displayed.

d. In the EMS URL field, add the URL for Sentinel EMS. (Do not overwrite any existing URLs in the field.)

e. Click Submit.

Installing Sentinel LDK with Sentinel LDK-EMS (Thales-Hosted)


This section is intended for vendors who want to work with Sentinel LDK and have subscribed to Sentinel LDK-
EMS hosted on Thales servers.

The section describes how to install Sentinel LDK on a Windows machine, including a launcher for Sentinel LDK-
EMS.

For a description of the various components that comprise Sentinel LDK, see "Sentinel LDK Software
Package" on page 7.

The following procedures are described:

> "Installing Sentinel LDK Vendor Suite with Sentinel LDK Launcher" below

This procedure describes how to install Sentinel LDK Vendor Suite with the Sentinel LDK launcher for starting
Sentinel LDK-EMS.

> "Installing a Launcher for Sentinel LDK-EMS" on page 18

This procedure describes how to install the Sentinel LDK launcher for starting Sentinel LDK-EMS.

> "Configuring Sentinel LDK to Work With Sentinel LDK-EMS" on page 20

This procedure describes how to set the Sentinel LDK-EMS URL for integration with Sentinel LDK.

> "Upgrading Sentinel Vendor Suite From Earlier Versions" on page 21

This section describes how to upgrade to the latest version of Sentinel LDK from earlier versions of
Sentinel LDK.

Installing Sentinel LDK Vendor Suite with Sentinel LDK Launcher


Follow the instructions below to install Sentinel LDK Vendor Suite with a Sentinel LDK launcher for starting
Sentinel LDK-EMS.

(Otherwise, if you want to install only a Sentinel LDK launcher for starting Sentinel LDK-EMS, go to "Installing a
Launcher for Sentinel EMS" on page 13.)

To install Sentinel LDK Vendor Suite with a Sentinel LDK launcher:

1. Ensure that you do not have any Sentinel Vendor keys or Sentinel HL keys connected to your machine.

2. Connect the Sentinel LDK Installation Drive to your machine.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 16
Chapter 2: Installing Sentinel LDK

3. Depending on how your computer is set up, a dialog box may be displayed. If it does, select Open folder to
view files.

4. Browse to the Windows folder on the Sentinel LDK Installation Drive. Double-click setup.exe.

5. Click Start the Sentinel LDK Setup. The Sentinel LDK Installation Wizard welcome window is displayed.

6. Click Next. You are asked to accept the license agreement.

7. Accept the agreement and click Next. The Installation Options screen is displayed:

8. Ensure that the following options are selected:

• Vendor Suite

• Entitlement Management System

– Sentinel LDK-EMS – hosted by Thales or on your network

Click Next.

9. Follow the instructions to install Sentinel Vendor Suite.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 17
Chapter 2: Installing Sentinel LDK

After the Installation Wizard has completed, Sentinel LDK Software Manager checks automatically to
determine if a later version of any of the Sentinel LDK software is available. If a later version is found, a
message similar to the following is displayed:

10.You can click Install to install the update. For more information regarding this message, see "Installing
Software Updates" on page 75.

11.When the installation process is completed: Configure the Sentinel LDK launcher to start Sentinel LDK-EMS
as described in "Configuring Sentinel LDK to Work With Sentinel LDK-EMS" on page 20.

Installing a Launcher for Sentinel LDK-EMS


If you are not installing Sentinel Vendor Suite on the machine, use the procedure below to install a Sentinel LDK
launcher for starting Sentinel LDK-EMS.

(Otherwise, if you want to install both Sentinel LDK Vendor Suite and a Sentinel LDK launcher for starting
Sentinel LDK-EMS, go to "Installing Sentinel LDK Vendor Suite with Sentinel LDK Launcher" on page 16.)

To install a launcher for Sentinel LDK-EMS:

1. Ensure that you do not have any Sentinel Vendor keys or Sentinel HL keys connected to your machine.

2. Connect the Sentinel LDK Installation Drive to your machine.

3. Depending on how your computer is set up, a dialog box may be displayed. If it does, select Open folder to
view files.

4. Browse to the Windows folder on the Sentinel LDK Installation Drive. Double-click setup.exe.

5. Click Start the Sentinel LDK Setup. The Sentinel LDK Installation Wizard welcome window is displayed.

6. Click Next. You are asked to accept the license agreement.

7. Accept the agreement and click Next. The Installation Options screen is displayed:

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 18
Chapter 2: Installing Sentinel LDK

8. Ensure that only the following options are selected:

• Entitlement Management System

– Sentinel LDK-EMS – hosted by Thales or on your network

Click Next.

9. Follow the instructions to install the Sentinel LDK launcher.

10.When the installation process is complete: Configure the Sentinel LDK launcher to start Sentinel LDK-EMS
as described in "Configuring Sentinel LDK to Work With Sentinel LDK-EMS" on the next page.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 19
Chapter 2: Installing Sentinel LDK

Configuring Sentinel LDK to Work With Sentinel LDK-EMS


Follow the instructions below to configure Sentinel LDK to work with Sentinel LDK-EMS on a Windows machine.

To configure Sentinel LDK to work with Sentinel LDK-EMS:

1. From the Start menu, select Thales > Sentinel LDK. The Sentinel LDK Launcher is displayed.

2. Set the Sentinel LDK-EMS URL.

a. In the navigation pane, next to Sentinel LDK-EMS, click the edit button . The Set Up Access to Sentinel
LDK-EMS screen is displayed.

b. Enter the URL for Sentinel LDK-EMS and click Save.

3. Set the Sentinel LDK-EMS URL for Sentinel Admin Control Center.

a. From the navigation pane, click Additional Tools > Admin Control Center. Sentinel Admin Control
Center opens.

b. In the Options pane, click Configuration. The Configuration page is displayed.

c. From the top of the page, click the Network tab. The Network page is displayed.

d. In the EMS URL field, add the URL for Sentinel LDK-EMS. (Do not overwrite any existing URLs in the
field.)

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 20
Chapter 2: Installing Sentinel LDK

e. Click Submit.

Upgrading Sentinel Vendor Suite From Earlier Versions


This section describes how to upgrade to Sentinel Vendor Suite 8.4 from an earlier version of Sentinel LDK,
Sentinel HASP, or HASP SRM.

To upgrade Sentinel Vendor Suite:

1. On each machine where you installed Vendor Suite, rerun the installation process described in "Installing
Sentinel LDK Vendor Suite" on page 33.

2. After completing the installation procedure on each machine, re-introduce your Developer key.

Installing Sentinel LDK with Sentinel LDK-EMS (On-Premises)


This section is intended for vendors who want to install all components of Sentinel LDK on their local network.

These components can be installed on the same machine (for example, to experiment with the Demo Tutorial).
However, in production environments, these components are typically installed on separate machines. (The
Vendor Suite is often installed on multiple developers’ machines.)

For a description of the various components that comprise Sentinel LDK, see "Sentinel LDK Software
Package" on page 7.

For information on supported platforms for Sentinel LDK, see the Sentinel LDK Release Notes.

The following procedures are described:

> "Installing Sentinel LDK-EMS on Your Machine" on the next page

This procedure describes how to install Sentinel LDK-EMS by itself or together with Sentinel LDK Vendor
Suite on a single machine.

> "Installing Sentinel LDK Vendor Suite" on page 33

This procedure describes how to install Sentinel LDK Vendor Suite with the Sentinel LDK launcher for starting
Sentinel LDK-EMS.

> "Installing a Remote Launcher for Sentinel LDK-EMS" on page 35

This procedure describes how to install a remote Sentinel LDK launcher for starting Sentinel LDK-EMS.

> "Configuring Sentinel LDK to Work With Sentinel LDK-EMS on Your Network" on page 37

This procedure describes how to set the Sentinel LDK-EMS URL for integration with Sentinel LDK.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 21
Chapter 2: Installing Sentinel LDK

> "Upgrading From Earlier Versions" on page 38

This section describes how to upgrade to the latest version of Sentinel LDK from earlier versions of
Sentinel LDK.

> "Sentinel LDK-EMS Network Configuration Options" on page 42

For Sentinel LDK-EMS (on-premises), describes advanced network options, including how to install the
Sentinel LDK-EMS Service components on separate servers.

> "Troubleshooting a Sentinel LDK-EMS Installation" on page 47

Discusses the solutions to some of the frequently asked questions relating to the installation of the Sentinel
LDK-EMS Service in a network environment.

Installing Sentinel LDK-EMS on Your Machine


When installed on your machine, Sentinel LDK-EMS is installed under Windows as a service (referred to as the
Sentinel LDK-EMS Service). An installation of Sentinel LDK-EMS provides the database server and all the
required web services for your organization. Any authorized user in the organization can access the Sentinel
LDK-EMS web interface or can use an application that employs Sentinel LDK-EMS Web Services.

To upgrade from an earlier version of Sentinel LDK-EMS, see "Upgrading From Earlier Versions" on page 38.

NOTE Sentinel LDK-EMS can be installed on multiple computers, either to divide the workload
among different machine or to ensure high availability, or both. Similarly, Sentinel LDK-EMS
can be installed separately from the Sentinel LDK-EMS database.
For more information, see "Sentinel LDK-EMS Network Configuration Options" on page 42.
If you experience any problems during or after Sentinel LDK-EMS installation, see
"Troubleshooting a Sentinel LDK-EMS Installation" on page 47.

This section lists the prerequisites for installation and provides additional information to that provided in the
Installation wizard.

In this section:

> "Installing and Configuring SQL Server Manually (Optional)" on the next page

> "Infrastructure and Prerequisites" on page 24

> "Securing Your Sentinel LDK-EMS Installation" on page 27

> "Types of Installation Setup" on page 27

> "Installing Sentinel LDK-EMS" on page 27

> "Configuring Sentinel LDK-EMS to Work With JRE" on page 32

> "Accessing Sentinel LDK-EMS" on page 32

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 22
Chapter 2: Installing Sentinel LDK

> "Configuring Sentinel LDK-EMS" on page 33

Installing and Configuring SQL Server Manually (Optional)


You can optionally install and configure SQL Server as a standalone operation without using the Sentinel LDK
installation wizard. This is typically required:

> When you install the Sentinel LDK-EMS database on a different machine from Sentinel LDK-EMS Service.

> When you want to use a version of Microsoft SQL Server other than the default version. (By default, the
Sentinel LDK installation wizard installs SQL Server 2019 Express.)

Download and install Microsoft SQL Server from: https://www.microsoft.com/en-


in/download/details.aspx?id=42299

In this section:
> "Installing SQL Server" below

> "Configuring SQL Server" on the next page

Installing SQL Server

When using the Express setup type to install Sentinel LDK-EMS, you have the option to first install SQL Server
manually on the machine where you will install Sentinel LDK-EMS.

When using the Advanced setup type, an SQL Server must already exist and must be active, either on the local
machine or on a different machine.

If you install SQL Server manually, you can install any of the supported versions of SQL Server.

To install SQL server, use one of the following methods:

> Install the SQL Server instance using a command prompt (silent installation). For example: For SQL Server
Express 2019, use:

SQLEXPR_x64_ENU.exe /q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQL


/INSTANCENAME=EMSDATABASE /SAPWD=DBA!sa@EMSDB123 /SQLSVCSTARTUPTYPE=Automatic
/SECURITYMODE=SQL /SQLSVCACCOUNT="NT AUTHORITY\Network Service" /TCPENABLED=1

For other versions of SQL Server, the syntax of the installation command may be different.

Installation software for SQL Server Express 2019 can be found on the Sentinel LDK Installation Drive, under:
\Windows\3rdparty\MSSQLExpress2019\

> Install the SQL Server instance using a normal installation, and specify the following:

a. (For the Express setup type) Specify the instance Name as: EMSDATABASE

b. Select the mix mode installation. (Windows authentication and SQL Authentication)

The password for the sa user is as follows:

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 23
Chapter 2: Installing Sentinel LDK

> For the Express setup type: The password for the sa user must be: DBA!sa@EMSDB123

> For the Advanced setup type: The password for the sa user should not contain any characters from a non-
English language. (Numbers and special characters such as !,@ and # are allowed.)

Configuring SQL Server

When you choose to install SQL Server manually for either the Express or Advanced setup type of Sentinel
LDK-EMS installation, you must use the specifications described in this section.

Enable TCP/IP

1. Open SQL Server Configuration Manager (Start > Programs > Microsoft SQL Server 2019 > SQL Server
Configuration manager)

2. In the left pane, expand the node SQL Server 2019 Network Configuration.

3. Select Protocols for EMSDATABASE. The protocol names and their status appear in the right pane. (For the
Advanced setup type, you can use any instance name.)

4. In the right pane, double-click TCP/IP. The TCP/IP Properties dialog box is displayed.

5. Under the Protocol tab, select Yes from the list against the Enabled context menu.

6. Restart the SQL Server (EMDATABASE) service.

Configure the TCP/IP Port

1. Right-click TCP/IP. In the context menu, select Properties. The TCP/IP Properties dialog is displayed.

2. Select the IP Addresses tab.

3. Expand the IPAll node and do the following:

a. Set the TCP Port field to blank. The SQL Server Express will not automatically choose another port when
it restarts.

b. Set the desired port number in the TCP Dynamic Port field (for example, 1433).

c. Click OK.

4. Restart the SQL Server (EMDATABASE) service.

Infrastructure and Prerequisites


This section describes:

> "Infrastructure" on the next page

> "Prerequisites" on the next page

> "Hardware" on the next page

> "Software" on page 26

> "SSL Certificate" on page 26

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 24
Chapter 2: Installing Sentinel LDK

Infrastructure

Sentinel LDK-EMS uses the following infrastructure software:

> OpenJDK (installed by default by Sentinel LDK)

OR

Java Runtime Environment (JRE 8 Update 191)

> Microsoft .NET Framework 3.5 and 4.0

NOTE Microsoft SQL Server 2019 Express Edition requires both Framework 3.5 and
Framework 4.0.
If Framework 3.5 is not enabled on your machine:
> The Installer attempts to install Framework 3.5. This requires internet connectivity.
> An alternative method to enable Framework 3.5 on your machine is to follow the instructions
provided on the Web pages that follow.
For Windows 10, 11:
https://docs.microsoft.com/en-us/dotnet/framework/install/dotnet-35-windows
For Windows Servers:
https://docs.microsoft.com/en-us/windows-server/administration/server-manager/install-or-
uninstall-roles-role-services-or-features#BKMK_arfw

> MS SQL Server 2019 Express Edition

> Tomcat 9.0.56

These will be installed by the Sentinel LDK installation procedure.

(If you choose to install MS SQL independently, you can use any of the supported versions of MS SQL.)

Prerequisites

Installation of Sentinel LDK-EMS requires the following:

Hardware

> Minimum CPU: Intel CoreTM i5 (latest generation or higher iX generation ) Dual Core

Recommended CPU: Intel CoreTM i5 (latest generation or higher iX generation ) Quad Core

> Minimum recommended RAM for Sentinel LDK-EMS production server: 16 GB

Minimum recommended RAM for development, SDK evaluation: 8 GB

> Minimum disk space: 25 GB

Thales highly recommends that you install your production Sentinel LDK-EMS server on a dedicated machine.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 25
Chapter 2: Installing Sentinel LDK

The URL on which Sentinel LDK-EMS will be hosted should contain only characters that satisfy the RFC 952
standard (that is: A-Z, 0-9, minus sign and period).

NOTE Sentinel LDK-EMS Service must be installed on a machine whose computer name does
not exceed 15 characters.

Software

For the list of supported operating systems, refer to the Sentinel LDK Release Notes.

SSL Certificate

Sentinel LDK-EMS can be configured to use either the HTTP or HTTPS protocol for communication between the
Sentinel LDK-EMS web server and the web browsers used to access Sentinel LDK-EMS.

The HTTPS protocol encrypts the communication between the server and web browsers. However:

> When Sentinel LDK-EMS is configured to use HTTPS, you must use a 32-bit version of Internet Explorer
(version 10 or version 11) for any action that accesses a protection key (such as burn, recycle, check in key,
check in c2v, or online activation).

With HTTPS, functions such as Check in Key, Check in C2V, and Recycle Keys continue to be accessed with
the help of Java-based applets. Each time you access one of these functions, an applet window opens to
provide the required functionality.

> The communication with HTTPS is somewhat slower than with HTTP.

> To work with HTTPS, you may want to purchase an SSL (Secure Sockets Layer) certificate from a certificate
authority. An SSL certificate is a digital certificate that authenticates the identity of a web site to visiting web
browsers and encrypts information for the server using SSL technology. (The Sentinel LDK-EMS installation
process automatically generates an SSL certificate. However, each user’s web browser will generate a
security exception with this certificate each time the user logs in.)

To install an SSL certificate that you obtained from a certificate authority, see the Sentinel LDK–EMS
Configuration Guide (described in "Configuring Sentinel LDK-EMS" on page 33).

By default, Sentinel LDK-EMS is configured during installation to use HTTP. You can change this setting during
installation or afterwards to use HTTPS. To change this setting after Sentinel LDK-EMS has been installed, see
"Configuring Sentinel LDK-EMS" on page 33.

For more information on HTTPS and SSL certificates, you can access the web sites listed below. (These links
were valid when this guide was released.)

> http://info.ssl.com/article.aspx?id=10694

> https://www.thawte.com/resources/ssl-information-center/get-started-with-ssl/index.html

> http://www.verisign.com/ssl/buy-ssl-certificates/index.html

> http://en.wikipedia.org/wiki/Certificate_authority

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 26
Chapter 2: Installing Sentinel LDK

Securing Your Sentinel LDK-EMS Installation


Among the actions taken to secure your installation of Sentinel LDK-EMS, Thales recommends that you include
the following:

> Use a strong password for logging in to Sentinel LDK-EMS, and change the password periodically.

> Deploy a WAF (web application firewall) in front of Sentinel LDK-EMS.

> The Microsoft SQL Server connection to the Sentinel LDK-EMS database should be enabled with HTTPS.

> Use the latest version of TLS to secure communication with Sentinel LDK-EMS.

Types of Installation Setup


The Sentinel LDK-EMS installation wizard offers two types of installation setup:

Express

This setup type searches for the Sentinel LDK-EMS database and SQL Server on the local machine. If they are
present, the installation wizard connects automatically to the database. If they are not present, the installation
wizard installs the Sentinel LDK-EMS database and SQL Server automatically on the local machine.

No configuration screens are displayed during the installation process. If SQL Server is installed by the wizard,
the SQL Server instance has the following user name and password:

> User Name: sa

> Password: DBA!sa@EMSDB123

Advanced

For this setup type, an SQL Server must already exist and must be active, either on the local machine or on a
different machine. The installation wizard can either create a new Sentinel LDK-EMS database schema in SQL
Server, or it can connect to an existing Sentinel LDK-EMS database.

With this setup type, you can also choose where to install Sentinel LDK-EMS and whether to use SSL security for
Sentinel LDK-EMS web access.

NOTE To create the Sentinel LDK-EMS database yourself, see "Installing and Configuring SQL
Server Manually (Optional)" on page 23.

Installing Sentinel LDK-EMS


You use the Sentinel LDK installation wizard from the Sentinel LDK Installation Drive to install Sentinel LDK-
EMS. The installation wizard enables you to create a default installation with a basic configuration.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 27
Chapter 2: Installing Sentinel LDK

To run the Sentinel LDK Installation Wizard:

1. Log in to an account that has full administrator rights on the machine.

2. Close all open applications (including web browsers) on the machine where you will install Sentinel LDK-
EMS.

NOTE Before starting the Sentinel LDK Installation Wizard, ensure that no Windows update
installation or any other msi installation is in progress.

3. Connect the Sentinel LDK Installation Drive to your machine.

4. Depending on how your computer is set up, a dialog box may be displayed. If it does, select Open folder to
view files.

