Solved

how to implement file checksum ?

Posted on 2004-08-09
7
2,797 Views
Last Modified: 2012-06-21
Guyz,

My application uses a .xml file as input, and I need to make sure nobody has edited the file. Can we implement a checksum for this file? If so,
1.Where do I specify the file checksum in the .xml file
2.How to calculate the checksum for the .xml file and compare with the checksum found in the .xml file.

Any ideas?
Thnx!
0
Comment
Question by:kunjachan_
  • 4
  • 3
7 Comments
 
LVL 20

Expert Comment

by:TheAvenger
ID: 11760190
You can create the file, then calculate the sum (for example getting the hash of the whole file string or only a part of it which is important) and save the check sum at the end of the file. When you read it, you can read the whole file, get the check sum that was saved inside it and then calculate again the checksum for the rest of the file (so the real contents, which was also secured when the file was saved). Then compare the check sums.

Instead of calculating a check sum, you can use a more advanced method, like sign the data. For more info have a look at:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/html/cpconCryptographicServices.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/frlrfsystemsecuritycryptographydsaclasstopic.asp
0
 
LVL 7

Expert Comment

by:psdavis
ID: 11761931
I like using MD5 for my checksums.

            MD5 pMD5 = new MD5CryptoServiceProvider( );
            byte[] resultHash = pMD5.ComputeHash( Encoding.ASCII.GetBytes( response ));
            string resultMD5 = Convert.ToBase64String( resultHash );
0
 
LVL 20

Expert Comment

by:TheAvenger
ID: 11761956
Note that using MD5 you can create a hash but you cannot sign it, so everybody can create the hash after signing the file
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 7

Expert Comment

by:psdavis
ID: 11761972
If all he is doing is making sure no one has edited the file, then the checksum idea is sound.  His biggest problem is that he wants to include the checksum inside the xml which invariably changes the checksum of the file.
0
 
LVL 20

Accepted Solution

by:
TheAvenger earned 100 total points
ID: 11762001
First, if I change the file, I will calculate a new hash, so the application will not notice that the file was changed - the hash is not enough.
Second, I already explained how the hash/signature can be included inside the file: make the hash always over the XML without the hash. This means you have <xml content><hash> and when the file is read, you remove the <hash> part, make a new hash of the <xml content> and verify the new hash with the <hash> part.
0
 
LVL 7

Expert Comment

by:psdavis
ID: 11762006
Yep. Yer right.  I'm still pre-Diet Pepsi and not fully awake yet.
0
 
LVL 20

Expert Comment

by:TheAvenger
ID: 11762024
:-))
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Article by: Najam
Having new technologies does not mean they will completely replace old components.  Recently I had to create WCF that will be called by VB6 component.  Here I will describe what steps one should follow while doing so, please feel free to post any qu…
This article introduced a TextBox that supports transparent background.   Introduction TextBox is the most widely used control component in GUI design. Most GUI controls do not support transparent background and more or less do not have the…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now