-
Listen to a special audio message from Bill Roper to the Hive Workshop community (Bill is a former Vice President of Blizzard Entertainment, Producer, Designer, Musician, Voice Actor) 🔗Click here to hear his message!
-
Read Evilhog's interview with Gregory Alper, the original composer of the music for WarCraft: Orcs & Humans 🔗Click here to read the full interview.
[Snippet] MD5
- Joined
- Dec 12, 2008
- Messages
- 7,385
Approved.
- Joined
- Jul 10, 2007
- Messages
- 6,306
This is not a system
if you're going to change the title, please either do [Snippet] or [Cryptographic Hash]
if you're going to change the title, please either do [Snippet] or [Cryptographic Hash]
- Joined
- Dec 12, 2008
- Messages
- 7,385
- Joined
- Mar 19, 2010
- Messages
- 870
@Nestharus: You've create lot of snippets like that but i've no idea to use them. Who need that code and the bettter question, for what?
- Joined
- Dec 12, 2008
- Messages
- 7,385
This MD5 snippet was made to be used with File I/O and Network to make a secure codeless save/load system.
- Joined
- Mar 19, 2010
- Messages
- 870
ok, thank you.
- Joined
- Nov 24, 2012
- Messages
- 218
So correct me if I'm wrong, but the File I/O and Network will create a text file in a wc3 directory folder that has the save/load code in it, which can then be automatically pulled out upon next game for auto-load?
Then, this snippet does what exactly that can be useful?
I guess it would turn the load code into a jumbo of ...(one sec let me wiki this),
128-bit (16-byte) hash values?
Although, a load code is already encrypted so I don't get it, is this just for double layered security? (or triple/quad layer adding in your scrambler and such?)
But, I don't know why anyone would edit a load code value directly or generate one because most people would use a hacked map instead of cracking a save/load key. All I can imagine is this will stop a code generator from being created.
Then, this snippet does what exactly that can be useful?
I guess it would turn the load code into a jumbo of ...(one sec let me wiki this),
128-bit (16-byte) hash values?
Although, a load code is already encrypted so I don't get it, is this just for double layered security? (or triple/quad layer adding in your scrambler and such?)
But, I don't know why anyone would edit a load code value directly or generate one because most people would use a hacked map instead of cracking a save/load key. All I can imagine is this will stop a code generator from being created.
- Joined
- Jul 10, 2007
- Messages
- 6,306
HesitationSnow, you don't seem to understand this very well ; ).
File I/O only reads/writes strings to files, nothing more, nothing less. You can do like file.write("Hello World") and then later read that line back.
Network just synchronizes integers from one machine to every other machine in the game. If you had done file.wriet("12345") and then read it back out and used S2I, you could synchronize it to the other players in the game.
With this, basic save/load is achieved.
BitInt is used to put the values together into a long sequence of bits. This compresses the information and speeds up synchronization. This also makes encryption and hashing possible. BitInt has nothing to do with File I/O or Network. BitInt, File I/O, and Network are 3 unrelated separate resources, but used together, they can do some pretty awesome things.
Have I said anything about encryption yet? Nop.
AES is used to encrypt a sequence of exactly 128 bits. It takes a 4x4 matrix of bytes, which is 128 bits. You can read bytes out of BitInt and fill up the matrix, and then from there, pass it into AES. AES also takes a cipher, which is another set of 128 bits. This is where encryption is done.
Encryption != data validation. If a player tampers with the data, there is no way to know. Encryption just makes it so that they don't know what they are doing ; p.
Hashing, like MD5, is a way to validate the data. MD5 takes a set of bits of any length and then generates a 128 bit hash (yet another BitInt). This hash is returned. The hash can then be appended to the data and written to a file. From here, upon load, hash can be retrieved, then a new hash can be generated using the original data. If the new hash doesn't match the hash that was stored, the data was tampered with. That is the use of hashes.
More than likely, you will not need encryption for your maps, just MD5, as 99.99% of players will not be able to get through the MD5, lol.
File I/O only reads/writes strings to files, nothing more, nothing less. You can do like file.write("Hello World") and then later read that line back.
Network just synchronizes integers from one machine to every other machine in the game. If you had done file.wriet("12345") and then read it back out and used S2I, you could synchronize it to the other players in the game.
With this, basic save/load is achieved.
BitInt is used to put the values together into a long sequence of bits. This compresses the information and speeds up synchronization. This also makes encryption and hashing possible. BitInt has nothing to do with File I/O or Network. BitInt, File I/O, and Network are 3 unrelated separate resources, but used together, they can do some pretty awesome things.
Have I said anything about encryption yet? Nop.
