Password Server and Client System - ComputerCraft Forums (archive)

DaRc #1

DaRc's profile picture

9 posts

Location Southeasern Illinois

Posted 10 January 2013 - 10:18 PM

–NOTE–

I tried to post this earlier and I don't believe it's available. When I tried to search for it by the exact name it wouldn't show any contents so I am reposting in the hope it will finally show up. If it somehow posts twice, I apolgize in advance.

–Previous Message–

Morning everyone! I am still very new to ComputerCraft but am diving into it's depths pretty quick, trying to learn about as many of the API's as I can. I have watched hundreds of tutorials related to password coded door locks using CC 1.3 and CC 1.4. The basic password locks are kind of nice, but every once in a while I get a bit nervous about the security of my doors. Yesterday I build a completely automated Nuclear Reactor Facility (took me two weeks to plan it out and make it work right) xD, I placed a double Reinforced Stone Door with a computer coded lock. The lock is a multi variable lock that requires both a Username AND Password to match before the door will unlock. As previously noted… I'm kind of nervous about my doors, this facility required 60+ DIFFERENT parts to create and I would really hate to see somoeone break something expensive in there.

Here is what I would like to do:

Create a central server for storing/validating the username(s), password(s) entered through the client terminal connected to the door of the facility.

Allow 3 failed login attempts before completely disabling the terminal for 1 hour (86400 seconds).

I would like to maintin the current structure of the system in that, it still requires a match of BOTH variables to proceed through the the hall into the facility. Below is a copy of the current code running on that door. Please feel free to comment / corrent / suggest changes in the current design. ANY help with this project is MUCH appreciated. Thanks in advance.


--Disable Manual Termination
os.pullEvent = os.pullEventRaw
--Declare Variables
local username;
local password;
id = "Crysys";
key = "thewhiterabbit";
override= "6552180573395";
alarmSide = "back";
alarmTimeout = "3";
doorSide = "bottom";
doorTimeout = "5";
errorTimeout = "1";
delay = "1";
--Display Data Requests, Get Inputs
term.clear();
term.setCursorPos(1,1);
print("Nuclear Facility - Access Verification Required");
print("");
print("Username:");
term.setCursorPos(11,3);
username = read();
print("Password:");
term.setCursorPos(11,4);
password = read("*");
--Handle Inputs
if username == id and password == key then
term.clear();
term.setCursorPos(1,1);
print("Access Granted");
rs.setOutput(alarmSide, true);
sleep(alarmTimeout);
rs.setOutput(alarmSide, false);
sleep(delay);
rs.setOutput(doorSide, true);
sleep(doorTimeout);
rs.setOutput(doorSide, false);
os.reboot();
elseif username == id and password == override then
term.clear();
term.setCursorPos(1,1);
print("Maintanence Mode ENABLED");
print("");
else
print("Login FAILED");
sleep(errorTimeout);
os.reboot();
end

theoriginalbit #2

7508 posts

Location Australia

Posted 10 January 2013 - 10:28 PM

ok firstly if your going to be dealing with passwords and rednet sending of passwords, I suggest using a SHA256 or SHA512 hashing algorithm + salt to make the password unreadable and nearly unreversable. ( search for them in this forum, there are some good ones )

also as it stands your system can be terminated with ctrl + t, so I suggest that you look into the os.pullEventRaw function :)/>

EDIT: I also suggest that the computer that is at the doors not be the one that is in charge of opening the doors, as someone may then just destroy the computer and activate the redstone. PM if you want more details.

DaRc #3

DaRc's profile picture

9 posts

Location Southeasern Illinois

Posted 11 January 2013 - 05:21 AM


--Disable Manual Termination
os.pullEvent = os.pullEventRaw

This is the first lines of my code, in every example i have found this is all that is required to prevent a user form using the CTRL + T termination function. If I need to move the code for this, add more or change the way it operates please let me know and show me the changes required, it will be no trouble at all to make them.

As for the terminal that operates the doors, the above scripts is simply a temporary fix to allow me into the facility to put together the reactors and all the parts required for automation. I had already planned on taking all direct access to the system away from the client terminal as soon as a viable server was in place.

I am familiar with SHA256/512 hashes, I have a few systems at work that use them. However, I am not sure how to apply the same systems to CC 1.4. I am still very new to lua and CC itself. I will do a search for them ont he forums, however if you know of any that you would directly recommend, I will take note of them as well. I will never turn down recommendations of any kind.

I appreciate your quick response to my topic and all the information you have given me thus far. Thank you!

GravityScore #4

GravityScore's profile picture

799 posts

Location Land of Meh

Posted 11 January 2013 - 06:23 AM

I remember one of my first projects was a remote password system like this! It was fun to write.

