Previous Topic

Next Topic

Book Contents

Book Index

FTP - Interoperability - Integrity Check How-To

In version 3.3 the MOVEit Transfer expanded its FTP integrity check protocol to allow non-MOVEit FTP clients to begin to perform cryptographic integrity checks as well. (SmartFTP was the first non-MOVEit FTP client to take advantage of the open protocol.)

SHA-1 Cryptographic Integrity Check

To use integrity checks with MOVEit Transfer, send the following commands from the client to the server:

The local FTP client must be able to calculate SHA-1 hashes. MD5 hashes MAY be allowed in the future, but only to support legacy FTP clients. CRC values will NEVER be allowed as they lack any cryptographic value and are not useful in situations where non-repudiation is required.

Sample FTP Session

The following FTP session shows an FTP client session working with variations of the commands discussed above.

ftp> QUOTE INTEGRITY H 
200 Integrity mode selected 
ftp> get HomePage.php 
200 PORT command successful 
150 RETR command started 
226 Transfer complete. Integrity check pending. 
ftp: 4890 bytes received in 0.70Seconds 6.79Kbytes/sec. 
ftp> QUOTE XSHA1 
500 XSHA1: parameters are incorrect 
ftp> QUOTE XSHA1 HomePage.php 
250 d6f63471acd1ab7dd647c86e6eea91d09f0fbb70 
(at this point the FTP client calculates a SHA-1 hash 
against the file it just downloaded and gets a 
value of "d6f63471acd1ab7dd647c86e6eea91d09f0fbb70") 
ftp> QUOTE HASH OK 
200 Downloaded file has passed integrity check. 
ftp> get HomePage.php 
200 PORT command successful 
150 RETR command started 
226 Transfer complete. Integrity check pending. 
ftp: 4890 bytes received in 0.64Seconds 7.45Kbytes/sec. 
ftp> QUOTE XSHA1 HomePage.php 
250 d6f63471acd1ab7dd647c86e6eea91d09f0fbb70 
(at this point the FTP client calculates a SHA-1 hash 
against the file it just downloaded and gets a 
value of "c86e6eea91d09f0fbb70d6f63471acd1ab7dd647") 
ftp> QUOTE HASH BAD 
500 Downloaded file integrity check FAILED!