Pending Review
Last Updated: 16 Apr 2019 20:01 by ken
Mark
Created on: 18 Jan 2019 15:57
Type: Feature Request
2
Apply a signature to a telerik trdp/trdx report file

I would like to formally request the ability to "sign" in some fashion a trdp/trdx file.  Note that if only the new file format is supported then that would be acceptable.

Basically, I would like to apply some signature that we could, if we so chose, read from the report file to verify that it was us that created or last modified the file.

If we need to use a separate tool to apply the signature other than the report designer, that would not be an issue.

The signature could be anything that Telerik/Progress decides we can use such as a code signing certificate, a strong name, etc.

Using the last modified time, or a hash value created from the current contents of the report file would not be a good solution as that would mean we would need to have a list of the hash values for each report and it would need to be updated every time the report is changed.
We are looking for something that could be applied to all reports that we create and that clients could not replicate.

This would need to be something that clients who we deploy the report files to cannot replicate and therefore if they modify the report file using the Telerik designer, it would remove that signature.  This way we can easily programmatically determine if the client has modified the report, and therefore prevent using it as if it is ours.

Note that we provide the ability to use custom reports in our application which are treated as separate from our core provided reports.  Also, I had posted to the forum asking if this is currently possible (https://www.telerik.com/forums/sign-telerik-reports).

Thank you.

3 comments
ken
Posted on: 16 Apr 2019 20:01

I second this request.  We also provide a set of base reports.  Our support team has spent time troubleshooting reports that were altered by customers and no longer work as expected. 

Currently they export the TRDX file and compare the hash to our base version.

I have a TODO to make the hash display in the application so they don't have to export.  But being able to programmatically determine by signature would be better.

Thanks,

Ken

Mark
Posted on: 21 Jan 2019 18:50

I forgot to mention about having the ability to read this signature.

A sample that demonstrates this would be appreciated, whether it uses a built in .NET method, or a new Telerik method that you create.

 

Thank you for considering this. 

ADMIN
Silviya
Posted on: 21 Jan 2019 08:23
Hi Mark,

Thank you for your input!

Regards,
Silviya
Progress Telerik
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items