3v4l.org

run code in 500+ PHP versions simultaneously
<?php declare(strict_types = 1); /** * Bitbucket Webhook Signature * * @link https://stackoverflow.com/a/79425616/367456 */ enum BitbucketSignature { case sha256; case sha384; case sha512; public static function authContents( ?string $signature, string $payload, #[SensitiveParameter] string $secret ) : ?string { if (null === $signature) return null; $algo = array_intersect_key( array_column(BitbucketSignature::cases(), null, 'name'), array_flip(hash_hmac_algos()), )[substr($signature, 0, 6)] ?? null; return ($algo instanceof self) && hash_equals($signature, "$algo->name=".hash_hmac($algo->name, $payload, $secret), ) ? $payload : null; } } $secret = "It's a Secret to Everybody"; $contents = BitbucketSignature::authContents( signature: @$_SERVER['HTTP_X_HUB_SIGNATURE'], payload: file_get_contents(filename: 'php://input'), secret: $secret, ); var_dump($contents); $signature = 'sha256=a4771c39fbe90f317c7824e83ddef3caae9cb3d976c214ace1f2937e133263c9'; $payload = 'Hello World!'; $contents = BitbucketSignature::authContents( signature: $signature, payload: $payload, secret: $secret, ); var_dump($contents);
Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 62) Position 1 = -2
filename:       /in/kbSg5
function name:  (null)
number of ops:  32
compiled vars:  !0 = $secret, !1 = $contents, !2 = $signature, !3 = $payload
line      #* E I O op                               fetch          ext  return  operands
-----------------------------------------------------------------------------------------
    8     0  E >   DECLARE_CLASS                                                'bitbucketsignature'
   36     1        ASSIGN                                                       !0, 'It%27s+a+Secret+to+Everybody'
   39     2        INIT_STATIC_METHOD_CALL                                      'BitbucketSignature', 'authContents'
   40     3        BEGIN_SILENCE                                        ~5      
          4        FETCH_R                          global              ~6      '_SERVER'
          5        FETCH_DIM_R                                          ~7      ~6, 'HTTP_X_HUB_SIGNATURE'
          6        END_SILENCE                                                  ~5
          7        SEND_VAL_EX                                                  ~7, 'signature'
   41     8        INIT_FCALL                                                   'file_get_contents'
          9        SEND_VAL                                                     'php%3A%2F%2Finput'
         10        DO_ICALL                                             $8      
         11        SEND_VAR_NO_REF_EX                                           $8, 'payload'
   40    12        SEND_VAR_EX                                                  !0, 'secret'
         13        CHECK_UNDEF_ARGS                                             
   39    14        DO_FCALL                                          1  $9      
         15        ASSIGN                                                       !1, $9
   45    16        INIT_FCALL                                                   'var_dump'
         17        SEND_VAR                                                     !1
         18        DO_ICALL                                                     
   48    19        ASSIGN                                                       !2, 'sha256%3Da4771c39fbe90f317c7824e83ddef3caae9cb3d976c214ace1f2937e133263c9'
   49    20        ASSIGN                                                       !3, 'Hello+World%21'
   51    21        INIT_STATIC_METHOD_CALL                                      'BitbucketSignature', 'authContents'
   52    22        SEND_VAR_EX                                                  !2, 'signature'
         23        SEND_VAR_EX                                                  !3, 'payload'
         24        SEND_VAR_EX                                                  !0, 'secret'
         25        CHECK_UNDEF_ARGS                                             
   51    26        DO_FCALL                                          1  $14     
         27        ASSIGN                                                       !1, $14
   57    28        INIT_FCALL                                                   'var_dump'
         29        SEND_VAR                                                     !1
         30        DO_ICALL                                                     
         31      > RETURN                                                       1

Class BitbucketSignature:
Function authcontents:
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 5, Position 2 = 6
Branch analysis from position: 5
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 6
2 jumps found. (Code = 46) Position 1 = 30, Position 2 = 45
Branch analysis from position: 30
2 jumps found. (Code = 43) Position 1 = 46, Position 2 = 48
Branch analysis from position: 46
1 jumps found. (Code = 42) Position 1 = 49
Branch analysis from position: 49
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 48
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 45
filename:       /in/kbSg5
function name:  authContents
number of ops:  53
compiled vars:  !0 = $signature, !1 = $payload, !2 = $secret, !3 = $algo
line      #* E I O op                               fetch          ext  return  operands
-----------------------------------------------------------------------------------------
   15     0  E >   RECV                                                 !0      
   16     1        RECV                                                 !1      
   18     2        RECV                                                 !2      
   22     3        TYPE_CHECK                                        2          !0
          4      > JMPZ                                                         ~4, ->6
          5    > > RETURN                                                       null
   24     6    >   INIT_FCALL                                                   'array_intersect_key'
   25     7        INIT_FCALL                                                   'array_column'
          8        INIT_STATIC_METHOD_CALL                                      'BitbucketSignature', 'cases'
          9        DO_FCALL                                          0  $5      
         10        SEND_VAR                                                     $5
         11        SEND_VAL                                                     null
         12        SEND_VAL                                                     'name'
         13        DO_ICALL                                             $6      
         14        SEND_VAR                                                     $6
   26    15        INIT_FCALL                                                   'array_flip'
         16        INIT_FCALL                                                   'hash_hmac_algos'
         17        DO_ICALL                                             $7      
         18        SEND_VAR                                                     $7
         19        DO_ICALL                                             $8      
         20        SEND_VAR                                                     $8
   24    21        DO_ICALL                                             $9      
   27    22        FRAMELESS_ICALL_3                substr              ~10     !0, 0
         23        OP_DATA                                                      6
         24        FETCH_DIM_IS                                         ~11     $9, ~10
         25        COALESCE                                             ~12     ~11
         26        QM_ASSIGN                                            ~12     null
   24    27        ASSIGN                                                       !3, ~12
   29    28        INSTANCEOF                                           ~14     !3
         29      > JMPZ_EX                                              ~14     ~14, ->45
         30    >   INIT_FCALL                                                   'hash_equals'
         31        SEND_VAR                                                     !0
   30    32        FETCH_OBJ_R                                          ~15     !3, 'name'
         33        NOP                                                          
         34        FAST_CONCAT                                          ~16     ~15, '%3D'
         35        INIT_FCALL                                                   'hash_hmac'
         36        FETCH_OBJ_R                                          ~17     !3, 'name'
         37        SEND_VAL                                                     ~17
         38        SEND_VAR                                                     !1
         39        SEND_VAR                                                     !2
         40        DO_ICALL                                             $18     
         41        CONCAT                                               ~19     ~16, $18
         42        SEND_VAL                                                     ~19
   29    43        DO_ICALL                                             $20     
   30    44        BOOL                                                 ~14     $20
         45    > > JMPZ                                                         ~14, ->48
   31    46    >   QM_ASSIGN                                            ~21     !1
         47      > JMP                                                          ->49
         48    >   QM_ASSIGN                                            ~21     null
         49    >   VERIFY_RETURN_TYPE                                           ~21
         50      > RETURN                                                       ~21
   32    51*       VERIFY_RETURN_TYPE                                           
         52*     > RETURN                                                       null

End of function authcontents

End of class BitbucketSignature.

Generated using Vulcan Logic Dumper, using php 8.5.0

preferences:
180.4 ms | 1502 KiB | 21 Q