Bonsai Posted February 9, 2014 Share Posted February 9, 2014 Hey, I created a pretty good working map loader, but at the moment players have to download the whole map on map start, even if they already have the required files. I want players only to download the files they really need. But to prevent broken or manipulated files, I need to check if the file in the clients cache is actually the same as on server. I thought about using fileExists and if its existing, hashing the content and check if the hash is equal to the one of the servers file. Is that a good way to get this done, or is there any better option? Bonsai Link to comment
myonlake Posted February 9, 2014 Share Posted February 9, 2014 Hashing is a way, yes. You can also do an additional file match check by reading the bytes and matching them together. Hashing is the usual way, and MTA uses CRC32 for the automatically downloaded files. Keep this in mind (quote from CRC Wikipedia article): Firstly, as there is no authentication, an attacker can edit a message and recompute the CRC without the substitution being detected. When stored alongside the data, CRCs and cryptographic hash functions by themselves do not protect against intentional modification of data. Any application that requires protection against such attacks must use cryptographic authentication mechanisms, such as message authentication codes or digital signatures (which are commonly based on cryptographic hash functions).Secondly, unlike cryptographic hash functions, CRC is an easily reversible function, which makes it unsuitable for use in digital signatures. Thirdly, CRC is a linear function with a property that \operatorname {crc}(x\oplus y)=\operatorname {crc}(x)\oplus \operatorname {crc}(y); as a result, even if the CRC is encrypted with a stream cipher (or mode of block cipher which effectively turns it into a stream cipher, such as OFB or CFB), both the message and the associated CRC can be manipulated without knowledge of the encryption key; this was one of the well-known design flaws of the Wired Equivalent Privacy (WEP) protocol. Link to comment
Bonsai Posted February 10, 2014 Author Share Posted February 10, 2014 Alright, thank you. I'll think if it's worth the effort. Current situation isn't that bad, just people with high pings get problems. Bonsai Link to comment
ixjf Posted February 10, 2014 Share Posted February 10, 2014 Since there is no implementation of the cyclic redundancy check (CRC) algorithm available through the scripting API, you might try md5 instead. Link to comment
Bonsai Posted February 11, 2014 Author Share Posted February 11, 2014 I spend a little time on trying to get this done, and now it works perfectly. I used md5 and so far no problems occurred. Thank you guys. Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now