Simple Security (ssk.security.*)
This library gives you security without using heavy-weight and restricted encryption technologies.
The purpose of this module is to make it difficult for end-users to read and modify saved files. It is great for obfuscating game settings like score, IAP purchase flags, etc.
This library uses a substitution-cypher to encode and decode strings.
While difficult to crack, this is NOT STRONG security. It should not be used to secure sensitive data.
Security Operations (ssk.security:*)
genKey | |
encode | decode |
saveKey | loadKey |
printKeyString | loadKeyFromKeyString |
getKeyString |
Generating A Key
After exeucuting this code, the security module will be using a new randomly generated key (cypher):
ssk.security.genKey()
Encoding
To encode a string with the current key (cypher) do this:
local origString = "This is a random string 1234567890."
local encodedString = ssk.security.encode( origString )
Now, encodedString
contains a obfuscated version of origString
.
Decoding
To decode a previously obfuscated string:
local decodedString = ssk.security.decode( encodedString )
Assuming ssk.security
was configured with the same key (cypher) used to encode encodedString
, decodedString
will now contain the original un-encoded string.
Saving A Key
You can save the current key (cypher) to a file with this function:
ssk.security.saveKey( fileName [ , base ])
fileName
- File to save key in.base
(system.DocumentsDirectory
) - Base folder for key file.
Example
-- Save current key as file key.json (in system.DocumentsDirectory)
ssk.security.saveKey( "key.json" )
Restoring A Key
You can restoring a key (cypher) from a key previously stored in a file with this function
ssk.security.loadKey( fileName [ , base ])
fileName
- File to load key from.base
(system.DocumentsDirectory
) - Base folder for key file.
Example
-- Load key from file key.json (in system.DocumentsDirectory)
ssk.security.loadKey( "key.json" )
Assuming ssk.security
was configured with the same key (cypher) used to encode encodedString
, decodedString
will now contain the original un-encoded string.
Embedding A Key
Instead of saving and loading to/from a file, you may find it easier to embed a key right in your app/game code.
To do this, follow these steps:
1. Generate & Print Key
Do this in the simulator:
-- Generate random key
ssk.security.genKey()
-- Print To Console
ssk.security.printKeyString()
2. Get Key From Console
Look in your console and find a statement like this:
21:20:38.762 'a>bKc=d e.f;goh:ijj]ktlPmzn&olpWqQrFsHtau`v!wSxEyRzsAMB0CCDTE8FUGrHYI6J-KhL[MANcO9PfQ5RnSpTbU@VdW<XZYwZI1}2k3)4g5_6(728O9?0m!i@##V$%%{^y&N*B(v)$_++D-^=4`3~* G,u.x<e>7[1]L{X}~/q?|;J:,|/'
This is the key:
'a>bKc=d e.f;goh:ijj]ktlPmzn&olpWqQrFsHtau`v!wSxEyRzsAMB0CCDTE8FUGrHYI6J-KhL[MANcO9PfQ5RnSpTbU@VdW<XZYwZI1}2k3)4g5_6(728O9?0m!i@##V$%%{^y&N*B(v)$_++D-^=4`3~* G,u.x<e>7[1]L{X}~/q?|;J:,|/'
Copy it (including the start and end tics '
) to your cut-copy-paste buffer.
3. Write Code To Load Key String
Now, write this code in main.lua or in your initialization code (be sure to use key in your cut-copy-paste buffer):
-- Paste your key into this variable:
local keyString = 'a>bKc=d e.f;goh:ijj]ktlPmzn&olpWqQrFsHtau`v!wSxEyRzsAMB0CCDTE8FUGrHYI6J-KhL[MANcO9PfQ5RnSpTbU@VdW<XZYwZI1}2k3)4g5_6(728O9?0m!i@##V$%%{^y&N*B(v)$_++D-^=4`3~* G,u.x<e>7[1]L{X}~/q?|;J:,|/'
-- Now initialize ssk.security with it:
ssk.security.loadKeyFromKeyString( keyString )
Getting A Key String
At any time, you can get the current key (cypher) from ssk.security()
with this function:
local keyString = ssk.security.getKeyString( )
Complete Security Example
local test = {}
-- Localize security module
local security = ssk.security
function test.run( group, params )
group = group or display.currentStage
params = params or {}
table.dump(security)
-- Print current key (default key)
local curKey = security.getKeyString()
print( "Default Key: ", curKey)
-- Generate and set a new key
security.genKey()
local newKey = security.getKeyString()
print( "Generated key: ", newKey )
-- Test encoding and decoding.
local origString = "This is a random string 1234567890."
local encodedString = security.encode( origString )
local decodedString = security.decode( encodedString )
print( " Original string: " .. tostring( origString ) )
print( " Encoded string: " .. tostring( encodedString ) )
print( " Decoded string: " .. tostring( decodedString ) )
print( " Strings match?: " .. tostring( origString == decodedString ) )
-- Save key
security.saveKey( "key.json" )
-- Generate a new key
security.genKey()
-- Load saved key
security.loadKey( "key.json")
-- Test saved, generated, reloaded key
local reDecodedString = security.decode( encodedString )
print( " Re-Decoded string: " .. tostring( reDecodedString ) )
print( " Strings match?: " .. tostring( origString == decodedString ) )
end
return test
Copyright © Roaming Gamer, LLC. 2008-2016; All Rights Reserved