5. Browse to the Windows folder on the Sentinel LDK Installation Drive. Double-click setup.exe.

6. Click Start the Sentinel LDK Setup. The Sentinel LDK Installation Wizard welcome window is displayed.

7. Click Next. You are asked to accept the license agreement. Read the license agreement carefully.

8. Accept the agreement and click Next. The Installation Options screen is displayed:

9. In the Installation Options screen, ensure that the following options are selected:

• Vendor Suite (Select only if you are also installing Vendor Suite on the same machine.)

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 28
Chapter 2: Installing Sentinel LDK

• Entitlement Management System

– Sentinel LDK-EMS – install on this machine

10.Click Next. The Setup Type screen is displayed:

11.In the Setup Type screen, select one of the following:

• Express. The installation wizard complete the installation of Sentinel LDK-EMS using the defaults
described earlier. A minimal amount of additional user input is required.

If you selected the check box for Sentinel Vendor Suite, then Sentinel LDK Vendor Suite is also installed.

• Advanced. The installation wizard will prompt you for information on setting up the Sentinel LDK-EMS
database and SSL security. (Ensure that Microsoft SQL Server for the database is active when you run
the installation wizard.)

For more information, see "Types of Installation Setup" on page 27.

12.Click Next. The Destination Folder screen is displayed. If you want, change the destination folder for
Sentinel LDK.

13.Click Install. Installation proceeds. This requires several minutes. Accept all defaults during installation.

14.If you selected the Express setup type, continue with Step 16.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 29
Chapter 2: Installing Sentinel LDK

Otherwise, the Database Server Details screen is displayed.

15.In the Database Server Details screen, enter the details for the existing SQL Server instance that will be used
for the Sentinel LDK-EMS database. Then, in the Database Details area, select one of the following options:

• Existing database. The installation wizard configures Sentinel LDK-EMS to use the existing Sentinel
LDK-EMS database whose details you specified.

• New database. The installation wizard creates a new Sentinel LDK-EMS database in the SQL Server
instance that you specified above.

When you create a new database, you can select or clear the option Fill Demo Data. (The option is
selected by default.) If the option is selected, the installation wizard adds demo information for the
DEMOMA Batch Code to the Sentinel LDK-EMS database. Each Sentinel LDK-EMS user that is assigned
the DEMOMA Batch Code can view and generate reports based on the demo information.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 30
Chapter 2: Installing Sentinel LDK

16.Click Next. The LDK-EMS Host Configuration screen is displayed.

17.In the LDK-EMS Host Configuration screen, you can:

• Select the Use SSL check box if you want to use the HTTPS protocol. To use the HTTP protocol, leave
the check box clear.

• Change the HTTP port for accessing Sentinel LDK-EMS.

18.Click Next. Installation of Sentinel LDK-EMS continues to completion.

19.After the installation, Sentinel LDK Software Manager checks automatically to determine if a later version of
any of the Sentinel LDK software is available. If a later version is found, a message similar to the following is
displayed:

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 31
Chapter 2: Installing Sentinel LDK

You can click Install to install the update. For more information regarding this message, see "Installing
Software Updates" on page 75.

20.When the entire installation process is completed, connect the Sentinel Master key to the machine on which
the Sentinel LDK-EMS Service is installed.

NOTE If you need to re-install Sentinel LDK-EMS for any reason, you must first remove the
existing Sentinel LDK-EMS program.
Removing Sentinel LDK-EMS does not delete the existing database.

Configuring Sentinel LDK-EMS to Work With JRE


After installation or upgrade, Sentinel LDK-EMS works with OpenJDK. If you want to work with JRE, follow the
steps below.

To configure Sentinel LDK-EMS to work with JRE:

1. Set the JRE_HOME system variable to point to the path of the of an x64 JRE installation.

To check system variables, go to Control Panel > System > Advanced > Environment Variables.

2. After modifying JRE_HOME, reboot the machine. Sentinel LDK-EMS now works with JRE.

Accessing Sentinel LDK-EMS


After you install Sentinel LDK-EMS, you can log in to the default administrator account. The user name and
password for the default administrator are admin.

NOTE The first time you log in to Sentinel LDK-EMS, you must change the default password for
the admin account. You can also change this password at any time from the top-right corner of
Sentinel LDK-EMS.

To open Sentinel LDK-EMS:

1. Prerequisite: Under Windows Services, start Sentinel LDK-EMS Service on the machine where Sentinel
LDK-EMS Service is installed if the service is not already started.

2. From the Start menu, open Sentinel LDK. The Sentinel LDK Launcher is displayed. You can access most of
the Vendor Suite applications from this screen.

3. In Sentinel LDK Launcher, click Sentinel LDK-EMS. If needed, configure the Sentinel LDK-EMS location as
described in "Configuring Sentinel LDK to Work With Sentinel LDK-EMS" on page 20.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 32
Chapter 2: Installing Sentinel LDK

Configuring Sentinel LDK-EMS


You can configure Sentinel LDK-EMS from the Sentinel LDK-EMS Administration Console. Among the facilities
that you may want to configure for Sentinel LDK-EMS are:

> SMTP mail server to be used by Sentinel LDK-EMS to send various types of email notifications.

> Configuring Sentinel LDK-EMS to use the HTTPS protocol (if this was not done during installation of Sentinel
LDK-EMS).

> Configuring license and certificate settings.

These and many other topics are described in the Sentinel LDK-EMS Configuration Guide (described below).

To access the Sentinel LDK-EMS Administration Console:

1. Log in to Sentinel LDK-EMS as the default administrator (admin) or as a user with the Super User or the
Batch Code Admin role.

2. Select Administration > Administration Console.The Sentinel LDK-EMS Administration console is


displayed.

To access the Sentinel LDK-EMS Administration Console documentation (Sentinel LDK-EMS


Configuration Guide):

Do any of the following:

> Access the online version of the Sentinel LDK–EMS Configuration Guide.

> In Sentinel LDK-EMS Administration Console, click the Help link at the top-right corner of the page.

> Open the local, PDF version of the Sentinel LDK-EMS Configuration Guide:

a. From the Start button, enter Sentinel LDK. The Sentinel LDK Launcher is displayed.

b. Select Documentation > Manuals and Tutorials and navigate to Sentinel LDK-EMS > Sentinel LDK-
EMS Configuration Guide.

Installing Sentinel LDK Vendor Suite


Use the procedure below to install Sentinel LDK Vendor Tools on your machine without installing Sentinel LDK-
EMS.

To install Sentinel LDK Vendor Suite with a Sentinel LDK launcher:

1. Ensure that you do not have any Sentinel Vendor keys or Sentinel HL keys connected to your machine.

2. Connect the Sentinel LDK Installation Drive to your machine.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 33
Chapter 2: Installing Sentinel LDK

3. Depending on how your computer is set up, a dialog box may be displayed. If it does, select Open folder to
view files.

4. Browse to the Windows folder on the Sentinel LDK Installation Drive. Double-click setup.exe.

5. Click Start the Sentinel LDK Setup. The Sentinel LDK Installation Wizard welcome window is displayed.

6. Click Next. You are asked to accept the license agreement.

7. Accept the agreement and click Next. The Installation Options screen is displayed:

8. Ensure that the following option is selected:

• Vendor Suite

Click Next.

9. Follow the instructions to install Sentinel Vendor Suite.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 34
Chapter 2: Installing Sentinel LDK

After the Installation Wizard has completed, Sentinel LDK Software Manager checks automatically to
determine if a later version of any of the Sentinel LDK software is available. If a later version is found, a
message similar to the following is displayed:

10.You can click Install to install the update. For more information regarding this message, see "Installing
Software Updates" on page 75.

11.If Sentinel LDK-EMS is installed on your network (not on this machine), set the Sentinel LDK-EMS URL, as
described in "Configuring Sentinel LDK-EMS" on page 33.

Installing a Remote Launcher for Sentinel LDK-EMS


If you are not installing Sentinel Vendor Suite on the machine, use the procedure below to install a Sentinel LDK
launcher for starting Sentinel LDK-EMS.

(Otherwise, if you want to install both Sentinel LDK Vendor Suite and a Sentinel LDK launcher for starting
Sentinel LDK-EMS, go to "Installing Sentinel LDK Vendor Suite with Sentinel LDK Launcher" on page 16.)

To install a launcher for Sentinel LDK-EMS:

1. Ensure that you do not have any Sentinel Vendor keys or Sentinel HL keys connected to your machine.

2. Connect the Sentinel LDK Installation Drive to your machine.

3. Depending on how your computer is set up, a dialog box may be displayed. If it does, select Open folder to
view files.

4. Browse to the Windows folder on the Sentinel LDK Installation Drive. Double-click setup.exe.

5. Click Start the Sentinel LDK Setup. The Sentinel LDK Installation Wizard welcome window is displayed.

6. Click Next. You are asked to accept the license agreement.

7. Accept the agreement and click Next. The Installation Options screen is displayed:

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 35
Chapter 2: Installing Sentinel LDK

8. Ensure that only the following options are selected:

• Entitlement Management System

– Sentinel LDK-EMS – hosted by Thales or on your network

Click Next.

9. Follow the instructions to install the Sentinel LDK launcher.

10.When the installation process is completed: Configure the Sentinel LDK launcher to start Sentinel LDK-EMS
as described in "Configuring Sentinel LDK to Work With Sentinel LDK-EMS on Your Network" on the next
page.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 36
Chapter 2: Installing Sentinel LDK

Configuring Sentinel LDK to Work With Sentinel LDK-EMS on Your Network


Follow the instructions below to configure Sentinel LDK to work with Sentinel LDK-EMS on a Windows machine.

To configure Sentinel LDK to work with Sentinel LDK-EMS:

1. From the Start menu, select Thales > Sentinel LDK. The Sentinel LDK Launcher is displayed.

2. Set the Sentinel LDK-EMS URL.

a. In the navigation pane, next to Sentinel LDK-EMS, click the edit button . The Set Up Access to Sentinel
LDK-EMS screen is displayed.

b. Enter the URL for Sentinel LDK-EMS and click Save.

3. Set the Sentinel LDK-EMS URL for Sentinel Admin Control Center.

a. From the navigation pane, click Additional Tools > Admin Control Center. Sentinel Admin Control
Center opens.

b. In the Options pane, click Configuration. The Configuration page is displayed.

c. From the top of the page, click the Network tab. The Network page is displayed.

d. In the EMS URL field, add the URL for Sentinel LDK-EMS. (Do not overwrite any existing URLs in the
field.)

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 37
Chapter 2: Installing Sentinel LDK

e. Click Submit.

Upgrading From Earlier Versions


This section describes how to upgrade to Sentinel LDK 8.4 from an earlier version of Sentinel LDK, Sentinel
HASP or HASP SRM.

Upgrade considerations:

> When upgrading from Sentinel LDK versions 7.3 through 7.8 to Sentinel LDK 8.4, all non-English locales of
Customer contacts and Channel Partner contacts in Sentinel LDK-EMS are converted to the English locale. A
solution for this issue is provided in the technical note available here.

NOTE You can ignore this issue if all of your Customer contacts and Channel Partner Contacts
are set up to use the English locale or if you are not upgrading Sentinel LDK-EMS.

> The procedure for upgrading to Sentinel LDK v.8.4 has only been tested for Sentinel LDK versions 8.0 and
later.

If you plan to upgrade from an earlier version of Sentinel LDK, please contact Technical Support to validate
the upgrade scenario. (This applies whether you are upgrading Sentinel LDK Vendor Suite, Sentinel LDK-
EMS, or both.)

> After you complete an upgrade of Sentinel LDK-EMS, the file server.xml includes only TLS version 1.2 as the
acceptable cryptographic protocol. This version of TLS is more secure than earlier versions.

If you included TLS version 1.0 or 1.1 as an acceptable protocol until now and you want to retain that version,
you must modify server.xml manually.

NOTE The TLS 1.0 and 1.1 cryptographic protocols have known vulnerabilities. Thales highly
recommends that you not add TLS 1.0 or 1.1 as an acceptable protocol.

For more information, see "Retaining TLS 1.0 or 1.1 as an Acceptable Protocol" on page 41.

In this section:

> "Upgrading From Sentinel LDK v.6.x or Later" below

> "Retaining TLS 1.0 or 1.1 as an Acceptable Protocol" on page 41

Upgrading From Sentinel LDK v.6.x or Later


If Sentinel LDK-EMS or Sentinel Vendor Suite from Sentinel LDK v.6.x or later has been installed on your
machine, use the procedures below to upgrade to Sentinel LDK v.8.4.

In this section:
> "Upgrading Vendor Suite" on the next page

> "Upgrading Sentinel LDK-EMS" on the next page

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 38
Chapter 2: Installing Sentinel LDK

> "Modifying the Sentinel LDK-EMS Database for Advanced Channel Partner Functionality" below

> "Resolving Sentinel LDK-EMS Upgrade Issues" on the next page

Upgrading Vendor Suite

No special action is required to upgrade from any earlier version of the Vendor Suite. The Sentinel LDK
installation wizard automatically uninstalls and reinstalls Vendor Suite.

Upgrading Sentinel LDK-EMS

To upgrade from Sentinel LDK-EMS v.6.x or later:

1. Back up the Sentinel LDK-EMS database.

2. Install Sentinel LDK-EMS as described in this section. The installation wizard automatically detects the
existence of an earlier version of Sentinel LDK-EMS and offers you the option to upgrade to the latest version.

NOTE Thales recommends that you clear your web browser cache before you start working
with the current version of Sentinel LDK-EMS.

3. Re-introduce your Master key or Developer key as described in "Using the Master Wizard to Introduce a
Sentinel Vendor Key" on page 56.

4. (Optional) Sentinel LDK-EMS works with OpenJDK. If you want to use JRE, continue to "Configuring Sentinel
LDK-EMS to Work With JRE" on page 32 to set the JRE_HOME system variable to point to the path of the
installed JRE.

Modifying the Sentinel LDK-EMS Database for Advanced Channel Partner Functionality

This topic is relevant if you have recently added or plan to add the Channel Partner module tor your Sentinel
LDK Master license.

NOTE If you have not created any channel partners in Sentinel LDK-EMS, no special actions
are required before you add the Channel Partner module. You can ignore this topic.

Until you add the Channel Partner module to your Sentinel LDK Master license, Sentinel LDK-EMS allows you to
associate the entitlements for a given customer with different channel partners. Once the Channel Partner
module is added, each customer can only be associated with a single channel partner.

Before you can work effectively with the advanced Channel Partner functionality provided by the module, a script
must be run that modifies the Sentinel LDK-EMS database to create direct links between existing channel
partners and their customers. The script ensures that no customers are associated with multiple channel
partners. If a customer is associated with multiple channel partners, the script links the customer to only one of
the channel partners. A log file lists the customers for whom multiple channel partners were found.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 39
Chapter 2: Installing Sentinel LDK

You must work with your channel partners to resolve these conflicts and ensure that each customer is connected
to a single channel partner. If necessary, resolve conflicts by creating new customers in Sentinel LDK-EMS.

The script to modify the Sentinel LDK-EMS database is executed using the following methods:

> During the Sentinel LDK-EMS upgrade procedure, the Installer automatically executes the script. Any
conflicts that are found are recorded in the Installer log at %SystemDrive%\EMS_Log\emsInstaller.log.

> Click the Sync Data for Channel Partner Module button in the Sentinel LDK-EMS Administration Portal to
run the script. Any conflicts that are found are recorded in the configuration log at %ProgramFiles
(x86)\Thales\Sentinel EMS\EMSServer\webapps\ems\log\emsConfig.log.

The script can be executed multiple times.

You can add the Channel Partner module to your Sentinel LDK Master license before or after the script is
executed. However, you should plan to add the module to your LDK Master license as close as possible to the
time when the script is executed (using either method).

Resolving Sentinel LDK-EMS Upgrade Issues

NOTE This topic is applicable when you upgrade from Sentinel LDK-EMS v.6.3 or later to v.8.4.

The Sentinel LDK-EMS installation procedure automatically merges components that you have customized in
Sentinel LDK-EMS. In addition, all configuration changes that you performed in the existing Sentinel LDK-EMS
are backed up under %EMS_HOME%\Backup. If you find any differences after you upgrade to Sentinel LDK-
EMS v.8.4, you can manually merge the conflicting files.

To resolve any differences that you may find after upgrade, you can map the backup and current locations to
manually merge the files. The following table provides the details of the components that are placed in the
backup location.

Customizable Component Backup Location Original Location


%EMS_HOME%\Backup\... %EMS_HOME%\EMSServer\
webapps\...

Template Files (TPLs)

.TPL files WEB-INF\classes ems\WEB-INF\classes

Themes and Languages

Themes themes ems\themes

Images themes\blackGolden\images ems\themes\


blackGolden\images

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 40
Chapter 2: Installing Sentinel LDK

Customizable Component Backup Location Original Location


%EMS_HOME%\Backup\... %EMS_HOME%\EMSServer\
webapps\...

Language (messages_ WEB-INF\classes ems\WEB-INF\classes


[language_code].properties)

Samples

emsWSDemo emsWSDemo emsWSDemo

Others

ems.properties WEB-INF\classes ems\WEB-INF\classes

message.properties WEB-INF\classes ems\WEB-INF\classes

Retaining TLS 1.0 or 1.1 as an Acceptable Protocol


After you complete a new installation or upgrade of Sentinel LDK-EMS, the file server.xml includes only TLS
version 1.2 as the acceptable cryptographic protocol. This version of TLS is more secure than earlier versions.

If, for any reason, you want to include TLS version 1.0 or 1.1 as an acceptable protocol, you must modify
server.xml manually as described below.

NOTE The TLS 1.0 and 1.1 cryptographic protocols have known vulnerabilities. Thales highly
recommends that you not add TLS 1.0 or 1.1 as an acceptable protocol.

To retain TLS 1.0 or TLS 1.1 as acceptable protocols in server.xml:

1. On the machine where Sentinel LDK-EMS is installed, open the following file in a text editor:

%ProgramFiles(x86)%\Thales\Sentinel EMS\EMSServer\conf\server.xml

2. Locate the following string in the Connector tag:

sslEnabledProtocols ="TLSv1.2"

3. Add TLSv1 or TLSv1.1 (or both) to the string. For example:

sslEnabledProtocols ="TLSv1+TLSv1.1+TLSv1.2"

4. Save the file.

5. In the Services window, stop and then restart Sentinel LDK-EMS Service.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 41
Chapter 2: Installing Sentinel LDK

NOTE The existing Activation API sample (under \Samples\Activation\) must be rebuilt using
the latest activation libraries in order to connect to Sentinel LDK-EMS with TLS 1.0.
The latest activation libraries can be found where Sentinel LDK is installed, in these locations:
> Windows: %ProgramFiles(x86)%\Thales\Sentinel LDK\Legacy\API\Activation\C\
> Linux: Linux\Legacy\API\Activation\C\
> Mac: MacOS\Legacy\API\Activation\C\

Sentinel LDK-EMS Network Configuration Options


Sentinel LDK-EMS is a web-based, multi-tier application with two primary components: Sentinel LDK-EMS
Service and the Sentinel LDK-EMS database. These components can be installed on a single machine or on
separate machines (server).

The web application front end in Sentinel LDK-EMS Service provides two portals, one for software vendor users
and another for customers (primarily for activation purposes). Sentinel LDK-EMS Service can be installed and
configured for each portal on a separate machine. (This is not a typical configuration for web applications.)

Based on the vendor requirements, a number of security provisions are possible for Sentinel LDK-EMS
installation. Instances of Sentinel LDK-EMS are usually installed on a DMZ (demilitarized zone) using an
external firewall that controls external access, and an internal firewall that allows access to the Sentinel LDK-
EMS database.

Sentinel LDK-EMS listens on a TCP port for incoming requests. If the installation is configured for SSL, the
requests are encrypted using the built-in SSL feature. Sentinel LDK-EMS then communicates with the Sentinel
LDK-EMS database (a single database for the entire system) to process the requests.

This section describes the considerations and procedures for installing the Sentinel LDK-EMS components,
including different configurations for installing Sentinel LDK-EMS on multiple machines in a network
environment.

NOTE Thales recommends that you:


> Frequently back up your Sentinel LDK-EMS database to protect your data.
> Add adequate security measure including SSL communication link and a firewall to protect
your data and application.

