This new DataObject type allows storing of encrypted data of fixed size (actual data size is stored in the CDO header) protected against unauthorized changes with a special internal signature. The CDO_MEMORY content is encrypted, so it cannot be read by regular CBIOS read calls. Moreover, the value is bound to the particular CRYPTO-BOX which prevents any duplication to another dongle.
The only way to read or change CDO_MEMORY data is using corresponding DO API call with UPW submission. See Compendium chapter 13.2 and sample code in Protection Kit 7.4 for further details:
[PPK root]\SmarxOS\API\Win\Samples\DO\C++\MSVS2005 (Static VC)
It is strongly recommended to apply additional hardware based encryption to the CDO_MEMORY content (AES, see corresponding CBIOS sample code in the Protection Kit) when storing confidential data like passwords. The reason is: having a valid CRYPTO-BOX and using DO API, plus knowing the User Password and internal geometry of the licensing data, a potential intruder can read the secret value.
CDO_MEMORY is currently supported for C++ (Visual Studio), support for C# and Delphi will be available soon.
Copyright © 2002, 2017 MARX® CryptoTech LP - Last Update 1 December 2017