Jump to content
  • Advertisement


  • Content Count

  • Joined

  • Last visited

Everything posted by WebsiteWill

  1. WebsiteWill

    WPF And Icon Management

    Ok, fair enough for that but what about having to declare an image for each resource during runtime? I'd rather be able to load 1 large image and have buttons/controls index into just a small part of that image, (ala game UIs), as opposed to creating an image in memory for every .bmp, .png, etc., needed by my application, unless it's not worth it. I'm actually trying to figure out how do accomplish this in WPF so I can run some performance tests. I've looked at the CroppedBitmap in WPF but it's just creating another image instance in memory from a specified part of the source. I've also looked at Image.Clip and while it accomplishes a small part of the goal there doesn't seem to be a way to apply multiple Image.Clips to the same image because of the way the master image is handled. Any other ideas? Thanks, Webby
  2. Hello all: I'm working on a WPF application that has a lot of icons at it's disposal and it occurred to me that maybe a practice used in game development would help. From what I've seen in game dev a UI utilizes one (or a couple) images that store the various icons. Then it's up to the game UI so determine what region in the image is used for a given button. Well, I'd like to extend that to a WPF app but I'm having a bit of difficulty. Also, before I go too much farther with this idea. Do you think it's worth it? I could design each icon in a vector format and then they would resize perfectly no problem. I'm just concerned about performance once hundreds of these icons are available in the system. Is this even a cause for concern in a windows app? I know in a game UI this could result in a big performance gain since you don't have to switch the texture for each button. So I was thinking a similar gain could be had in WPF. Thanks for any input, Webby
  3. WebsiteWill

    The 3ds max SDK and index buffers

    You would be much better off asking this question on one of the forums specifically for 3D Studio Max. Just Google for 3D Studio Max Forum and you will get a ton of results. --Webby
  4. Hello all: Has anyone had trouble with Windows Vista(64) not displaying a certificate installed to the personal store? I've created a certificate with MakeCert and when I try to install it to the MY (Personal) store I get a success message but it doesn't actualy appear in CertMgr. In some C# code I can instantiate an X509Store and with the right settings I can actually see that the certificate is there, however, it's an invalid cert (only shows in the collection is I pass a parameter to show ALL certs, not just valid certs). Furthermore, if I double click the cert and Install it from there using the default settings recommended the certificate actually does show up in CertMgr, except it's under the Intermediate Certification Authorities tab. I've tested this same method on a Windows XP box and it shows up in my personal store as it should. I'm an administrator on the Vista box (thought this is my first week with Vista so I'm most likely just missing some silly step here). Any thoughts? Thanks, Webby
  5. Nevermind, found my own answer. http://www.derkeiler.com/Newsgroups/microsoft.public.platformsdk.security/2003-10/0276.html Turns out the cert won't show up in CertMgr unless there is a private key associated with it. Webby
  6. WebsiteWill

    Authentication Algorithm

    Ok guys. Thanks a bunch. I think I've got the information I need to give this a pretty good implementation effort. <Unrelated to topic> Right now I'm trying to recover the last 3 weeks of my work while reinstalling everything I need. I've been generally lax when it comes to backing up my work (about once a month). My hard drive is still entact but the new PC is SATA and old hard drive is Ultra ATA. Looks like I'll have to get an external enclosure and feed my data over via USB... Hopefully Radio Shack has one I can just pick up. Seems like BestBuy only carries those built for SATA these days. What a pain, but hey, new PC. :) Webby
  7. Hello all: I've read the Authentication doc and many forums/websites regarding authentication and now I have a few questions. I'm working on a chat client/server system and have a few questions. Should I really be concerned with man-in-the-middle attacks? The server is designed from a client request (not demand) point of view, all client input is validated and the server determines what is legal and what isn't. Given the relative difficulty of MITM, should I even worry about it? My main concern would be client login and account creation. My algorithm would be something like this. Server listens on UDP port for incoming messages. Client starts which sends a AUTH_INITIALIZE packet to the server (basically an empty packet as I think all I need at this point is client IP and Port). Server calculates a random Diffie-Hellman key pair and sends P,G to the client and calculates it's public/private key pair. Client uses P,G to generate it's public/private key pair. Maybe do something here to validate that client and server agree on keys. Now client and server know about each other and agree on keys. Client would either LOGIN or CREATE_ACCOUNT. Either way I send a message to server with USERNAME and PASSWORD encrypted with public key. Server decrypts and validates. If USERNAME/PASSWORD are valid and accepted the server then creates another Diffie-Hellman that takes the password and username into account. Encrypts this new DH pair with the original DH key and sends it to the client. From then on the server expects all communication from that client to use the newly generated DH key. Client likewise decrypts and computes new keys to communicate with. I think I'll also implement a sliding validation time so that keys expire every so often (maybe on a randomly chosen interval) just to help prevent decryption attempts. Also, something I've considered would be to simply include a public key to the client that everyone knows about and have the server keep a strong private key. All clients would encrypt all initial (pre Diffie-Hellman trafic) with this public key just to stop those initial packets from getting read. I might be going overboard with this. Please give me your thoughts. Thanks, Webby
  8. WebsiteWill

