Cryptographically secure secrets

[torralbaa]

Cryptographically secure secrets

Goal

One of the current goals of ModPi is to enable client authentication in multiplayer servers. This isn't currently implemented in its totallity. Currently the client sends a static, randomnly generated 32-bit token to the server in the 0x09 packet.

Requirements

• The client should send a cryptogtaphically secure token: At least 256 bits, generated used a strong hashing algorithm and applied to pseudo-random data, a snapshot of various client resources, and server's attributes (at least IP, port and name).
• Due to performance issues, this task should be completed without the introduction of new dependencies.

Status

• [x] Extension of 0x09 packet: Done.
• [ ] Token generation and saving: TODO.
• [ ] Token sendng: Not a requirement of this task.
• [ ] Token handling in server side: Not a requirement of this task.
• [ ] SSL encryption: See #3.

Related tasks

3 - SSL encryption

[nobody5050]

sorry if that wasn’t a typo...

[torralbaa]

Well, it was... So thanks! xD