How to verify piece of file

[gnutella06]

Hi There,

I would like to know, how is it possible to verify part of file downloaded from a host. I know, I have to use THEX (Tree Hash Exchange Format) for this purpose.
But I'm not sure how to use it.

When I get positive reply from a host to upload a file. In the reply I could see
"X-Thex-URI: /uri-res/N2X?urn:sha1:TY2462FV2IEMADVXYA52IX72H2GTA3C7;JGJO CMQ3LSZD7JS24GQHG3O3EPIQJUTV4GPUMXA"

I know the first hash value is the sha1 has of the complete file. But dont know the hash just followed by it.

How can I use this information to verify the the part of the file?

Thanks in advance,

Maxy

[GregorK]

The following hash is the root TTH value of your hash tree...
Read the documents found at, to get more infos:
http://phex.svn.sourceforge.net/view...roposals/THEX/

[gnutella06]

Hello Group,

I have few questions with respect to partial file verification:

1) From where to request tiger hash tree? and how do I know that the host
I'm requesting from is trusted one?

2) What kind of request it should be to get tiger hash tree? is there any special way to request?

Thanks in advance,

Tehsin

[GregorK]

You request the TTH from the same host that sends you the X-Thex-URI header.
The URL you use is the one provided in the X-Thex-URI header. It is a usual HTTP GET request.
You don't know if the host is trusted, you can only verify the TTH itself, if it matches the data and if other hosts would provide you the same root hash.

[gnutella06]

Thanks for the reply. I have few more questions. When I requested the the Tiger tree to some host
with the following request:

GET /uri-res/N2X? urn:sha1:YKOTZQMNXNBXMKEQRJCJND32F6DAEYOY;FLCSY6YP GWUW75AT3TVH3VC3YADQNZLLJTRBVKI HTTP/1.1\r\n


From some host I get malformed request reply. I dont understand, why?

When I get positive reply from some other host, I can't understand how to parse, the binary serialized
tiger tree hash, any hints would be appreciated.

Thanks in advance,

Tehsin

[GregorK]

The tree data is encapsulated in DIME payloads
SourceForge.net Repository - [phex] View of /phex/trunk/docs/Gnutella/proposals/THEX/draft-nielsen-dime-01.txt

[gnutella06]

I have few question regarding verification process of partial files:-

1) Treenodesize, is it the chunk size of the file?

2) If yes, so I could compute leaf hash(using Tiger ) for this chunk and see if this leaf hash is present in the list of hashes which I got from the unloader?

Thanks in advance,

[gnutella06]

I was trying to compute leaf hashes. To compute leaf hash, the chunk of file is prefixed with '0' and then compute tiger hash of it. Unfortunately, it doesn't work, when I compared what I was getting from Gnutella network.

I would like to know how exactly leaf hashed is computed? Although I'm not so good with Java, I tried to see Phex code and could see that there is some special way to compute leaf hash. The only thing which I understood is, the leaf hash is computed by computing hash of each 1kb. I don't understand how exactly the leaf hash computed.

Any help would be greatly appreciated.

[CyberBob]

Quote:

Originally Posted by gnutella06

Thanks for the reply. I have few more questions. When I requested the the Tiger tree to some host
with the following request:

GET /uri-res/N2X? urn:sha1:YKOTZQMNXNBXMKEQRJCJND32F6DAEYOY;FLCSY6YP GWUW75AT3TVH3VC3YADQNZLLJTRBVKI HTTP/1.1\r\n


From some host I get malformed request reply. I dont understand, why?

When I get positive reply from some other host, I can't understand how to parse, the binary serialized
tiger tree hash, any hints would be appreciated.

Thanks in advance,

Tehsin

sorry for replying this late. anyway, you may have idea already but .....

you do not request like this:

Code:

GET /uri-res/N2X? urn:sha1:YKOTZQMNXNBXMKEQRJCJND32F6DAEYOY;FLCSY6YPGWUW75AT3TVH3VC3YADQNZLLJTRBVKI HTTP/1.1\r\n

but you do request with this:

Code:

GET /uri-res/N2X? urn:sha1:YKOTZQMNXNBXMKEQRJCJND32F6DAEYOY HTTP/1.1\r\n

string after semi-colon is TTH value which you need to verify against received DIME message, but you do not use that part for requesting.