    Authentication Algorithm

    So, 24 hours, one fried HP, and one one new Gateway FX6800-01e later I can finally ask: So, other than certificates there doesn't really seem to be any way to prevent MITM, right? So I need to set up a certificate on my server that the client can validate with. From what I read it doesn't seem necessary for me to have a certificate on each client right? I mean, I don't even think I could being that just anyone will be able to install this. And, now for a question I probably should have asked first. :) Any good tutorials showing all the steps necessary to set up a Client/Server system stating some (or THE) best way to initialize a connection between a client and a server? I definitely like the idea of using a secure website for account creation/maintenance, it just seems odd as I've never seen that approach used before in other games or systems. Thanks for all the input, Webby
  9. WebsiteWill

    Authentication Algorithm

    Thanks guys. Drew: Yes, the sending password stuff as a hash (of hashes or other garbled method) was definitely my intention there. Any (sensitive information) will be handled that way. You are back to Diffie-Hellman which I've got implemented and working but honestly couldn't figure out a good way to use them. I was trying to use them as the actual public\private keys in RSA (or other asymmetric algorithm) to encrypt the data, which isn't possible -- with .NETs RSA implementation at least. However, using those agreed upon numbers as part of an HMAC calculation would work pretty well wouldn't? Since they're values only the client and the server know about? Now, if I perform all of that over SSL then it seems like it should be pretty tightly wrapped up. It's a good bit of overhead but definitely worth it and it's something each client will only do once per session. I'm not opposed to getting a certificate from a CA but for now I don't want to put out the cash. It seems like creating my own certificates is possible as hplus alludes to. I'm also not opposed to handling account creation over a secured website, that might actually be the best option. Since once that's done I can guarantee that the client and server have some secured information they both agree on and the rest of the process becomes a whole lot easier, not to mention takes a lot of burden away from the authentication server. Thanks guys, Webby
  10. WebsiteWill

    Authentication Algorithm

    And now I'm off on another tangent. I cam across another topic that you (hplus) took part in and highly defended SSL. The reason I was trying to stay away from SSL was due to it's connected nature. But on thinking and reading how about something like this. Auth Server is running and waiting asynchronously for SSL connections Client sends a generic message to the server requesting a connection. Server responds with an available port (since it's connected we're limited). Client connect SSL to the given port. Server certifies itself with the client. Do I need to have client certify itself with the server? Seems unnecessary. Client "authenticates" by providing username and password. If success, server generates shared symmetric key and sends it to the client. Server disconnects. Client can then freely communicate with server as necessary (encrypting when necessary using the shared key). Server can periodicaly update shared key by sending it encrypted to the client when necessary (just as added protection). Things like account creation (or anything involving credit cards, etc could be done over SSL OR using the shared key generated during the SSL connection. Do you think it necessary to use SSL for that once we have a safe shared key just to be safe? I'd like to do as much over UDP as possibly for its scalability. Thanks for keeping up with this post, Webby
  11. WebsiteWill

    Authentication Algorithm

    Trying to eliminate man in the middle. Aside from that, symmetric encryption will be fine for everything else I do. In fact, most things won't even be encrypted. At the time of authentication or account maintenance I will do encryption but for general messages I won't be. MITM is only a real threat initially, like when a user is first creating an account (since there is currently no shared key). At that time the server knows nothing about the user so potentially a MITM could intercept the message and cause harm. The key place for harm would be the message when the user sends their username and password to the server the first time. Once that information is securely on the server I think I'm reasonably safe from MITM as there is now a key known to both the server and the client which can be used with an HMAC to verify messages. I'm not even that sure I need to worry about MITM as, how common/feasible is it really, and to what extent would someone bother in a chat or game application? Though I do want to take as many precautions as possible. Do you have a workable solution? I've read your document quite a few times and it covers well how to authenticate client/server but it assumes there is already a shared key between the two. How to you secure a shared key? Webby
  12. WebsiteWill