In this section:

> "Standard Production Configuration for Sentinel LDK-EMS" on the next page

Installation of Sentinel LDK-EMS Service and the Sentinel LDK-EMS database on two separate machines.

> "Sentinel LDK-EMS Web Portals on Separate Servers" on page 44

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 42
Chapter 2: Installing Sentinel LDK

Installation of the Sentinel LDK-EMS Vendor web portal and the Customer web portal on two separate
machines. The Sentinel LDK-EMS database is installed together with the Vendor web portal or on a third
machine.

Standard Production Configuration for Sentinel LDK-EMS


Sentinel LDK-EMS Service and the SQL server for the Sentinel LDK-EMS database are each installed on a
separate machine. Sentinel LDK-EMS Service is protected by an external firewall.

In this section:
> "Installing Sentinel LDK-EMS" below

> "Configuring the Firewall" below

> " Main Points of the Standard Production Configuration" on the next page

> "Configuration Summary" on the next page

Installing Sentinel LDK-EMS

1. On one machine, create an SQL database with a user name and password. The user must have SQL
sysadmin or dbcreator privileges for this database.
For more information, see "Installing and Configuring SQL Server Manually (Optional)" on page 23.

2. On a second machine, run the Sentinel LDK-EMS installation procedure. In the procedure, ensure the
following:

a. Select only Sentinel LDK-EMS for installation. It is not necessary to install Sentinel Vendor Suite.

b. Select the Advanced setup type.

c. In the Sentinel LDK-EMS Database Configuration screen, specify the information for the SQL database
you created earlier.

d. Select Use existing database.

The full Sentinel LDK-EMS installation procedure is described in "Installing Sentinel LDK-EMS on Your
Machine" on page 22.

3. Complete the installation wizard.

Thales recommends that you specify to use the SSL communication protocol.

Configuring the Firewall

An external firewall should be configured to accept requests and to forward only the valid request to Sentinel
LDK-EMS.

You can set firewall rules that enables your customers to access Sentinel LDK-EMS, but does not allow them to
access the SQL database server, as shown in the diagram that follows.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 43
Chapter 2: Installing Sentinel LDK

Main Points of the Standard Production Configuration

> End users (customers) and vendor employees have access to a common Application server.

> Differentiation is by authentication and authorization (access rights).

> External end users can access only a selected URL.

> The Sentinel LDK-EMS database can be accessed only by the internal network of the vendor.

Configuration Summary

> Deploy Sentinel LDK-EMS Service and MS SQL Server for the Sentinel LDK-EMS database on two separate
machines.

> Use an external firewall. Configure the firewall to allow only for the customer URL (set of URL expose only for
Customer access).

> Place the web server (Sentinel LDK-EMS Service with Tomcat) and the SQL Server inside the firewall.

> The Sentinel Master key must be attached to the machine where Sentinel LDK-EMS Service is installed.

Sentinel LDK-EMS Web Portals on Separate Servers


The Sentinel LDK-EMS web front consists of two portals:

> For vendor users

> For customers (primarily used for activation)

These Sentinel LDK-EMS portals are usually installed on a single machine (as described in the previous
section). However, you can choose to configure Sentinel LDK-EMS so that each portal and the Sentinel LDK-
EMS database are all installed on separate machines.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 44
Chapter 2: Installing Sentinel LDK

Each server listens on a TCP port for incoming requests. The requests are encrypted using the SSL feature if
configured accordingly. Each server then communicates with the Sentinel LDK-EMS database (a single
database for the entire system) to process the requests.

In this section:
> "Installing Sentinel LDK-EMS" below

> "Configuring the Firewalls" on the next page

> "Main Points of the Separate Portals Configuration" on the next page

> "Configuration Summary" on the next page

Installing Sentinel LDK-EMS

1. On one machine, create an SQL database with a user name and password. The user must have SQL
sysadmin or dbcreator privileges for this database.
For more information, see "Installing and Configuring SQL Server Manually (Optional)" on page 23.

2. For the Vendor portal: On a second machine (or the same machine), run the Sentinel LDK-EMS installation
procedure. In the procedure, ensure the following:

a. Select only Sentinel LDK-EMS for installation. It is not necessary to install Sentinel Vendor Suite.

b. Select the Advanced setup type.

c. In the Sentinel LDK-EMS Database Configuration screen, specify the information for the SQL database
you created earlier.

d. Select Use existing database.

The Sentinel LDK-EMS installation procedure is described in "Installing Sentinel LDK-EMS on Your
Machine" on page 22.

3. Complete the installation wizard.

Thales recommends that you specify to use the SSL communication protocol.

4. For the Customer portal: On a separate machine, run the Sentinel LDK-EMS installation procedure again. In
the procedure, ensure the following:

a. Select only Sentinel LDK-EMS for installation. It is not necessary to install Sentinel Vendor Suite.

b. Select the Advanced setup type.

c. In the Sentinel LDK-EMS Database Configuration screen, specify the information for the SQL database
you created earlier.

d. Select Use existing database.

5. Complete the installation wizard.

Thales recommends that you specify to use the SSL communication protocol.
No additional configuration is required.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 45
Chapter 2: Installing Sentinel LDK

6. On the Customer portal machine: configure Sentinel LDK-EMS so that the installation can only be accessed
using a customer-related URL (requests which are only applicable to the Customer portal). This configuration
is a manual process. Contact Thales Professional Services for assistance to perform the required
configuration.

Configuring the Firewalls

The external firewall should be configured to accept only requests that are related to the Customer portal. The
requests should be forwarded to the instance of Sentinel LDK-EMS Service that acts as the Customer portal.
Sentinel LDK-EMS Service then accesses the remote Sentinel LDK-EMS database through the internal firewall.

The Sentinel LDK-EMS Vendor portal and the Sentinel LDK-EMS database could be installed on a single
machine or on two separate machine inside the internal fire wall.

External access to the Vendor portal should be blocked by the external firewall.

All access to the Sentinel LDK-EMS database and the Vendor portal should be only through the internal firewall.

The diagram that follows shows the configuration described in this section.

Main Points of the Separate Portals Configuration

> End users (customers) and vendor employees access Sentinel LDK-EMS on different application servers.

> Differentiation is by authentication and authorization (access rights).

> External end users can access only the Customer portal of Sentinel LDK-EMS using a selected URL.

> Internal vendor users can access the Vendor portal of Sentinel LDK-EMS.

> The Sentinel LDK-EMS database can be accessed only by the internal network of the vendor.

Configuration Summary

> Deploy Sentinel LDK-EMS Service as a Vendor portal and as a Customer portal on two separate machine

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 46
Chapter 2: Installing Sentinel LDK

> Deploy MS SQL Server for the Sentinel LDK-EMS database inside the internal firewall, on a separate
machine or on the same machine as the Vendor portal.

> Use two proxies (internal and external).

> Configure the external proxy to allow only for the customer URL (set of URLs exposed only for Customer
access), to allow access to the Customer portal.

> Set up Sentinel LDK-EMS Service for the Customer portal to access only the Sentinel LDK-EMS database
and only through the internal firewall.

> Place the instance of Sentinel LDK-EMS Service for the Vendor portal inside the internal firewall

> Place the SQL server behind the internal proxy.

> A Sentinel Master key must be attached to each machine where Sentinel LDK-EMS Service is installed.

Troubleshooting a Sentinel LDK-EMS Installation


This section describes issues that might occur during or after the installation of Sentinel LDK-EMS (on-
premises) and provides possible solutions.

In this section:

> "Problems During Installation" below

> "Problems After Installation" on page 49

> "Frequently-Asked Questions" on page 50

Problems During Installation


This section describes problems that may occur during the installation process for Sentinel LDK-EMS.

Issue: During Sentinel LDK-EMS installation, the following message is displayed:

Kindly Start the Service -SQLServer(EMSDATABASE) and then click OK

When you click OK, the installation fails with multiple errors.

Solution:
Your machine contains earlier versions of JRE, and you manually installed JRE 8 in addition to the earlier
versions.

Uninstall the earlier versions of JRE, and then rerun the Sentinel LDK Installation Wizard to install Sentinel LDK-
EMS.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 47
Chapter 2: Installing Sentinel LDK

Issue: During Sentinel LDK-EMS installation, the following message is displayed:

Solution:
Check which version of Windows Installer (from Microsoft) is present on your machine. (From the Start menu,
Click Run. In the Open Box, type msiexec.exe and click OK. The Windows Installer screen is displayed. The
version appears on the first line of the screen.)

If the version on your machine is earlier than 4.5, download and install version 4.5 from the Microsoft web site.

Issue: The Sentinel LDK-EMS installer detects an earlier version and attempts to remove it, but
fails.

Solution:
Do one of the following:

> If Sentinel LDK-EMS is visible in the Programs and Features screen (which you can access from the
Control Panel), remove it from there. Restart the installation.

> If Sentinel LDK-EMS is not visible in the Programs and Features screen or if it is not successfully uninstalled
by removing it:

a. From the Windows Start menu, select Run and enter regedit. The Registry Editor is displayed.

b. Locate and delete the following entry:

32-bit machine:

HKEY_LOCAL_MACHINE\SOFTWARE\SafeNet\Sentinel EMS

64-bit machine:

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Safenet\Sentinel EMS

c. Locate and delete the following entry:

32-bit machine:

HKEY_LOCAL_MACHINE\SOFTWARE\SafeNet\Sentinel EMS

64-bit machine:

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Safenet\Sentinel EMS

d. Restart the installation.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 48
Chapter 2: Installing Sentinel LDK

Issue: Installation of Sentinel LDK-EMS failed.

Solution:
Do one or more of the following:

> Check if the operating system on the machine is supported for Sentinel LDK-EMS installation.

> Check log files at %Systemdrive%\EMS_log\ to see if any issues are listed.

> Make a note of the step at which the installation failed. Report the issue to Technical Support.

Issue: Miscellaneous problems

Previous uncompleted installation of Sentinel LDK-EMS

The machine on which Sentinel LDK-EMS is being installed may have some previous incomplete installation /
removal of software in an incomplete state.

This could be due to any software, including Sentinel LDK-EMS.

Solution:
Boot your system before trying to install Sentinel LDK-EMS.

Problems After Installation


This section describes problems that may occur after successfully installing Sentinel LDK-EMS.

Issue: The Login button on the Login screen does not function

Due to high security settings in the web browser, the Login button on the login screen of Sentinel LDK-EMS does
not work.

Solution:
In your web browser, do the following:

1. From the menu bar, go to Tools > Internet Options. A dialog is displayed.

2. Click the Security tab.

3. Click Sites and add the URL of Sentinel LDK-EMS to the list of trusted sites.

4. Apply the changes and restart your browser.

This problem has been seen under Windows Server 2003 and Windows Server 2008.

Issue: Port not available

Given the following situation:

> A user is not able to access the Sentinel LDK-EMS site (localhost/ems)

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 49
Chapter 2: Installing Sentinel LDK

> In the Services screen, Sentinel LDK-EMS Service has the status Started.

This can be caused by a port conflict. The HTTP/HTTPS port for Sentinel LDK-EMS may be in use by another
application.

Check the Sentinel LDK-EMS log file. This can be found at:

%ProgramFiles(x86)%\Thales\Sentinel EMS\EMSServer\webapps\ems\log\)

(For 32-bit machines: %ProgramFiles%\....)

If the log file shows a “JVM binding” issue, this indicates that the port used by the Sentinel LDK-EMS web
application run is in use by another application.

Solution:
To resolve a port conflict:

Use the Netstat command to identify which application has occupied the required port. Do one of the following:

> Stop the conflicting application as follows:

a. Enter: netstat -aon | findstr "8080"


The relevant process ID is displayed.

b. Use the Task Manager to cancel the process with this process ID.

c. Restart Tomcat.

> Configure Sentinel LDK-EMS to use a different port.


Modify the port used by Sentinel LDK-EMS in the web_service.xml file and the database.

> Remove and then reinstall Sentinel LDK-EMS (removal does not remove the Sentinel LDK-EMS database).

Issue: Users are not able to access Sentinel LDK-EMS

Solution:
Sentinel LDK-EMS Service may be installed behind a firewall, and it was not added in the exception list for the
firewall.

Frequently-Asked Questions
This section describes and answers some of the frequently asked questions relating to the installation of Sentinel
EMS (on-premises) in a network environment.

Can I use a non-system administrator (sa) account?

Yes, you can use a non-system administrator account as follows:

1. Open the Microsoft SQL Server Management utility and create a new login. Ensure that:

• The login uses SQL server authentication

• The defined database is the Sentinel LDK-EMS database (by default, EMSDB)

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 50
Chapter 2: Installing Sentinel LDK

• User mapping maps the login to the Sentinel LDK-EMS database, enabling all roles except db_
denydatawriter and db_denydatareader

2. Edit all the configuration files and change the CONNECT_STRING parameters as follows:

• Change uid to the login name that you defined

• Change pwd to the password that you defined

Note that this string is displayed many times in the configuration files and must be changed in every instance.

The configuration files are:

• context.xml

• ems-quartz.xml

• ems.properties

• emsconfig.properties

3. Restart the server.

4. Check the connection by entering the following URL in your browser:


https://<server>:<port>/ems/ (OR http://<server>:<port>/ems/)

The test will return a Database connection: PASSED message.

How can I best secure my Sentinel LDK-EMS system?

> Implement the standard IT information security protocols that are applicable to your organization.

> Ensure that only the TCP port number, as defined for HTTP/HTTPS ports configured in Tomcat, are
accessible.

> Ensure that only Sentinel LDK-EMS can access the SQL database.

> Change the default admin password. For details, see the Sentinel LDK–EMS User Guide.

> Ensure that personnel in your organization are designated appropriate roles in Sentinel LDK-EMS, and that
their accounts are inaccessible when they are no longer part of the organization. For more information about
assigning roles, see the Sentinel LDK–EMS User Guide.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 51
CHAPTER 3: Introducing Your Sentinel
Vendor Keys to Sentinel LDK

When you order Sentinel protection keys from Thales, you are assigned a unique Batch Code. Your Batch Code
represents your unique confidential Vendor Code.

Your Sentinel LDK Starter Kit contains a Sentinel LDK Master key and a Sentinel LDK Developer key (referred to
collectively as Sentinel Vendor keys). Each Sentinel Vendor key contains your unique Vendor Code.

You must "introduce" one of your Vendor keys to Sentinel LDK using the Sentinel LDK Master Wizard to be able
to perform a number of important functions as described in "Master Wizard Functions" below.

If you have multiple Batch Codes, you must introduce one of your Vendor keys for each Batch Code.

You must introduce one of your Sentinel Vendor keys to the system:

> Before you use Sentinel Vendor Suite for the first time.

> After each time you upgrade to a new version of Sentinel LDK.

This ensures that your applications are protected and licensed with the unique codes that have been assigned to
you and that you are working with the latest APIs and libraries. The Sentinel Vendor keys are introduced using
Sentinel LDK Master Wizard.

NOTE The Sentinel LDK Master key is required only when working with Sentinel LDK-EMS (on-
premises). Vendors who are working with Sentinel EMS or Sentinel LDK-EMS (hosted by
Thales) can handle all functions using the Sentinel LDK Developer key.

For more information about Batch Codes, see the description of personalized Vendor and Batch Codes in the
Sentinel LDK Software Protection and Licensing Guide.

Master Wizard Functions


This section describes the functions performed by the Master Wizard and the machines on which the Master
Wizard must be run for each function.

The Master Wizard performs one or more of the following:

> Configure Sentinel LDK-EMS

NOTE This function is relevant for Sentinel LDK-EMS (hosted by Thales or on-premises). This
is not relevant for Sentinel EMS.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 52
Chapter 3: Introducing Your Sentinel Vendor Keys to Sentinel LDK

The wizard performs the following:

• Registers a new Batch Code in Sentinel LDK-EMS. This is required so that Sentinel LDK-EMS will
recognize the Batch Code and perform actions for that Batch Code.

• Downloads vendor-specific APIs and the vendor library from Thales servers to Sentinel LDK-EMS so that
customized RTE installers will be available for download from the Developer tab in Sentinel LDK-EMS.

You can run the Master Wizard on any machine that can connect to Sentinel LDK-EMS (hosted by Thales or
on-premises).

Run the Master Wizard before you start working with Sentinel LDK-EMS. Thales recommends that you rerun
the Master Wizard after each new release of Sentinel LDK.

> Download vendor-specific APIs and the vendor library

The wizard downloads vendor-specific APIs and the vendor library from Thales servers. These are generated
individually for each Batch Code and are used by Sentinel LDK Envelope and Licensing API to implement
license enforcement.

Run the Master Wizard on each machine where you have installed Vendor Suite.

Run the wizard before you start working with Sentinel LDK-EMS. Thales recommends that you run the Master
Wizard after each new release of Sentinel LDK.

> Generate customized RTE installers

The wizard downloads Run-time Environment (RTE) installers from Thales servers and customizes them on
your machine. The Master Wizard customizes the installers by embedding your vendor library and the server
address for Sentinel EMS or Sentinel LDK-EMS.

The installers are saved to:

%UserProfile%\Documents\Thales\Sentinel LDK <version>\Redistribute\Runtime Environment

These installers can be distributed to:

• Customers who require the Run-time Environment to access protection keys.

• (Under Windows) Customers who will use the Sentinel LDK-EMS Customer Portal to activate or update
licenses.

Run the Master Wizard on any machine where the Sentinel LDK launcher is installed.

Thales recommends that you run the Master Wizard after each new release of Sentinel LDK or of the Run-
time Environment.

Methods of Introducing a Vendor Key


You can introduce your Vendor key using either of the following methods:

> Download over the Internet

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 53
Chapter 3: Introducing Your Sentinel Vendor Keys to Sentinel LDK

Using this method, the Master Wizard connects to the Thales server over the Internet and downloads the
required files to your machine. This is the easiest method.

> Extraction from a Master Wizard Package

If the machine where you want to introduce a Vendor key cannot connect to the Internet, you can request a
Master Wizard Package (MWP) file from Thales customer services. You will receive an MWP file that was
generated specifically for your Batch Code and contains all of your customized libraries and RTE installers.
The Master Wizard reads this file and extracts the libraries and installers that you select.

You select your preferred method of introduction when you run the Master Wizard.

Remote Connection of Vendor Keys


Sentinel Master key (for Sentinel LDK-EMS on premises) and Developer keys can be connected remotely using
available third-party solutions. These solutions can be used in cases where a physical key cannot be connected
due to the lack of a USB port or inability to physically access the machine. You can connect your Master or
Developer keys to an over-the-network USB solution and access them from any physical or virtual machine as if
they were connected locally.

There are several such solutions, both software-based (that can be installed on any PC with a USB port) and
dedicated devices. Among the dedicated devices, Thales recommends utnserver Pro, myUTN-2500,
dongleserver Pro, and dongleserver ProMAX by SEH Technology. These devices were tested for Thales
Sentinel HL keys, and are backed by partnership between SEH Technology and Thales.

Selecting the Version-Enforcement Option


API libraries that are customized for your vendor code are used by Sentinel LDK Envelope and Sentinel
Licensing API to protect your applications. These libraries are generated by Thales specifically for your Batch
Code. You download these customized vendor libraries using the Master Wizard when you introduce your
Vendor keys.

The Master Wizard offers you a choice of two types of libraries, each incorporating one of the options described
below. The option that you select determines how protected applications interact with the Run-time Environment
(the RTE). The available options are:

> Version-restricted option (Recommended for best security and reliability in the protected application)

For protected applications that require the RTE: With the version-restricted option, the applications will
require a minimum version of the RTE (the earliest version that contains the latest important security and
reliability enhancements). Use of the version-restricted option ensures that end users cannot downgrade to
an earlier version of the RTE and that they use a version of the RTE that provides the best quality together
with all the latest security and reliability fixes. This restriction applies both for local deployment of the RTE and
for deployment of the RTE on a remote license server machine.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 54
Chapter 3: Introducing Your Sentinel Vendor Keys to Sentinel LDK

For each new release of Sentinel LDK, the required minimum version number is updated only if the RTE for
that release contains significant security and reliability enhancements.

