# Master License for Android Master license is the offline license that allows using Mobile SDKs with any `bundle_id`, unlike the regular licenses. To get a master license, create a pair of keys as shown below. Email us the public key, and we will email you the master license shortly after that.\ Your application needs to sign its `bundle_id` with the private key, and the Mobile SDK checks the signature using the public key from the master license. Master licenses are time-limited. ## Generating Keys This section describes the process of creating your private and public keys. ### Creating a Private Key To create a private key, run the commands below one by one. ```bash openssl genpkey -algorithm RSA -outform DER -out privateKey.der -pkeyopt rsa_keygen_bits:2048 # for MacOS base64 -i privateKey.der -o privateKey.txt # for Linux base64 -w 0 privateKey.der > privateKey.txt ``` You will get these files: * *privateKey.der* is a private .der key; * *privateKey.txt* is *privateKey.der* encoded by *base64*. This key containing will be used as the host app *bundle\_id* signature. The OpenSSL command specification: ### Creating a Public Key To create a public key, run this command. ```sh openssl rsa -pubout -in privateKey.der -out publicKey.pub ``` You will get the public key file: *publicKey.pub*. To get a license, please email us this file. We will email you the license. ## SDK Integration SDK initialization: ```kotlin fun init( context: Context, licenseSources: List, masterLicenseSignature: String, statusListener: StatusListener? = null, ) ``` {% hint style="info" %} For Android 6.0 (API level 23) and older: 1. Add the `implementation 'com.madgag.spongycastle:prov:1.58.0.0'` dependency; 2. Before creating a signature, call `Security.insertProviderAt(org.spongycastle.jce.provider.BouncyCastleProvider(), 1)` {% endhint %} Prior to the SDK initializing, create a base64-encoded signature for the host app `bundle_id` using the private key. Signature creation example: ```kotlin private fun getMasterSignature(): String { Security.insertProviderAt(org.spongycastle.jce.provider.BouncyCastleProvider(), 1) val privateKeyBase64String = "the string copied from the privateKey.txt file" // with key example: // val privateKeyBase64String = "MIIEpAIBAAKCAQEAxnpv02nNR34uNS0yLRK1o7Za2hs4Rr0s1V1/e1JZpCaK8o5/3uGV+qiaTbKqU6x1tTrlXwE2BRzZJLLQdTfBL/rzqVLQC/n+kAmvsqtHMTUqKquSybSTY/zAxqHF3Fk59Cqisr/KQamPh2tmg3Gu61rr9gU1rOglnuqt7FioNMCMvjW7ciPv+jiawLxaPrzNiApLqHVN+xCFh6LLb4YlGRaNUXlOgnoLGWSQEsLwBZFkDJDSLTJheNVn9oa3PXg4OIlJIPlYVKzIDDcSTNKdzM6opkS5d+86yjI1aTKEH3Zs64+QoEuoDfXUxS3TOUFx8P+wfjOR5tYAT+7TRN4ocwIDAQABAoIBAATWJPV05ZCxbXTURh29D/oOToZ0FVn78CS+44Vgy1hprAcfG9SVkK8L/r6X9PiXAkNJTR+Uivly64Oua8//bNC7f8aHgxRXojFmWwayj8iOMBncFnad1N2h4hy1AnpNHlFp3I8Yh1g0RpAZOOVJFucbTxaup9Ev0wLdWyGgQ3ENmRXAyLU5iUDwUSXg59RCBFKcmsMT2GmmJt1BU4P3lL9KVyLBktqeDWR/l5K5y8pPo6K7m9NaOkynpZo+mHVoOTCtmTj5TC/MH9YRHlF15VxQgBbZXuBPxlYoQCsMDEcZlMBWNw3cNR6VBmGiwHIc/tzSHZVsbY0VRCYEbxhCBZkCgYEA+Uz0VYKnIWViQF2Na6LFuqlfljZlkOvdpU4puYTCdlfpKNT3txYzO0T00HHY9YG9k1AW78YxQwsopOXDCmCqMoRqlbn1SBe6v49pVB85fPYU2+L+lftpPlx6Wa0xcgzwOBZonHb4kvp1tWhUH+B5t27gnvRz/rx5jV2EfmWinycCgYEAy8/aklZcgoXWf93N/0EZcfzQo90LfftkKonpzEyxSzqCw7B9fHY68q/j9HoP4xgJXUKbx1Fa8Wccc0DSoXsSiQFrLhnT8pE2s1ZWvPaUqyT5iOZOW6R+giFSLPWEdwm6+BeFoPQQFHf8XH3Z2QoAepPrEPiDoGN1GSIXcCwoe9UCgYEAgoKj4uQsJJKT1ghj0bZ79xVWQigmEbE47qI1u7Zhq1yoZkTfjcykc2HNHBaNszEBks45w7qo7WU5GOJjsdobH6kst0eLvfsWO9STGoPiL6YQE3EJQHFGjmwRbUL7AK7/Tw2EJG0wApn150s/xxRYBAyasPxegTwgEj6j7xu7/78CgYEAxbkI52zG5I0o0fWBcf9ayx2j30SDcJ3gx+/xlBRW74986pGeu48LkwMWV8fO/9YCx6nl7JC9dHI+xIT/kk8OZUGuFBRUbP95nLPHBB0Hj50YRDqBjCBh5qaizSEGeGFFNIfFSKddri3U8nnZTNiKLGCx7E3bjE7QfCh5qoX8ZF0CgYAtsEPTNKWZKA23qTFI+XAg/cVZpbSjvbHDSE8QB6X8iaKJFXbmIC0LV5tQO/KT4sK8g40m2N9JWUnaryTiXClaUGU3KnSlBdkIA+I77VvMKMGSg+uf4OdfJvvcs4hZTqZRdTm3dez8rsUdiW1cX/iI/dJxF4964YIFR65wL+SoRg==" val sig = Signature.getInstance("SHA512WithRSA") val keySpec = PKCS8EncodedKeySpec(Base64.decode(privateKeyBase64String, Base64.DEFAULT)) val keyFactory = KeyFactory.getInstance("RSA") sig.initSign(keyFactory.generatePrivate(keySpec)) sig.update(packageName.toByteArray(Charsets.UTF_8)) return Base64.encodeToString(sig.sign(), Base64.DEFAULT).replace("\n", "") } ``` Pass the signature as the `masterLicenseSignature` parameter during the SDK initialization. If the signature is invalid, the initialization continues as usual: the SDK checks the list of `bundle_id` included into the license, like it does it by default without a master license. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://doc.ozforensics.com/oz-knowledge/guides/developer-guide/sdk/oz-mobile-sdk/android/getting-a-license-for-android-sdk/master-license-for-android.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.