Amazon GameOn and OpenSSL

Solar2D General Questions/Discussion
#1

I am trying to get GameOn working from Corona.

https://developer.amazon.com/gameon

The first step is to register a user by signing a key provided with the users public key. In other implementations of openSSL I am able to do this with the pkeyutl. I can’t find this particular call either in the documentation, the forums or the sample on github.

If you know of any other way to encrypt with an RSA public key outside of openssl within Corona, I will also take that.

#2

Hi,

How are you currently generating the Client Public Key and Client Private Key?

Leave it to Amazon to keep it simple…

-dev

#3

Hi,

Lots of docs here, this might be helpful http://zhaozg.github.io/lua-openssl/modules/pkey.html#sign

-dev

#4

To generate the private/public key:

local openssl = require( "plugin.openssl" ) local keyPair = openssl.pkey\_new('rsa' ,1024, 0x10001) local privateKey = keyPair:export() local publicKey = keyPair:export( true, false )

I am currently using Skillz for sixteen dots (the game and Skillz has not been very popular).

http://corp.skillz.com/

I might just build for html and use the javascript library that seems to have all the necessary functions.

https://github.com/digitalbazaar/forge

Thank you for the link. I’ll take a look.

#5

So I looked at the link you provided and yes that library has the encrypt and decrypt function for pkey:

encrypt (key, data, string)

decrypt (key, data, string)

Those functions don’t exist at least not as subfunctions of pkey since the library doesn’t even have pkey. This is what I get when I serialize the library to json. pkcs7_encrypt might do the trick since the format Amazon expects is similar, but I can’t figure out the parameters of that function.

"pkcs12\_export":"\<type 'function' is not supported by JSON.\>", "pkcs12\_read":"\<type 'function' is not supported by JSON.\>", "pkcs7\_decrypt":"\<type 'function' is not supported by JSON.\>", "pkcs7\_encrypt":"\<type 'function' is not supported by JSON.\>", "pkcs7\_read":"\<type 'function' is not supported by JSON.\>", "pkcs7\_sign":"\<type 'function' is not supported by JSON.\>", "pkcs7\_verify":"\<type 'function' is not supported by JSON.\>", "pkey\_new":"\<type 'function' is not supported by JSON.\>", "pkey\_read":"\<type 'function' is not supported by JSON.\>"

Anyway Dev, I appreciate a lot you looking for that link for me. Thank you.

#6

Hi,

Not sure if this gives any clues (and you’ve probably already seen it), but in this example https://github.com/coronalabs/plugins-sample-openssl/blob/master/General/main.lua starting at line 180 has some interesting stuff.

 -- create a rsa private key local pkey = openssl.pkey\_new('rsa' ,1024, 0x10001) print('is\_private:',pkey:is\_private()) if (pkey:is\_private()) then --dump public key local pub = pkey:export( true, --only public false --not raw format ) print("Encoded public key is:") print(pub) pub = openssl.pkey\_read(pub) print("object public key is:",pub)

-dev

#7

Yes, I saw that also. The example goes as far as my code goes (and was the source for most of my code). I feel like the library has the functionality it is just that it isn’t documented anywhere. If I can just figure out the parameters the pkcs encrypt function. I think it would work:

PKCS #7 1.5 Cryptographic Message Syntax Standard[5] See RFC 2315. Used to sign and/or encrypt messages under a PKI. Used also for certificate dissemination (for instance as a response to a PKCS #10 message). Formed the basis for S/MIME, which is as of 2010 based on RFC 5652, an updated Cryptographic Message Syntax Standard (CMS). Often used for single sign-on.

#8

I stand corrected. PKCS#7 is not going to work. I just found the man for it:

PKCS7 \*PKCS7\_encrypt(STACK\_OF(X509) \*certs, BIO \*in, const EVP\_CIPHER \*cipher, int flags);

What I need is the equivalent of this in lua:

$ openssl rsautl -encrypt -inkey public.pem -pubin -in file.txt -out encryptedFile.txt

The same task is done in Forge:

// encrypt data with a public key (defaults to RSAES PKCS#1 v1.5) var encrypted = publicKey.encrypt(bytes);
#9

Hi,

How are you currently generating the Client Public Key and Client Private Key?