    Authentication Algorithm

    Ok, so maybe I was going about this all wrong. Turns out, it seems that the way to do this would be to have the client create it's public and private key using the RSACryptoServiceProvider and send the public key to the server. The server sees this message and generates it's own public and private key with RSACryptoServiceProvider and sends public key to client. At this point the server can generate a symmetric key to use for encryption, encrypt it with RSA and send it to the client. From that point on the client and server communicate and encrypt/decrypt with the shared symmetric key. For added security, I can periodically generate a new symmetric key and send it to the client with RSA. I can even renew the RSA keys between client and server periodically if necessary. So, now I'm wondering how I got down the track of Diffie-Hellman in the first place. Generating the shared keys was a piece of cake but figuring out how to effectively use them after was a pain in the rear. This seems to work now. Thoughts? Thanks, Webby
  13. WebsiteWill

    Authentication Algorithm

    Here is more information. For generating the Diffie-Hellman the code I use generates 1 byte for G (8 bit) 128 bytes for P (1024 bit) 128 bytes public key (1024 bit) 128 bytes private key (1024 bit) Are these values something I can then provide to the .NET RSA provider? Thanks, Webby
  14. WebsiteWill

    Authentication Algorithm

    Well, I've got an implementation of the Diffie-Hellman algorithm up and running between the client and server. To be honest, I'm not sure what format that would be in other than two agreed upon numbers that are mathmatically related in some very obsure and hard to decipher format. I had thought about trying to write my keys to an in-memory xml and feed that into the RSA object but I wasn't sure it would work. I've got a public and private key (also have P and G from Diffie-Hellman exchange). The RSA object seems to want an xml file with a lot more data than I have on hand. If it's that simple I can give it a shot, I just had my doubts that it would even work. Webby
  15. WebsiteWill

    Authentication Algorithm

    Thanks guys. I've actually stumbled upon a new issue here. I've got all of my Diffie-Hellman exchange working between the client and server. My intention was to use those keys with something like RSA to actually encrypt and transmit a symmetric key generated by the server. However, as you all might know, the .NET implementation of RSA doesn't let you initialize with your own keys. I also don't like the way it uses files to do it's work, it just all seems silly. So, what would you guys recommend for Asymmetric encryption using public/private keys generated with Diffie-Hellman? Thanks, Will P.S. Should I open this as a new topic?
  16. WebsiteWill

    Authentication Algorithm

    I guess I left out a bit of critical information. This is going to work over UDP and not TCP so if my understanding holds true I can't use HTTPS or SSL. I'm basically following your (hplus) article on Authentication for Games. Right now this is just being used for the chat server aspect but the same thing will occur in the context of other server types. In fact I'm designing it so that clients go through an Auth server which will then hand them off to the chat server and eventually other types of servers. Thanks, Webby
  17. Can someone explain why the _firstVisible variable in the code below is always set to 0 unless I call GetCharIndexFromPosition with a SPECIFIC range of parameters for the Y coordinate? For instance, I have single line RichTextBox that I add some text to. I've wired a button to perform the code below. On clicking the button my text scrolls as it should but the _firstVisible is still 0 when it should now be the second character in the string since the first character just scrolled off the edge. After scrolling a few times I made a call to GetPositionFromCharIndex(0) and the point value was (-10, 1). The x coordinate is a negative value relative to the amount scrolled. So if I pass (0, 1) to GetCharIndexFromPosition I do get a value that I would expect. However, calling it with (0, 0) returns 0 which is also kind of expected since I'm passing a value ABOVE the string so the first character would be the first one encountered. Calling it with (0, 21) gives the correct results also. However, for (0, 22) and anything higher than 22 it will once again report 0 (the first letter) when the true value should be equivalent to the number of times I've pressed the scroll button. Can someone explain this? SendMessage(richTextBox1.Handle, WM_HSCROLL, SB_LINELEFT, 0); System.Drawing.Point firstPosition = new System.Drawing.Point(0, 0); System.Drawing.Point lastPosition = new System.Drawing.Point(richTextBox1.Width, richTextBox1.Height); Point p = richTextBox1.GetPositionFromCharIndex(0); _firstVisible = richTextBox1.GetCharIndexFromPosition(firstPosition); _lastVisible = richTextBox1.GetCharIndexFromPosition(lastPosition); Thanks, Webby
  18. Good morning: Is there an easy way to mask a sprite to a rectangle? Say I have a sprite that is 100 x 100 units and I have an opening of 50 x 50 units. Is there a way to render the 100 x 100 sprite blut mask off all except the visible area (only show the 50 x 50 visible region)? Imagine this for a UI element where a child element is larger than a parent so we want to clip the child to the parents visible area. I am using SpriteBatch BTW. Thanks, Webby
  19. WebsiteWill