Regarding the SHA-512/256, I don't think there is an implementation of the SHA-512 algorithm in Lua at all (at least, I couldn't find one while searching for it). You can use my SHA-256 from here. Basically, copy and paste the function into your code, then you can call it like:


needsEncoding = "hellothisisapassword"
encodingSalt = "thisiSaVerylArGe123123Saltfor yourencoding"
encodedString = sha256(needsEncoding .. encodingSalt)

The simplest way to do this is to have a server computer inside your facility that stores the encrypted password in a file. It has a program that is set to run on startup, which responds to Rednet requests to validate a passcode. Something like:


local f = io.open("/.password", "r")
local encryptedUser = f:read("*l")
local encryptedPass = f:read("*l")
f:close()

while true do
  local e, id, msg = os.pullEvent("rednet_message")
  local a = textutils.unserialize(msg)
  if a and a.request == "validate" then
	if a.passcode == encryptedPass and a.username == encryptedUser then
	  rednet.send(id, "true")
	else
	  rednet.send(id, "false")
	end
  end
end

Of course, you would need to have a file called .password that stores the encrypted password you would like to use.

Then on the doors, you could have a program set to run on startup that prompts the user for their username and password. It then sends it to the server computer and waits for a response. If the response is true then it opens the door, else it doesn't.

Something like:


-- I'm not going to bother writing the user interface part :P/>/>/>
local user = sha256("thisistheenteredusername")
local pass = sha256("thisistheenteredpassword")

rednet.send(SERVER_COMPUTER_ID_HERE, textutils.serialize({request = "validate", username = user, passcode = pass}))

while true do
  local id, msg = rednet.receive()
  if id == SERVER_COMPTUER_ID_HERE and msg == "true" then
	-- open the door!!!
	break
  elseif id == SERVER_COMPUTER_ID_HERE then
	-- tell the user THEY FAIL D:
	break
  end
end

Note: these 2 program examples do not include a salt

DaRc #5

DaRc's profile picture

9 posts

Location Southeasern Illinois

Posted 11 January 2013 - 06:44 AM

I should probably study up on my LUA quite a lot before I mess with this too much because to be honest, I don't quite grasp the way some of this works and I have a rule about coding… If i dont understand what each function of the code is for and how it works, I don't use it. Hey if I manage to break something when I put it together, I won't know how to fix it otherwise xD.

This is very helpful to see some examples on how this could work though! So far the server I am on is small enough that I don't have to worry about someone messing with this system, none of the other players really understands CC enouh to even write a password lock let alone hack them (yet), but eventually there will be someone who of course, knows how :/
.
Once agian thanks to everyone who is looking into / helping with this I really do appreciate it.

theoriginalbit #6

7508 posts

Location Australia

Posted 11 January 2013 - 10:48 AM

DaRc, on 11 January 2013 - 05:21 AM said:
--Disable Manual Termination
os.pullEvent = os.pullEventRaw
This is the first lines of my code, in every example i have found this is all that is required to prevent a user form using the CTRL + T termination function. If I need to move the code for this, add more or change the way it operates please let me know and show me the changes required, it will be no trouble at all to make them.

Sorry didn't even notice that sitting there…

but a bit of an explanation / tutorial / learning experience.

os.pullEvent() is a function that has a reference in memory.
os.pullEventRaw() is also a function that has a reference in memory.

now… os.pullEvent and os.pullEventRaw are pointers to where the function lies in memory. so when you do os.pullEvent = os.pullEventRaw what it actually does it changes the pointer for pullEvent to the same pointer for pullEventRaw… this means that calling os.pullEvent and os.pullEventRaw will now call the function os.pullEventRaw(), even after your program has terminated… so that means it is actually good habit to do this ( when you even need to override a system function)…


local oldPull = os.pullEvent
os.pullEvent = os.pullEventRaw
-- program code

-- at the very end
os.pullEvent = oldPull

hope this was helpful and you learnt something

DaRc #7

DaRc's profile picture

9 posts

Location Southeasern Illinois

Posted 11 January 2013 - 04:07 PM

I feel just a little odd aksing this, but I wanted to clarify and make sure I am doing it right. When you say "at the very end" do you mean after I end the if then statement, at the very end of the program itself?

theoriginalbit #8

7508 posts

Location Australia

Posted 11 January 2013 - 04:14 PM

DaRc, on 11 January 2013 - 04:07 PM said:
I feel just a little odd aksing this, but I wanted to clarify and make sure I am doing it right. When you say "at the very end" do you mean after I end the if then statement, at the very end of the program itself?

very end of the program.

DaRc #9

DaRc's profile picture

9 posts

Location Southeasern Illinois

Posted 12 January 2013 - 03:42 PM

Thank you for confirming that. I would rather have looked silly verifying where the line of code goes, rather than cause a huge issue with my program, and make a new post aksing for help with it. xD

theoriginalbit #10

7508 posts

Location Australia

Posted 12 January 2013 - 03:52 PM

DaRc, on 12 January 2013 - 03:42 PM said:
Thank you for confirming that. I would rather have looked silly verifying where the line of code goes, rather than cause a huge issue with my program, and make a new post aksing for help with it. xD

I didn't think it was silly at all… Most questions aren't silly, especially when they are to clarify something…

DaRc #11

DaRc's profile picture

9 posts

Location Southeasern Illinois

Posted 13 January 2013 - 07:59 AM

So, once again Im curious about something regarding passwords and CC 1.4. If I had a computer controlling multiple wirless transmitters to say a lighthouse a mass fabricator and a quary (for remote on/off) and I wanted to use the login based system I orginally posted BUT have the username(s) and passwords(s) stored in a seperate file but ont he same system, AND have multiple accounts, would that be very difficult? I'm not yet sure how to pull data from another file yet.