OSCommerce Product Manager

OSCommerce Product Manager for Windows
Tasklist

FS#285 - Use a checksum to verify the integrity of the server answers.

Attached to Project: OSCommerce Product Manager
Opened by Mario A. Valdez-Ramirez (mvaldez) - Monday, 03 October 2005, 15:43 GMT-6
Last edited by Mario A. Valdez-Ramirez (mvaldez) - Sunday, 15 July 2007, 17:54 GMT-6
Task Type Bug Report
Category Backend / Core
Status Assigned
Assigned To Mario A. Valdez-Ramirez (mvaldez)
Operating System All
Severity Medium
Priority Immediate
Reported Version any
Due in Version Undecided
Due Date Undecided
Percent Complete 0%
Votes 0
Private No

Details

Whne sending and receiving information to/from the server-side script, the data should include a checksum, and the application should calculate the checksum and verify it matches the expected one.

This is to improve the data integrity.

We can even use HMAC to veify the authenticity at the same time (at the expense of more processing time).
This task depends upon

Comment by Mario A. Valdez-Ramirez (mvaldez) - Saturday, 14 January 2006, 13:05 GMT-6
HMAC is documented as a RFC:

RFC 2104
HMAC: Keyed-Hashing for Message Authentication

http://www.faqs.org/rfcs/rfc2104.html

Comment by Mario A. Valdez-Ramirez (mvaldez) - Wednesday, 30 May 2007, 00:22 GMT-6
We already do this for the SQL records. We should do the same for all data returned.

As most operations have and END sentence, we cat attach the checksum to it.
Comment by Mario A. Valdez-Ramirez (mvaldez) - Wednesday, 30 May 2007, 00:25 GMT-6
Changed Priority to High.
Comment by Mario A. Valdez-Ramirez (mvaldez) - Sunday, 15 July 2007, 17:54 GMT-6
This bug depends on Bug #319. As the integrity check is already implemented for recordset, if the request of Bug #319 is implemented (Returned data from server should be Recordset-like) all server-side answers will include integrity verification.

Loading...