Solved

Could you point a PHP class that could give a file signature based on its content?

Posted on 2016-09-03
7
32 Views
Last Modified: 2016-09-04
Hi Experts

Could you point a PHP class that could give a file signature based on its content?

My purpose is to check when a file is uploaded if something has been changed on it from the first time
it was uploaded.

Thanks in advance.
0
Comment
Question by:Eduardo Fuerte
7 Comments
 
LVL 51

Assisted Solution

by:Julian Hansen
Julian Hansen earned 100 total points
ID: 41782838
Why not do

$hash = md5(file_get_contents($filename));

Open in new window

1
 
LVL 108

Accepted Solution

by:
Ray Paseur earned 200 total points
ID: 41782898
I think we covered md5() before, right?  You don't need a class -- PHP has a built-in function
https://www.experts-exchange.com/questions/28967370/Could-you-point-a-PHP-library-you-know-to-UPLOAD-a-file-to-a-server-with-some-kind-of-audit-trail.html#a41781762

MD5 strings are identical for identical inputs.  So if you read file#1 and make the md5() hash, then read file#2 and make the md5() hash, you can compare these hashes to see if the files are the same.  If the hashes match the files are the same.

Of course, you could just compare the contents of the files, too.  So why would anyone compare only the md5() hash?  

One reason could be that the files are so large that you can only get one of them into memory at a time.  You would read one into a string variable, make the md5() hash, unset the string variable to free the memory, then read the second file, make the md5() hash and compare the hash strings.  Thus the md5 hash becomes a proxy for the contents of the files.

A more mainstream and probably more frequent use of md5() is in securing data communications.  Consider a data transport problem where the recipient does not have access to the original file, and would like to know that the data had not been damaged or tampered with.  The sender would create the md5() hash from a known "salt" string appended to the information payload.  The recipient would take the payload, add the salt and create another md5() string.  If the strings match, the data is intact.
0
 

Author Comment

by:Eduardo Fuerte
ID: 41782903
@Ray
Sorry
That time I couldn't read all your posts with the attention it desires!
I'm in a hurry, having to attend a dificult test that have to be sent until next monday 08 o'clock in the morning!  So it will be carefully read after.

@Julian
I guess what you point is a adequated solution - just a .pdf that when updated produces this warning
but the file is uploaded and the "signature" is ok.

img001
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 29

Assisted Solution

by:Olaf Doschke
Olaf Doschke earned 200 total points
ID: 41782905
You should be exact on what you really want, because the term signature points in two totally different directions.

A file signature is a valid term more commonly known as a file checksum, any checksum or hash algorithm qualifies for this need, even those disqualifying for password hashing still are good enough for file checksums.

But there also is the topic of signing files, not only about the file being untouched and/or completely transferred, but also about identifying who signed a file, eg when you sign a pdf for upload to revenue office/service.

If this is about what Ray pointed back to, its hashing a file. Other reasoning why you don't only profit from hashing over comparing full files is not only about their size, once you know and store a hash, you can compare it to future uploads, also for faster computation and still checking the completeness of file uploads, you might hash just the first 1KB and last 1KB of a file, so your memory consumtion is less and the hash is computed faster. The most common upload errors are double upload and incomplete upload. For these two cases only taking a partial file hash is sufficient.

Bye, Olaf.
1
 

Author Comment

by:Eduardo Fuerte
ID: 41782907
@Olaf

Hi

I'm not sure I completelly understand what you posted.
But since it's not a "prodution" algorithm - is just to attend a test,  I guess  Julian solution it's sufficient by now, ok?
0
 
LVL 29

Expert Comment

by:Olaf Doschke
ID: 41782917
On the assumption you don't want to sign for knowing the authentic source of the file (eg the vendor of a software), an md5 is sufficient to check the file is same or differs.

Bye, Olaf.
1
 

Author Closing Comment

by:Eduardo Fuerte
ID: 41783620
Thank you for so qualified assistance!
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Consider the following scenario: You are working on a website and make something great - something that lets the server work with information submitted by your users. This could be anything, from a simple guestbook to a e-Money solution. But what…
Generating table dynamically is the most common issue faced by php developers.... So it seems there is a need of an article that explains the basic concept of generating tables dynamically. It just requires a basic knowledge of html and little maths…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now