How to generate a serial number (registration number)

Question

What is the best way to generate a serial number users can use to register an application?

I was thinking to the following scenario:

• Users try the application.
• When they want to buy the application, they select a menu item.
• The application generates a code that is then passed to the web site to buy the application.
• Users enter the code returned from the web site.
• The application checks the entered code with the code it generated.

If users lost the serial number, or copied the application after re-installing the OS, they would require the code to the website, which would return a special code that allow the application to get the original code generated for the users' machine.

Answer 1

You could use asymmetric encryption and hashing, to accomplish this:

1. You bundle your public key with the application.
2. When the user buys the application, they supply their name and e-mail address.
3. The web site hashes the user's name and e-mail address, signs the hash with your private key, and provides the result in Base64 to ease typing.
4. When the user enters the "code" into your application along with their name and e-mail address, your application can verify that it was signed by your private key (which only you/the web store has access to), and that it matches the name and e-mail provided by the user.

Answer 2

There are several open source projects out there that eliminate the need to even think about this. You can focus on writing what your user will actually purchase. There is an opensource framework called Aquatic Prime for generating serial numbers. There are many web portals that work with Aquatic Prime like Shine.

I dont like writing something "new" when there is a perfectly good solution out there (especially since these projects are free)