3v4l.org

run code in 500+ PHP versions simultaneously
<?php function shitmac_xor(string $str, int $with){ $ret = ""; for($i=0,$imax=strlen($str);$i<$imax;++$i){ $ret .= chr( ord($str[$i]) ^ $with ); } return $ret; } function shitmac(string $key, string $message, string $hash_algorithm = "SHA1", int $hash_algorithm_block_size = 64, int $hash_algorithm_output_size = 20){ if(strlen($key) > $hash_algorithm_block_size){ // this is probably a bad idea, but php is doing it anyway. // > RFC 2104 requires that "keys longer than B bytes are first hashed using H" which leads to a confusing pseudo-collision: if the key is longer than the hash block size (e.g. 64 characters for SHA-1), then HMAC(k, m) is computed as HMAC(H(k), m).This property is sometimes raised as a possible weakness of HMAC in password-hashing scenarios: it has been demonstrated that it's possible to find a long ASCII string and a random value whose hash will be also an ASCII string, and both values will produce the same HMAC output. // die("TODO: hash(hash_algo, key"); $key = hash($hash_algorithm, $key, true); } if(strlen($key) < $hash_algorithm_block_size){ // die("TODO: key=str_pad(key,x00,block_size,pad_left"); $key = str_pad($key, $hash_algorithm_block_size, "\x00", STR_PAD_RIGHT); } $o_key_pad = shitmac_xor($key, 0x5C); $i_key_pad = shitmac_xor($key, 0x36); $ret = hash($hash_algorithm, $i_key_pad.$message, true); $ret = hash($hash_algorithm, $o_key_pad . $ret, true); return $ret; } $hash_algorithm = "SHA1"; $hash_algorithm_block_size = 64; $hash_algorithm_output_size = 20; $results=[]; for($i=0;$i<100;++$i){ $key=str_repeat("\x00", $i); $message = "Hello World".random_bytes($i); $hmac = hash_hmac($hash_algorithm, $message, $key, true); $shitmac = shitmac($key, $message, $hash_algorithm, $hash_algorithm_block_size, $hash_algorithm_output_size); if($hmac === $shitmac){ echo "{$i}: success!\n"; }else{ var_dump($i,$hmac,$shitmac); die("ERROR!"); } }
Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 42) Position 1 = 46
Branch analysis from position: 46
2 jumps found. (Code = 44) Position 1 = 48, Position 2 = 6
Branch analysis from position: 48
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 6
2 jumps found. (Code = 43) Position 1 = 33, Position 2 = 37
Branch analysis from position: 33
1 jumps found. (Code = 42) Position 1 = 45
Branch analysis from position: 45
2 jumps found. (Code = 44) Position 1 = 48, Position 2 = 6
Branch analysis from position: 48
Branch analysis from position: 6
Branch analysis from position: 37
1 jumps found. (Code = 61) Position 1 = -2
filename:       /in/OCBiU
function name:  (null)
number of ops:  49
compiled vars:  !0 = $hash_algorithm, !1 = $hash_algorithm_block_size, !2 = $hash_algorithm_output_size, !3 = $results, !4 = $i, !5 = $key, !6 = $message, !7 = $hmac, !8 = $shitmac
line      #* E I O op                               fetch          ext  return  operands
-----------------------------------------------------------------------------------------
   30     0  E >   ASSIGN                                                       !0, 'SHA1'
   31     1        ASSIGN                                                       !1, 64
   32     2        ASSIGN                                                       !2, 20
   34     3        ASSIGN                                                       !3, <array>
   35     4        ASSIGN                                                       !4, 0
          5      > JMP                                                          ->46
   36     6    >   INIT_FCALL                                                   'str_repeat'
          7        SEND_VAL                                                     '%00'
          8        SEND_VAR                                                     !4
          9        DO_ICALL                                             $14     
         10        ASSIGN                                                       !5, $14
   37    11        INIT_FCALL                                                   'random_bytes'
         12        SEND_VAR                                                     !4
         13        DO_ICALL                                             $16     
         14        CONCAT                                               ~17     'Hello+World', $16
         15        ASSIGN                                                       !6, ~17
   38    16        INIT_FCALL                                                   'hash_hmac'
         17        SEND_VAR                                                     !0
         18        SEND_VAR                                                     !6
         19        SEND_VAR                                                     !5
         20        SEND_VAL                                                     <true>
         21        DO_ICALL                                             $19     
         22        ASSIGN                                                       !7, $19
   39    23        INIT_FCALL                                                   'shitmac'
         24        SEND_VAR                                                     !5
         25        SEND_VAR                                                     !6
         26        SEND_VAR                                                     !0
         27        SEND_VAR                                                     !1
         28        SEND_VAR                                                     !2
         29        DO_FCALL                                          0  $21     
         30        ASSIGN                                                       !8, $21
   40    31        IS_IDENTICAL                                                 !7, !8
         32      > JMPZ                                                         ~23, ->37
   41    33    >   NOP                                                          
         34        FAST_CONCAT                                          ~24     !4, '%3A+success%21%0A'
         35        ECHO                                                         ~24
   40    36      > JMP                                                          ->45
   43    37    >   INIT_FCALL                                                   'var_dump'
         38        SEND_VAR                                                     !4
         39        SEND_VAR                                                     !7
         40        SEND_VAR                                                     !8
         41        DO_ICALL                                                     
   44    42      > INIT_FCALL                                                   'exit'
         43*       SEND_VAL                                                     'ERROR%21'
         44*       DO_ICALL                                                     
   35    45    >   PRE_INC                                                      !4
         46    >   IS_SMALLER                                                   !4, 100
         47      > JMPNZ                                                        ~28, ->6
   46    48    > > RETURN                                                       1