    Easy Way to Mask Sprite

    Yeah, thanks Name but won't that require me to start an entire new batch for every window (or parent->child) branch that I draw? And do you think this would be efficient enough for a UI? This may actually be a better approach to what I am doing now which is basically resizing my child rectangles AND source rectangles to fit into the visible area of the parent. A long series of computations for such a trivial task. I'll try this out to see how it works. Thanks for this and any more input. Webby
  20. WebsiteWill

    Giant Mesh vs Smaller Ones

    Need more info. Just because you have an extremely large mesh in your modeling package (Max, Maya, etc) doesn't mean your engine uses it that way. Your engine might be preprocessing it down to usable size chunks with some sort of space partitioning algorithm like quad or oct tree or some other method (and if not you probably should). As the developer you should know this. Give us more specifics on poly count for your major terrain model and whether or not you know if you are doing space partitioning in your engine and we can help a bit more. Webby
  21. Does anyone know if the texture is switched once you call SpriteBatch.End IF you'd called Draw on some sprites and also called DrawString which uses a spritefont and presumably a texture with the font on it? I have a texture for my UI and I am using spritefonts and I'm curious what XNA is doing in the background. The reason being is I've decided to move away from SpriteBatch for my sprites and I have a choice of continuing to use a SpriteBatch for text (because SpriteBatch for text works really well) or to implement my own. With my current code I am batching UI "sprites" and flushing the entire batch in one single draw call. But it seems like I won't be able to do this with text since I'd have to swap the texture out to render the text which would likely kill my performance -- I'd essentially have to swap textures for every UI element. Thoughts? Thanks, Webby
  22. WebsiteWill

    XNA SpriteBatch question

    It doesn't work like that. Imagine you have a window with a caption and button in that window also with a caption. For everything to appear correctly with alpha blending you have to do Window.Draw() Window.Caption.Draw() Window.Button.Draw() Window.Button.Caption.Draw() So you see, everytime I'd need to draw text I would have to switch out the texture for the text. If I keep each font on a separate image then I'll have to swap a bunch more. Webby
  23. WebsiteWill

    XNA SpriteBatch question

    Even if you are swapping out those two images many times per frame? If this was a one or two time swap I'd not care but I'd have to swap it every time I draw a new UI control that had text on it. Webby
  24. WebsiteWill

    XNA SpriteBatch question

    One thing I would have to do for that to work is to designate a certain portion of the texture to font(s) so that my UI elements ALWAYS start at a certain XY coordinate. So font 1 would start at 0,0 and go to 300,300. Font 2 starts at 0,300 and goes to 300, 600. Something like that. All UI elements are in 300,0 to x, x. I was playing with the FontGen in the XNAExtras package found online and so far I find that if you export large fonts (starting around 25px) you'll get multiple images instead of a single one. I am trying to figure out how to force it to simply use a larger single image instead. Another idea I had was to store the UI and fonts in a Texture3D object where the first layer is th UI parts and each following layer would be a font object. Writing a manager to keep track on what font is on each layer would be a breeze but again I'm not sure how XNA works with Texture3D and I'll have to research how to write the shader for this since individual draw calls to my UI components would require different texture layers. So if you have any info on a method similar to this I'm all ears. I'll keep searching for anything I can find until I come across a solution I like. Thanks for the info, Webby
  25. WebsiteWill

    XNA SpriteBatch question

    I just had an idea that I wanted to run by you all. If I make my UI texture 2048x2048 in size I think it would be plenty large enough to store a few bitmap fonts, the ui elements (with animated frames) as well as the icons that I would need. Now however the tradeoff would be in sending a large 2048x2048 image to the graphics card every frame. I don't think that would matter much at all though. What do you guys think?
  • Advertisement

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

GameDev.net is your game development community. Create an account for your GameDev Portfolio and participate in the largest developer community in the games industry.

Sign me up!