****** Whirlpool help - Printable Version
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: ****** Whirlpool help (/showthread.php?tid=364649)
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: ****** Whirlpool help (/showthread.php?tid=364649)
****** Whirlpool help - phillip875 - 31.07.2012
I've tried to make a login and registration system using ******'s whirlpool.
The registration part works fine, but I am having problems with the login.
If anyone can see what I am doing wrong and can give me a solution, I would be very grateful:
pawn Код:
case DLG_LOGIN:
{
if(response == 1)
{
new encpass[129],stored[129];
GetPlayerName(playerid,pName,sizeof(pName));
format(pFile,sizeof(pFile),"Users/%s.txt",pName);
DOF2_GetStringEx(pFile,"password",stored,sizeof(stored));
WP_Hash(encpass,sizeof(encpass),inputtext);
if(strcmp(stored, inputtext,true) && strcmp(stored, encpass, true))
{
ShowPlayerDialog(playerid,DLG_LOGIN,DIALOG_STYLE_PASSWORD,"Galaxy RPG - Login","You entered your password incorrectly.\nPlease enter your password to login:","Login","Cancel");
return 1;
}
else
{
LoadPlayerStats(playerid);
return 1;
}
}
if(response == 0)
{
ShowPlayerDialog(playerid,DLG_LOGREGQUIT,0,"Quit","You have cancelled your login.","Ok","");
Kick(playerid);
return 1;
}
}
Re: ****** Whirlpool help - Cjgogo - 31.07.2012
pawn Код:
case DLG_LOGIN:
{
if(response == 1)
{
new encpass[129],stored[129];
GetPlayerName(playerid,pName,sizeof(pName));
format(pFile,sizeof(pFile),"Users/%s.txt",pName);
DOF2_GetStringEx(pFile,"password",stored,sizeof(stored));
WP_Hash(encpass,sizeof(encpass),inputtext);
if(!strcmp(encpass,stored))
{
LoadPlayerStats(playerid);
return 1;
}
else
{
ShowPlayerDialog(playerid,DLG_LOGIN,DIALOG_STYLE_PASSWORD,"Galaxy RPG - Login","You entered your password incorrectly.\nPlease enter your password to login:","Login","Cancel");
return 1;
}
}
if(response == 0)
{
ShowPlayerDialog(playerid,DLG_LOGREGQUIT,0,"Quit","You have cancelled your login.","Ok","");
Kick(playerid);
return 1;
}
}
Re: ****** Whirlpool help - phillip875 - 31.07.2012
Well, now I have the problem that when I enter my password correctly, it keeps on saying wrong password..
Re: ****** Whirlpool help - phillip875 - 31.07.2012
Well, I mean it loads the stats... but keeps on showing incorrect password
Re: ****** Whirlpool help - Cjgogo - 31.07.2012
Try without the "return 1's",I mean like:
pawn Код:
case DLG_LOGIN:
{
if(response == 1)
{
new encpass[129],stored[129];
GetPlayerName(playerid,pName,sizeof(pName));
format(pFile,sizeof(pFile),"Users/%s.txt",pName);
DOF2_GetStringEx(pFile,"password",stored,sizeof(stored));
WP_Hash(encpass,sizeof(encpass),inputtext);
if(!strcmp(encpass,stored))
{
LoadPlayerStats(playerid);
}
else
{
ShowPlayerDialog(playerid,DLG_LOGIN,DIALOG_STYLE_PASSWORD,"Galaxy RPG - Login","You entered your password incorrectly.\nPlease enter your password to login:","Login","Cancel");
}
}
if(response == 0)
{
ShowPlayerDialog(playerid,DLG_LOGREGQUIT,0,"Quit","You have cancelled your login.","Ok","");
Kick(playerid);
}
}
Re: ****** Whirlpool help - phillip875 - 31.07.2012
Still the same, just tested.
Re: ****** Whirlpool help - DeathOnaStick - 31.07.2012
The "return 1;"'s were good where they were, because that was the point where the procedure shall end. I'd leave them there.
Taking a look at the main problem now.
#Update#: Is there any reason why you are using an array with the size of 129?
The real Whirlpool-Hashfunction actually produces a 512bit hash. If you shorten it (and you do that at the moment) it's possible that you have collisions (which means one hash has many passwords that fit).
Probably this is also what bugs, but I doubt it. Just wanted to tell you this, I guess this is an important point in the security of this hash function. You should always use a 512-bit string if you work with Whirlpool.
Re: ****** Whirlpool help - phillip875 - 31.07.2012
I changed it to 512 and still get the same problem
Re: ****** Whirlpool help - BrandyPenguin - 31.07.2012
Quote:
|
Originally Posted by DeathOnaStick
#Update#: Is there any reason why you are using an array with the size of 129?
|
Quote:
|
Originally Posted by ******@ Whirlpool Thread
To use simply call the function, passing a buffer of at least 129 characters, the size of that buffer and the string you want to hash. This used to say 145 but I have no idea why! You need 128 for the hash and 1 for the NULL terminator
|
Re: ****** Whirlpool help - DeathOnaStick - 31.07.2012
Quote:
|
Originally Posted by BrandyPenguin
#Update#: Is there any reason why you are using an array with the size of 129?
I quote Whirlpool plugin thread: Anyway back to the topic here - Try checking if it get called twice (debug prints.) |
+rep