Example: The required minimum version of the RTE for applications protected with versions 7.9 through 8.0
of the customized vendor libraries remains as RTE version 7.90, because this version of the RTE contains the
latest significant security and reliability enhancements. Later versions of the RTE contain less important
enhancements and fixes.

NOTE The version-restricted option is only relevant for the static Licensing API because the
user can replace the new version of the dynamic Licensing API with an older version.
Example: Given that the dynamic Licensing API version 8.1 has a security issue. The vendor
downloads the version-restricted dynamic Licensing API 8.2 using the Master Wizard, and then
releases the new version of the dynamic Licensing API. However, a user can bypass any new
security enhancements in the new version if they can obtain the old version of the dynamic
Licensing API and replace the new version.

> Version-unrestricted option (For compatibility with all versions of the RTE)

For protected applications that require the Run-time Environment: The applications will not check the version
number of the RTE. Applications protected with this option can be used with all versions of the RTE. Select
this option only if you want to avoid upgrading the RTE at end user sites. This option simplifies deployment,
especially when network license servers are used, but does not guarantee that security and reliability fixes in
later RTE versions are employed.

NOTE With either option, users will need to upgrade their RTE if the protected application uses
specific functionalities that require a later version of the RTE.

The diagram that follows illustrates how this process operates.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 55
Chapter 3: Introducing Your Sentinel Vendor Keys to Sentinel LDK

For more information, see “Required Version of the Run-time Environment” in the Sentinel LDK Software
Protection and Licensing Guide.

Using the Master Wizard to Introduce a Sentinel Vendor Key


Perform the procedure that follows to run the Sentinel LDK Master Wizard and introduce one of the Sentinel
Vendor keys (Master Key or Developer Key).

NOTE You can use either a Developer key or a Master key with the relevant Batch Code to
perform this process. There is no requirement to use a specific key. However:
> To generate licenses using Sentinel LDK-EMS (on-premises), the Master key must be left
connected to the local machine where Sentinel LDK-EMS is installed.
> To protect applications, a Developer key must usually be left connected to each machine
where Sentinel LDK Envelope is used.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 56
Chapter 3: Introducing Your Sentinel Vendor Keys to Sentinel LDK

To introduce a Sentinel Vendor key:

1. Prerequisite: Choose the machine on which to run the Master Wizard and decide what you want to
accomplish before starting this procedure. For details, see "Master Wizard Functions" on page 52.

2. For Sentinel LDK-EMS (on-premises): In the Windows Services window, ensure that the Sentinel LDK-EMS
Service is active.

3. Connect a Vendor key to the relevant machine in one of the following ways:

• Connect the key to the machine locally.

• Connect the key to the machine using a remote USB solution as described in "Remote Connection of
Vendor Keys" on page 54.

4. From the Start menu, select: Thales > Sentinel LDK. The Sentinel LDK Launcher program selection screen
is displayed.

5. From the Sentinel LDK Launcher screen, choose Additional Tools > Sentinel Master Wizard.

NOTE If you open either Sentinel LDK Envelope or Sentinel LDK ToolBox, and the application
detects a Vendor key with a new Batch Code, the Master Wizard starts automatically.

The Log In to Sentinel EMS or LDK-EMS window is displayed:

6. Enter the user name and password as follows:

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 57
Chapter 3: Introducing Your Sentinel Vendor Keys to Sentinel LDK

• For Sentinel LDK-EMS: If you are running the wizard to configure Sentinel LDK-EMS (as described in
"Master Wizard Functions" on page 52), enter the user name and password for an EMS administrator;
otherwise, leave these fields blank.

• For Sentinel EMS: Leave these fields blank.

7. If you are configuring Sentinel LDK-EMS (hosted by Thales or on a remote machine) or you want to generate
customized RTE installers (as described in "Master Wizard Functions" on page 52):

a. Click Advanced. Use these additional fields to specify public information for accessing Sentinel EMS or
LDK-EMS from your customers' machines.

b. In Server Address: Specify the URL for accessing Sentinel EMS or Sentinel LDK-EMS

c. In Port:

– For Sentinel EMS or Sentinel LDK-EMS (Thales-hosted), enter 443.

– For Sentinel LDK-EMS (on-premises), enter 8080 or the port as configured for your site.

d. In Use SSL:

– For Sentinel EMS or Sentinel LDK-EMS (Thales-hosted), select the check box.

– For Sentinel LDK-EMS (on-premises), select or clear the check box as configured for your site.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 58
Chapter 3: Introducing Your Sentinel Vendor Keys to Sentinel LDK

NOTE For Sentinel LDK-EMS (on-premises): If the public information provided in the fields
above cannot be used to access your on-premises Sentinel LDK-EMS server within your
network, you must run the Master Wizard a second time to configure Sentinel LDK-EMS:
• First, complete the wizard and save the customized RTE installers generated by the
wizard to a different location.
• Next, run the wizard again to configure Sentinel LDK-EMS. In the Advanced fields
above, specify the information for accessing the Sentinel LDK-EMS server in your local
network.

8. If you provided a user name and password above, click Login. Otherwise, click Skip login.

The following screen is displayed:

9. Select the desired method for introducing your Vendor key. For more information, see "Methods of
Introducing a Vendor Key" on page 53.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 59
Chapter 3: Introducing Your Sentinel Vendor Keys to Sentinel LDK

10.Click Next. (If you chose the "Extract" method above, the wizard asks you to browse to and select your MWP
file.)

The following screen is displayed:

11.Select the version-restricted or version-unrestricted option (see "Selecting the Version-Enforcement


Option" on page 54). Click Next.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 60
Chapter 3: Introducing Your Sentinel Vendor Keys to Sentinel LDK

The following screen is displayed:

12.Ensure that the Key ID for the relevant Vendor key is displayed. Click Next.

The following screen is displayed:

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 61
Chapter 3: Introducing Your Sentinel Vendor Keys to Sentinel LDK

13.Select the libraries for which you want to generate APIs and select the Run-time Environment installers that
you want to download and configure (some items are selected by default and cannot be cleared).

NOTE The Specify API Settings screen is always displayed and the selected items downloaded
each time you run the Master Wizard. Ignore these items if you do not need them on the machine
where you are running the wizard.

14.Click Next.

• The generated APIs are downloaded to the following directory, under the appropriate subdirectory:

%userProfile%\Documents\Thales\Sentinel LDK 8.3\API\Runtime\

• The configured Run-time Environment installers are downloaded to:

%userProfile%\Documents\Thales\Sentinel LDK 8.3\Redistribute\Runtime\

15.Click Finish to close the wizard.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 62
CHAPTER 4: Installing Sentinel LDK Run-time
Environment

This section describes how to install Sentinel LDK Run-time Environment on the following platforms.

> "Installing Sentinel LDK Run-time Environment for Mac" below

> "Installing Sentinel LDK Run-time Environment for Linux" on page 66

> "Installing Sentinel LDK Run-time Environment for Windows" on page 71

Installing Sentinel LDK Run-time Environment for Mac


This section describes how to install the Sentinel LDK Run-time Environment on a machine with a Mac operating
system, and explains how to modify the behavior of the daemons.

For information on supported platforms for Sentinel LDK Run-time Environment, see the Sentinel LDK Release
Notes.

In this section:

> "Installing Sentinel LDK Run-time Environment" below

> "Installed Files" on the next page

> "Modifying the Behavior of the Daemons" on the next page

Installing Sentinel LDK Run-time Environment


Follow the instructions below to install the Sentinel LDK Run-time Environment on a machine with a Mac
operating system.

To install the Sentinel LDK Run-time Environment:

1. Go the Sentinel LDK MacOS directory on your Mac machine. For more information see the Sentinel LDK
Getting Started Guide for Mac.

2. Open /MacOS/Redistribute, and double-click Sentinel_Runtime.dmg.

3. Double-click the Install Sentinel Runtime Environment disk image icon. The installer wizard is launched.

4. Follow the instructions of the installer wizard until the installation is complete.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 63
Chapter 4: Installing Sentinel LDK Run-time Environment

Following successful installation, the Sentinel LDK Run-time Environment is automatically launched. The first
time that you run Admin Control Center and submit configuration changes, hasplmd creates configuration files
in /private/etc/hasplm/.

Installed Files
After you run the installation, verify that the following files have been installed on your hard drive:

> /usr/local/sentinel/aksusbd (support for Sentinel HL (HASP configuration) keys and HASP HL keys)

> /usr/local/sentinel/hasplmd (Sentinel License Manager daemon)

> /Library/LaunchDaemons/com.aladdin.aksusbd.plist

> /Library/LaunchDaemons/com.aladdin.hasplmd.plist

Modifying the Behavior of the Daemons


Behavior of the daemons can be modified by changing the switches used to start the daemons. Modification
requires the following steps:

> Terminating the daemons

> Determining the switches to use

> Saving the modifications

> Restarting the daemons

To terminate the daemons:

1. Ensure that you have Administrator privileges.

2. Launch /Applications/Utilities/Terminal.

3. Change the directory to: /Library/LaunchDaemons/

4. At the command prompt, enter the following commands:

sudo launchctl unload com.aladdin.hasplmd.plist

sudo launchctl unload com.aladdin.aksusbd.plist

(When prompted, enter your administrator password.)

The daemons stop running.

To determine which switches to use:

Use the table that follows to determine which command line switches to use to set the behavior of the aksusbd
and hasplmd daemons.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 64
Chapter 4: Installing Sentinel LDK Run-time Environment

Daemon Command Description

Both -f Forces the daemon to work in the foreground. Required for launchd
startup.

Both -h, --help Displays a list of available commands

Both -l <level> Specifies the level of log messages. The values are:
0 - Errors only
1 - Normal
2 - Verbose
3 - Ultra verbose

Both v Displays aksusbd and API versions


OR
Displays hasplmd version

aksusbd -d <milliseconds> Specifies the delay after connecting a Sentinel HL (HASP


configuration) key or HASP HL key, before it can be accessed the first
time (range 0–2000)

aksusbd -q <entries> Specifies the length of the work queue (default 64)

aksusbd -u <mask> Specifies the permission bits for the special socket file. Default is 666
(access for all users)

aksusbd -s <file> Specifies the communication socket name

hasplmd -s, -start Starts the Sentinel License Manager daemon

hasplmd -u <user> Launches daemon with owner as user to enhance security

To save the selected switches:

After determining which switches you want to employ, do the following to save the switches in the .plist files so
that they will be used each time the daemons are launched when the system is restarted:

> Either edit the relevant .plist files using a text editor OR use the /Developer/Applications/Utilities/Property List
Editor (part of the Xcode Developer Tools) to do the following:

a. Add the modifications for aksusbd to /Library/LaunchDaemons/com.aladdin.aksusbd.plist.

b. Add the modifications for hasplmd to /Library/LaunchDaemons/com.aladdin.hasplmd.plist.

Ensure that the -f switch is included in both daemons.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 65
Chapter 4: Installing Sentinel LDK Run-time Environment

To restart the daemons:

After saving the selected switches, do the following to restart the daemons:

1. Ensure that you have Administrator privileges.

2. Launch /Applications/Utilities/Terminal.

3. Change the directory to: /Library/LaunchDaemons/

4. At the command prompt, enter the following commands

sudo launchctl load com.aladdin.aksusbd.plist

sudo launchctl load com.aladdin.hasplmd.plist

(Enter your Administrator password when prompted.)

The daemons are restarted.

NOTE The Run-time Environment daemons are launched automatically when the system is
restarted.

Installing Sentinel LDK Run-time Environment for Linux


This section describes how to install Sentinel LDK Run-time Environment v.8.31.1 on a computer with a Linux
operating system.

For information on supported platforms for Sentinel LDK Run-time Environment, see the Sentinel LDK Release
Notes.

In this section:

> "Installing Sentinel LDK Run-time Environment" on the next page

> "Installed Files" on page 70

> "Uninstalling Sentinel LDK Run-time Environment" on page 70

> "Upgrading HASP HL Key Firmware" on page 71

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 66
Chapter 4: Installing Sentinel LDK Run-time Environment

Installing Sentinel LDK Run-time Environment

NOTE When installing Sentinel LDK Run-time Environment on an end user's machine: To
support your application on both 32-bit and 64-bit architectures, ensure that you provide both
32-bit and 64-bit customized Vendor libraries with the Run-time Environment installer. These
libraries are contained in the following files:
> haspvlib_<vendorID>.so
> haspvlib_x86_64_<vendorID>.so
> haspvlib_armhf_<vendorID>.so
> haspvlib_arm64_<vendorID>.so

To install the Sentinel LDK Run-time Environment using RPM or DEB:

1. Go the Sentinel LDK Linux directory on your Linux machine. For more information see the Sentinel LDK
Getting Started Guide for Linux.

2. Disconnect your Sentinel HL key (if any) from the machine.

3. Open a terminal window and navigate to Linux/Redistribute/Runtime.

4. As root, enter the following command:

• For RedHat, SUSE, or CentOS 32-bit ARM systems:

rpm -i aksusbd-8.31-1.armv7hl.rpm

• For RedHat, SUSE, or CentOS 64-bit ARM systems:

rpm -i aksusbd-8.31-1.aarch64.rpm

• For RedHat, SUSE, or CentOS 64-bit Intel systems:

rpm -i aksusbd-8.31-1.x86_64.rpm

• For Ubuntu or Debian 32-bit ARM systems:

dpkg -i aksusbd_8.31-1_armhf.deb

• For Ubuntu or Debian 64-bit ARM systems:

dpkg -i aksusbd_8.31-1_arm64.deb

• For Ubuntu or Debian 64-bit Intel systems:

dpkg -i aksusbd_8.31-1_amd64.deb

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 67
Chapter 4: Installing Sentinel LDK Run-time Environment

NOTE All install/uninstall commands must be executed with root rights. In Ubuntu, prefix the
commands with the sudo command; in other distributions, use the su utility to become root in
the terminal window.

The Sentinel LDK Run-time Environment is launched.

5. Reconnect the Sentinel HL key.

NOTE At this point, for older HASP HL keys, the firmware on the HL key may be automatically
upgraded. During the upgrade process, the key will blink continuously. Do not remove the key
while it is blinking. If you remove the key too soon, the key may no longer be visible in Admin
Control Center. If the key is not visible, or if the upgrade does not occur, see "Upgrading HASP
HL Key Firmware" on page 71.

To install the Sentinel LDK Run-time Environment from a script:

(Use this procedure if the distribution does not support RPM or DEB.)

1. Go the Sentinel LDK Linux directory on your Linux machine. For more information see the Sentinel LDK
Getting Started Guide for Linux

2. Disconnect your Sentinel HL key (if any) from the machine.

3. Copy the package Linux/Redistribute/Runtime/aksusbd-8.31.1.tar.gz to a local directory.

4. Open a terminal window in the local directory.

5. Enter the following command to uncompress the package containing the Run-time Environment installer:

tar zxvf aksusbd-8.31.1.tar.gz

6. Enter the following command to change to the directory containing the installer:

cd aksusbd-8.31.1

7. As root, enter the command: ./dinst

The Sentinel LDK Run-time Environment is launched.

8. Reconnect the Sentinel HL key.

NOTE At this point, for older HASP HL keys, the firmware on the HL key may be automatically
upgraded. During the upgrade process, the key will blink continuously. Do not remove the key
while it is blinking. If you remove the key too soon, the key may no longer be visible in Admin
Control Center. If the key is not visible, or if the upgrade does not occur, see "Upgrading HASP
HL Key Firmware" on page 71.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 68
Chapter 4: Installing Sentinel LDK Run-time Environment

Uninstalling Run-time Environment v.1.14 or Earlier


An existing installation of the Run-time Environment v.1.14 or earlier cannot be upgraded and must therefore be
uninstalled. (Run-time Environment v.1.15 or later can be upgraded.)

Before installing the new Run-time Environment, enter the following command to uninstall an existing Run-time
Environment v.1.14 or earlier (if present):

> For RedHat: rpm -e aksusbd-redhat

> For SUSE: rpm -e aksusbd-suse

If the existing Run-time Environment was installed using the Run-time Environment installation script (dinst),
remove this installation by entering following command as root from within the script package: ./dunst

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 69
Chapter 4: Installing Sentinel LDK Run-time Environment

Installed Files
After you run the installation, verify that the following files are installed:

> /usr/sbin/aksusbd and /usr/sbin/aksusbd _x86_64

32-bit and 64-bit support for Sentinel HL (HASP configuration) keys and HASP HL keys, and support for low-
level access to the Sentinel License Manager daemon.

> /etc/init.d/aksusbd or /etc/init.d/aksusbd_x86_64

32-bit or 64-bit startup script for Sentinel License Manager daemon. This file is not installed for Linux systems
that use systemd. The file is installed only for old systems that use sysv.

> /usr/sbin/hasplmd and /usr/sbin/hasplmd_x86_64

32-bit and 64-bit Sentinel License Manager daemons

> /etc/udev/rules.d/80-hasp.rules

Rules for /udev

Following successful installation, the Sentinel LDK Run-time Environment is automatically launched. The first
time that you run Admin Control Center and submit configuration changes, hasplmd creates a hasplm.ini
configuration file in /etc/hasplm. In addition, log files are created in /var/hasplm/.

Uninstalling Sentinel LDK Run-time Environment

To uninstall Sentinel LDK Run-time Environment v.1.15 or later, when installed using RPM or DEB:

> For RedHat, SUSE, or CentOS: As root, enter the command:

rpm -e aksusbd

> For Debian or Ubuntu: Enter the command:

dpkg -r aksusbd

For some earlier Ubuntu systems, it may be necessary to specify that this is an i386 package. Enter the
command:

dpkg -r aksusbd:i386

To uninstall Sentinel LDK Run-time Environment when installed using “dinst”:

> As root, open a terminal window and enter the command:

./dunst

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 70
Chapter 4: Installing Sentinel LDK Run-time Environment

The dunst script can be found in the directory containing the dinst script, described in "Installing
Sentinel LDK Run-time Environment" on page 67.

Upgrading HASP HL Key Firmware


The Firmware for older HASP HL keys has been modified to support future planned security enhancements in
Sentinel LDK. Sentinel LDK automatically upgrades the Firmware on HASP HL keys from v.3.21 to the latest
version (v.3.25). This occurs:

> when a HASP HL key with v.3.21 Firmware is connected to a computer where the Run-time Environment is
being updated to v.1.15.

> when a customer connects a HASP HL key with v.3.21 Firmware to a computer where the Run-time
Environment v.1.15 has been previously installed.

(You can determine the Firmware version of your HL key by viewing the key on the Sentinel Keys page of the
Admin Control Center.)

For HL keys with Firmware earlier than version 3.21, the upgrade does not occur automatically. Customers can
upgrade the Firmware to version 3.25 by applying the Firmware Update V2C. This is located on the machine
where Sentinel LDK Vendor Suite is installed, in the directory:

%ProgramFiles(x86)\Thales\Sentinel LDK\Redistribute\Firmware Update\HASP HL\

During the Firmware upgrade, the relevant key will start to blink. Do not remove the key while it is blinking. If you
remove the key too soon, the key may no longer be visible in Admin Control Center.

NOTE In the event the key is no longer visible using the Linux Run-time Environment, do the
following on a Windows computer:
1. Install Sentinel LDK Run-time Environment.
2. Connect the HL key.
3. Run the application FirmwareUpdate.exe. This is located in the directory described above.
The HL key is upgraded to v.3.25 Firmware and will now be visible in the Linux Admin Control
Center.

Installing Sentinel LDK Run-time Environment for Windows


Sentinel LDK Run-time Environment may be required:

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 71
Chapter 4: Installing Sentinel LDK Run-time Environment

> at the vendor's site, to perform many activities using Sentinel EMS or LDK-EMS. In this case, the Run-time
Environment is typically installed by the Sentinel LDK installer.

> at the customer's site, to perform online activation of SL AdminMode keys using the Sentinel LDK-EMS
Customer Portal.

