ARM Reference - ONE-store/inapp-sdk-eng GitHub Wiki

Terminology

Required Terminology Description Remarks
P-APK This is the generic APK file without ARM Plain APK
S-APK This is the APK with encrypted ARM Secure-APK
SS-APK This is the APK with private key signing to distribute S-APK Signed Secure-APK

ARM Reference

ARM Components

Once the APK (SS-APK) with the 2nd Generation ARM is executed, a user’s App permissions are checked through the connection with ARM Client Service which is installed in the device. If the user has proper permissions, the execution of the App is permitted and the encrypted code is decoded for execution. Components for processing the 2nd Generation ARM in the device are as follows:

  • ONE store developer center ARM Client Loader
    • ARM Module to be added while ARM is applied to an App
    • Checks permissions and performs processing according to execution through the connection with ARM Service
  • ONE store developer center ARM Service v3.0
    • Contents Provider in the form of Android Service to control execution according to permissions
    • Checks permissions and distinguishes if an App is executed by connecting with Client Loader applied to the App when the App with the 2nd Generation ARM is run.

ONE 스토어 2세대 ARM 동작 방식

ARM Test Checklist

  • Check if an App is executed and normally works

  • When the App is executed for the first time (one-time), it must be connected to the network.

  • The App normally works only if the device is included in “Manage ARM Test Device” in the account of the developer who generated SS-APK.

  • If you fail to normally execute the App

    • Check if the number is registered in “Manage ARM Test Device”
    • Check if the APK is applied with ARM and signed.
    • Check if the App is uploaded and “Published”, and the device number is “Commercialize”
    • Check if you follow all instructions in the guide, and if you have any other inquiries, ask via Q&A.

  • Note for verification

    • Developers are required to install an App after registering and saving the ARM Test device number, and to identify if the App works normally (they need to confirm if the test is success, and are not required to review the failed case).
    • Issue a license is whenever SS-APK is executed for the device registered with the ARM Test number.
    • Keep in mind that the information registered with the ARM Test number must be used only for verification, and must not be leaked or misused.

ARM: Recommendations & Limitations

  1. If an encryption/decryption-based security solution is applied to an App, ONE store 2nd Generation ARM could be incompatible (ex. HoseDex2Jar).
  2. It is not recommended to change APK additionally, except signing & zipalign, in the process of registering SS-APK, if the developer performs signing directly.
  3. When ARM is applied, the APK file information is changed by the encryption in the APK. So if you apply a feature to check the physical APK files information to prevent illegal copying and falsification of an App, malfunction could occur (check file size, CRC,Code-Signing, etc.).
  4. If the code-signing checking logic is implemented in Shared-Library (SO), it can be applied as follows by:
  • Implementing the checking logic in SO when developing P-APK
  • Downloading S-APK by applying ARM to P-APK
  • Making SS-APK by code-signing and zip-aligning S-APK
  • Rebuilding SO by modifying code-signing check logic
  • Replacing SO file in theSS-APK with the rebuilt SO file
  • Code-signing and zip-aligning the modified SS-APK again
  • Registering the completed SS-APK as a product on ONE store developer center