Function shitmac_xor:
Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 42) Position 1 = 17
Branch analysis from position: 17
2 jumps found. (Code = 44) Position 1 = 19, Position 2 = 7
Branch analysis from position: 19
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 7
2 jumps found. (Code = 44) Position 1 = 19, Position 2 = 7
Branch analysis from position: 19
Branch analysis from position: 7
filename:       /in/OCBiU
function name:  shitmac_xor
number of ops:  21
compiled vars:  !0 = $str, !1 = $with, !2 = $ret, !3 = $i, !4 = $imax
line      #* E I O op                               fetch          ext  return  operands
-----------------------------------------------------------------------------------------
    3     0  E >   RECV                                                 !0      
          1        RECV                                                 !1      
    4     2        ASSIGN                                                       !2, ''
    5     3        ASSIGN                                                       !3, 0
          4        STRLEN                                               ~7      !0
          5        ASSIGN                                                       !4, ~7
          6      > JMP                                                          ->17
    6     7    >   INIT_FCALL                                                   'chr'
          8        INIT_FCALL                                                   'ord'
          9        FETCH_DIM_R                                          ~9      !0, !3
         10        SEND_VAL                                                     ~9
         11        DO_ICALL                                             $10     
         12        BW_XOR                                               ~11     !1, $10
         13        SEND_VAL                                                     ~11
         14        DO_ICALL                                             $12     
         15        ASSIGN_OP                                         8          !2, $12
    5    16        PRE_INC                                                      !3
         17    >   IS_SMALLER                                                   !3, !4
         18      > JMPNZ                                                        ~15, ->7
    8    19    > > RETURN                                                       !2
    9    20*     > RETURN                                                       null

End of function shitmac_xor

Function shitmac:
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 8, Position 2 = 14
Branch analysis from position: 8
2 jumps found. (Code = 43) Position 1 = 17, Position 2 = 24
Branch analysis from position: 17
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 24
Branch analysis from position: 14
filename:       /in/OCBiU
function name:  shitmac
number of ops:  50
compiled vars:  !0 = $key, !1 = $message, !2 = $hash_algorithm, !3 = $hash_algorithm_block_size, !4 = $hash_algorithm_output_size, !5 = $o_key_pad, !6 = $i_key_pad, !7 = $ret
line      #* E I O op                               fetch          ext  return  operands
-----------------------------------------------------------------------------------------
   11     0  E >   RECV                                                 !0      
          1        RECV                                                 !1      
          2        RECV_INIT                                            !2      'SHA1'
   12     3        RECV_INIT                                            !3      64
          4        RECV_INIT                                            !4      20
   13     5        STRLEN                                               ~8      !0
          6        IS_SMALLER                                                   !3, ~8
          7      > JMPZ                                                         ~9, ->14
   18     8    >   INIT_FCALL                                                   'hash'
          9        SEND_VAR                                                     !2
         10        SEND_VAR                                                     !0
         11        SEND_VAL                                                     <true>
         12        DO_ICALL                                             $10     
         13        ASSIGN                                                       !0, $10
   20    14    >   STRLEN                                               ~12     !0
         15        IS_SMALLER                                                   ~12, !3
         16      > JMPZ                                                         ~13, ->24
   22    17    >   INIT_FCALL                                                   'str_pad'
         18        SEND_VAR                                                     !0
         19        SEND_VAR                                                     !3
         20        SEND_VAL                                                     '%00'
         21        SEND_VAL                                                     1
         22        DO_ICALL                                             $14     
         23        ASSIGN                                                       !0, $14
   24    24    >   INIT_FCALL                                                   'shitmac_xor'
         25        SEND_VAR                                                     !0
         26        SEND_VAL                                                     92
         27        DO_FCALL                                          0  $16     
         28        ASSIGN                                                       !5, $16
   25    29        INIT_FCALL                                                   'shitmac_xor'
         30        SEND_VAR                                                     !0
         31        SEND_VAL                                                     54
         32        DO_FCALL                                          0  $18     
         33        ASSIGN                                                       !6, $18
   26    34        INIT_FCALL                                                   'hash'
         35        SEND_VAR                                                     !2
         36        CONCAT                                               ~20     !6, !1
         37        SEND_VAL                                                     ~20
         38        SEND_VAL                                                     <true>
         39        DO_ICALL                                             $21     
         40        ASSIGN                                                       !7, $21
   27    41        INIT_FCALL                                                   'hash'
         42        SEND_VAR                                                     !2
         43        CONCAT                                               ~23     !5, !7
         44        SEND_VAL                                                     ~23
         45        SEND_VAL                                                     <true>
         46        DO_ICALL                                             $24     
         47        ASSIGN                                                       !7, $24
   28    48      > RETURN                                                       !7
   29    49*     > RETURN                                                       null

End of function shitmac

Generated using Vulcan Logic Dumper, using php 8.5.0

preferences:
172.35 ms | 1418 KiB | 25 Q