3v4l.org

run code in 300+ PHP versions simultaneously
<?php function shitmac_xor(string $str, int $with){ $ret = ""; for($i=0,$imax=strlen($str);$i<$imax;++$i){ $ret .= chr( ord($str[$i]) ^ $with ); } return $ret; } function shitmac(string $key, string $message, string $hash_algorithm = "SHA1", int $hash_algorithm_block_size = 64, int $hash_algorithm_output_size = 20){ if(strlen($key) > $hash_algorithm_block_size){ // this is probably a bad idea, but php is doing it anyway. // > RFC 2104 requires that "keys longer than B bytes are first hashed using H" which leads to a confusing pseudo-collision: if the key is longer than the hash block size (e.g. 64 characters for SHA-1), then HMAC(k, m) is computed as HMAC(H(k), m).This property is sometimes raised as a possible weakness of HMAC in password-hashing scenarios: it has been demonstrated that it's possible to find a long ASCII string and a random value whose hash will be also an ASCII string, and both values will produce the same HMAC output. // die("TODO: hash(hash_algo, key"); $key = hash($hash_algorithm, $key, true); } if(strlen($key) < $hash_algorithm_block_size){ // die("TODO: key=str_pad(key,x00,block_size,pad_left"); $key = str_pad($key, $hash_algorithm_block_size, "\x00", STR_PAD_RIGHT); } $o_key_pad = shitmac_xor($key, 0x5C); $i_key_pad = shitmac_xor($key, 0x36); $ret = hash($hash_algorithm, $i_key_pad.$message, true); $ret = hash($hash_algorithm, $o_key_pad . $ret, true); return $ret; } $hash_algorithm = "SHA1"; $hash_algorithm_block_size = 64; $hash_algorithm_output_size = 20; $results=[]; for($i=0;$i<100;++$i){ $key=str_repeat("\x00", $i); $message = "Hello World".random_bytes($i); $hmac = hash_hmac($hash_algorithm, $message, $key, true); $shitmac = shitmac($key, $message, $hash_algorithm, $hash_algorithm_block_size, $hash_algorithm_output_size); if($hmac === $shitmac){ echo "{$i}: success!\n"; }else{ var_dump($i,$hmac,$shitmac); die("ERROR!"); } }
Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 42) Position 1 = 44
Branch analysis from position: 44
2 jumps found. (Code = 44) Position 1 = 46, Position 2 = 6
Branch analysis from position: 46
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 6
2 jumps found. (Code = 43) Position 1 = 33, Position 2 = 37
Branch analysis from position: 33
1 jumps found. (Code = 42) Position 1 = 43
Branch analysis from position: 43
2 jumps found. (Code = 44) Position 1 = 46, Position 2 = 6
Branch analysis from position: 46
Branch analysis from position: 6
Branch analysis from position: 37
1 jumps found. (Code = 79) Position 1 = -2
filename:       /in/OCBiU
function name:  (null)
number of ops:  47
compiled vars:  !0 = $hash_algorithm, !1 = $hash_algorithm_block_size, !2 = $hash_algorithm_output_size, !3 = $results, !4 = $i, !5 = $key, !6 = $message, !7 = $hmac, !8 = $shitmac
line      #* E I O op                           fetch          ext  return  operands
-------------------------------------------------------------------------------------
   30     0  E >   ASSIGN                                                   !0, 'SHA1'
   31     1        ASSIGN                                                   !1, 64
   32     2        ASSIGN                                                   !2, 20
   34     3        ASSIGN                                                   !3, <array>
   35     4        ASSIGN                                                   !4, 0
          5      > JMP                                                      ->44
   36     6    >   INIT_FCALL                                               'str_repeat'
          7        SEND_VAL                                                 '%00'
          8        SEND_VAR                                                 !4
          9        DO_ICALL                                         $14     
         10        ASSIGN                                                   !5, $14
   37    11        INIT_FCALL                                               'random_bytes'
         12        SEND_VAR                                                 !4
         13        DO_ICALL                                         $16     
         14        CONCAT                                           ~17     'Hello+World', $16
         15        ASSIGN                                                   !6, ~17
   38    16        INIT_FCALL                                               'hash_hmac'
         17        SEND_VAR                                                 !0
         18        SEND_VAR                                                 !6
         19        SEND_VAR                                                 !5
         20        SEND_VAL                                                 <true>
         21        DO_ICALL                                         $19     
         22        ASSIGN                                                   !7, $19
   39    23        INIT_FCALL                                               'shitmac'
         24        SEND_VAR                                                 !5
         25        SEND_VAR                                                 !6
         26        SEND_VAR                                                 !0
         27        SEND_VAR                                                 !1
         28        SEND_VAR                                                 !2
         29        DO_FCALL                                      0  $21     
         30        ASSIGN                                                   !8, $21
   40    31        IS_IDENTICAL                                             !7, !8
         32      > JMPZ                                                     ~23, ->37
   41    33    >   NOP                                                      
         34        FAST_CONCAT                                      ~24     !4, '%3A+success%21%0A'
         35        ECHO                                                     ~24
   40    36      > JMP                                                      ->43
   43    37    >   INIT_FCALL                                               'var_dump'
         38        SEND_VAR                                                 !4
         39        SEND_VAR                                                 !7
         40        SEND_VAR                                                 !8
         41        DO_ICALL                                                 
   44    42      > EXIT                                                     'ERROR%21'
   35    43    >   PRE_INC                                                  !4
         44    >   IS_SMALLER                                               !4, 100
         45      > JMPNZ                                                    ~27, ->6
   46    46    > > RETURN                                                   1

