Splash - A Simple Library

LordLambda · November 3, 2014, 11:53pm

What will Splash do?

Splash will be used as a library for multiple things.

The first thing Splash will provide is an extensive, and modular API for PRNG’s (Pseudo Random number generators), Compression, Hashing, and Encryption. With these components the goal is to only load what needs to be loaded so as to take up as little memory as possible. Along with implementing these API’s the goal is also to create IO managers that leverage the hashing, compression, etc. This is mainly a personal project, though something I’ve found I would have liked to had in Bukkit. The PRNG’s are mainly meant to provide alternatives that are generally better than java.util.Random, or generally faster than java.util.SecureRandom. (For example I really like the Yarrow PRNG), Compression/Encryption/Hashing are all meant to be concrete implementations for faster data storage, or protected data storage. Most of the time I’ve seen developers mess up Encryption/Hashing/Compression Schemes, this is meant to be a one stop shop for correct implementations that anyone can use, and anyone can add to.

How can I use it?

As this is a more of API’s rather than a core implementation the goal here is to provide things developers can use with relatively simple loading such as:

ComponentLoader cl = ComponentLoader.getLoader();
AES aes;
if(cl.isComponentLoaded("AES")) {
    aes = (AES) cl.getCompenent("AES");
}else {
    aes = cl.loadCompenent("AES");
}
aes.setKey("MyUberSecretKey");
String encrypted = aes.Encrypt("My String to Encrypt");
byte[] Encrypted = aes.encrypt(new byte[]{0, 1, 2});

This is just a sample aes encryption routine (default aes is AES128). Just as an example, and you can see how this will be expanded.

Problems:
I’ve always used fast asm for reflection, and such. Though as I want to keep this as a dependency free project, some faster reflection methods are greatly appreciated. (Also the code is quite ugly right now, so please forgive me for this first little bit when I don’t have much time to work on this).

What do you think?
Simply leave your comments on anything you would like to see Splash do, or if you have any suggestions. To Contribute simply submit a pull request on github, or poke around the little ugly part I have done. Thanks!

Edit: Github link

TBotV63 · November 5, 2014, 9:09pm

Definitely looks interesting. I may replace my own encryption modules depending how it turns out

jdersen · November 6, 2014, 12:17am

Cool, I think. Good luck with it, we’ll see if it actually gets made.

LordLambda · November 6, 2014, 12:43am

Thanks, yea all I really have to do is add in more algorithims, the file io, and get the reflection working faster, (and the source cleaned up).

@jdersen It’s being made technically you can use it in it’s current state.

ryantheleach · November 6, 2014, 11:11am

I’ve not ever touched upon encryption when modding minecraft, when is it useful?

I can understand compression, and hashing, but havn’t used either because my objects or data were never large enough to justify it.

A seeded PRNG might be useful, but Java has that…

When have you used these relating to Minecraft that you feel like it needs a library for sponge?

LordLambda · November 6, 2014, 12:39pm

I guess that’s just a difference of personal experiences then. I’ve used it more on the server management side. (True I’ve never used it on a Forge Mod). From encrypting the values in a database, or for encryption in flat file storage (for something like LogIt, etc.) I admit you may not have to load specific modules very often, but thats why the plugin will only load a module if you need to use it. Splash is more about giving a secure easy option.

Compression I’ve used quite religiously. I usually store lots of AI data, and such. So for me it would be useful there, and hashing again plugins like LogIt this could be useful for.

java.util.random isn’t cryptographically secure, and securerandom isn’t the best. I personally much rather prefer other PRNG’s (again usually for AI data). Again Splash is more about giving you the option. Hence why I’m going to have it load only what you need to load. Now I admit your free to use whatever you please, and you may see no need to Splash. Splash is meant just as a utility for developers, not so much as a mod on minecraft.

Thanks for your feedback.

ryantheleach · November 7, 2014, 2:13am

I probably sounded a little harsh but I was genuinely curious.

I understand that someone posting that they won’t use it shouldn’t influence you making it, only those saying that it would be helpful should.

Also by modding I was supposed to say plugin development, Just got my words confused.

LogIt is a good example I guess, since it is taking usernames and passwords. But if you are worried about the strength of the crypto numbers when minecraft chat is sent as plaintext (or is it gzipped?) …

I agree it needs to be somewhat secure however.

LordLambda · November 7, 2014, 2:21am

Nah I didn’t think it was harsh sorry if I came off defensive. I was generally trying to show experiences, and explain.

Nah It won’t influence the making I’ll make it if for no one else than me, though If you have an idea I’d be happy to hear about it.

Theoretically You could create a chat type component for this. Though again meant for for developers to use as they please.