Add optional pck xor obfuscation#596
Open
Tekisasu-JohnK wants to merge 2 commits into
Open
Conversation
Tekisasu-JohnK
force-pushed
the
Add-optional-XOR-obfuscation-layer-for-PCK-asset-files
branch
from
2f53b11 to
94ab15c
Compare
Android gradle configs don't seem to like my adjustments to version.py. I'm removing the comments and switching from None to an empty string and will retest.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds optional XOR obfuscation support for reading and writing PCK files.
This is not a fullproof way to protect an exported game developed in Blazium from being dumped and having its contents taken. However, used in conjunction with using the AES256 encryption key and modifying the PACK_HEADER_MAGIC value on a per-project basis currently protects it from unauthorized inspection from tools like Godot PCK Tool and GDRETools.
The xor obfuscation is enabled at build time for the editor and templates. It is only utilized when a valid 1024 key is present in version.py and assigned to the variable blazium_xor_key. By default, blazium_xor_key is set to an empty string and the feature is disabled.
You can generate a valid xor key by running the following:
$ tr -dc 'A-Za-z0-9' </dev/urandom | head -c 1024Therefore, an example of a valid setting in version.py is as follows:
blazium_xor_key = "j1bchdxZvlrzX6nA6qck0mI6wqr6Gv6VvrbrltuDBNyOzzitdQfRhXLPzRjfuCHS0ZKS6bEieMrsPJ9iWHnJWEMdiktcZy0tCM9j1XQbwv9vY2zdH6q1uYJU1CRohNaD64oRGTXQU799xxDnIvY7DwxBBsxmJiUT9RiwgPVoq4SMqcYZtFXyKWZpeobdPWEF2quYelIqegRjm7Iz6lHxvRNzcY2yxEK9vSDHyyBmukuR7CR8PnfequIPMcLSlnky76kDDSGvz5nJPVkLnT4D5d9xr1z2OtwsF6Ib5OMrJg5XnTPLVnx2BQIZNbT0Dz3VeduIHcgTHMZlfEXmRs9AzroX8o227AyhOncTfg06iCcNh0k5OfAdknK4xfzFcxFLw8qYrYj8GWSYy5W0h9cI4ZA4392nbSVVt9pdMaHLjuHRsb9TY7jXHc5YuhNwNWmqti1VXTp6cu41jzlDht7xtJX2XPDzQMuh5GrCVKQMA2NiyL2JVriVj1pbn2D2N0bVntfmwPjyJ0fIaLQCIdM5NFb33lZUzNzoA7uePsqlk9o30tMF8tpJQ4pNo5aLHHMXLYTs2yCGJVmDMIFaWmRkSDc2wPe1aqiCATybw3fcPpxTLW3P1kuPtlxqyIdt8HLOBogrciXzhDAZHbgpQOWAVk7cGoTenSUB0QTjRti3Vm83lZVASsNgeDatvLgfN4Y68lbQVqj6fU2vYAneVdz3wDfKRzJ3NRf2AO8M18F7YDRSWSxliLxmVgAu5yrApiYO6aJjb35wZCQtKwsqKifHuOhliiGChW1XusRe1GhFKRckqHbZD5bBwrxlzYQgwXYpajYUwiPyIl2eXAeVICssIHw0gqXRwtywG24Wpvm202TWpTEG6Mx7xbUW5fY1tkwOPxiZrS4v7J0clj9x4ztGtu4OonDRYt6hcsLjfyPmloqovE0AK5UHd7fJM62j0ObzyIyj8wtwDfwi7sFs9A6oegONNcHD8YVF6sLOdoWCSQApK7IukLTsEl72Wixs9W0W"