<?php

/*
** Information about the authors and licenses can be found below
*
** This is a slightly modified version by me Aron Szabo ( baronsz@freemail.hu )
** because I feel more comfortable with this
*/

/*
** Date modified: 1st October 2004 20:09 GMT
*
** PHP implementation of the Secure Hash Algorithm ( SHA-1 )
*
** This code is available under the GNU Lesser General Public License:
** http://www.gnu.org/licenses/lgpl.txt
*
** Based on the PHP implementation by Marcus Campbell
** http://www.tecknik.net/sha-1/
*
** This is a slightly modified version by me Jerome Clarke ( sinatosk@gmail.com )
** because I feel more comfortable with this
*/

function convert_hex2bin($data)
{
	$result = '';
	
	$result = pack('H*', $data);
	
	return $result;
}

function convert_bin2hex($data)
{
	$result = '';
	
	$result = bin2hex($data);
	
	return $result;
}

function sha1_str2blks_SHA1($str)
{
    $strlen_str = strlen($str);
   
    $nblk = (($strlen_str + 8) >> 6) + 1;
   
    for ($i=0; $i < $nblk * 16; $i++) $blks[$i] = 0;
   
    for ($i=0; $i < $strlen_str; $i++)
    {
        $blks[$i >> 2] |= ord(substr($str, $i, 1)) << (24 - ($i % 4) * 8);
    }
   
    $blks[$i >> 2] |= 0x80 << (24 - ($i % 4) * 8);
    $blks[$nblk * 16 - 1] = $strlen_str * 8;
   
    return $blks;
}

function sha1_safe_add($x, $y)
{
    $lsw = ($x & 0xFFFF) + ($y & 0xFFFF);
    $msw = ($x >> 16) + ($y >> 16) + ($lsw >> 16);
   
    return ($msw << 16) | ($lsw & 0xFFFF);
}

function sha1_rol($num, $cnt)
{
    return ($num << $cnt) | sha1_zeroFill($num, 32 - $cnt);   
}

function sha1_zeroFill($a, $b)
{
    $bin = decbin($a);
   
    $strlen_bin = strlen($bin);
   
    $bin = $strlen_bin < $b ? 0 : substr($bin, 0, $strlen_bin - $b);
   
    for ($i=0; $i < $b; $i++) $bin = '0'.$bin;
   
    return bindec($bin);
}

function sha1_ft($t, $b, $c, $d)
{
    if ($t < 20) return ($b & $c) | ((~$b) & $d);
    if ($t < 40) return $b ^ $c ^ $d;
    if ($t < 60) return ($b & $c) | ($b & $d) | ($c & $d);
   
    return $b ^ $c ^ $d;
}

function sha1_kt($t)
{
    if ($t < 20) return 1518500249;
    if ($t < 40) return 1859775393;
    if ($t < 60) return -1894007588;
   
    return -899497514;
}

function sha1_80rounds($str, $raw_output=FALSE, $a_hex, $b_hex, $c_hex, $d_hex, $e_hex)
{
	$hash = '';

	for ($counter = 0; $counter <= 80; $counter++)
	{

		if ( $raw_output === TRUE ) return pack('H*', sha1_80rounds($str, FALSE, $a_hex, $b_hex, $c_hex, $d_hex, $e_hex));

		$x = sha1_str2blks_SHA1($str);
		$a = hexdec($a_hex); //hexdec('67452301');
		$b = hexdec($b_hex); //hexdec('EFCDAB89');
		$c = hexdec($c_hex); //hexdec('98BADCFE');
		$d = hexdec($d_hex); //hexdec('10325476');
		$e = hexdec($e_hex); //hexdec('C3D2E1F0');

		$x_count = count($x);

		for ($i = 0; $i < $x_count; $i += 16)
		{
			$olda = $a;
			$oldb = $b;
			$oldc = $c;
			$oldd = $d;
			$olde = $e;

			for ($j = 0; $j < $counter; $j++)
			{
				$w[$j] = ($j < 16) ? $x[$i + $j] : sha1_rol($w[$j - 3] ^ $w[$j - 8] ^ $w[$j - 14] ^ $w[$j - 16], 1);

				$t = sha1_safe_add(sha1_safe_add(sha1_rol($a, 5), sha1_ft($j, $b, $c, $d)), sha1_safe_add(sha1_safe_add($e, $w[$j]), sha1_kt($j)));
				$e = $d;
				$d = $c;
				$c = sha1_rol($b, 30);
				$b = $a;
				$a = $t;
			}

