Sc00bz/collision.php

## collision.php
<?php

// Collision taken from https://shattered.io/

// Outputs:
// HMAC-SHA1(key, msg1): 9b4dee1a35fc03786f1162989d1e441ba0e69f4d
// HMAC-SHA1(key, msg2): 9b4dee1a35fc03786f1162989d1e441ba0e69f4d
//
// HMAC-SHA256(key, msg1): e98a27bd93001cda9810b93c2191f5099817bb31f5445bc12cafd27a78cb4506
// HMAC-SHA256(key, msg2): 97aa871b175a99417f7f1c44ac2793730821caf7da697ff374c60f595ef5173a

header("Content-Type: text/plain");

$key = hex2bin(
	'136672701b0718053c13d4d5f9e53c3c3c0716061659545c3c0a0a19615f5242' .
	'5e160416061664197e535f515e4216051606166419624f465316021606166419');

$msg1 = hex2bin(
	'537562747970652035203020522f46696c7465722036203020522f436f6c6f72' .
	'53706163652037203020522f4c656e6774682038203020522f42697473506572' .
	'436f6d706f6e656e7420383e3e0a73747265616d0affd8fffe00245348412d31' .
	'20697320646561642121212121852fec092339759c39b1a1c63c4c97e1fffe01' .
	'7346dc9166b67e118f029ab621b2560ff9ca67cca8c7f85ba84c79030c2b3de2' .
	'18f86db3a90901d5df45c14f26fedfb3dc38e96ac22fe7bd728f0e45bce046d2' .
	'3c570feb141398bb552ef5a0a82be331fea48037b8b5d71f0e332edf93ac3500' .
	'eb4ddc0decc1a864790c782c76215660dd309791d06bd0af3f98cda4bc4629b1');
$msg2 = hex2bin(
	'537562747970652035203020522f46696c7465722036203020522f436f6c6f72' .
	'53706163652037203020522f4c656e6774682038203020522f42697473506572' .
	'436f6d706f6e656e7420383e3e0a73747265616d0affd8fffe00245348412d31' .
	'20697320646561642121212121852fec092339759c39b1a1c63c4c97e1fffe01' .
	'7f46dc93a6b67e013b029aaa1db2560b45ca67d688c7f84b8c4c791fe02b3df6' .
	'14f86db1690901c56b45c1530afedfb76038e972722fe7ad728f0e4904e046c2' .
	'30570fe9d41398abe12ef5bc942be33542a4802d98b5d70f2a332ec37fac3514' .
	'e74ddc0f2cc1a874cd0c78305a21566461309789606bd0bf3f98cda8044629a1');

foreach (['SHA1', 'SHA256'] as $algo)
{
	echo "HMAC-$algo(key, msg1): " . hash_hmac($algo, $msg1, $key) . "\n";
	echo "HMAC-$algo(key, msg2): " . hash_hmac($algo, $msg2, $key) . "\n\n";
}
	<?php

	// Collision taken from https://shattered.io/

	// Outputs:
	// HMAC-SHA1(key, msg1): 9b4dee1a35fc03786f1162989d1e441ba0e69f4d
	// HMAC-SHA1(key, msg2): 9b4dee1a35fc03786f1162989d1e441ba0e69f4d
	//
	// HMAC-SHA256(key, msg1): e98a27bd93001cda9810b93c2191f5099817bb31f5445bc12cafd27a78cb4506
	// HMAC-SHA256(key, msg2): 97aa871b175a99417f7f1c44ac2793730821caf7da697ff374c60f595ef5173a

	header("Content-Type: text/plain");

	$key = hex2bin(
	'136672701b0718053c13d4d5f9e53c3c3c0716061659545c3c0a0a19615f5242' .
	'5e160416061664197e535f515e4216051606166419624f465316021606166419');

	$msg1 = hex2bin(
	'537562747970652035203020522f46696c7465722036203020522f436f6c6f72' .
	'53706163652037203020522f4c656e6774682038203020522f42697473506572' .
	'436f6d706f6e656e7420383e3e0a73747265616d0affd8fffe00245348412d31' .
	'20697320646561642121212121852fec092339759c39b1a1c63c4c97e1fffe01' .
	'7346dc9166b67e118f029ab621b2560ff9ca67cca8c7f85ba84c79030c2b3de2' .
	'18f86db3a90901d5df45c14f26fedfb3dc38e96ac22fe7bd728f0e45bce046d2' .
	'3c570feb141398bb552ef5a0a82be331fea48037b8b5d71f0e332edf93ac3500' .
	'eb4ddc0decc1a864790c782c76215660dd309791d06bd0af3f98cda4bc4629b1');
	$msg2 = hex2bin(
	'537562747970652035203020522f46696c7465722036203020522f436f6c6f72' .
	'53706163652037203020522f4c656e6774682038203020522f42697473506572' .
	'436f6d706f6e656e7420383e3e0a73747265616d0affd8fffe00245348412d31' .
	'20697320646561642121212121852fec092339759c39b1a1c63c4c97e1fffe01' .
	'7f46dc93a6b67e013b029aaa1db2560b45ca67d688c7f84b8c4c791fe02b3df6' .
	'14f86db1690901c56b45c1530afedfb76038e972722fe7ad728f0e4904e046c2' .
	'30570fe9d41398abe12ef5bc942be33542a4802d98b5d70f2a332ec37fac3514' .
	'e74ddc0f2cc1a874cd0c78305a21566461309789606bd0bf3f98cda8044629a1');

	foreach (['SHA1', 'SHA256'] as $algo)
	{
	echo "HMAC-$algo(key, msg1): " . hash_hmac($algo, $msg1, $key) . "\n";
	echo "HMAC-$algo(key, msg2): " . hash_hmac($algo, $msg2, $key) . "\n\n";
	}