This is a concept/idea. It isn't a request, so please don't take the project upon yourself.
I want to get a little feedback on an idea I've had. This idea is AESLoader.
AES stands for Advanced Encryption Standard, which is cryptography (encrypting and decrypting files).
Encryption is taking a regular file, and scrambling the data using a key. Then, someone else who has the key can unscramble, or decrypt, the file, and read it as normal.
AESLoader is to be a security system for minecraft. It would place itself before the Minecraft main class that the launcher loads, and instead of the launcher loading minecraft, it loads AESLoader.
AESLoader will consist of three main components:
-> AESCrypto: The main component of AESLoader. It decrypts the next components, verifies them and then launches them.
-> AESEngine: The component of AESLoader that performs the decryption of minecraft itself. It will decrypt the minecraft classes and run them, it also sends some required information to AESLoader.
-> AESLoader: The final component. It acts as a link to AESEngine for other mods, and it performs integrity checks on mods it loads. It also checks for any AESLoader specific mods and loads them before even MinecraftForge loads.
AESLoader's main task is to prevent unwanted and foreign java files (mods specifically) to modify minecraft. It allows control over what has access to modifying files, and controls what mod can access each other.
Modders can request custom signing certificates. These certificates will be recognized by AESLoader, and it will grant the mods with the certificates implanted in them access to more methods in AESLoader as well as AESEngine access, and a less-sandboxed environment.
Now, you may be thinking that if every mod switched it's dependencies to require AESLoader, you might need to do more work to simply play your mods. AESLoader will feature an API that mods can implement. The API will allow certificates to be read from the jar file of the mod, but at the same time, that mod can be used in an installation of minecraft that doesn't have AESLoader installed. The only downside to this method is that you cannot encrypt the mod itself, so it can be read and edited by any other mod, and it also won't have the primary loading benefits.
AESLoader for modders will be very simple. Modders will have their certificate alongside an executable file that they can run to encrypt their mod. It prepares the jar to be run by AESLoader, by encasing the certificate within it and encrypting it with the public modding key. This allows modders to make two mod jars very easily. One can be universal, and then they can run the executable on the jar to create an alternate AESLoader dependent mod.
There are several benefits to modding with AESLoader. The first benefit is the encryption on mods. The mod will be encrypted, which means nothing can read it without decrypting it first. It's a benefit because the mod needs to be loaded with AESLoader, and it cant be thrown in the pile of forge mods that need to be loaded by FML. The second benefit is primary loading. AESLoader will load it's mod before calling FMLs read from mods folder function. This allows mods to grab required resources before they can be modified by FML mods. Mods made with private certificates will get priority over mods without certificates. The third benefit is that mods loaded by AESLoader can have a method called before FMLs preinit method. It calls the AESInit method in the mod's main class file. The final benefit is that you can integrity check other mods. For example, if I made a mod that only wanted to interact with a version of EE3 made by Pahimar, not by anyone else, as long as Pahimar had his key inserted into EE3, I can integrity check it using AESLoader, and if it passes and returns that it is made by Pahimar, then I can continue with EE3 support. If Pahimar wants the example removed he may contact me and I will promptly remove it.
For users, AESLoader wont add anything to your minecraft installation other than security features. AESLoader is meant to protect against mods who change minecraft mechanics without option of removal and the changes are unwanted. AESLoader will come with a configuration file that will allow you to select mods that you want AESLoader to allow modification to minecraft. AESLoader is fully customizable and you can permit certain mods and disallow others.
Please leave constructive criticism. Don't post "This sucks." At least give reasons.
If Forge changes something and a mod tries to use something Forge patches It will crash because it doesn't exist anymore.
Mods that change how something works and another mod depends on that mods changes, Not allowing the first mod to do those will break the second one.
Also Encrypting mods that are open source seems quite pointless because any keys they use are now publicly visible, completely defeating the purpose.
Technically anyone who downloads the AESLoader code would have the ability to extract any keys or other functions they need to decrypt whatever it is encrypting.
The best way to combat mods that cheat is to create new mods that block what they do. We have good example of this as it is when modders get "Mad" or don't like something someone else might do. If you can download a mod you can decompile it and stop whatever they do. If that is the humane way or not depends on how the community takes it.
Edit: Not only will it add extra layers it will add extra loading time and slower computers will be affected greatly by this.
If Forge changes something and a mod tries to use something Forge patches It will crash because it doesn't exist anymore.
Mods that change how something works and another mod depends on that mods changes, Not allowing the first mod to do those will break the second one. AESLoader is separate from forge. It loads previously and shouldn't alter any methods.
Also Encrypting mods that are open source seems quite pointless because any keys they use are now publicly visible, completely defeating the purpose.
Technically anyone who downloads the AESLoader code would have the ability to extract any keys or other functions they need to decrypt whatever it is encrypting. The keys wouldn't be uploaded, because who uploads keys online? It completely defeats the purpose. The only part of AESLoader that would be open-source is the API, which contains only methods accessing higher level classes.