Function shitmac_xor:
Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 42) Position 1 = 17
Branch analysis from position: 17
2 jumps found. (Code = 44) Position 1 = 19, Position 2 = 7
Branch analysis from position: 19
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 7
2 jumps found. (Code = 44) Position 1 = 19, Position 2 = 7
Branch analysis from position: 19
Branch analysis from position: 7
filename:       /in/OCBiU
function name:  shitmac_xor
number of ops:  21
compiled vars:  !0 = $str, !1 = $with, !2 = $ret, !3 = $i, !4 = $imax
line      #* E I O op                           fetch          ext  return  operands
-------------------------------------------------------------------------------------
    3     0  E >   RECV                                             !0      
          1        RECV                                             !1      
    4     2        ASSIGN                                                   !2, ''
    5     3        ASSIGN                                                   !3, 0
          4        STRLEN                                           ~7      !0
          5        ASSIGN                                                   !4, ~7
          6      > JMP                                                      ->17
    6     7    >   INIT_FCALL                                               'chr'
          8        INIT_FCALL                                               'ord'
          9        FETCH_DIM_R                                      ~9      !0, !3
         10        SEND_VAL                                                 ~9
         11        DO_ICALL                                         $10     
         12        BW_XOR                                           ~11     !1, $10
         13        SEND_VAL                                                 ~11
         14        DO_ICALL                                         $12     
         15        ASSIGN_OP                                     8          !2, $12
    5    16        PRE_INC                                                  !3
         17    >   IS_SMALLER                                               !3, !4
         18      > JMPNZ                                                    ~15, ->7
    8    19    > > RETURN                                                   !2
    9    20*     > RETURN                                                   null

End of function shitmac_xor

Function shitmac:
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 8, Position 2 = 14
Branch analysis from position: 8
2 jumps found. (Code = 43) Position 1 = 17, Position 2 = 24
Branch analysis from position: 17
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 24
Branch analysis from position: 14
filename:       /in/OCBiU
function name:  shitmac
number of ops:  50
compiled vars:  !0 = $key, !1 = $message, !2 = $hash_algorithm, !3 = $hash_algorithm_block_size, !4 = $hash_algorithm_output_size, !5 = $o_key_pad, !6 = $i_key_pad, !7 = $ret
line      #* E I O op                           fetch          ext  return  operands
-------------------------------------------------------------------------------------
   11     0  E >   RECV                                             !0      
          1        RECV                                             !1      
          2        RECV_INIT                                        !2      'SHA1'
          3        RECV_INIT                                        !3      64
          4        RECV_INIT                                        !4      20
   13     5        STRLEN                                           ~8      !0
          6        IS_SMALLER                                               !3, ~8
          7      > JMPZ                                                     ~9, ->14
   18     8    >   INIT_FCALL                                               'hash'
          9        SEND_VAR                                                 !2
         10        SEND_VAR                                                 !0
         11        SEND_VAL                                                 <true>
         12        DO_ICALL                                         $10     
         13        ASSIGN                                                   !0, $10
   20    14    >   STRLEN                                           ~12     !0
         15        IS_SMALLER                                               ~12, !3
         16      > JMPZ                                                     ~13, ->24
   22    17    >   INIT_FCALL                                               'str_pad'
         18        SEND_VAR                                                 !0
         19        SEND_VAR                                                 !3
         20        SEND_VAL                                                 '%00'
         21        SEND_VAL                                                 1
         22        DO_ICALL                                         $14     
         23        ASSIGN                                                   !0, $14
   24    24    >   INIT_FCALL                                               'shitmac_xor'
         25        SEND_VAR                                                 !0
         26        SEND_VAL                                                 92
         27        DO_FCALL                                      0  $16     
         28        ASSIGN                                                   !5, $16
   25    29        INIT_FCALL                                               'shitmac_xor'
         30        SEND_VAR                                                 !0
         31        SEND_VAL                                                 54
         32        DO_FCALL                                      0  $18     
         33        ASSIGN                                                   !6, $18
   26    34        INIT_FCALL                                               'hash'
         35        SEND_VAR                                                 !2
         36        CONCAT                                           ~20     !6, !1
         37        SEND_VAL                                                 ~20
         38        SEND_VAL                                                 <true>
         39        DO_ICALL                                         $21     
         40        ASSIGN                                                   !7, $21
   27    41        INIT_FCALL                                               'hash'
         42        SEND_VAR                                                 !2
         43        CONCAT                                           ~23     !5, !7
         44        SEND_VAL                                                 ~23
         45        SEND_VAL                                                 <true>
         46        DO_ICALL                                         $24     
         47        ASSIGN                                                   !7, $24
   28    48      > RETURN                                                   !7
   29    49*     > RETURN                                                   null

End of function shitmac

Generated using Vulcan Logic Dumper, using php 8.0.0

preferences:
168.77 ms | 1028 KiB | 24 Q