> at the customer's site, for your protected applications to run. Depending on the type of protection key
provided, the Run-time Environment may be required at the site.

For more information, see the Sentinel LDK Software Protection and Licensing Guide.

This section describes how you can install the Run-time Environment when it is required for your protected
application (and it has not been installed automatically from the Customer Portal).

For information on supported platforms for Sentinel LDK Run-time Environment, see the Sentinel LDK Release
Notes.

The following utilities are available for installing the Sentinel LDK Run-time Environment at the end user’s site:

> A stand-alone GUI installer (HASPUserSetup.exe)

> A command line installer that you can integrate into your software installer (haspdinst.exe)

These utilities recognize the operating system in use and install the correct Run-time environment.

NOTE Administrator privileges are required to install the Sentinel LDK Run-time Environment.

In this section:

> "HASPUserSetup.exe Utility" below

> "haspdinst.exe Utility" on the next page

> "Multiple Installations on a Single End User’s Computer" on page 74

HASPUserSetup.exe Utility
HASPUserSetup.exe is a GUI-based installation program to independently install the Sentinel LDK Run-time
Environment. Following installation, the file is located in:

%ProgramFiles(x86)%\Thales\Sentinel LDK\\Redistribute\Runtime Environment\Setup

To launch the utility, double-click HASPUserSetup.exe and follow the wizard instructions.

NOTE The HASPUserSetup.exe utility automatically installs the Run-time Environment with or
without legacy drivers, as required. If you need to force installation of legacy drivers, use the
"haspdinst.exe Utility" on the next page. For more information, see the description of legacy
drivers in the Sentinel LDK Software Protection and Licensing Guide.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 72
Chapter 4: Installing Sentinel LDK Run-time Environment

haspdinst.exe Utility
haspdinst.exe is a command-line utility that installs the Sentinel LDK Run-time Environment. Following
installation, the file is located in:

%ProgramFiles(x86)%\Thales\Sentinel LDK\Redistribute\Runtime Environment\cmd Install

NOTE By default, the haspdinst.exe utility automatically installs the Run-time Environment with
or without legacy drivers, as required. If necessary, you can force installation of legacy drivers
using the relevant switch described in "Additional haspdinst.exe Utility Switches" below. For
more information, see the description of legacy drivers in the Sentinel LDK Software Protection
and Licensing Guide.

To install or upgrade the Sentinel LDK Run-time Environment:

> Type haspdinst -i in the command line. The installation or upgrade process is performed automatically. A
message is displayed informing you that the Sentinel LDK Run-time Environment was successfully installed.

Immediately after the Run-time Environment is installed or upgraded, any V2C file contained in the same
folder is applied to the relevant protection key on the machine.

Sentinel LDK Run-time Environment 7.100 or later must be present on the machine for the V2C files to be
automatically applied.

To remove the Sentinel LDK Run-time Environment:

> Type haspdinst -r in the command line. A message is displayed informing you that the Sentinel LDK Run-
time Environment was successfully removed.

Additional haspdinst.exe Utility Switches


The following table lists additional switches that can be used with the haspdinst.exe utility.

Switch Description

-info Displays the installation status

-h or -? Displays a list of the available commands

-kp Enables the installation program to ‘kill’ all processes accessing the Run-time
Environment

-cm Sets the installation program to display only critical messages (for example, instructions
to reboot)

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 73
Chapter 4: Installing Sentinel LDK Run-time Environment

Switch Description

-fr Sets the installation program to remove Sentinel LDK Run-time Environment by force,
leaving the run-time in a non-functioning state

-ld Forces installation of the Run-time Environment with legacy drivers. For details, see the
Sentinel LDK Software Protection and Licensing Guide. For example: haspdinst -i -
ld

-fi Sets the installation program to ignore other running Windows processes

-nomsg Sets program to display no messages

-chkllm If used in conjunction with the -i or -r switch, checks for active License Manager
sessions and prompts the user to continue or to abort the operation.

-fss Silently stops “HASP Loader” and “Server” services (if they are active), performs the
requested operation, and then restarts the services.

Multiple Installations on a Single End User’s Computer


The Sentinel LDK Run-time Environment installer utilities contain an automatic mechanism that prevents more
than one copy of the Run-time Environment from being installed on a single computer, even if multiple protected
applications are installed on the computer.

The Run-time Environment installer utilities employ a counter that keeps track of the number of protected
applications installed on a given computer.

For each installation after the first, the installer simply increments the counter instead of actually installing an
additional copy of the Run-time Environment. Similarly, the counter is decremented each time the Run-time
Environment is uninstalled.

The Run-time Environment is not actually uninstalled until the last protected application is uninstalled.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 74
CHAPTER 5: Installing Software Updates

On the Windows machine where Sentinel Vendor Suite or Sentinel LDK-EMS is installed, the Sentinel LDK
software manager checks to determine whether a later version of the software is available from Thales servers.
This helps to ensure that you are aware of important updates and that you are always working with the latest
version of Sentinel LDK.

An update may consist of a new version of Sentinel LDK or an update to individual components or documents.

Each day, the software manager checks for the availability of any updates to the installed components of
Sentinel LDK. The check takes place at the same time of day that the components were installed. Only one
update notification is delivered on any given day.

If the software manager determines that an update is available, a message window similar to the following is
displayed:

The title of the window identifies the component of Sentinel LDK to which the update applies, followed by
"Update Client".

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 75
Chapter 5: Installing Software Updates

For more information regarding the update, click Show Details. A window similar to the following is displayed:

This window lists details of the update.

At this point, you can choose to:

> Click Install to download and install the updated version.

NOTE Before you click this option, be sure to close any active Sentinel LDK applications.

> Click Not Now (or just close the window) to postpone the update. The notification will be displayed again the
next day.

> Click Ignore Update. You will not receive any more notifications regarding this specific update.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 76
CHAPTER A: Modifying and Uninstalling
Sentinel LDK

This appendix describes how to add Sentinel LDK-EMS or Sentinel LDK Vendor Suite to an existing installation
of Sentinel LDK, and how to uninstall Sentinel LDK components from your computer.

Modifying the Installed Sentinel LDK Components


After installing one of the two major Sentinel LDK components, you may want to add the second component on
the same machine. For example, you may have installed only Sentinel LDK Vendor Suite, and now you want to
add Sentinel LDK-EMS on the same machine (or vice versa).

To add the second component on the same machine as the first component:

Run the installation procedure from the Sentinel LDK Installation Drive and select the Modify option.

NOTE Do not use the Change > Modify option that is available from the Programs and
Features window in the Control Panel.

Uninstalling Sentinel LDK Vendor Suite


This section describes how to completely uninstall the current version of Sentinel LDK Vendor Suite from your
computer. To uninstall earlier versions of Sentinel LDK or Sentinel HASP, see the appropriate version of the
Installation Guide.

To completely uninstall Sentinel LDK Vendor Suite from your computer:

1. Ensure that all Sentinel LDK components are not active.

2. On the computer where you want to uninstall Sentinel LDK, open the Programs and Features window from
the Control Panel.

3. Remove the following:

• Sentinel LDK

• Sentinel Runtime

• Sentinel Vendor Suite

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 77
Chapter A: Modifying and Uninstalling Sentinel LDK

Uninstalling Sentinel LDK-EMS (On-Premises)


If you installed Sentinel LDK-EMS on premises, remove Sentinel LDK-EMS as described below.

NOTE This procedure does not remove the Sentinel LDK-EMS database.

To completely uninstall Sentinel LDK-EMS from your computer:

1. Ensure that Tomcat is not active.

2. Open the Programs and Features window from the Control Panel.

3. Remove Sentinel LDK-EMS

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 78
SENTINEL LDK PRODUCT END USER
LICENSE AGREEMENT

IMPORTANT INFORMATION - PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE
CONTENTS OF THE PACKAGE AND/OR BEFORE DOWNLOADING OR INSTALLING THE SOFTWARE
PRODUCT. ALL ORDERS FOR AND USE OF THE SENTINEL® LDK PRODUCTS (including without limitation,
the Developer's Kit, libraries, utilities, diskettes, CD_ROM, DVD, Sentinel keys, the software component of
Sentinel LDK, and the Sentinel LDK Software Protection and Licensing Guide) (hereinafter “Product”)
SUPPLIED BY THALES DIS CPL USA, Inc., or one of its affiliates, (in each case, referred to hereinas
“THALES”) ARE AND SHALL BE, SUBJECT TO THE TERMS AND CONDITIONS SET FORTH IN THIS
AGREEMENT.

BY OPENING THE PACKAGE CONTAINING THE PRODUCTS AND/OR BY DOWNLOADING THE


SOFTWARE (as defined hereunder) AND/OR BY INSTALLING THE SOFTWARE ON YOUR COMPUTER
AND/OR BY USING THE PRODUCT, YOU ARE ACCEPTING THIS AGREEMENT AND AGREEING TO BE
BOUND BY ITS TERMS AND CONDITIONS.

IF YOU DO NOT AGREE TO THIS AGREEMENT OR ARE NOT WILLING TO BE BOUND BY IT, DO NOT
OPEN THE PACKAGE AND/OR DOWNLOAD AND/OR INSTALL THE SOFTWARE AND PROMPTLY (at least
within 7 days from the date you received this package) RETURN THE PRODUCTS TO THALES, ERASE THE
SOFTWARE, AND ANY PART THEREOF, FROM YOUR COMPUTER AND DO NOT USE IT IN ANY MANNER
WHATSOEVER.

This Agreement has 3 sections:

Section I applies if you are downloading or using the Product free of charge for evaluation purposes only.

Section II applies if you have purchased or have been otherwise granted by Thales a license to use the Product.

Section III applies to all grants of license.

1. SECTION I - TERMS APPLICABLE TO GRANT OF EVALUATION LICENSE

1.1 License Grant. Thales hereby grants to you, and you accept, a nonexclusive license to use the Product in
machine- readable, object code form only, free of charge, for the purpose of evaluating whether to purchase an
ongoing license to the Product and only as authorized in this License Agreement. The evaluation period is limited
to the maximum amount of days specified in your applicable evaluation package. You may use the Product,
during the evaluation period, in the manner described in Section III below under “Extent of Grant.”

1.2 DISCLAIMER OF WARRANTY. The Product is provided on an “AS IS” basis, without warranty of any kind.
IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, SATISFACTION AND
MERCHANTABILITY SHALL NOT APPLY. SOME JURISDICTIONS DO NOT ALLOW EXCLUSIONS OF AN
IMPLIED WARRANTY, SO THIS DISCLAIMER MAY NOT APPLY TO YOU AND YOU MAY HAVE OTHER

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 79
SENTINEL LDK PRODUCT END USER LICENSE AGREEMENT

LEGAL RIGHTS THAT VARY BY JURISDICTION. The entire risk as to the quality and performance of the
Product is borne by you. This disclaimer of warranty constitutes an essential part of the agreement.

If you initially acquired a copy of the Product without purchasing a license and you wish to purchase a license,
contact Thales or any Thales representative.

2. SECTION II - APPLICABLE TERMS WHEN GRANTED A LICENSE

2.1 License Grant. Subject to your payment of the license fees applicable to the type and amount of licenses
purchased by you and set forth in your applicable purchase order, Thales hereby grants to you, and you accept,
a personal, nonexclusive and fully revocable limited License to use the Software (as such term is defined in
Section III hereunder, in the Intellectual Property subsection), in executable form only, as described in the
Software accompanying user documentation and only according to the terms of this Agreement: (i) you may
install the Software and use it on computers located in your place of business, as described in Thales's related
documentation; (ii) you may merge and link the Software into your computer programs for the sole purpose
described in the Sentinel LDK Software Protection and Licensing Guide; however, any portion of the Software
merged into another computer program shall be deemed as derivative work and will continue to be subject to the
terms of this Agreement; and (iii) you are permitted to make a reasonable number of copies of the Software
solely for backup purposes. The Software shall not be used for any other purposes.

2.2 Sub-Licensing. After merging the Software in your computer program(s) according to the License Grant
section above, you may sub-license, pursuant to the terms of this Agreement, the merged Software and resell
the hardware components of the Product, which you purchased from Thales, if applicable, to distributors and/or
users. Preceding such a sale and sub-licensing, you shall make sure that your contracts with any of your
distributors and/or end users (and their contracts with their customers) shall contain warranties, disclaimers,
limitation of liability, and license terms which are no less protective of Thales's rights than such equivalent
provisions contained herein. In addition, you shall make it abundantly clear to your distributors and/or end users,
that Thales is not and shall not, under any circumstances, be responsible or liable in any way for the software
and software licenses contained in your computer programs which you merge with the Thales Software and
distribute to your distributors and/or end users, including, without limitation, with respect to extending license
terms and providing maintenance for any software elements and/or computer programs which are not the Thales
Software. Thales expressly disclaims any responsibility and liability with respect to any computer programs,
software elements, and/or hardware elements which are not and do not form part of the Thales product.

2.3 Limited Warranty. Thales warrants, for your benefit alone, that (i) the Software, when and as delivered to you,
and for a period of three (3) months after the date of delivery to you, will perform in substantial compliance with
the Sentinel LDK Software Protection and Licensing Guide, provided that it is used on the computer hardware
and with the operating system for which it was designed; and (ii) that the Sentinel HL key and microSD card, for a
period of twenty four (24) months after the date of delivery to you, will be substantially free from significant
defects in materials and workmanship. You may enable or disable certain features when applying the Sentinel
LDK protection software by changing settings in the Sentinel LDK tools in accordance with the Sentinel LDK
Software

Protection and Licensing Guide; HOWEVER, IT IS IMPORTANT TO NOTE THAT WHEN ENABLING OR
DISABLING SOME FEATURES YOU MIGHT REDUCE THE LEVEL OF PROTECTION PROVIDED BY THE
SOFTWARE.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 80
SENTINEL LDK PRODUCT END USER LICENSE AGREEMENT

2.4 Warranty Disclaimer. THALES DOES NOT WARRANT THAT ANY OF ITS PRODUCT(S) WILL MEET
YOUR REQUIREMENTS OR THAT THEIR OPERATION WILL BE UNINTERRUPTED OR ERROR-FREE. TO
THE EXTENT ALLOWED BY LAW, THALES EXPRESSLY DISCLAIMS ALL EXPRESS WARRANTIES NOT
STATED HERE AND ALL IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. NO THALES'S
DEALER, DISTRIBUTOR, RESELLER, AGENT OR EMPLOYEE IS AUTHORIZED TO MAKE ANY

MODIFICATIONS, EXTENSIONS, OR ADDITIONS TO THIS WARRANTY. If any modifications are made to the
Software or to any other part of the Product by you; if the media, the Sentinel key, or the microSD card is
subjected to accident, abuse, or improper use; or if you violate any of the terms of this Agreement, then the
warranty in Section 2.3 above, shall immediately be terminated. The warranty shall not apply if the Software is
used on or in conjunction with hardware or program other than the unmodified version of hardware and program
with which the Software was designed to be used as described in the Sentinel LDK Software Protection and
Licensing Guide. The limited warranty does not cover any damage to the microSD card that results from
improper installation, accident, abuse, misuse, natural disaster, insufficient or excessive electrical supply,
abnormal mechanical or environmental conditions, or any unauthorized disassembly, repair or modification. This
limited warranty shall not apply if: (i) the microSD card was not used in accordance with any accompanying
instructions, or (ii) the product was not used for its intended function. This limited warranty also does not apply to
any microSD card on which the original identification information has been altered, obliterated or removed, that
has not been handled or packaged correctly, that has been sold as second-hand or that has been resold contrary
to U.S. and other applicable export regulations.

2.5 Limitation of Remedies. In the event of a breach of the warranty set forth above, Thales's sole obligation, and
your sole remedy shall be, at Thales's sole discretion: (i) to replace or repair the Product, or component thereof,
that does not meet the foregoing limited warranty, free of charge; or (ii) to refund the price paid by you for the
Product, or component thereof. Any replacement or repaired component will be warranted for the remainder of
the original warranty period or 30 days, whichever is longer. Warranty claims must be made in writing during the
warranty period and within seven (7) days of the observation of the defect accompanied by evidence satisfactory
to Thales. All Products should be returned to the distributor from which they were purchased (if not purchased
directly from Thales) and shall be shipped by the returning party with freight and insurance paid. The Product or
component thereof must be returned with a copy of your receipt. Thales is not liable for, and does not cover
under warranty, any damages or losses of any kind whatsoever resulting from loss of, damage to or corruption
of, content or data or any costs associated with determining the source of system problems or removing,
servicing or installing the microSD card. This warranty excludes third party software, connected equipment or
stored data. Thales is therefore not liable for any losses or damage attributable to third party software, connected
equipment or stored data. In the event of a claim, Thales’s sole obligation shall be to issue a refund or
replacement of the microSD card.

3. SECTION III - TERMS APPLICABLE TO ALL GRANTS OF LICENSE

3.1 Extent of Grant and Prohibited Uses. Except as specifically permitted in Sections 2.1 and 2.2 above, you
agree not to (i) use the Product in any manner beyond the scope of license purchased by you in accordance with
your applicable purchase order; (ii) use, modify, merge or sub-license the Software or any other of Thales's
products except as expressly authorized in this Agreement and in the Sentinel LDK Software Protection and
Licensing Guide; and (iii) sell, license (or sub-license), lease, assign, transfer, pledge, or share your rights under

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 81
SENTINEL LDK PRODUCT END USER LICENSE AGREEMENT

this License with/to anyone else; and (iv) modify, disassemble, decompile, reverse engineer, revise or enhance
the Software or attempt to discover the Software’s source code; and (v) place the Software onto a server so that
it is accessible via a public network; and (vi) use any back-up or archival copies of the Software (or allow
someone else to use such copies) for any purpose other than to replace an original copy if it is destroyed or
becomes defective. If you are a member of the European Union, this agreement does not affect your rights under
any legislation implementing the EC Council Directive on the Legal Protection of Computer Programs. If you
seek any information within the meaning of that Directive you should initially approach Thales.

3.2 Intellectual Property. THIS IS A LICENSE AGREEMENT AND NOT AN AGREEMENT FOR SALE. The
software component of the Sentinel LDK Product, including any revisions, corrections, modifications,
enhancements, updates and/or upgrades thereto, (hereinafter in whole or any part thereof defined as:
“Software”), and the related documentation, ARE NOT FOR SALE and are and shall remain in Thales's sole
property. All intellectual property rights (including, without limitation, copyrights, patents, trade secrets,
trademarks, etc.) evidenced by or embodied in and/or attached/connected/related to the Product, (including,
without limitation, the Software code and the work product performed in accordance with Section II above) are
and shall be owned solely by Thales. This License Agreement does not convey to you an interest in or to the
Software but only a limited right of use revocable in accordance with the terms of this License Agreement.
Nothing in this Agreement constitutes a waiver of Thales's intellectual property rights under any law.

3.3 Audit. Thales shall have the right, at its own expense, upon reasonable prior notice, to periodically inspect
and audit your records to ensure your compliance with the terms and conditions of this license agreement.

3.4 Termination. Without prejudice to any other rights, Thales may terminate this license upon the breach by you
of any term hereof. Upon such termination by Thales, you agree to destroy, or return to Thales, the Product and
the Documentation and all copies and portions thereof.

3.5 Limitation of Liability. Thales's cumulative liability to you or any other party for any loss or damages resulting
from any claims, demands, or actions arising out of or relating to this Agreement and/or the sue of the Product
shall not exceed the license fee paid to Thales for the use of the Product/s that gave rise to the action or claim,
and if no such Product/s is/are so applicable then Thales's liability shall not exceed the amount of license fees
paid by You to Thales hereunder during the twelve (12) months period preceding the event. UNDER NO
CIRCUMSTANCES AND UNDER NO LEGAL THEORY, TORT, CONTRACT, OR OTHERWISE, SHALL
THALES OR ITS SUPPLIERS OR RESELLERS OR AGENTS BE LIABLE TO YOU OR ANY OTHER PERSON
FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY TYPE
INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, BUSINESS INTERRUPTION,
COMPUTER FAILURE OR MALFUNCTION, LOSS OF BUSINESS PROFITS, LOSS OF BUSINESS
INFORMATION, DAMAGES FOR PERSONAL INJURY OR ANY AND ALL OTHER COMMERCIAL DAMAGES
OR LOSSES, EVEN IF THALES SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH
DAMAGES, OR FOR ANY CLAIM BY ANY OTHER PARTY. SOME JURISDICTIONS DO NOT ALLOW THE
EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS LIMITATION
AND EXCLUSION MAY NOT APPLY TO YOU.