			$a = sha1_safe_add($a, $olda);
			$b = sha1_safe_add($b, $oldb);
			$c = sha1_safe_add($c, $oldc);
			$d = sha1_safe_add($d, $oldd);
			$e = sha1_safe_add($e, $olde);
		}

		$hash[$counter] = sprintf('%08x%08x%08x%08x%08x', $a, $b, $c, $d, $e);
	}

	return $hash;
}



//////
//Main
//////

//test vector: message blocks of M1
$message1_block1 = '9d443828a5ea3df086eaa0fa7783a7363324484daf702aaaa3dab679d8a69e2d';
$message1_block2 = '543820eda7fffb52d3ff493fc3ff551efbffd97f55feeef2085af312088688a9';

//test vector: message blocks of M2
$message2_block1 = '3f44383881ea3deca0eaa0ee5183a72c3324485dab702ab66fdab66dd4a69e2f';
$message2_block2 = '943820fd13fffb4eefff493b7fff5504dbffd96f71feeeeee45af306048688ab';

//test vector: modified IV of M1
$a_hex = '506b0178';
$b_hex = 'ff6d1890';
$c_hex = '202291fd';
$d_hex = '3ade3871';
$e_hex = 'b2c665ea';

$hash1 = sha1_80rounds(convert_hex2bin($message1_block1 . $message1_block2), FALSE, $a_hex, $b_hex, $c_hex, $d_hex, $e_hex);

//test vector: modified IV of M2
$a_hex = '506b0178';
$b_hex = 'ff6d1891';
$c_hex = 'a02291fd';
$d_hex = '3ade3871';
$e_hex = 'b2c665ea';

$hash2 = sha1_80rounds(convert_hex2bin($message2_block1 . $message2_block2), FALSE, $a_hex, $b_hex, $c_hex, $d_hex, $e_hex);

//display
$html = '';
$html = $html . '<html><head><title>Collisions for 80-step SHA-1</title></head><body>';
$html = $html . '<table border="1">';
for ($counter = 0; $counter < count($hash1); $counter++)
{
	if ($hash1[$counter] == $hash2[$counter])
	{
		$html = $html . '<tr>';
		$html = $html . '<td>' . '<b>' . $counter . '</b>' . '</td>';
		$html = $html . '<td>' . '<b><font color="red">' . $hash1[$counter] . '</font></b>' . '</td>';
		$html = $html . '<td>' . '<b><font color="red">' . $hash2[$counter] . '</font></b>' . '</td>';
		$html = $html . '</tr>';
	}
	elseif ($counter == 80)
	{
		$html = $html . '<tr>';
		$html = $html . '<td>' . '<b>' . $counter . '</b>' . '</td>';
		$html = $html . '<td>' . '<b><font color="green">' . $hash1[$counter] . '</font></b>' . '</td>';
		$html = $html . '<td>' . '<b><font color="green">' . $hash2[$counter] . '</font></b>' . '</td>';
		$html = $html . '</tr>';
	}
	else
	{
		$html = $html . '<tr>';
		$html = $html . '<td>' . $counter . '</td>';
		$html = $html . '<td>' . $hash1[$counter] . '</td>';
		$html = $html . '<td>' . $hash2[$counter] . '</td>';
		$html = $html . '</tr>';
	}
}

$html = $html . '<tr>';
$html = $html . '<td>' . '<b>' . '80' . '</b>' . '</td>';
$html = $html . '<td>' . '<b><font color="green">' . $hash1[80] . '</font></b>' . '</td>';
$html = $html . '<td>' . '<b><font color="green">' . $hash2[80] . '</font></b>' . '</td>';
$html = $html . '</tr>';

$html = $html . '<tr>';
$html = $html . '<td>' . '<b>' . 'sha1()' . '</b>' . '</td>';
$html = $html . '<td>' . '<b><font color="black">' . sha1(convert_hex2bin($message1_block1 . $message1_block2)) . '</font></b>' . '</td>';
$html = $html . '<td>' . '<b><font color="black">' . sha1(convert_hex2bin($message2_block1 . $message2_block2)) . '</font></b>' . '</td>';
$html = $html . '</tr>';
$html = $html . '</table>';
$html = $html . '<br/><b><font color="red">' . 'red' . '</font>:</b>' . ' SHA-1 collision is found';
$html = $html . '<br/><b><font color="green">' . 'green' . '</font>:</b>' . ' final (80-step) value of third-party SHA-1 implementation - sha1_80rounds()';
$html = $html . '<br/><b><font color="black">' . 'black' . '</font>:</b>' . ' final (80-step) value of official PHP SHA-1 implementation - sha1()';
$html = $html . '<body></html>';

echo $html;

?>