PHP Conference Nagoya 2025

Imagick::getImageSignature

(PECL imagick 2, PECL imagick 3)

Imagick::getImageSignatureGenera un resumen de un mensaje SHA-256

Descripción

Imagick::getImageSignature(): string

Genera un resumen de un mensaje SHA-256 para el flujo de píxeles de la imagen.

Valores devueltos

Devuelve un string que contiene el hash SHA-256 de el fichero.

Errores/Excepciones

Lanza ImagickException en caso de error.

add a note

User Contributed Notes 4 notes

up
3
barrerasalom at gmail dot com
11 years ago
Please take that note tha different versions of ImageMagick could create different signatures, even when working with the same image.
up
2
vojtech at kral dot hk
11 years ago
Well the SHA-2 digest returned by this function IS different from what you get when you hash the file, because this funtions hashesh the pixels themselves.

This is very useful when you need to identify identical images, because if you just hash the files, you may get different hashes even if the image is the same pixel by pixel because of differences in metadata or different format (ie PNG vs BMP) or perhaps stray bytes at the end of file etc...

There is no point in posting code that hashes files, that is completely irrelevant here.

Also, I doubt you really need to pick a different hashing algo, SHA-2 should be perfectly fine for this job.
up
0
holdoffhunger at gmail dot com
12 years ago
The getImageSignature function returns the SHA-256 hash value, which is 256 bits (or 32 bytes) in length. SHA-256 is part of the SHA-2 set of cryptographic hash functions designed by the NSA, which also includes SHA-224, SHA-384, and SHA-512. According to Wikipedia, there are some security flaws in it similar to the set of SHA-1 hash functions, which should be fixed with SHA-3, eventually. Unlike MD5 or the SHA-1 set of cryptographic functions, SHA-2 has had no collisions discovered yet (a collision is an incident where two different pieces of data result in the same hash value from the hashing function). For the time being, it seems to be the most efficient method for creating a small (32-byte), uniquely-identifiable, generally-secure value for either a file or a piece of data.

Some sample code :

<?php

// Author: holdoffhunger@gmail.com

// Imagick Type
// ---------------------------------------------

$imagick_type = new Imagick();

// Open File
// ---------------------------------------------

$file_to_grab = "image_workshop_directory/test.bmp";

$file_handle_for_viewing_image_file = fopen($file_to_grab, 'a+');

// Grab File
// ---------------------------------------------

$imagick_type->readImageFile($file_handle_for_viewing_image_file);

// Get Image SHA-256 Signature / Hash Value
// ---------------------------------------------

$imagick_type_signature = $imagick_type->getImageSignature();

// Print Image Signature / Hash Value
// ---------------------------------------------

print($imagick_type_signature);

?>

Results of this done on a standard BMP image :

cb2f387a7b23d11340ad1f5ba9c765125ea6b2d50a0d25412abe1ce568adac68
up
-1
holdoffhunger at gmail dot com
12 years ago
The getImageSignature function for the ImageMagick package in PHP returns only the SHA-1 hash value for an image. There are not any other algorithms available for it within the ImageMagick package, but fortunately, this is PHP and you have a wide array of hashing algorithms to use on any image file. The function hash_algos() will return an array of hashing algorithms available in PHP and the function hash_file() will take three parameters (one for the algorithm to use, one for the filename, and an optional variable for binary output). Instead of being limited to the SHA-1 algorithm of the getImageSignature function, you could use SHA-256, SHA-384, SHA-512, Whirlpool, HAVAL, Salsa, Gost, Adler32, CRC32, or MD5, among others and variations of these.

However, the SHA-1 result of the hash_file() function performed on a file does not return the same result as the SHA-1 of the getImageSignature() function. This leads me to believe that the SHA-1 of the getImageSignature() might be performed on the Imagick object itself, instead of the file, whereas the hash_file() function is clearly performed on the file itself. That's just a guess, though.

Some sample code for the alternate hashing algorithm, with every algorithm performed on the image file :

<?php

// Author: holdoffhunger@gmail.com

// Set File for Hashing Function
// ---------------------------------------------------

$filename_with_folder_for_hashing = "image_workshop/test_file.bmp";

// Acquire Dynamic Hashing Algorithm List
// ---------------------------------------------------

$php_dynamic_hash_algorithms = hash_algos();

// Count Dynamic Hashing Algorithm List
// ---------------------------------------------------

$number_of_dynamic_hash_algorithms = count($php_dynamic_hash_algorithms);

// Parse Dynamic Hashing Algorithm List
// ---------------------------------------------------

for($i = 0; $i < $number_of_dynamic_hash_algorithms; $i++)
{
// Get Current Hashing Algorithm
// ---------------------------------------------------

$current_hashing_algorithm = $php_dynamic_hash_algorithms[$i];

// Perform Hashing on File
// ---------------------------------------------------

$current_hashing_algorithm_hex_result = hash_file($current_hashing_algorithm, $filename_with_folder_for_hashing, FALSE);

// Print Hashed Results
// ---------------------------------------------------

print("$current_hashing_algorithm Algorithm ::: $current_hashing_algorithm_hex_result");
print(
"<br><br>");
}

?>

Example Results:
...........................

md2 Algorithm ::: 03205df9c6717d74f1f003c66f58e98a

md4 Algorithm ::: b2a204a2e5c3968d2abd5dc372fbee10

md5 Algorithm ::: b9d92a61714b221d24c7730d4764ca82

sha1 Algorithm ::: 8db4c92346c26568b13ea43fbcf514e37942a41a

(and so on for 34 more algorithms)...
To Top