├── .gitignore
├── LICENSE
├── README.md
├── build_plugin.sh
├── game.project
├── main
    ├── main.collection
    └── main.script
└── resourceencryption
    ├── ext.manifest
    ├── plugins
        └── share
        │   └── pluginCustomResourceEncryption.jar
    ├── pluginsrc
        └── com
        │   └── dynamo
        │       └── bob
        │           └── archive
        │               └── CustomResourceEncryption.java
    └── src
        └── plugin.cpp


/.gitignore:
--------------------------------------------------------------------------------
1 | /.internal
2 | /build
3 | .DS_Store
4 | Thumbs.db
5 | bob.jar
6 | manifest.private.der
7 | manifest.public.der
8 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2022 Defold
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # extension-resource-encryption
 2 | This extension implements a buildtime plugin for encryption of resources in the game archive and a runtime counterpart to decrypt the resources. The extension uses the same encryption algorithm as in the official Defold source code, but since it can be forked it allows developers to replace the default encryption key with a private project specific key.
 3 | 
 4 | NOTE: Defold does not encrypt all resources in a game archive. Instead Defold encrypts a [subset of resource types](https://github.com/defold/defold/blob/dev/com.dynamo.cr/com.dynamo.cr.bob/src/com/dynamo/bob/archive/ArchiveBuilder.java#L55) where it may be desirable to apply additional protection.
 5 | 
 6 | 
 7 | ## Installation
 8 | To use this library in your Defold project you need to [make a fork of this repository](https://github.com/defold/extension-resource-encryption/fork) and then add the repository archive URL to your `game.project` dependencies. Example (replace `%YOUR_ORG%` with your GitHub user or organisation):
 9 | 
10 | https://github.com/%YOUR_ORG%/extension-resource-encryption/archive/master.zip
11 | 
12 | 
13 | ## Modifying the extension
14 | The extension consists of two parts:
15 | 
16 | * Buildtime encryption plugin for Bob - https://github.com/defold/extension-resource-encryption/blob/master/resourceencryption/pluginsrc/com/dynamo/bob/archive/CustomResourceEncryption.java
17 | * Runtime decryption in the engine - https://github.com/defold/extension-resource-encryption/blob/master/resourceencryption/src/plugin.cpp
18 | 
19 | NOTE: When the buildtime encryption part of the plugin has changed it needs to be compiled and packaged as a .jar file for Bob to use. Run the `build_plugin.sh` script to build the jar file and copy it to the correct location (`resourceencryption/plugins/share/`). The script needs a copy of bob.jar.
20 | 
21 | ### Replace the key
22 | When you [fork this repository](https://github.com/defold/extension-resource-encryption/fork) make sure to change the key in both the buildtime and runtime part of the extension:
23 | 
24 | * Buildtime: https://github.com/defold/extension-resource-encryption/blob/master/resourceencryption/pluginsrc/com/dynamo/bob/archive/CustomResourceEncryption.java#L7
25 | * Runtime: https://github.com/defold/extension-resource-encryption/blob/master/resourceencryption/src/plugin.cpp#L7
26 | 
27 | ### Use your own encryption
28 | Use this extension as a base to apply your own encryption algorithm to the resources. Using custom encryption will add another layer of security as the encryption algorithm will not be know to an attacker.
29 | 


--------------------------------------------------------------------------------
/build_plugin.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | 
 4 | if [[ "$OSTYPE" == "linux-gnu"* ]]; then
 5 | 	PLATFORM=x86_64-linux
 6 | 	BUILDDIR=x86_64-linux
 7 | elif [[ "$OSTYPE" == "darwin"* ]]; then
 8 | 	PLATFORM=x86_64-darwin
 9 | 	BUILDDIR=x86_64-osx
10 | elif [[ "$OSTYPE" == "cygwin" ]] || [[ "$OSTYPE" == "msys" ]] || [[ "$OSTYPE" == "win32" ]]; then
11 | 	PLATFORM=x86_64-win32
12 | 	BUILDDIR=x86_64-win32
13 | else
14 | 	echo "Unknown host OS $OSTYPE"
15 | 	exit 1
16 | fi
17 | 
18 | java -jar bob.jar --platform=${PLATFORM} --verbose --build-artifacts=plugins clean build
19 | 
20 | cp build/${BUILDDIR}/resourceencryption/pluginCustomResourceEncryption.jar resourceencryption/plugins/share


