[Plugin] Ajax RSA

Post your completed addons to share with the community

Post » Thu Feb 06, 2014 12:02 pm

Hi,

(First, sorry for the spelling, I do not speak English fluently).

This is my first plugin Construct 2: Ajax RSA

The purpose of this plugin is to encrypt the data flowing between Ajax (encryption) and PHP (decryption).
Unfortunately, This plugin Does not Provide a foolproof method against hacks but tries to approach.

What is RSA ?
RSA is a cryptosystem (Public-key cryptography), also known as asymmetric cryptography, refers to a cryptographic algorithm which requires two separate keys, one of which is secret (or private) and one of which is public.

20 Oct. 2014: tested on Release 184

Guide page: http://www.payondev.fr/projet/ajaxrsa/index.html
Demonstration: http://www.payondev.fr/projet/ajaxrsa/demonstration/index.html

I hope this plugin will be useful for some "constructors".

Bonne journée. :)
Last edited by Shakalu on Mon Oct 20, 2014 5:18 pm, edited 2 times in total.
B
11
S
2
Posts: 7
Reputation: 1,223

Post » Thu Mar 27, 2014 9:04 am

Thank you so much for sharing your work with us. It is always nice to see so many always trying to help. Wonderful
B
256
S
39
G
15
Posts: 1,984
Reputation: 41,038

Post » Wed Aug 06, 2014 5:25 pm

Intel XDK (1199) / Construct2 (r174 beta) compiled with Crosswalk for Android tested (on Samsung Galaxy S4) as of 8/6/2014!

I must say Shakalu, this could be the best plugin for encryption for Construct2! Not to mention it's updated, and has a beautiful guide to go along with it... Just perfect. I was stuck doing a bunch of research in this part of my game (security) until I found this plugin! I even looked through Kyatric's huge list, but honestly most of those are dated now. Dug through tons of tutorials (new and old). Nothing was like this plugin! This was everything I needed.

This is a must-use for any serious C2 game developers trying to reach the mass audience (as for me, I'm trying to get onto Android devices via Google Play Market). It's hard to find quality C2 plugins that actually work when compiled through a wrapper...Anyway, can't go sending private data just in any old fashion if you're trying to hit 100k game members :).

Thanks a ton Shakalu, you rock. Keep up the excellent work!
B
3
Posts: 9
Reputation: 568

Post » Wed Aug 13, 2014 2:25 pm

Hey, looks awesome will try it soon!
Image Image Image Image
B
19
S
1
Posts: 89
Reputation: 929

Post » Thu Aug 14, 2014 2:36 pm

omg. yes. awesome.
B
45
S
19
G
8
Posts: 522
Reputation: 8,639

Post » Mon Oct 20, 2014 5:36 pm

Thanks a lot guys. :) I hope this is helpful in your projects.

Plugin updated and tested !
Works on release 184
Local test doesn't work due to an issue with the PHP Session. Project need to be uploaded to test.

Manual update (for older version than 20 Oct. 2014)
Need only remove 1 line in file Construct 2\exporters\html5\plugins\ajaxrsa\runtime.js
remove line 116 :
Code: Select all
console.log(data_);
This line can cause a javascript crash with IE9 and older versions.

Download link remains the same : http://www.payondev.fr/projet/ajaxrsa/index.html
B
11
S
2
Posts: 7
Reputation: 1,223

Post » Fri Oct 31, 2014 5:30 pm

It doesn't work on cocoonjs android, but on ios fine for me. Is this because like you said, the local test? I am using the older version before 20 October.
B
19
S
5
G
2
Posts: 72
Reputation: 1,846

Post » Thu Nov 06, 2014 8:02 pm

I'm very new to this stuff. If i'm sending multiple requests, do i need to first do a get token and wait for that to complete for each request i want to make or can i use the last data from the last request?
B
5
S
1
Posts: 5
Reputation: 285

Post » Sun Nov 16, 2014 11:21 am

I'm not sure I understand. ^^
It is necessary to create a new token for each request.

If you want only one token for all your queries (not recommended but possible), just change the following lines in your PHP code:

Code: Select all
// Remove current token (expired or not)
unset($_SESSION['token'][$k]);

$expiration = explode("_", $arr_data['token']);
$delayToken = time() - $expiration[1];
become...
Code: Select all
// Remove current token (expired or not)
//unset($_SESSION['token'][$k]);

//$expiration = explode("_", $arr_data['token']);
$delayToken = 0;

Then you can do it :
Image
However, the interest of the token becomes much less interesting
B
11
S
2
Posts: 7
Reputation: 1,223

Post » Mon Nov 17, 2014 5:29 pm

Thank you for this useful plugin! @Shakalu

I have a question related with encryption methods. If our MySQL passwords are encrypted with other methods, this plugin works fine?
B
6
S
1
Posts: 22
Reputation: 483

Next

Return to Completed Addons

Who is online

Users browsing this forum: No registered users and 3 guests