3.6 No other Warranties. Except and to the extent specifically provided herein, Thales makes no warranty or
representation, either express or implied, with respect to its Products as, including their quality, performance,
merchantability or fitness for a particular purpose.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 82
SENTINEL LDK PRODUCT END USER LICENSE AGREEMENT

3.7 Export Controls. YOU ACKNOWLEDGE THAT THE SOFTWARE IS SUBJECT TO REGULATION BY
UNITED STATES, EUROPEAN UNION, AND/OR OTHER GOVERNMENT AGENCIES, WHICH PROHIBIT
EXPORT OR DIVERSION OF THE SOFTWARE TO CERTAIN COUNTRIES AND CERTAIN PERSONS. YOU
AGREE TO COMPLY WITH ALL EXPORT LAWS, REGULATIONS AND RESTRICTIONS OF THE UNITED
STATES DEPARTMENT OF STATE, DEPARTMENT OF COMMERCE OR OTHER LEGAL AUTHORITY
WITHIN THE UNITED STATES OR ANY FOREIGN ENTITY WHICH REGULATES THEIR SHIPMENT. YOU
WILL NOT EXPORT IN ANY MANNER, EITHER DIRECTLY OR INDIRECTLY, ANY SOFTWARE OR ANY
PRODUCT THAT INCORPORATES ANY SOFTWARE WITHOUT FIRST OBTAINING ALL NECESSARY
APPROVAL FROM APPROPRIATE GOVERNMENT AGENCIES. YOU AGREE TO INDEMNIFY THALES
AGAINST ALL CLAIMS, LOSSES, DAMAGES, LIABILITIES, COSTS AND EXPENSES, INCLUDING
REASONABLE ATTORNEYS' FEES, TO THE EXTENT SUCH CLAIMS ARISE OUT OF ANY BREACH OF
THIS SECTION 3.7.

3.8 Governing Law & Jurisdiction. This License Agreement shall be construed, interpreted and governed by the
laws of the State of Delaware without regard to conflicts of laws and provisions thereof. The exclusive forum for
any disputes arising out of or relating to this License Agreement shall be an appropriate federal or state court
sitting in Harford County, State of Maryland, USA. The application of the United Nations Convention of Contracts
for the International Sale of Goods is expressly excluded. The failure of either party to enforce any rights granted
hereunder or to take action against the other party in the event of any breach hereunder shall not be deemed a
waiver by that party as to subsequent enforcement of rights or subsequent actions in the event of future
breaches.

3.9 Third Party Software. If distributed, the Software is distributed with open source software components (“Open
Source Software Components” or “OSS”) and other third party software (such OSS and other third party software
individually or collectively referred to herein as “Third Party Software”), which are provided “As Is” without any
warranty of any kind and subject to their own applicable license agreements (which might also contain limited
warranties and liabilities) referenced in Exhibit A (for the Software aside from that included in Sentinel LDK-EMS)
and Exhibit B (for the Software included in Sentinel LDK-EMS). THOSE TERMS AND CONDITIONS
SPECIFIED FOR EACH SPECIFIC OPEN SOURCE SOFTWARE COMPONENT OR OTHER THIRD PARTY
SOFTWARE SHALL BE APPLICABLE TO SUCH COMPONENT. Third Party Software in addition to those listed
in Exhibit A and B may be added to the Software from time to time, and will also be subject to their own applicable
license agreements. Each Open Source Software Component or other third party software is copyrighted by its
respective copyright owner(s) as indicated in the applicable copyright notices which can be found in the
applicable license, installation, readme and/or help files for such Open Source Software Components or other
third party software. Thales makes no representations or warranties with regard to the Open Source Software
Components or other third party software. If the Software contains any Third Party Software other than the ones
listed in Exhibit A and B, such Third Party Software is also provided “As Is” without any warranty of any kind and
shall be subject to the terms and conditions as set forth in the agreements contained/attached to such Third
Party Software. In the event such agreements are not available, such Third Party Software is provided “As Is”
without any warranty of any kind and shall be used in accordance with this Agreement.

3.10 Miscellaneous. If the copy of the Product you received was accompanied by a printed or other form of “hard-
copy” End User License Agreement whose terms vary from this Agreement, then the hard-copy End User
License Agreement governs your use of the Product. This Agreement represents the complete agreement

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 83
SENTINEL LDK PRODUCT END USER LICENSE AGREEMENT

concerning this license and may be amended only by a writing executed by both parties. THE ACCEPTANCE
OF ANY PURCHASE ORDER PLACED BY YOU, IS EXPRESSLY MADE CONDITIONAL ON YOUR ASSENT
TO THE TERMS SET FORTH HEREIN, COMBINED WITH THE APPLICABLE LICENSE SCOPE AND TERMS,
IF ANY, SET FORTH IN YOUR PURCHASE ORDER. If any provision of this Agreement is held to be
unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. The failure
of either party to enforce any rights granted hereunder or to take action against the other party in the event of any
breach hereunder shall not be deemed a waiver by that party as to subsequent enforcement of rights or
subsequent actions in the event of future breaches.

Copyright © 2022 Thales Group. All rights reserved.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 84
Exhibit A - Third-Party Software

Exhibit A - Third-Party Software

Open SSL

Version 1.1.1l

Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.

This product includes cryptographic software written by Eric Young ([email protected]). This product includes
software written by Tim Hudson ([email protected]).

/* ====================================================================

Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the
following conditions are met:

1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following
disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the
following disclaimer in the documentation and/or other materials provided with the distribution.

3. All advertising materials mentioning features or use of this software must display the following
acknowledgment:

"This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit.
(http://www.openssl.org/)"

4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to endorse or promote products
derived from this software without prior written permission. For written permission, please contact openssl-
[email protected].

5. Products derived from this software may not be called "OpenSSL" nor may "OpenSSL" appear in their names
without prior written permission of the OpenSSL Project.

6. Redistributions of any form whatsoever must retain the following acknowledgment:

"This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit
(http://www.openssl.org/)"

THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY EXPRESSED OR IMPLIED
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL
PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 85
Exhibit A - Third-Party Software

EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF


SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

====================================================================

This product includes cryptographic software written by Eric Young ([email protected]). This product includes
software written by Tim Hudson ([email protected]).

Original SSLeay License

Version 1.0.2u

Copyright (c) 1995-1998 The OpenSSL Project. All rights reserved.

This product includes software written by Tim Hudson ([email protected])

-----------------------

Copyright (C) 1995-1998 Eric Young ([email protected])

All rights reserved.

This package is an SSL implementation written by Eric Young ([email protected]).

The implementation was written so as to conform with Netscapes SSL.

This library is free for commercial and non-commercial use as long as the following conditions are adhered to.
The following conditions apply to all code found in this distribution, be it the RC4, RSA, lhash, DES, etc., code;
not just the SSL code. The SSL documentation included with this distribution is covered by the same copyright
terms except that the holder is Tim Hudson ([email protected]).

Copyright remains Eric Young's, and as such any Copyright notices in the code are not to be removed.

If this package is used in a product, Eric Young should be given attribution as the author of the parts of the library
used. This can be in the form of a textual message at program startup or in documentation (online or textual)
provided with the package.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the
following conditions are met:

1. Redistributions of source code must retain the copyright notice, this list of conditions and the following
disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the
following disclaimer in the documentation and/or other materials provided with the distribution.

3. All advertising materials mentioning features or use of this software must display the following
acknowledgement:

"This product includes cryptographic software written by Eric Young ([email protected])"

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 86
Exhibit A - Third-Party Software

The word 'cryptographic' can be left out if the routines from the library being used are not cryptographic related
:-).

4. If you include any Windows specific code (or a derivative thereof) from the apps directory (application code)
you must include an acknowledgement:

"This product includes software written by Tim Hudson ([email protected])"

THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND ANY EXPRESS OR IMPLIED
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

The license and distribution terms for any publically available version or derivative of this code cannot be
changed. i.e. this code cannot simply be copied and put under another distribution license [including the GNU
Public License.]

LLVM

Version 12.0.0

Copyright (c) 2003-2019 University of Illinois at Urbana-Champaign.

The LLVM Project is under the Apache License v2.0 with LLVM Exceptions:

==============================================================================

Apache License

Version 2.0, January 2004

http://www.apache.org/licenses/

TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION

1. Definitions.

"License" shall mean the terms and conditions for use, reproduction,

and distribution as defined by Sections 1 through 9 of this document.

"Licensor" shall mean the copyright owner or entity authorized by

the copyright owner that is granting the License.

"Legal Entity" shall mean the union of the acting entity and all

other entities that control, are controlled by, or are under common

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 87
Exhibit A - Third-Party Software

control with that entity. For the purposes of this definition,

"control" means (i) the power, direct or indirect, to cause the

direction or management of such entity, whether by contract or

otherwise, or (ii) ownership of fifty percent (50%) or more of the

outstanding shares, or (iii) beneficial ownership of such entity.

"You" (or "Your") shall mean an individual or Legal Entity

exercising permissions granted by this License.

"Source" form shall mean the preferred form for making modifications,

including but not limited to software source code, documentation

source, and configuration files.

"Object" form shall mean any form resulting from mechanical

transformation or translation of a Source form, including but

not limited to compiled object code, generated documentation,

and conversions to other media types.

"Work" shall mean the work of authorship, whether in Source or

Object form, made available under the License, as indicated by a

copyright notice that is included in or attached to the work

(an example is provided in the Appendix below).

"Derivative Works" shall mean any work, whether in Source or Object

form, that is based on (or derived from) the Work and for which the

editorial revisions, annotations, elaborations, or other modifications

represent, as a whole, an original work of authorship. For the purposes

of this License, Derivative Works shall not include works that remain

separable from, or merely link (or bind by name) to the interfaces of,

the Work and Derivative Works thereof.

"Contribution" shall mean any work of authorship, including

the original version of the Work and any modifications or additions

to that Work or Derivative Works thereof, that is intentionally

submitted to Licensor for inclusion in the Work by the copyright owner

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 88
Exhibit A - Third-Party Software

or by an individual or Legal Entity authorized to submit on behalf of

the copyright owner. For the purposes of this definition, "submitted"

means any form of electronic, verbal, or written communication sent

to the Licensor or its representatives, including but not limited to

communication on electronic mailing lists, source code control systems,

and issue tracking systems that are managed by, or on behalf of, the

Licensor for the purpose of discussing and improving the Work, but

excluding communication that is conspicuously marked or otherwise

designated in writing by the copyright owner as "Not a Contribution."

"Contributor" shall mean Licensor and any individual or Legal Entity

on behalf of whom a Contribution has been received by Licensor and

subsequently incorporated within the Work.

2. Grant of Copyright License. Subject to the terms and conditions of

this License, each Contributor hereby grants to You a perpetual,

worldwide, non-exclusive, no-charge, royalty-free, irrevocable

copyright license to reproduce, prepare Derivative Works of,

publicly display, publicly perform, sublicense, and distribute the

Work and such Derivative Works in Source or Object form.

3. Grant of Patent License. Subject to the terms and conditions of

this License, each Contributor hereby grants to You a perpetual,

worldwide, non-exclusive, no-charge, royalty-free, irrevocable

(except as stated in this section) patent license to make, have made,

use, offer to sell, sell, import, and otherwise transfer the Work,

where such license applies only to those patent claims licensable

by such Contributor that are necessarily infringed by their

Contribution(s) alone or by combination of their Contribution(s)

with the Work to which such Contribution(s) was submitted. If You

institute patent litigation against any entity (including a

cross-claim or counterclaim in a lawsuit) alleging that the Work

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 89
Exhibit A - Third-Party Software

or a Contribution incorporated within the Work constitutes direct

or contributory patent infringement, then any patent licenses

granted to You under this License for that Work shall terminate

as of the date such litigation is filed.

4. Redistribution. You may reproduce and distribute copies of the

Work or Derivative Works thereof in any medium, with or without

modifications, and in Source or Object form, provided that You

meet the following conditions:

(a) You must give any other recipients of the Work or

Derivative Works a copy of this License; and

(b) You must cause any modified files to carry prominent notices

stating that You changed the files; and

(c) You must retain, in the Source form of any Derivative Works

that You distribute, all copyright, patent, trademark, and

attribution notices from the Source form of the Work,

excluding those notices that do not pertain to any part of

the Derivative Works; and

(d) If the Work includes a "NOTICE" text file as part of its

distribution, then any Derivative Works that You distribute must

include a readable copy of the attribution notices contained

within such NOTICE file, excluding those notices that do not

pertain to any part of the Derivative Works, in at least one

of the following places: within a NOTICE text file distributed

as part of the Derivative Works; within the Source form or

documentation, if provided along with the Derivative Works; or,

within a display generated by the Derivative Works, if and

wherever such third-party notices normally appear. The contents

of the NOTICE file are for informational purposes only and

do not modify the License. You may add Your own attribution

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 90
Exhibit A - Third-Party Software

notices within Derivative Works that You distribute, alongside

or as an addendum to the NOTICE text from the Work, provided

that such additional attribution notices cannot be construed

as modifying the License.

You may add Your own copyright statement to Your modifications and

may provide additional or different license terms and conditions

for use, reproduction, or distribution of Your modifications, or

for any such Derivative Works as a whole, provided Your use,

reproduction, and distribution of the Work otherwise complies with

the conditions stated in this License.

5. Submission of Contributions. Unless You explicitly state otherwise,

any Contribution intentionally submitted for inclusion in the Work

by You to the Licensor shall be under the terms and conditions of

this License, without any additional terms or conditions.

Notwithstanding the above, nothing herein shall supersede or modify

the terms of any separate license agreement you may have executed

with Licensor regarding such Contributions.

6. Trademarks. This License does not grant permission to use the trade

names, trademarks, service marks, or product names of the Licensor,

except as required for reasonable and customary use in describing the

origin of the Work and reproducing the content of the NOTICE file.

7. Disclaimer of Warranty. Unless required by applicable law or

agreed to in writing, Licensor provides the Work (and each

Contributor provides its Contributions) on an "AS IS" BASIS,

WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or

implied, including, without limitation, any warranties or conditions

of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A

PARTICULAR PURPOSE. You are solely responsible for determining the

appropriateness of using or redistributing the Work and assume any

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 91
Exhibit A - Third-Party Software

risks associated with Your exercise of permissions under this License.

8. Limitation of Liability. In no event and under no legal theory,

whether in tort (including negligence), contract, or otherwise,

unless required by applicable law (such as deliberate and grossly

negligent acts) or agreed to in writing, shall any Contributor be

liable to You for damages, including any direct, indirect, special,

incidental, or consequential damages of any character arising as a

result of this License or out of the use or inability to use the

Work (including but not limited to damages for loss of goodwill,

work stoppage, computer failure or malfunction, or any and all

other commercial damages or losses), even if such Contributor

has been advised of the possibility of such damages.

9. Accepting Warranty or Additional Liability. While redistributing

the Work or Derivative Works thereof, You may choose to offer,

and charge a fee for, acceptance of support, warranty, indemnity,

or other liability obligations and/or rights consistent with this

License. However, in accepting such obligations, You may act only

on Your own behalf and on Your sole responsibility, not on behalf

of any other Contributor, and only if You agree to indemnify,

defend, and hold each Contributor harmless for any liability

incurred by, or claims asserted against, such Contributor by reason

of your accepting any such warranty or additional liability.

END OF TERMS AND CONDITIONS

APPENDIX: How to apply the Apache License to your work.

To apply the Apache License to your work, attach the following

boilerplate notice, with the fields enclosed by brackets "[]"

replaced with your own identifying information. (Don't include

the brackets!) The text should be enclosed in the appropriate

comment syntax for the file format. We also recommend that a

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 92
Exhibit A - Third-Party Software

file or class name and description of purpose be included on the

same "printed page" as the copyright notice for easier

identification within third-party archives.

Copyright [yyyy] [name of copyright owner]

Licensed under the Apache License, Version 2.0 (the "License");

you may not use this file except in compliance with the License.

You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software

distributed under the License is distributed on an "AS IS" BASIS,

WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

See the License for the specific language governing permissions and

limitations under the License.

---- LLVM Exceptions to the Apache 2.0 License ----

As an exception, if, as a result of your compiling your source code, portions

of this Software are embedded into an Object form of such source code, you

may redistribute such embedded portions in such Object form without complying

with the conditions of Sections 4(a), 4(b) and 4(d) of the License.

In addition, if you combine or link compiled forms of this Software with

software that is licensed under the GPLv2 ("Combined Software") and if a

court of competent jurisdiction determines that the patent provision (Section

3), the indemnity provision (Section 9) or other Section of the License

conflicts with the conditions of the GPLv2, you may retroactively and

prospectively choose to deem waived or otherwise exclude such Section(s) of

the License, but only in their entirety and only with respect to the Combined

Software.

==============================================================================

Software from third parties included in the LLVM Project:

==============================================================================

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 93
Exhibit A - Third-Party Software

The LLVM Project contains third party software which is under different license

terms. All such code will be identified clearly using at least one of two mechanisms:

1) It will be in a separate directory tree with its own `LICENSE.txt` or

`LICENSE` file at the top containing the specific license and restrictions

which apply to that software, or

2) It will contain specific license and restriction terms at the top of every

file.

==============================================================================

Legacy LLVM License (https://llvm.org/docs/DeveloperPolicy.html#legacy):

==============================================================================

University of Illinois/NCSA

Open Source License

Copyright (c) 2003-2019 University of Illinois at Urbana-Champaign.

All rights reserved.

Developed by:

LLVM Team

University of Illinois at Urbana-Champaign

http://llvm.org

Permission is hereby granted, free of charge, to any person obtaining a copy of

this software and associated documentation files (the "Software"), to deal with

the Software without restriction, including without limitation the rights to

use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies

of the Software, and to permit persons to whom the Software is furnished to do

so, subject to the following conditions:

* Redistributions of source code must retain the above copyright notice,

this list of conditions and the following disclaimers.

* Redistributions in binary form must reproduce the above copyright notice,

this list of conditions and the following disclaimers in the

documentation and/or other materials provided with the distribution.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 94
Exhibit A - Third-Party Software

* Neither the names of the LLVM Team, University of Illinois at

Urbana-Champaign, nor the names of its contributors may be used to

endorse or promote products derived from this Software without specific

prior written permission.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR

IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS

FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE

CONTRIBUTORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER

LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,

OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS WITH THE

SOFTWARE.

TAGGANT

Version 1.0

Copyright (c) 2012 IEEE. All rights reserved

----------------------------------------------------------------------------------------------------------------------

This software was developed by The Institute of Electrical and Electronics Engineers, Incorporated (IEEE),
through the Industry Connections Security Group (ICSG) of its Standards Association. Portions of it include
software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/), and
those portions are governed by the OpenSSL Toolkit License.

IEEE License

====================================================================

Copyright (c) 2012 IEEE. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the
following conditions are met:

1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following
disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the
following disclaimer in the documentation and/or other materials provided with the distribution.

3. All advertising materials mentioning features or use of this software must display the following
acknowledgment:

"This product includes software developed by the IEEE Industry Connections Security Group (ICSG)".

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 95
Exhibit A - Third-Party Software

4. The name "IEEE" must not be used to endorse or promote products derived from this software without prior
written permission from the IEEE Standards Association ([email protected]).

5. Products derived from this software may not contain "IEEE" in their names without prior written permission
from the IEEE Standards Association ([email protected]).

6. Redistributions of any form whatsoever must retain the following acknowledgment:

"This product includes software developed by the IEEE Industry Connections Security Group (ICSG)".