--------------------------------------------------------------------------------
/game.project:
--------------------------------------------------------------------------------
 1 | [bootstrap]
 2 | main_collection = /main/main.collectionc
 3 | 
 4 | [script]
 5 | shared_state = 1
 6 | 
 7 | [display]
 8 | width = 960
 9 | height = 640
10 | 
11 | [android]
12 | input_method = HiddenInputField
13 | 
14 | [project]
15 | title = resourceencryption
16 | 
17 | [library]
18 | include_dirs = resourceencryption
19 | 
20 | [input]
21 | game_binding = /builtins/input/all.input_bindingc
22 | 
23 | 


--------------------------------------------------------------------------------
/main/main.collection:
--------------------------------------------------------------------------------
 1 | name: "default"
 2 | scale_along_z: 0
 3 | embedded_instances {
 4 |   id: "go"
 5 |   data: "components {\n"
 6 |   "  id: \"main\"\n"
 7 |   "  component: \"/main/main.script\"\n"
 8 |   "  position {\n"
 9 |   "    x: 0.0\n"
10 |   "    y: 0.0\n"
11 |   "    z: 0.0\n"
12 |   "  }\n"
13 |   "  rotation {\n"
14 |   "    x: 0.0\n"
15 |   "    y: 0.0\n"
16 |   "    z: 0.0\n"
17 |   "    w: 1.0\n"
18 |   "  }\n"
19 |   "}\n"
20 |   ""
21 |   position {
22 |     x: 0.0
23 |     y: 0.0
24 |     z: 0.0
25 |   }
26 |   rotation {
27 |     x: 0.0
28 |     y: 0.0
29 |     z: 0.0
30 |     w: 1.0
31 |   }
32 |   scale3 {
33 |     x: 1.0
34 |     y: 1.0
35 |     z: 1.0
36 |   }
37 | }
38 | 


--------------------------------------------------------------------------------
/main/main.script:
--------------------------------------------------------------------------------
1 | function init(self)
2 | 	print("hello")
3 | end
4 | 


--------------------------------------------------------------------------------
/resourceencryption/ext.manifest:
--------------------------------------------------------------------------------
1 | name: CustomResourceEncryption


--------------------------------------------------------------------------------
/resourceencryption/plugins/share/pluginCustomResourceEncryption.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/defold/extension-resource-encryption/94d46f7aba63427a75a53473b565c1ca6bc3ede1/resourceencryption/plugins/share/pluginCustomResourceEncryption.jar


--------------------------------------------------------------------------------
/resourceencryption/pluginsrc/com/dynamo/bob/archive/CustomResourceEncryption.java:
--------------------------------------------------------------------------------
 1 | package com.dynamo.bob.archive;
 2 | 
 3 | import com.dynamo.bob.archive.ResourceEncryptionPlugin;
 4 | import com.dynamo.crypt.Crypt;
 5 | 
 6 | public class CustomResourceEncryption extends ResourceEncryptionPlugin {
 7 | 	private final byte[] KEY = "aQj8CScgNP4VsfXK".getBytes();
 8 | 
 9 | 	@Override
10 | 	public byte[] encrypt(byte[] resource) throws Exception {
11 | 		return Crypt.encryptCTR(resource, KEY);
12 | 	}
13 | }
14 | 


--------------------------------------------------------------------------------
/resourceencryption/src/plugin.cpp:
--------------------------------------------------------------------------------
 1 | #include <dmsdk/sdk.h>
 2 | #include <dmsdk/dlib/crypt.h>
 3 | #include <dmsdk/resource/resource.h>
 4 | 
 5 | // change this in your own fork!
 6 | // also change in CustomResourceEncryption.java
 7 | const char* KEY = "aQj8CScgNP4VsfXK";
 8 | 	
 9 | static dmResource::Result FooDecrypt(void* buffer, uint32_t buffer_len)
10 | {
11 | 	dmCrypt::Result cr = dmCrypt::Decrypt(dmCrypt::ALGORITHM_XTEA, (uint8_t*) buffer, buffer_len, (const uint8_t*) KEY, strlen(KEY));
12 | 	if (cr != dmCrypt::RESULT_OK)
13 | 	{
14 | 		return dmResource::RESULT_UNKNOWN_ERROR;
15 | 	}
16 | 	return dmResource::RESULT_OK;
17 | }
18 | 
19 | static dmExtension::Result AppInitialize(dmExtension::AppParams* params)
20 | {
21 | 	dmResource::RegisterResourceDecryptionFunction(FooDecrypt);
22 | 	return dmExtension::RESULT_OK;
23 | }
24 | 
25 | static dmExtension::Result Initialize(dmExtension::Params* params)
26 | {
27 | 	return dmExtension::RESULT_OK;
28 | }
29 | 
30 | DM_DECLARE_EXTENSION(CustomResourceEncryption, "CustomResourceEncryption", AppInitialize, 0, Initialize, 0, 0, 0);
31 | 


--------------------------------------------------------------------------------