Jump to content

Message vaildation system


Madpeter Zond
 Share

You are about to reply to a thread that has been inactive for 2985 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

while encription can be done it uses up alot of space within a script and without being able to include library scripts in secondlife message vaildation is much easyer to do here is a basic example.

 

string system_code_break = "^*^"; // breaks the raw message and the vaildation code apart
string system_pass_code = "democode"; // used to help randomize the vaildation code a bit more
integer system_pass_number = 2323; // used to help randomize the vaildation code a bit more

integer system_allowed_time_offset = 3; 
// default: 3
// min: 0
// higher=less safe but better deals with SL lag
// lower = safer but any lag will lead to lost messages

integer vaildatemessage(string message,string vaildationcode)
{
    integer loop = 0;
    integer now = llGetUnixTime();
    integer vaild = FALSE;
    while((loop <= system_allowed_time_offset) && (vaild == FALSE))
    {
        string testcode = llMD5String(message+system_pass_code,(now+system_pass_number)-loop);
        if(testcode == vaildationcode) vaild = TRUE;
        loop++;    
    }  
    return vaild;
}
say_vaildated_message(integer channel,string message)
{
    message = message+system_code_break+llMD5String(message+system_pass_code,llGetUnixTime()+system_pass_number);
    llRegionSay(channel,message);      
}

default
{
    state_entry()
    {
        llListen(1,"","","");
    }
    touch_end(integer a)
    {
        say_vaildated_message(1,"I was touched by "+llDetectedName(0)+"");     
    }
    listen(integer channel,string name,key id,string message)
    {
        list data_split = llParseString2List(message,[system_code_break],[""]);
        if(llGetListLength(data_split) == 2)
        {
            string raw_message = llList2String(data_split,0);
            if(vaildatemessage(raw_message,llList2String(data_split,1)))
            {
                llOwnerSay((string)id+" says:"+raw_message);
            }
            else
            {
               llOwnerSay((string)id+" message is invaild");
            }
        }
    }

}
- feel free to improve or replace this.
  • Like 1
Link to comment
Share on other sites

There's an easier way to do this, with a nonce and a secret passphrase that both receiver and sender know.

To send:

string sKeyPhrase="The More The Merrier!"; string sDelimiter="|"; RegionSayValidated(integer iChan, string sMsg) { // This is a bit of a lazy way to create a nonce but... ~shrugs~ string sNonce=llSHA1String((string)llFrand(1000000)); llRegionSay(sChan,sNonce+sDelimiter+llSHA1String(sNonce+sKeyPhrase)+sDelimiter+sMsg); }

Decoding is similar... you use the passed nonce, run the same llSHA1String(sNonce+sKeyPhrase) and compare it to the passed encrypted token. If it matches, the message is authentic.

This code would only be useful for communication between objects owned by different people. Otherwise, it's far faster to just verify the sending objects owner.

Edit: Frack, forgot to mention: Don't use MD5, use SHA1 instead.

Edit2: Forget that code snippet above... while it works, it's susceptible to replay attacks. Use the OPs code instead, but replace MD5 with SHA1. I really should refrain from posting when not fully awake.

Link to comment
Share on other sites

  • 4 years later...
You are about to reply to a thread that has been inactive for 2985 days.

Please take a moment to consider if this thread is worth bumping.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share

×
×
  • Create New...