Jump to content




VeriCode - Easy code signing for ComputerCraft

api

  • You cannot reply to this topic
No replies to this topic

#1 JackMacWindows

  • Members
  • 24 posts

Posted 20 February 2021 - 11:34 PM

After seeing a number of people running raw code received over Rednet, I decided to make a code signing library that attempts to make it easy enough to add code signing that a beginner could do it. Introducing VeriCode, a simple library that allows you to sign, send, receive, and verify Lua scripts over Rednet or on disk. All that's required is to generate a keypair, add the public key to the client computer(s), load the key files, and then send/receive just like through the normal rednet API. You can also use the plain dump/load functions to use your own destination, such as a file. A simple receiver can be written in as few as three lines. The functions provided are very simple, and most of them mirror pre-existing function syntax to keep the entry barrier low. More instructions documentation, and an example are available in the source code. You can get it at https://gist.github....a028abd615e8750 (or for Pastebin plebs, it's at Ptq5vRvp + ZGJGBJdg as ecc.lua). (Requires CC:T 1.91.0 or later.)

Do note that there are no mechanisms to avoid replay attacks at the moment, so attackers could re-send messages that are listened to. If this is a concern, I'd recommend handling that in your own send/receive functions.

Edited by JackMacWindows, 20 February 2021 - 11:36 PM.






1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users