The best way to combat mods that cheat is to create new mods that block what they do. We have good example of this as it is when modders get "Mad" or don't like something someone else might do. If you can download a mod you can decompile it and stop whatever they do. If that is the humane way or not depends on how the community takes it. Even if you do manage to decompile AESLoader, you still cannot access the crypto engine, it's decrypted and integrity checked by AESCrypto upon loading.
Edit: Not only will it add extra layers it will add extra loading time and slower computers will be affected greatly by this. No Comment.
"AESLoader will load it's mod before calling FMLs read from mods folder function. This allows mods to grab required resources before they can be modified by FML mods. Mods made with private certificates will get priority over mods without certificates. The third benefit is that mods loaded by AESLoader can have a method called before FMLs preinit method."
As stated.
If a mod grabs anything before it is edited by another mod the first mod will crash. Whether it be Forge, Gregtech, IC2, Portalguns or any other mod.
"AESLoader is meant to protect against mods who change minecraft mechanics without option of removal and the changes are unwanted. AESLoader will come with a configuration file that will allow you to select mods that you want AESLoader to allow modification to minecraft. AESLoader is fully customizable and you can permit certain mods and disallow others."
If you are using a mod that changes a mechanic you are more than likely unable to "Disable" it unless they have that option inside the config.
Also if you are allowing/disallowing mods to modify minecraft why are you installing them anyway? When you add a mod you're agreeing to play with and accept what it gives. If you don't like it why keep it?
About the last edit.
Most people who play minecraft are kids or teens not all of them have disposable income to afford whatever computer they desire. As a community modders need to acknowledge them with lightweight mods or alternatives when possible. They wont want to see their favorite mod get encrypted and need all of this extra stuff.
Rollback Post to RevisionRollBack
Contact me via tweet (@Clay_corp) for even quicker responses!
--Snip--
As stated. If a mod grabs anything before it is edited by another mod the first mod will crash. Whether it be Forge, Gregtech, IC2, Portalguns or any other mod. --Snip--
If you are using a mod that changes a mechanic you are more than likely unable to "Disable" it unless they have that option inside the config. Also if you are allowing/disallowing mods to modify minecraft why are you installing them anyway? When you add a mod you're agreeing to play with and accept what it gives. If you don't like it why keep it? About the last edit. Most people who play minecraft are kids or teens not all of them have disposable income to afford whatever computer they desire. As a community modders need to acknowledge them with lightweight mods or alternatives when possible. They wont want to see their favorite mod get encrypted and need all of this extra stuff.
How does something loading before something else and grabbing content going to crash the other mod? For example, if GregTech loads before my mod and does a bunch of editing on variables I use in my mod, my mod doesn't crash. Instead, it just uses those edited variables (which could lead to problems depending on what was edited and how I am using it). If I use AESLoader to load my mod, it loads before GregTech, and I can do variable work with the unaltered variables.
For your second statement, I'm going to reference GregTech. It makes a ton of changes to lots of mods and even vanilla minecraft that not everyone is fond of. But, GregTech does add some cool stuff. Unfortunately, the worst of it's changes have no config option. If AESLoader is installed, it will restrict it's changes, but it will still load, with all changes to vanilla or any AESLoader mod disabled (or just removed completely) and its features are still there.
Your last statement involves how this will increase loading times. Most modern devices decrypt and integrity check some or most of their components, and if not decrypt they still integrity check them. They still load incredibly fast. If all it's doing is decrypting small class files and integrity checking them, it should go fairly quickly, and not add a large amount to loading times. Considering that minecraft classes rely on each other, most of these checks should be completed before the minecraft window appears, or a few seconds after.
I want to get a little feedback on an idea I've had. This idea is AESLoader.
AES stands for Advanced Encryption Standard, which is cryptography (encrypting and decrypting files).
Encryption is taking a regular file, and scrambling the data using a key. Then, someone else who has the key can unscramble, or decrypt, the file, and read it as normal.
AESLoader is to be a security system for minecraft. It would place itself before the Minecraft main class that the launcher loads, and instead of the launcher loading minecraft, it loads AESLoader.
AESLoader will consist of three main components:
-> AESCrypto: The main component of AESLoader. It decrypts the next components, verifies them and then launches them.
-> AESEngine: The component of AESLoader that performs the decryption of minecraft itself. It will decrypt the minecraft classes and run them, it also sends some required information to AESLoader.
-> AESLoader: The final component. It acts as a link to AESEngine for other mods, and it performs integrity checks on mods it loads. It also checks for any AESLoader specific mods and loads them before even MinecraftForge loads.
AESLoader's main task is to prevent unwanted and foreign java files (mods specifically) to modify minecraft. It allows control over what has access to modifying files, and controls what mod can access each other.
Modders can request custom signing certificates. These certificates will be recognized by AESLoader, and it will grant the mods with the certificates implanted in them access to more methods in AESLoader as well as AESEngine access, and a less-sandboxed environment.
Now, you may be thinking that if every mod switched it's dependencies to require AESLoader, you might need to do more work to simply play your mods. AESLoader will feature an API that mods can implement. The API will allow certificates to be read from the jar file of the mod, but at the same time, that mod can be used in an installation of minecraft that doesn't have AESLoader installed. The only downside to this method is that you cannot encrypt the mod itself, so it can be read and edited by any other mod, and it also won't have the primary loading benefits.
