Wrapping software into a suite of unlockable sub-applications via product keys

Pink Jazz

Honorable
Jun 4, 2012
1
0
10,510
Not sure if this is the site to ask this, however, I am a software developer for a company that is developing an Android app for our customers to use. Our app is pretty much feature-locked now, so what our company is proposing now is to wrap the application into a suite of three different sub-applications.

Now, if we go this route, each sub-application would require a separate product key to unlock them. I have never made such applications before that require unlocking portions with product keys.

I was wondering, are there any built-in methods or cheap/free external tools for Android that we can use for the product keys can be validated for each of the portions of the app? We would like to use an offline solution that can correctly validate a product key without having to re-enter it each time. The reason we want an offline solution is because this product suite will run on 10' tablets (not phones), and our customers will often use this product suite in areas without Wi-Fi access.

Since this isn’t directly coding related, I think here would be a better site to ask such a question instead of a site such as Stack Overflow.

I would like to know, what solutions are available, either built into Android or as an external solution?
 
Solution
Actually, it is pretty simple to write something directly to do what you ask. You just start by building the complete unencrypted string - usually a serial number and some bit flags, choose a bidirectional encryption method, encrypt, add a CRC, and shuffle the bytes around to make the final value. Normally you do have to encode the product key alphanumerically and remove confusing characters ( O is close to 0 and l is close to 1) so that a person can type the product key in and be able to view it in the about area of the program if they need technical support.

Ideally you also encode the encryption / decryption key that will be used by the program as well by using a dummy string that has some of the key values and then replacing a few...

itmoba

Estimable
Aug 14, 2015
153
0
4,660
Is each "sub-application" essentially self-contained or do they interact with one another? Software license validation is a very tricky business and is typically handled as proprietary information and intellectual property. Otherwise, the algorithm may become transparent enough for someone to reverse engineer it.
 

wildfire707

Distinguished
Dec 29, 2011
59
0
18,610
Actually, it is pretty simple to write something directly to do what you ask. You just start by building the complete unencrypted string - usually a serial number and some bit flags, choose a bidirectional encryption method, encrypt, add a CRC, and shuffle the bytes around to make the final value. Normally you do have to encode the product key alphanumerically and remove confusing characters ( O is close to 0 and l is close to 1) so that a person can type the product key in and be able to view it in the about area of the program if they need technical support.

Ideally you also encode the encryption / decryption key that will be used by the program as well by using a dummy string that has some of the key values and then replacing a few bytes in the key before you use it. That way someone who decompiles the program still can't see the encryption / decryption key easily.
 
Solution