(v13) D_SECURITY
This page applies to Harlequin v13.1r0 and later; and to Harlequin MultiRIP but not Harlequin Core
D_SECURITY Selector
Parameter: devSecurityParam * securityparam
This call is made to determine whether the plugin works with the OEM version of the RIP making the call, and the security device in use, whether it is a dongle or license from the license server.
D_SECURITY
can also determine if the plugin is running on a Watermark RIP, see Output plugins and Watermark RIPs
for details.
The plugin tests values in the structure supplied to decide whether it will permit calling the RIP to use it. It reports its decision to the RIP in the s_result
field.
typedef struct devSecurityParam { int32 s_key;
int32 s_customerid; int32 s_uniqueid; int32 s_level; int32 s_demo;
int32 s_result; int32 s_platform;
} devSecurityParam;
The D_SECURITY
call may be made at any time between the D_INITIALISE
and D_SHUTDOWN
calls. If your plugin refuses to let the RIP use it, the RIP will attempt to unload it by calling D_SHUTDOWN
. This hap‐ pens even if plugin's “don't unload” flag is set.
Caution:
Even if your plugin refuses to be used, the result of D_SECURITY
could
be patched so that the RIP thinks that the plugin granted its permission. To defeat this, code your plugin so that if it declines permission to be used, or its D_SECURITY
selector isn't called it can no longer work properly.
D_SECURITY
will always be called before anything significant after D_INITIALISE
.
s_key
A value provided by the RIP. See s_result below.
s_customerid
An identifier for a particular OEM. The version of the RIP calling the plugin will have this ID encoded in it. The ID declares whom the version in question was produced for.
The plugin can decide which IDs it will permit itself to be used with. If no restrictions on users are required, the plugin need not test the s_customerid
field.
The plugin may, alternatively, be restricted to the developer's ID and two Harlequin IDs (0x00
and
0x0B
).
If you choose this option, note that the two Harlequin IDs must
be supported. One (0x00
) will facilitate Harlequin testing and support, while the other (0x0B
) is for Global Graphics' generic version of the RIP. By supporting this, you will be able to use your plugin in tests of new RIP features. (These are generally seen in a generic version of the RIP before they are supplied in special OEM versions.)
s_uniqueid
The unique security identifier obtained from the dongle. This can be used to tie a plugin to use with a particular dongle.
s_level
This field is obsolete.
s_demo
This field will be TRUE
(that is, non‐zero) if the software and dongle combination is for demonstration only. It need only be tested if you wish to restrict the plugin to use with non‐demonstration versions.
s_result
This field is set by the plugin to inform the RIP of its decision. If it is going to allow the calling version of the RIP to use it, it should set this field to the following:
s_key ^ s_customerid ^ s_uniqueid
That is, s_result
should be the exclusive‐OR of s_key
, s_customerid
and s_uniqueid
.
Any other value tells the RIP that the plugin may not be used. Avoid setting s_result
to the number above by accident!
s_platform
s_platform
signifies the platform for which the RIP has been compiled.
The value indicates whether the RIP is a 32‐bit or 64‐bit executable. However, this is of limited use because a 32‐bit plugin will not get called by a 64‐bit RIP, or vice versa.
The s_platform
field holds an 8‐bit platform value (3‐bits for the OS and 5 for the machine architecture):
3 m.s.b | OS | 5 l.s.b. | Platform |
5 | Windows 7 | 23 | Intel x64 |
5 | Windows 7 | 7 | Intel x86 |
8 . . . 20 | Already allocated to older platforms no longer used. |
Figure: Platform and OS codes for s_platform
Output plugins and Watermark RIPs
D_SECURITY
is able to recognize the plugin library if the plugin is running on a Watermark RIP. Water‐ mark RIPs do not use dongles, so the following call allows the security check to return a valid dongle:
if (PluginHostIsWaterMarkedRip(pSecurity))
{
return NOERR;
}
/* else usual OEM based checking */
The function returns TRUE
or FALSE
. If TRUE
the security information is updated in the usual way to permit the plugin to operate, the plugin can simply return NOERR
. If FALSE
the security information is invalidated, and the plugin should perform its usual OEM based security checking.