5

I would like to implement licensing in my app and need some help here.

The sample app has this:

// REPLACE WITH YOUR OWN SALT , THIS IS FROM EXAMPLE
    private static final byte[] SALT = new byte[]{
            -46, 65, 30, -128, -103, -57, 74, -64, 51, 88, -95, -45, 77, -117, -36, -113, -11, 32, -64,
            89
    };

I would like to know do I just change the numbers to some random number or do I have to generate it using SecureRandom?

I came across this code, do I have to set the SALT variable from the clipboard?

Also, does SALT have to be different for every device or same?

input
  • 7,503
  • 25
  • 93
  • 150

2 Answers2

2

A non random salt isn't going to be very secure, in theory someone can generate every combo for your app (however thats unlikely).

I suggest you take a look RSA public key cryptography. You may want to have a look at How to use public encryption to manage licensing on android applications? .

Edit: I was a bit unclear on you question at first, Android: Do the random SALT bytes passed to AESObfuscator need to stay the same? i think is a duplicate that has an answer.

Community
  • 1
  • 1
Bostwick
  • 696
  • 1
  • 12
  • 24
  • 1
    I'm new to this, so please bear with me. Do I have generate the SALT every time the app runs? Or do I have to generate it just once and then store it in the SALT variable? – input Jun 25 '13 at 04:15
  • I don't know enough about what your trying to do to answer that. Honestly, if you doing licensing, you really should read http://developer.android.com/google/play/licensing/index.html . If you read the links on the other answers they also give you more information which should help you get your footing. – Bostwick Jun 25 '13 at 12:54
1

You can put any 20 randomly generated bytes I think you can use the following Generator for this purpose:

http://www.random.org/integers/?num=20&min=0&max=255&col=5&base=10&format=html&rnd=new

farhad rubel
  • 2,334
  • 2
  • 22
  • 29