Solved

how to implement file checksum ?

Posted on 2004-08-09
7
2,813 Views
Last Modified: 2012-06-21
Guyz,

My application uses a .xml file as input, and I need to make sure nobody has edited the file. Can we implement a checksum for this file? If so,
1.Where do I specify the file checksum in the .xml file
2.How to calculate the checksum for the .xml file and compare with the checksum found in the .xml file.

Any ideas?
Thnx!
0
Comment
Question by:kunjachan_
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 20

Expert Comment

by:TheAvenger
ID: 11760190
You can create the file, then calculate the sum (for example getting the hash of the whole file string or only a part of it which is important) and save the check sum at the end of the file. When you read it, you can read the whole file, get the check sum that was saved inside it and then calculate again the checksum for the rest of the file (so the real contents, which was also secured when the file was saved). Then compare the check sums.

Instead of calculating a check sum, you can use a more advanced method, like sign the data. For more info have a look at:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/html/cpconCryptographicServices.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/frlrfsystemsecuritycryptographydsaclasstopic.asp
0
 
LVL 7

Expert Comment

by:psdavis
ID: 11761931
I like using MD5 for my checksums.

            MD5 pMD5 = new MD5CryptoServiceProvider( );
            byte[] resultHash = pMD5.ComputeHash( Encoding.ASCII.GetBytes( response ));
            string resultMD5 = Convert.ToBase64String( resultHash );
0
 
LVL 20

Expert Comment

by:TheAvenger
ID: 11761956
Note that using MD5 you can create a hash but you cannot sign it, so everybody can create the hash after signing the file
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 7

Expert Comment

by:psdavis
ID: 11761972
If all he is doing is making sure no one has edited the file, then the checksum idea is sound.  His biggest problem is that he wants to include the checksum inside the xml which invariably changes the checksum of the file.
0
 
LVL 20

Accepted Solution

by:
TheAvenger earned 100 total points
ID: 11762001
First, if I change the file, I will calculate a new hash, so the application will not notice that the file was changed - the hash is not enough.
Second, I already explained how the hash/signature can be included inside the file: make the hash always over the XML without the hash. This means you have <xml content><hash> and when the file is read, you remove the <hash> part, make a new hash of the <xml content> and verify the new hash with the <hash> part.
0
 
LVL 7

Expert Comment

by:psdavis
ID: 11762006
Yep. Yer right.  I'm still pre-Diet Pepsi and not fully awake yet.
0
 
LVL 20

Expert Comment

by:TheAvenger
ID: 11762024
:-))
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article is for Object-Oriented Programming (OOP) beginners. An Interface contains declarations of events, indexers, methods and/or properties. Any class which implements the Interface should provide the concrete implementation for each Inter…
Real-time is more about the business, not the technology. In day-to-day life, to make real-time decisions like buying or investing, business needs the latest information(e.g. Gold Rate/Stock Rate). Unlike traditional days, you need not wait for a fe…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
Suggested Courses

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question