AES is used to encrypt a sequence of exactly 128 bits. It takes a 4x4 matrix of bytes, which is 128 bits. You can read bytes out of BitInt and fill up the matrix, and then from there, pass it into AES. AES also takes a cipher, which is another set of 128 bits. This is where encryption is done.
Encryption != data validation. If a player tampers with the data, there is no way to know. Encryption just makes it so that they don't know what they are doing ; p.
Hashing, like MD5, is a way to validate the data. MD5 takes a set of bits of any length and then generates a 128 bit hash (yet another BitInt). This hash is returned. The hash can then be appended to the data and written to a file. From here, upon load, hash can be retrieved, then a new hash can be generated using the original data. If the new hash doesn't match the hash that was stored, the data was tampered with. That is the use of hashes.
More than likely, you will not need encryption for your maps, just MD5, as 99.99% of players will not be able to get through the MD5, lol.
- Joined
- Nov 24, 2012
- Messages
- 218
Wow, okay. I'll try to understand more of that later lmao.
I think I'll just assume that this snippet is capable of validating a load code!
You said encryption may not be necessary for my maps, but what if someone were to open the map, add a trigger that when he presses esc, he gets maxed out gold? Wouldn't he be able to save that value and get it validated on next game?
I think I'll just assume that this snippet is capable of validating a load code!
You said encryption may not be necessary for my maps, but what if someone were to open the map, add a trigger that when he presses esc, he gets maxed out gold? Wouldn't he be able to save that value and get it validated on next game?
- Joined
- Jul 10, 2007
- Messages
- 6,306
Encryption wouldn't save the map either in that case then lol
- Joined
- Nov 24, 2012
- Messages
- 218
Ahh 
! So... basically your snippets will allow for an impenetrable, super encrypted and untamperable save/load codes, which will destroy any hope of a cheat code generator program which is what happened to several wc3 rpg maps. But nothing can stop someone from going into the map and adding an evil cheat trigger?!
! So... basically your snippets will allow for an impenetrable, super encrypted and untamperable save/load codes, which will destroy any hope of a cheat code generator program which is what happened to several wc3 rpg maps. But nothing can stop someone from going into the map and adding an evil cheat trigger?!
- Joined
- Jul 10, 2007
- Messages
- 6,306
not impenetrable, but yea
- Joined
- Nov 24, 2012
- Messages
- 218
MMk, well Very nice snippet. +rep, dunno if I'll ever use considering I don't really understand it but as always good work.
A little off topic, but do you personally use your own codes?
Also, is there some sort of function that could somehow get the file size of a map in bytes? I could imagine putting a filesize constant as a requirement inside a save/load code and thus maps tampered with that have different filesize will spit out an invalid load.
If not, is it possible to somehow check how many lines of code there is in a map ? using vJass code I mean.
Very nice snippet. +rep, dunno if I'll ever use considering I don't really understand it but as always good work. A little off topic, but do you personally use your own codes?
Also, is there some sort of function that could somehow get the file size of a map in bytes? I could imagine putting a filesize constant as a requirement inside a save/load code and thus maps tampered with that have different filesize will spit out an invalid load
.If not, is it possible to somehow check how many lines of code there is in a map ? using vJass code I mean.
Last edited:
- Joined
- Jun 10, 2008
- Messages
- 4
how do you use jass in worldedit?
- Joined
- Nov 24, 2012
- Messages
- 218
Haha. This is definitely the best place to ask that question.
Just cuz I started getting a bit offtopic don't mean u do it too!
Hosted Project GR
- Joined
- Sep 17, 2009
- Messages
- 7,236
Is it possible to use this to secure a map against cheatpacks?
I was thinking of using the method handlecounters use to somehow create a checksum of triggers in the map (assuming there are no triggers dynamically created on map init before the creation of the checksum).
The checksum can then be applied to the savecode.
If a trigger was added or removed, the checksum changes, changing the value stored to the savecode. If that happens, I have the opportunity to prevent the player from loading the code into the unmodified map (I can not prevent him from loading in the modified map, but I can at least be sure he won't bother other players hosting the unmodified map, as the checksums will not match).
I was thinking of using the method handlecounters use to somehow create a checksum of triggers in the map (assuming there are no triggers dynamically created on map init before the creation of the checksum).
The checksum can then be applied to the savecode.
If a trigger was added or removed, the checksum changes, changing the value stored to the savecode. If that happens, I have the opportunity to prevent the player from loading the code into the unmodified map (I can not prevent him from loading in the modified map, but I can at least be sure he won't bother other players hosting the unmodified map, as the checksums will not match).
- Joined
- Jun 26, 2013
- Messages
- 49
Secure system on interpreted language, which source and all traffic goes through your machine?
- Joined
- Jul 10, 2007
- Messages
- 6,306
