"Raistlin" <x@no.email> wrote in message news:1154967007977-401167@exchange.ni.com...
There are some interesting suggestions there. In fact, it should not only be able to identify if LabVIEW calls the DLL, it should also be impossible to act as if LabVIEW calls the DLL. It is in fact in the context of an SDK which we distribute to customers, which should be waterproof in terms of security. Only if it is called from LabVIEW certain possiblilities (such as a demo mode) should exist. We could off course work with two versions to make things easier.
In security, there is no such thing as waterproof. Any mechanism you build in can be removed or faked. Even self modifying code, compressed code, debugging traps, etc. can be removed.
Settle for a mechanism that is waterproof enough. Removing it should cost (much) more than the official release. Spending one day to remove security mechanism from a 100$ toolkit would be kinda stupid. Also consider what public will use it. Big companies will usually not work with illegal software. The number of users is also important. If you're making something like Windows, or Word with millions of users, it will be cracked sooner that a LabVIEW SDK, with (hopefully for you) hundreds or max. thousends of users.
I'd use GetProcAddress, with NULL and any of LabVIEW.exe's export functions. LabVIEW will have them, the created executable won't. It will be very easy:
If (!tested)
{
If (GetProcAddress(NULL, "ASCIITime"))
{
labview=true;
}
tested==true;
}
Easy to make. Also easy to remove if you're making a c or c++ dll.
Let us know how it turns out.
Regards,
Wiebe.