I am worried that bad users may extract and abuse a resource.
I would like to protect voice resources.
I was able to protect picture resources.
I already know how to protect a picture resource using Texture Packer.
I was able to reverse the bit of the file read by changing FileUtils.
However, I do not know how to protect the voice file reproduced by SimpleAudioEngine::playEffect().
Do you have a good idea?
How is the resource of the already released application protected?
Basically it works like this:
Encrypt your assets -> engine loads your assets -> decryption takes place -> (optionally engine adds your decrypted assets to the cache) -> plays the effect.
You have to implement something similar like the protection scheme used by Texture Packer.
It just encrypts the resource files. Decryption is done at loading those resources using the decryption key stored in the game code.
But here lies the problem. If some attacker wants to extract/decrypt your resources, he will be able to do so.
It just boils down to effort and will. As the decryption key is stored in the game code, it will not hinder an attacker to extract it.
This method just protects you from the average/unskilled attacker not wasting to much time on it.
Hashing your resources may offers the same level of protection.
To protect your resources to a greater expense, you would have to implement methods, where your decryption keys are never stored on the client aka the game code/device.
But even then, some attacker would be able to get your decryption keys out of memory. There is no 100% protection of your assets. You can just choose between “make it easy” or “make it hard”, which depends on how precious your assets really are or you want them to be.
Not at all.
I appreciate your reply.
I do not desire 100% of encryption.
I also think that it is impossible.
I apologize for my insufficient English.
I wanted to know where I should insert decryption processing.
SimpleAudioEngine::playEffect() does not use FileUtils.
The problem of SimpleAudioEngine is, that it implements different players on all the supported platforms. The players are called directly with a file path to load data from. So you would need to adopt the code for the open() API call of all the players.
You cannot code a wrapper, that loads the data and forwards it to the player, as the player methods for playing effects and bg music take a file path and load the data directly.
There is no API to feed the binary data directly to the player itself.
Unfortunately you have to adopt the player code on every platform to use FileUtils.
They have already plans to code a new sound engine for the next release. It may has a better design and utilizes the FIleUtils.
That’s right! You caught my point.
I wait eagerly for a new sound engine.
The new audio will use OpenAL to an audio file. The process like this
So it doesn’t support a encryption file. If a file is encrypted, then the system API can not decode it.
Thank you for your reply.
I’ll give up the encryption of the audio file.
I use the non-encrypted files as well as cocos2dx other apps.