THIS SOFTWARE IS PROVIDED "AS IS" AND "WITH ALL FAULTS." IEEE AND ITS CONTRIBUTORS
EXPRESSLY DISCLAIM ALL WARRANTIES AND REPRESENTATIONS, EXPRESS OR IMPLIED,
INCLUDING, WITHOUT LIMITATION: (A) THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE; (B) ANY WARRANTY OF NON-INFRINGEMENT; AND (C) ANY
WARRANTY WITH RESPECT TO THE QUALITY, ACCURACY, EFFECTIVENESS, CURRENCY OR
COMPLETENESS OF THE SOFTWARE.

IN NO EVENT SHALL IEEE OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES, (INCLUDING, BUT NOT LIMITED
TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY
WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
DAMAGE AND REGARDLESS OF WHETHER SUCH DAMAGE WAS FORESEEABLE.

THIS SOFTWARE USES STRONG CRYPTOGRAPHY, WHICH MAY BE SUBJECT TO LAWS AND
REGULATIONS GOVERNING ITS USE, EXPORTATION OR IMPORTATION. YOU ARE SOLELY
RESPONSIBLE FOR COMPLYING WITH ALL APPLICABLE LAWS AND REGULATIONS, INCLUDING, BUT
NOT LIMITED TO, ANY THAT GOVERN YOUR USE, EXPORTATION OR IMPORTATION OF THIS
SOFTWARE. IEEE AND ITS CONTRIBUTORS DISCLAIM ALL LIABILITY ARISING FROM YOUR USE OF
THE SOFTWARE IN VIOLATION OF ANY APPLICABLE LAWS OR REGULATIONS.

====================================================================

OpenSSL Toolkit License

=======================

The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the OpenSSL License and the original
SSLeay license apply to the toolkit.

See below for the actual license texts. Actually both licenses are BSD-style Open Source licenses. In case of any
license issues related to OpenSSL please contact [email protected].

OpenSSL License

---------------

====================================================================

Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 96
Exhibit A - Third-Party Software

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the
following conditions are met:

1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following
disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the
following disclaimer in the documentation and/or other materials provided with the distribution.

3. All advertising materials mentioning features or use of this software must display the following
acknowledgment:

"This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit.
(http://www.openssl.org/)"

4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to endorse or promote products
derived from this software without prior written permission. For written permission, please contact openssl-
[email protected].

5. Products derived from this software may not be called "OpenSSL" nor may "OpenSSL" appear in their names
without prior written permission of the OpenSSL Project.

6. Redistributions of any form whatsoever must retain the following acknowledgment:

"This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit
(http://www.openssl.org/)"

THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY EXPRESSED OR IMPLIED
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL
PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

====================================================================

This product includes cryptographic software written by Eric Young ([email protected]). This product includes
software written by Tim Hudson ([email protected]).

Original SSLeay License

-----------------------

Copyright (C) 1995-1998 Eric Young ([email protected])

All rights reserved.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 97
Exhibit A - Third-Party Software

This package is an SSL implementation written by Eric Young ([email protected]).

The implementation was written so as to conform with Netscapes SSL.

This library is free for commercial and non-commercial use as long as the following conditions are adhered to.
The following conditions apply to all code found in this distribution, be it the RC4, RSA, lhash, DES, etc., code;
not just the SSL code. The SSL documentation included with this distribution is covered by the same copyright
terms except that the holder is Tim Hudson ([email protected]).

Copyright remains Eric Young's, and as such any Copyright notices in the code are not to be removed.

If this package is used in a product, Eric Young should be given attribution as the author of the parts of the library
used.

This can be in the form of a textual message at program startup or in documentation (online or textual) provided
with the package.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the
following conditions are met:

1. Redistributions of source code must retain the copyright notice, this list of conditions and the following
disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the
following disclaimer in the documentation and/or other materials provided with the distribution.

3. All advertising materials mentioning features or use of this software must display the following
acknowledgement:

"This product includes cryptographic software written by Eric Young ([email protected])"

The word 'cryptographic' can be left out if the routines from the library being used are not cryptographic related
:-).

4. If you include any Windows specific code (or a derivative thereof) from the apps directory (application code)
you must include an acknowledgement:

"This product includes software written by Tim Hudson ([email protected])"

THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND ANY EXPRESS OR IMPLIED
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 98
Exhibit A - Third-Party Software

CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

The license and distribution terms for any publically available version or derivative of this code cannot be
changed. i.e. this code cannot simply be copied and put under another distribution license [including the GNU
Public License.]

smali/baksmali

Version 2.2.4

Copyright (c) 2010 Ben Gruver (JesusFreke)

*******************************************************************************

Copyright (c) 2010 Ben Gruver (JesusFreke)

All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the
following conditions are met:

1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following
disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the
following disclaimer in the documentation and/or other materials provided with the distribution.

3. The name of the author may not be used to endorse or promote products derived from this software without
specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

*******************************************************************************

Unless otherwise stated in the code/commit message, any changes with the committer of [email protected] is
copyrighted by Google Inc. and released under the following license:

*******************************************************************************

Copyright 2011, Google Inc.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 99
Exhibit A - Third-Party Software

All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the
following conditions are met:

* Redistributions of source code must retain the above copyright notice, this list of conditions and the following
disclaimer.

* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the
following disclaimer in the documentation and/or other materials provided with the distribution.

* Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products
derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY
WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
DAMAGE.

*******************************************************************************

Various portions of the code are taken from the Android Open Source Project,

and are used in accordance with the following license:

*******************************************************************************

Copyright (C) 2007 The Android Open Source Project

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance
with the License.

You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

See the License for the specific language governing permissions and limitations under the License.

*******************************************************************************

Some parts of the smalidea plugin are based on code from the IDEA project, per the following license

*******************************************************************************

Copyright 2000-2014 JetBrains s.r.o.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 100
Exhibit A - Third-Party Software

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance
with the License.

You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

See the License for the specific language governing permissions and limitations under the License.

*******************************************************************************

Zlib

Version: 1.2.11

Copyright notice: (C) 1995-2017 Jean-loup Gailly and Mark Adler

This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held
liable for any damages arising from the use of this software.

Permission is granted to anyone to use this software for any purpose, including commercial applications, and to
alter it and redistribute it freely, subject to the following restrictions:

1. The origin of this software must not be misrepresented; you must not claim that you wrote the original
software. If you use this software in a product, an acknowledgment in the product documentation would be
appreciated but is not required.

2. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original
software.

3. This notice may not be removed or altered from any source distribution.

Expat

Version: 2.4.7

Copyright (c) 1998 - 2000 Thai Open Source Software Center Ltd and Clark Cooper

Copyright (c) 2001-2022 Expat maintainers.

MIT License

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
documentation files (the "Software"), to deal in the Software without restriction, including without limitation the
rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the
Software.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 101
Exhibit A - Third-Party Software

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
PARTICULAR PURPOSE AND NONINFRINGEMENT.

IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES
OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

Trio

Version: 1.16

Copyright (C) 1998-2001 by Bjorn Reese and Daniel Stenberg.

Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby
granted, provided that the above copyright notice and this permission notice appear in all copies.

THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS
FOR A PARTICULAR PURPOSE. THE AUTHORS AND CONTRIBUTORS ACCEPT NO RESPONSIBILITY IN
ANY CONCEIVABLE MANNER.

Y2038

Copyright (c) 2007-2010 Michael G Schwern

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
documentation files (the "Software"), to deal in the Software without restriction, including without limitation the
rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the
Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH
THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Libtommath

Version: 0.42

Copyright: Copyright © Tom St Denis

[LICENSE #1]

LibTomMath is public domain.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 102
Exhibit A - Third-Party Software

BeaEngine 5

Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>

GNU LESSER GENERAL PUBLIC LICENSE

Version 3, 29 June 2007

Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>

Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not
allowed.

This version of the GNU Lesser General Public License incorporates the terms and conditions of version 3 of the
GNU General Public License, supplemented by the additional permissions listed below.

0. Additional Definitions.

As used herein, "this License" refers to version 3 of the GNU Lesser General Public License, and the "GNU GPL"
refers to version 3 of the GNU General Public License.

"The Library" refers to a covered work governed by this License, other than an Application or a Combined Work
as defined below.

An "Application" is any work that makes use of an interface provided by the Library, but which is not otherwise
based on the Library.

Defining a subclass of a class defined by the Library is deemed a mode of using an interface provided by the
Library.

A "Combined Work" is a work produced by combining or linking an Application with the Library. The particular
version of the Library with which the Combined Work was made is also called the "Linked Version".

The "Minimal Corresponding Source" for a Combined Work means the Corresponding Source for the Combined
Work, excluding any source code for portions of the Combined Work that, considered in isolation, are based on
the Application, and not on the Linked Version.

The "Corresponding Application Code" for a Combined Work means the object code and/or source code for the
Application, including any data and utility programs needed for reproducing the Combined Work from the
Application, but excluding the System Libraries of the Combined Work.

1. Exception to Section 3 of the GNU GPL.

You may convey a covered work under sections 3 and 4 of this License without being bound by section 3 of the
GNU GPL.

2. Conveying Modified Versions.

If you modify a copy of the Library, and, in your modifications, a facility refers to a function or data to be supplied
by an Application that uses the facility (other than as an argument passed when the facility is invoked), then you
may convey a copy of the modified version:

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 103
Exhibit A - Third-Party Software

a) under this License, provided that you make a good faith effort to ensure that, in the event an Application does
not supply the function or data, the facility still operates, and performs whatever part of its purpose remains
meaningful, or b) under the GNU GPL, with none of the additional permissions of this License applicable to that
copy.

3. Object Code Incorporating Material from Library Header Files.

The object code form of an Application may incorporate material from a header file that is part of the Library. You
may convey such object code under terms of your choice, provided that, if the incorporated material is not limited
to numerical parameters, data structure layouts and accessors, or small macros, inline functions and templates
(ten or fewer lines in length), you do both of the following:

a) Give prominent notice with each copy of the object code that the Library is used in it and that the Library and its
use are covered by this License.

b) Accompany the object code with a copy of the GNU GPL and this license document.

4. Combined Works.

You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict
modification of the portions of the Library contained in the Combined Work and reverse engineering for
debugging such modifications, if you also do each of the following:

a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library
and its use are covered by this License.

b) Accompany the Combined Work with a copy of the GNU GPL and this license document.

c) For a Combined Work that displays copyright notices during execution, include the copyright notice for the
Library among these notices, as well as a reference directing the user to the copies of the GNU GPL and this
license document.

d) Do one of the following:

0) Convey the Minimal Corresponding Source under the terms of this License, and the Corresponding
Application Code in a form suitable for, and under terms that permit, the user to recombine or relink the
Application with a modified version of the Linked Version to produce a modified Combined Work, in the manner
specified by section 6 of the GNU GPL for conveying Corresponding Source.

1) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (a) uses
at run time a copy of the Library already present on the user's computer system, and (b) will operate properly with
a modified version of the Library that is interface-compatible with the Linked Version.

e) Provide Installation Information, but only if you would otherwise be required to provide such information under
section 6 of the GNU GPL, and only to the extent that such information is necessary to install and execute a
modified version of the Combined Work produced by recombining or relinking the Application with a modified
version of the Linked Version. (If you use option 4d0, the Installation Information must accompany the Minimal

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 104
Exhibit A - Third-Party Software

Corresponding Source and Corresponding Application Code. If you use option 4d1, you must provide the
Installation Information in the manner specified by section 6 of the GNU GPL for conveying Corresponding
Source.)

5. Combined Libraries.

You may place library facilities that are a work based on the Library side by side in a single library together with
other library facilities that are not Applications and are not covered by this License, and convey such a combined
library under terms of your choice, if you do both of the following:

a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any
other library facilities, conveyed under the terms of this License.

b) Give prominent notice with the combined library that part of it is a work based on the Library, and explaining
where to find the accompanying uncombined form of the same work.

6. Revised Versions of the GNU Lesser General Public License.

The Free Software Foundation may publish revised and/or new versions of the GNU Lesser General Public
License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail
to address new problems or concerns.

Each version is given a distinguishing version number. If the Library as you received it specifies that a certain
numbered version of the GNU Lesser General Public License "or any later version" applies to it, you have the
option of following the terms and conditions either of that published version or of any later version published by
the Free Software Foundation. If the Library as you received it does not specify a version number of the GNU
Lesser General Public License, you may choose any version of the GNU Lesser General Public License ever
published by the Free Software Foundation.

If the Library as you received it specifies that a proxy can decide whether future versions of the GNU Lesser
General Public License shall apply, that proxy's public statement of acceptance of any version is permanent
authorization for you to choose that version for the Library.

GNU GENERAL PUBLIC LICENSE

Version 3, 29 June 2007

Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>

Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not
allowed.

Preamble

The GNU General Public License is a free, copyleft license for software and other kinds of works.

The licenses for most software and other practical works are designed to take away your freedom to share and
change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 105
Exhibit A - Third-Party Software

and change all versions of a program--to make sure it remains free software for all its users. We, the Free
Software Foundation, use the GNU General Public License for most of our software; it applies also to any other
work released this way by its authors. You can apply it to your programs, too.

When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are
designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you
wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of
it in new free programs, and that you know you can do these things.

To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the
rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it:
responsibilities to respect the freedom of others.

For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the
recipients the same freedoms that you received. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their rights.

Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and
(2) offer you this License giving you legal permission to copy, distribute and/or modify it.

For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free
software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so
that their problems will not be attributed erroneously to authors of previous versions.

Some devices are designed to deny users access to install or run modified versions of the software inside them,
although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users'
freedom to change the software. The systematic pattern of such abuse occurs in the area of products for
individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of
the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we
stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the
freedom of users.

Finally, every program is threatened constantly by software patents. States should not allow patents to restrict
development and use of software on general-purpose computers, but in those that do, we wish to avoid the
special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the
GPL assures that patents cannot be used to render the program non-free.

The precise terms and conditions for copying, distribution and modification follow.

TERMS AND CONDITIONS

0. Definitions.

“This License” refers to version 3 of the GNU General Public License.

“Copyright” also means copyright-like laws that apply to other kinds of works, such as semiconductor masks.

“The Program” refers to any copyrightable work licensed under this License. Each licensee is addressed as
“you”. “Licensees” and “recipients” may be individuals or organizations.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 106
Exhibit A - Third-Party Software

To “modify” a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission,
other than the making of an exact copy. The resulting work is called a “modified version” of the earlier work or a
work “based on” the earlier work.

A “covered work” means either the unmodified Program or a work based on the Program.

To “propagate” a work means to do anything with it that, without permission, would make you directly or
secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying
a private copy. Propagation includes copying, distribution (with or without modification), making available to the
public, and in some countries other activities as well.

To “convey” a work means any kind of propagation that enables other parties to make or receive copies. Mere
interaction with a user through a computer network, with no transfer of a copy, is not conveying.

An interactive user interface displays “Appropriate Legal Notices” to the extent that it includes a convenient and
prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no
warranty for the work (except to the extent that warranties are provided), that licensees may convey the work
under this License, and how to view a copy of this License. If the interface presents a list of user commands or
options, such as a menu, a prominent item in the list meets this criterion.

1. Source Code.

The “source code” for a work means the preferred form of the work for making modifications to it. “Object code”
means any non-source form of a work.

A “Standard Interface” means an interface that either is an official standard defined by a recognized standards
body, or, in the case of interfaces specified for a particular programming language, one that is widely used
among developers working in that language.

The “System Libraries” of an executable work include anything, other than the work as a whole, that (a) is
included in the normal form of packaging a Major Component, but which is not part of that Major Component, and
(b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for
which an implementation is available to the public in source code form. A “Major Component”, in this context,
means a major essential component (kernel, window system, and so on) of the specific operating system (if any)
on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to
run it.

The “Corresponding Source” for a work in object code form means all the source code needed to generate,
install, and (for an executable work) run the object code and to modify the work, including scripts to control those
activities. However, it does not include the work's System Libraries, or general-purpose tools or generally
available free programs which are used unmodified in performing those activities but which are not part of the
work. For example, Corresponding Source includes interface definition files associated with source files for the
work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically
designed to require, such as by intimate data communication or control flow between those subprograms and
other parts of the work.

The Corresponding Source need not include anything that users can regenerate automatically from other parts
of the Corresponding Source.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 107
Exhibit A - Third-Party Software

The Corresponding Source for a work in source code form is that same work.

2. Basic Permissions.

All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable
provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the
unmodified Program. The output from running a covered work is covered by this License only if the output, given
its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as
provided by copyright law.

You may make, run and propagate covered works that you do not convey, without conditions so long as your
license otherwise remains in force. You may convey covered works to others for the sole purpose of having them
make modifications exclusively for you, or provide you with facilities for running those works, provided that you
comply with the terms of this License in conveying all material for which you do not control copyright. Those thus
making or running the covered works for you must do so exclusively on your behalf, under your direction and
control, on terms that prohibit them from making any copies of your copyrighted material outside their
relationship with you.

Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is
not allowed; section 10 makes it unnecessary.

3. Protecting Users' Legal Rights From Anti-Circumvention Law.

No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling
obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws
prohibiting or restricting circumvention of such measures.

When you convey a covered work, you waive any legal power to forbid circumvention of technological measures
to the extent such circumvention is effected by exercising rights under this License with respect to the covered
work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing,
against the work's users, your or third parties' legal rights to forbid circumvention of technological measures.

4. Conveying Verbatim Copies.

You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that
you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all
notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code;
keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the
Program.

You may charge any price or no price for each copy that you convey, and you may offer support or warranty
protection for a fee.

5. Conveying Modified Source Versions.

You may convey a work based on the Program, or the modifications to produce it from the Program, in the form
of source code under the terms of section 4, provided that you also meet all of these conditions:

a) The work must carry prominent notices stating that you modified it, and giving a relevant date.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 108
Exhibit A - Third-Party Software

b) The work must carry prominent notices stating that it is released under this License and any conditions added
under section 7. This requirement modifies the requirement in section 4 to “keep intact all notices”.

c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a
copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the
work, and all its parts, regardless of how they are packaged. This License gives no permission to license the
work in any other way, but it does not invalidate such permission if you have separately received it.

d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the
Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them
do so.

A compilation of a covered work with other separate and independent works, which are not by their nature
extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a
volume of a storage or distribution medium, is called an “aggregate” if the compilation and its resulting copyright
are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit.
Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the
aggregate.

6. Conveying Non-Source Forms.

You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also
convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:

a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium),
accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software
interchange.

b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium),
accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or
customer support for that product model, to give anyone who possesses the object code either (1) a copy of the
Corresponding Source for all the software in the product that is covered by this License, on a durable physical
medium customarily used for software interchange, for a price no more than your reasonable cost of physically
performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no
charge.

c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding
Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object
code with such an offer, in accord with subsection 6b.

d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer
equivalent access to the Corresponding Source in the same way through the same place at no further charge.
You need not require recipients to copy the Corresponding Source along with the object code. If the place to
copy the object code is a network server, the Corresponding Source may be on a different server (operated by
you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the
object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding
Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 109
Exhibit A - Third-Party Software

e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object
code and Corresponding Source of the work are being offered to the general public at no charge under
subsection 6d.

A separable portion of the object code, whose source code is excluded from the Corresponding Source as a
System Library, need not be included in conveying the object code work.

A “User Product” is either (1) a “consumer product”, which means any tangible personal property which is
normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into
a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of
coverage. For a particular product received by a particular user, “normally used” refers to a typical or common
use of that class of product, regardless of the status of the particular user or of the way in which the particular
user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of
whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent
the only significant mode of use of the product.

“Installation Information” for a User Product means any methods, procedures, authorization keys, or other
information required to install and execute modified versions of a covered work in that User Product from a
modified version of its Corresponding Source. The information must suffice to ensure that the continued
functioning of the modified object code is in no case prevented or interfered with solely because modification has
been made.

