Jump to content


Photo

HASH: Transfer Integrity command


  • Please log in to reply
8 replies to this topic

#1 antini

antini
  • Members
  • 4 posts

Posted 27 April 2010 - 03:42 AM

Hi,

I'm working on an Internet Draft (RFC in progress) to create a new FTP command to be used by clients to request cryptographic hashes of files. A number of vendors & applications plan to support it.

From what I've seen, this software supports the non-standard XMD5, XSHA1, XSHA256, XSHA512 commands.

I'm soliciting comments and suggestions on the Internet Draft text. Your feedback is most welcome! :D

http://tools.ietf.or...-bryan-ftp-hash


Here's how it works:

Example of HASH client request:

HASH filename.ext

HASH server response with Positive Completion code and the requested
hash using the currently selected algorithm:

213 80bc95fd391772fa61c91ed68567f0980bb45fd9



OPTS is used to query or change the algorithm:

C> OPTS HASH
S> 200 SHA-1
C> OPTS HASH SHA-512
S> 200 SHA-512
C> OPTS HASH CRC-37
S> 501 Unknown algorithm, current selection not changed



Support is advertised in FEAT responses:

C> feat
S> 211-Extensions supported:
S> ...
S> HASH SHA-1*;MD5
S> ...
S> 211 END



#2 mb

mb

    Developer

  • Administrators
  • 11521 posts
  • Gender:
    Male
  • Location:
    Worldwide

Posted 27 April 2010 - 04:17 AM

* You may want add a reference to the CKSM command which is surprisingly missing in the draft and has very similar functionality:
http://www.ogf.org/d...ents/GFD.47.pdf
CKSM is supported by SmartFTP.

* I think the reference to the "Hash Function Textual Names" registry should be included:
http://www.iana.org/...ion-text-names/

* I have noticed that the partial hashes are in the todo list. I actually think it should be mandatory to specify the offset and size to avoid any race conditions that might occur. E.g. 2 clients. One uploads the file, the other issues a HASH command. What will the hash command return? Most likely not what the client expects. In conclusion my recommendation is:

HASH <algorithm> <offset> <length> <path> CRLF

or to better fit it into your OPTS mechanism:

HASH <offset> <length> <path> CRLF

#3 mb

mb

    Developer

  • Administrators
  • 11521 posts
  • Gender:
    Male
  • Location:
    Worldwide

Posted 27 April 2010 - 06:27 AM

Is there already a server implementation available for testing?

#4 antini

antini
  • Members
  • 4 posts

Posted 27 April 2010 - 03:10 PM

Is there already a server implementation available for testing?


no implementations at all so far, but the FileZilla author is a co-author of the draft so that will be one of the first. IIS is also interested. we have only been getting feedback for a few weeks & have changed things once, so things may not be stable enough.

thanks for the comments!

in your experience, how useful/needed are partial hashes?

PS - you may also be interested in the HOST command ID, which is in Last Call: http://tools.ietf.or...urray-ftp-hosts

#5 mb

mb

    Developer

  • Administrators
  • 11521 posts
  • Gender:
    Male
  • Location:
    Worldwide

Posted 27 April 2010 - 03:20 PM

>Filezilla
The server part of Filezilla looks abandoned. And for the client, in this case I guess we are the first that implemented it :-)

>partial hashes
They are a must due to the reason explained in my last reply (multi part transfers and race condition).

>HOST
Thank you. It has already been implemented in our application a while ago. Unfortunately there are some problems the authors of the draft didn't take into consideration.

#6 antini

antini
  • Members
  • 4 posts

Posted 27 April 2010 - 07:40 PM

>Filezilla
The server part of Filezilla looks abandoned. And for the client, in this case I guess we are the first that implemented it :-)

>partial hashes
They are a must due to the reason explained in my last reply (multi part transfers and race condition).

>HOST
Thank you. It has already been implemented in our application a while ago. Unfortunately there are some problems the authors of the draft didn't take into consideration and also refuse to address.


cool!

my suggestion is to post on IETF apps-discuss about HOST. it's always good to get your objections noted.

you could also post your feedback on HASH there. putting things in public in one place is helpful.

#7 antini

antini
  • Members
  • 4 posts

Posted 10 May 2010 - 02:40 AM

Is there already a server implementation available for testing?


now there is... :D

I have created an experimental build of FileZilla Server which
implements draft-bryan-ftp-hash-02.

The installer for Win32 can be downloaded from
http://filezilla-pro...ftp-hash-02.exe

Regards,
Tim Kosse



#8 mb

mb

    Developer

  • Administrators
  • 11521 posts
  • Gender:
    Male
  • Location:
    Worldwide

Posted 10 May 2010 - 07:29 PM

Thank you for sharing. I have successfully tested the latest version of SmartFTP with the FileZilla server.

#9 twanj

twanj
  • Members
  • 9 posts

Posted 11 June 2010 - 07:19 PM

awesome!

btw, there is a new IETF FTP email list https://www.ietf.org...listinfo/ftpext
it will be very low traffic. if you're interested, you could just post a message on there introducing yourself, it'd be great.

do you think there are any FTP extensions that should be created/standardized?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users