AESLoader for modders will be very simple. Modders will have their certificate alongside an executable file that they can run to encrypt their mod. It prepares the jar to be run by AESLoader, by encasing the certificate within it and encrypting it with the public modding key. This allows modders to make two mod jars very easily. One can be universal, and then they can run the executable on the jar to create an alternate AESLoader dependent mod.
There are several benefits to modding with AESLoader. The first benefit is the encryption on mods. The mod will be encrypted, which means nothing can read it without decrypting it first. It's a benefit because the mod needs to be loaded with AESLoader, and it cant be thrown in the pile of forge mods that need to be loaded by FML. The second benefit is primary loading. AESLoader will load it's mod before calling FMLs read from mods folder function. This allows mods to grab required resources before they can be modified by FML mods. Mods made with private certificates will get priority over mods without certificates. The third benefit is that mods loaded by AESLoader can have a method called before FMLs preinit method. It calls the AESInit method in the mod's main class file. The final benefit is that you can integrity check other mods. For example, if I made a mod that only wanted to interact with a version of EE3 made by Pahimar, not by anyone else, as long as Pahimar had his key inserted into EE3, I can integrity check it using AESLoader, and if it passes and returns that it is made by Pahimar, then I can continue with EE3 support. If Pahimar wants the example removed he may contact me and I will promptly remove it.
For users, AESLoader wont add anything to your minecraft installation other than security features. AESLoader is meant to protect against mods who change minecraft mechanics without option of removal and the changes are unwanted. AESLoader will come with a configuration file that will allow you to select mods that you want AESLoader to allow modification to minecraft. AESLoader is fully customizable and you can permit certain mods and disallow others.
Please leave constructive criticism. Don't post "This sucks." At least give reasons.
Click Here to view my WIP Mod!
Currently developing a Tech/Space mod. PM if you can/want to help!
If Forge changes something and a mod tries to use something Forge patches It will crash because it doesn't exist anymore.
Mods that change how something works and another mod depends on that mods changes, Not allowing the first mod to do those will break the second one.
Also Encrypting mods that are open source seems quite pointless because any keys they use are now publicly visible, completely defeating the purpose.
Technically anyone who downloads the AESLoader code would have the ability to extract any keys or other functions they need to decrypt whatever it is encrypting.
The best way to combat mods that cheat is to create new mods that block what they do. We have good example of this as it is when modders get "Mad" or don't like something someone else might do. If you can download a mod you can decompile it and stop whatever they do. If that is the humane way or not depends on how the community takes it.
Edit: Not only will it add extra layers it will add extra loading time and slower computers will be affected greatly by this.
Answers in bold.
Click Here to view my WIP Mod!
Currently developing a Tech/Space mod. PM if you can/want to help!
As stated.
If a mod grabs anything before it is edited by another mod the first mod will crash. Whether it be Forge, Gregtech, IC2, Portalguns or any other mod.
"AESLoader is meant to protect against mods who change minecraft mechanics without option of removal and the changes are unwanted. AESLoader will come with a configuration file that will allow you to select mods that you want AESLoader to allow modification to minecraft. AESLoader is fully customizable and you can permit certain mods and disallow others."
If you are using a mod that changes a mechanic you are more than likely unable to "Disable" it unless they have that option inside the config.
Also if you are allowing/disallowing mods to modify minecraft why are you installing them anyway? When you add a mod you're agreeing to play with and accept what it gives. If you don't like it why keep it?
About the last edit.
Most people who play minecraft are kids or teens not all of them have disposable income to afford whatever computer they desire. As a community modders need to acknowledge them with lightweight mods or alternatives when possible. They wont want to see their favorite mod get encrypted and need all of this extra stuff.
How does something loading before something else and grabbing content going to crash the other mod? For example, if GregTech loads before my mod and does a bunch of editing on variables I use in my mod, my mod doesn't crash. Instead, it just uses those edited variables (which could lead to problems depending on what was edited and how I am using it). If I use AESLoader to load my mod, it loads before GregTech, and I can do variable work with the unaltered variables.
For your second statement, I'm going to reference GregTech. It makes a ton of changes to lots of mods and even vanilla minecraft that not everyone is fond of. But, GregTech does add some cool stuff. Unfortunately, the worst of it's changes have no config option. If AESLoader is installed, it will restrict it's changes, but it will still load, with all changes to vanilla or any AESLoader mod disabled (or just removed completely) and its features are still there.
Your last statement involves how this will increase loading times. Most modern devices decrypt and integrity check some or most of their components, and if not decrypt they still integrity check them. They still load incredibly fast. If all it's doing is decrypting small class files and integrity checking them, it should go fairly quickly, and not add a large amount to loading times. Considering that minecraft classes rely on each other, most of these checks should be completed before the minecraft window appears, or a few seconds after.
Click Here to view my WIP Mod!
Currently developing a Tech/Space mod. PM if you can/want to help!