Leave it to Amazon to keep it simple…

-dev

#10

Hi,

Lots of docs here, this might be helpful http://zhaozg.github.io/lua-openssl/modules/pkey.html#sign

-dev

#11

To generate the private/public key:

local openssl = require( "plugin.openssl" ) local keyPair = openssl.pkey\_new('rsa' ,1024, 0x10001) local privateKey = keyPair:export() local publicKey = keyPair:export( true, false )

I am currently using Skillz for sixteen dots (the game and Skillz has not been very popular).

http://corp.skillz.com/

I might just build for html and use the javascript library that seems to have all the necessary functions.

https://github.com/digitalbazaar/forge

Thank you for the link. I’ll take a look.

#12

So I looked at the link you provided and yes that library has the encrypt and decrypt function for pkey:

encrypt (key, data, string)

decrypt (key, data, string)

Those functions don’t exist at least not as subfunctions of pkey since the library doesn’t even have pkey. This is what I get when I serialize the library to json. pkcs7_encrypt might do the trick since the format Amazon expects is similar, but I can’t figure out the parameters of that function.

"pkcs12\_export":"\<type 'function' is not supported by JSON.\>", "pkcs12\_read":"\<type 'function' is not supported by JSON.\>", "pkcs7\_decrypt":"\<type 'function' is not supported by JSON.\>", "pkcs7\_encrypt":"\<type 'function' is not supported by JSON.\>", "pkcs7\_read":"\<type 'function' is not supported by JSON.\>", "pkcs7\_sign":"\<type 'function' is not supported by JSON.\>", "pkcs7\_verify":"\<type 'function' is not supported by JSON.\>", "pkey\_new":"\<type 'function' is not supported by JSON.\>", "pkey\_read":"\<type 'function' is not supported by JSON.\>"

Anyway Dev, I appreciate a lot you looking for that link for me. Thank you.

#13

Hi,

Not sure if this gives any clues (and you’ve probably already seen it), but in this example https://github.com/coronalabs/plugins-sample-openssl/blob/master/General/main.lua starting at line 180 has some interesting stuff.

 -- create a rsa private key local pkey = openssl.pkey\_new('rsa' ,1024, 0x10001) print('is\_private:',pkey:is\_private()) if (pkey:is\_private()) then --dump public key local pub = pkey:export( true, --only public false --not raw format ) print("Encoded public key is:") print(pub) pub = openssl.pkey\_read(pub) print("object public key is:",pub)

-dev

#14

Yes, I saw that also. The example goes as far as my code goes (and was the source for most of my code). I feel like the library has the functionality it is just that it isn’t documented anywhere. If I can just figure out the parameters the pkcs encrypt function. I think it would work:

PKCS #7 1.5 Cryptographic Message Syntax Standard[5] See RFC 2315. Used to sign and/or encrypt messages under a PKI. Used also for certificate dissemination (for instance as a response to a PKCS #10 message). Formed the basis for S/MIME, which is as of 2010 based on RFC 5652, an updated Cryptographic Message Syntax Standard (CMS). Often used for single sign-on.

#15

I stand corrected. PKCS#7 is not going to work. I just found the man for it:

PKCS7 \*PKCS7\_encrypt(STACK\_OF(X509) \*certs, BIO \*in, const EVP\_CIPHER \*cipher, int flags);

What I need is the equivalent of this in lua:

$ openssl rsautl -encrypt -inkey public.pem -pubin -in file.txt -out encryptedFile.txt

The same task is done in Forge:

// encrypt data with a public key (defaults to RSAES PKCS#1 v1.5) var encrypted = publicKey.encrypt(bytes);