If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the
conveying occurs as part of a transaction in which the right of possession and use of the User Product is
transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized),
the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But
this requirement does not apply if neither you nor any third party retains the ability to install modified object code
on the User Product (for example, the work has been installed in ROM).

The requirement to provide Installation Information does not include a requirement to continue to provide support
service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User
Product in which it has been modified or installed. Access to a network may be denied when the modification
itself materially and adversely affects the operation of the network or violates the rules and protocols for
communication across the network.

Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a
format that is publicly documented (and with an implementation available to the public in source code form), and
must require no special password or key for unpacking, reading or copying.

7. Additional Terms.

“Additional permissions” are terms that supplement the terms of this License by making exceptions from one or
more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though
they were included in this License, to the extent that they are valid under applicable law. If additional permissions
apply only to part of the Program, that part may be used separately under those permissions, but the entire
Program remains governed by this License without regard to the additional permissions.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 110
Exhibit A - Third-Party Software

When you convey a copy of a covered work, you may at your option remove any additional permissions from that
copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases
when you modify the work.) You may place additional permissions on material, added by you to a covered work,
for which you have or can give appropriate copyright permission.

Notwithstanding any other provision of this License, for material you add to a covered work, you may (if
authorized by the copyright holders of that material) supplement the terms of this License with terms:

a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or

b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the
Appropriate Legal Notices displayed by works containing it; or

c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material
be marked in reasonable ways as different from the original version; or

d) Limiting the use for publicity purposes of names of licensors or authors of the material; or

e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or

f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or
modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these
contractual assumptions directly impose on those licensors and authors.

All other non-permissive additional terms are considered “further restrictions” within the meaning of section 10. If
the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along
with a term that is a further restriction, you may remove that term. If a license document contains a further
restriction but permits relicensing or conveying under this License, you may add to a covered work material
governed by the terms of that license document, provided that the further restriction does not survive such
relicensing or conveying.

If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a
statement of the additional terms that apply to those files, or a notice indicating where to find the applicable
terms.

Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or
stated as exceptions; the above requirements apply either way.

8. Termination.

You may not propagate or modify a covered work except as expressly provided under this License. Any attempt
otherwise to propagate or modify it is void, and will automatically terminate your rights under this License
(including any patent licenses granted under the third paragraph of section 11).

However, if you cease all violation of this License, then your license from a particular copyright holder is
reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and
(b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60
days after the cessation.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 111
Exhibit A - Third-Party Software

Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies
you of the violation by some reasonable means, this is the first time you have received notice of violation of this
License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of
the notice.

Termination of your rights under this section does not terminate the licenses of parties who have received copies
or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do
not qualify to receive new licenses for the same material under section 10.

9. Acceptance Not Required for Having Copies.

You are not required to accept this License in order to receive or run a copy of the Program. Ancillary
propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive
a copy likewise does not require acceptance. However, nothing other than this License grants you permission to
propagate or modify any covered work. These actions infringe copyright if you do not accept this License.
Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.

10. Automatic Licensing of Downstream Recipients.

Each time you convey a covered work, the recipient automatically receives a license from the original licensors,
to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance
by third parties with this License.

An “entity transaction” is a transaction transferring control of an organization, or substantially all assets of one, or
subdividing an organization, or merging organizations. If propagation of a covered work results from an entity
transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the
work the party's predecessor in interest had or could give under the previous paragraph, plus a right to
possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or
can get it with reasonable efforts.

You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License.
For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this
License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any
patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it.

11. Patents.

A “contributor” is a copyright holder who authorizes use under this License of the Program or a work on which the
Program is based. The work thus licensed is called the contributor's “contributor version”.

A contributor's “essential patent claims” are all patent claims owned or controlled by the contributor, whether
already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of
making, using, or selling its contributor version, but do not include claims that would be infringed only as a
consequence of further modification of the contributor version. For purposes of this definition, “control” includes
the right to grant patent sublicenses in a manner consistent with the requirements of this License.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 112
Exhibit A - Third-Party Software

Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's
essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the
contents of its contributor version.

In the following three paragraphs, a “patent license” is any express agreement or commitment, however
denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue
for patent infringement). To “grant” such a patent license to a party means to make such an agreement or
commitment not to enforce a patent against the party.

If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work
is not available for anyone to copy, free of charge and under the terms of this License, through a publicly
available network server or other readily accessible means, then you must either (1) cause the Corresponding
Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular
work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to
downstream recipients. “Knowingly relying” means you have actual knowledge that, but for the patent license,
your conveying the covered work in a country, or your recipient's use of the covered work in a country, would
infringe one or more identifiable patents in that country that you have reason to believe are valid.

If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring
conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work
authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license
you grant is automatically extended to all recipients of the covered work and works based on it.

A patent license is “discriminatory” if it does not include within the scope of its coverage, prohibits the exercise of,
or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License.
You may not convey a covered work if you are a party to an arrangement with a third party that is in the business
of distributing software, under which you make payment to the third party based on the extent of your activity of
conveying the work, and under which the third party grants, to any of the parties who would receive the covered
work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you
(or copies made from those copies), or (b) primarily for and in connection with specific products or compilations
that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior
to 28 March 2007.

Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to
infringement that may otherwise be available to you under applicable patent law.

12. No Surrender of Others' Freedom.

If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions
of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work
so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a
consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty
for further conveying from those to whom you convey the Program, the only way you could satisfy both those
terms and this License would be to refrain entirely from conveying the Program.

13. Use with the GNU Affero General Public License.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 113
Exhibit A - Third-Party Software

Notwithstanding any other provision of this License, you have permission to link or combine any covered work
with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and
to convey the resulting work. The terms of this License will continue to apply to the part which is the covered
work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction
through a network will apply to the combination as such.

14. Revised Versions of this License.

The Free Software Foundation may publish revised and/or new versions of the GNU General Public License
from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.

Each version is given a distinguishing version number. If the Program specifies that a certain numbered version
of the GNU General Public License “or any later version” applies to it, you have the option of following the terms
and conditions either of that numbered version or of any later version published by the Free Software
Foundation. If the Program does not specify a version number of the GNU General Public License, you may
choose any version ever published by the Free Software Foundation.

If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be
used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that
version for the Program.

Later license versions may give you additional or different permissions. However, no additional obligations are
imposed on any author or copyright holder as a result of your choosing to follow a later version.

15. Disclaimer of Warranty.

THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER
PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND
PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU
ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.

16. Limitation of Liability.

IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY


COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS
PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL,
INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED
INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM
TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

17. Interpretation of Sections 15 and 16.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 114
Exhibit A - Third-Party Software

If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according
to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil
liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the
Program in return for a fee.

END OF TERMS AND CONDITIONS

LibJpeg8

Version: 8.4.0

Copyright © 1991-2010, Thomas G. Lane, Guido Vollbeding

LEGAL ISSUES [ from README supplied with source - MM ]

The authors make NO WARRANTY or representation, either express or implied, with respect to this software, its
quality, accuracy, merchantability, or fitness for a particular purpose. This software is provided "AS IS", and you,
its user, assume the entire risk as to its quality and accuracy.

This software is copyright (C) 1991-2010, Thomas G. Lane, Guido Vollbeding.

All Rights Reserved except as specified below.

Permission is hereby granted to use, copy, modify, and distribute this software (or portions thereof) for any
purpose, without fee, subject to these conditions:

(1) If any part of the source code for this software is distributed, then this README file must be included, with this
copyright and no-warranty notice unaltered; and any additions, deletions, or changes to the original files must be
clearly indicated in accompanying documentation.

(2) If only executable code is distributed, then the accompanying documentation must state that "this software is
based in part on the work of the Independent JPEG Group".

(3) Permission for use of this software is granted only if the user accepts full responsibility for any undesirable
consequences; the authors accept NO LIABILITY for damages of any kind.

These conditions apply to any software derived from or based on the IJG code, not just to the unmodified library.
If you use our work, you ought to acknowledge us.

Permission is NOT granted for the use of any IJG author's name or company name in advertising or publicity
relating to this software or products derived from it. This software may be referred to only as "the Independent
JPEG Group's software".

We specifically permit and encourage the use of this software as the basis of commercial products, provided that
all warranty or liability claims are assumed by the product vendor.

ansi2knr.c is included in this distribution by permission of L. Peter Deutsch, sole proprietor of its copyright holder,
Aladdin Enterprises of Menlo Park, CA.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 115
Exhibit A - Third-Party Software

ansi2knr.c is NOT covered by the above copyright and conditions, but instead by the usual distribution terms of
the Free Software Foundation; principally, that you must include source code if you redistribute it. (See the file
ansi2knr.c for full details.) However, since ansi2knr.c is not needed as part of any program generated from the
IJG code, this does not limit you more than the foregoing paragraphs do.

The Unix configuration script "configure" was produced with GNU Autoconf.

It is copyright by the Free Software Foundation but is freely distributable.

The same holds for its supporting scripts (config.guess, config.sub, ltmain.sh). Another support script, install-sh,
is copyright by X Consortium but is also freely distributable.

The IJG distribution formerly included code to read and write GIF files. To avoid entanglement with the Unisys
LZW patent, GIF reading support has been removed altogether, and the GIF writer has been simplified to
produce "uncompressed GIFs". This technique does not use the LZW algorithm; the resulting GIF files are larger
than usual, but are readable by all standard GIF decoders.

We are required to state that "The Graphics Interchange Format(c) is the Copyright property of CompuServe
Incorporated. GIF(sm) is a Service Mark property of CompuServe Incorporated."

Distributed as part of this product under the Mit License (https://opensource.org/licenses/MIT):

cJSON 1.7.11 (Copyright (c) 2009-2017 Dave Gamble and cJSON contributors)

mbed TLS 2.28.0

Version: 2.28.0

Copyright © 2008 - 2021 ARM Limited

Distributed under the Apachev2 License: http://apache.org/licenses/LICENSE-2.0

Dex2jar-2.0, Distributed under the Apachev2 License: http://apache.org/licenses/LICENSE-2.0

JNA 5.5.0, Distributed under the Apachev2 License: http://apache.org/licenses/LICENSE-2.0

Flatbuffers 1.11.0, Distributed under the Apachev2 License: http://apache.org/licenses/LICENSE-2.0

Protobuf 3.8.0

Copyright notice:

Copyright 2008 Google Inc. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the
following conditions are met:

* Redistributions of source code must retain the above copyright notice, this list of conditions and the following
disclaimer.

* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the
following disclaimer in the documentation and/or other materials provided with the distribution.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 116
Exhibit A - Third-Party Software

* Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products
derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY
WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
DAMAGE.

Code generated by the Protocol Buffer compiler is owned by the owner of the input file used when generating it.
This code is not standalone and requires a support library to be linked with it. This support library is itself covered
by the above license.

7-Zip 19.0

License for use and distribution

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

7-Zip Copyright (C) 1999-2021 Igor Pavlov.

The licenses for files are:

1) 7z.dll:

- The "GNU LGPL" as main license for most of the code

- The "GNU LGPL" with "unRAR license restriction" for some code

- The "BSD 3-clause License" for some code

2) All other files: the "GNU LGPL".

Redistributions in binary form must reproduce related license information from this file.

Note:

You can use 7-Zip on any computer, including a computer in a commercial

organization. You don't need to register or pay for 7-Zip.

GNU LGPL information

--------------------

This library is free software; you can redistribute it and/or

modify it under the terms of the GNU Lesser General Public

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 117
Exhibit A - Third-Party Software

License as published by the Free Software Foundation; either

version 2.1 of the License, or (at your option) any later version.

This library is distributed in the hope that it will be useful,

but WITHOUT ANY WARRANTY; without even the implied warranty of

MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

Lesser General Public License for more details.

You can receive a copy of the GNU Lesser General Public License from

http://www.gnu.org/

BSD 3-clause License

--------------------

The "BSD 3-clause License" is used for the code in 7z.dll that implements LZFSE data decompression.

That code was derived from the code in the "LZFSE compression library" developed by Apple Inc,

that also uses the "BSD 3-clause License":

----

Copyright (c) 2015-2016, Apple Inc. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the
following conditions are met:

1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following
disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the
following disclaimer

in the documentation and/or other materials provided with the distribution.

3. Neither the name of the copyright holder(s) nor the names of any contributors may be used to endorse or
promote products derived

from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT

LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE

COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,


SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 118
Exhibit A - Third-Party Software

(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
OF SUCH DAMAGE.

----

unRAR license restriction

-------------------------

The decompression engine for RAR archives was developed using source

code of unRAR program.

All copyrights to original unRAR code are owned by Alexander Roshal.

The license for original unRAR code has the following restriction:

The unRAR sources cannot be used to re-create the RAR compression algorithm,

which is proprietary. Distribution of modified unRAR sources in separate form

or as a part of other software is permitted, provided that it is clearly

stated in the documentation and source comments that the code may

not be used to develop a RAR (WinRAR) compatible archiver.

OpenJDK8 (from AdoptOpenJDK distribution)

This component is distributed under the Gplv2 license with classpath exception: OpenJDK: GPLv2 + Classpath
Exception (java.net) .

Scripts or other files used to produce binaries are distributed under the Apachev2 license.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 119
Exhibit B - Third-Party Software for Sentinel LDK-EMS

Exhibit B - Third-Party Software for Sentinel


LDK-EMS

A. The following free software components are used and distributed pursuant to the Apache License, Version
1.1, and are subject to the terms and conditions of said License: (i) Avalon framework 4.1.3 and (ii) logkit-
1.0.1.jar. The Apache License, Version 1.1, is located at: http://www.apache.org/licenses/LICENSE-1.1.

B. The following free software components are used and distributed pursuant to the Apache License, Version
2.0, and are subject to the terms and conditions of said

License: (i) Spring 4.3.20; (ii) IzPack; (iii) json-lib-2.2.3-jdk15; (iv) EHCache; (v) apache poi-3.13; (vii) ezmorph-
1.0.6.jar; (viii) lucene-core-5.5.5.jar; (ix) xercesImpl-2.8.1; Xerces-C++ 3.1.1; (x) xalan-2.6.0; (xi) standalone-
compiler.jar; (xii) commons-beanutils-1.7.0; (xiii) commons-collections-3.2; (xiv) commons-lang-2.4; (xv)
commons-logging-1.1; (xvi) Quartz 1.6.5; (xvii) Apache Tomcat 9.0.56; (xviii) JCS; (xviv) Log4j; (xx) httpclient-
4.5.9.jar; (xxi) httpcore-4.4.11.jar; (xxii) Log4net; (xxiii) commons-fileupload-1.4.jar; (xxiv) commons-beanutils-
1.9.4.jar; (xxv) xercesImpl-2.12.0.jar; (xxvi) commons-codec-1.11.jar; (xxvii) commons-collections-3.2.2.jar;
(xxviii) xml-apis-1.4.01.jar; and (xxix) jjwt-0.9.1.jar. Said free software components are subject to the following
copyright: Copyright © 2012 The Apache Software Foundation. All rights reserved. The Apache License, Version
2.0, is located at: http://www.apache.org/licenses/LICENSE-2.0.

C. The following free software components are used and distributed pursuant to the GNU Lesser GPL License
2.1, and are subject to the terms and conditions of said License: (i) XLightWeb; (ii) Hibernate 5.11.1; (iii)
DynamicJasper 3.1.1 and (iv) KindEditor 4.1.12 the GNU Lesser GPL License 2.1 is located at:
http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.

D. The free software component known as "XStream", version 1.4.19 is used and distributed pursuant to the
BSD License for XStream, and is subject to the terms and conditions of said License. The BSD License for
XStream is located at: http://xstream.codehaus.org/license.html.

E. The free software component known as "Bouncy Castle" is used and distributed pursuant to the terms and
conditions of the License located at: http://www.bouncycastle.org/licence.html.

F. The free software component known as “Libcurl” is used and distributed pursuant to the terms and conditions
of the License located at: http://curl.haxx.se/legal/licmix.html.

G. The free software component known as “Libconfig” is used and distributed pursuant to the terms and
conditions of the License located at: hhttp://www.gnu.org/licenses/lgpl.html.

H. The free software component known as “Liblogger” is used and distributed pursuant to the terms and
conditions of the License located at: http://www.gnu.org/licenses/lgpl-3.0.txt.

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 120
Exhibit B - Third-Party Software for Sentinel LDK-EMS

I. The free software component known as “GenX” is used and distributed pursuant to the terms and conditions of
the License located at: http://www.tbray.org/ongoing/genx/COPYING.

J. The free software components known as “Libexpat”, “slf4j –api and slf4j-simple version 1.7.25 are used and
distributed pursuant to the MIT License, and is subject to the terms and conditions of said License located at:
http://opensource.org/licenses/MIT

K. The free software component known as “uthash” is used pursuant to the terms and conditions of the License
located at: http://uthash.sourceforge.net/license.html.

L. The free software component known as “SpiderMonkey” is used and distributed pursuant to the
MPL/GPL/LGPL tri-license, and is subject to the terms and conditions of said Licenses.

M. The free software component known as “OpenSSL” is used and distributed pursuant to the terms and
conditions of the License located at: http://www.openssl.org/source/license.html.

N. The free software component known as "YUI" is used and distributed pursuant to the BSD License, and is
subject to the terms and conditions of said License. The said software component is subject to the following
copyright: Copyright © 2010, Yahoo! Inc. All rights reserved. The BSD License for YUI is located at:
http://developer.yahoo.com/yui/license.html.

O. The free software components known as (i) JasperReports and (ii) JasperBerry_002 are used and distributed
pursuant to the LGPL License, and is subject to the terms and conditions of said License. The LGPL license is
available at: http://www.gnu.org/copyleft/lesser.html.

P. The free software component known as "Javolution.jar" is used and distributed pursuant to the BSD License
for Javolution.jar, and is subject to the terms and conditions of said License. The BSD License for Javolution.jar
is located at: http://javolution.org/LICENSE.txt.

Q. The free software component known as "jempbox-0.2.0.jar" is used and distributed pursuant to the BSD
License for jempbox-0.2.0.jar, and is subject to the terms and conditions of said License. The BSD License for
jempbox-0.2.0.jar is located at: http://www.jempbox.org/license.html.

R. The free software component known as "JDOM" is used and distributed pursuant to the JDOM License, and is
subject to the terms and conditions of said License. The JDOM License is located at:
http://vmgump.apache.org/gump/public- jars/jdom/jars/LICENSE.txt.

S. The free software component known as com.ibm.icu - icu4j - 67.1 is used and distributed pursuant to the
terms and conditions of the license located at http://www.unicode.org/copyright.html#License

T. The free software component known as "Dojo 1.16" is used and distributed pursuant to the terms and
conditions of the license located at: http://o.dojotoolkit.org/license.

U. The free software component known as "7-zip 4.65" is used and distributed pursuant to the terms and
conditions of the license located at: http://www.7- zip.org/license.txt.

V. The free software component known as "Curl 7.68.0" is used and distributed pursuant to the terms and
conditions of the license located at: http://curl.haxx.se/docs/copyright.html

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 121
Exhibit B - Third-Party Software for Sentinel LDK-EMS

W. The software component known as "JRE 1.8" is used and distributed pursuant to the terms and conditions of
the Oracle Binary Code License Agreement, located at:
http://www.oracle.com/technetwork/java/javase/terms/license/index.html

X. Distributed as part of this product under the Eclipse Public License (https://www.eclipse.org/legal/epl-
v10.html):

mchange-commons-java-0.2.15.jar ( © 2012-2013 Machinery for Change, Inc)

c3p0-0.9.5.2.jar (©included in the readme’s or equivalent)

aspectjweaver-1.8.10.jar (all required information can be found in the readme’s or


https://www.eclipse.org/aspectj/ )

Y. OpenJDK8 is distributed under CDDL License and Gplv2 classpath exception license:
https://oss.oracle.com/licenses/CDDL+GPL-1.1

Revision 2204-1

Sentinel LDK 8.4 INSTALLATION GUIDE


© 2022 Thales Group. All rights reserved. | 007-012163-001 Revision G | Last updated: 19 April 2022 | Support 122

You might also like