<?php

/*
** Information about the authors and licenses can be found below
*
** This is a slightly modified version by me Aron Szabo ( baronsz@freemail.hu )
** because I feel more comfortable with this
*/

function convert_hex2bin($data)
{
	$ascii = "";
	$hex = $data;

	for ($counter = 0; $counter < (strlen($hex) / 2); $counter = $counter + 1)
		{
		$ascii = $ascii . chr(hexdec(substr($hex, ($counter * 2), 2)));
		}

	return $ascii;
}

function convert_bin2hex($data)
{
	$hex = "";
	$ascii = $data;

	for ($counter = 0; $counter < strlen($ascii); $counter = $counter + 1)
		{
		$hex = $hex . str_pad(dechex(ord($ascii[$counter])), 2, 0, STR_PAD_LEFT);
		}

	return $hex;
}

/*
** Date modified: 1st October 2004 20:09 GMT
*
** PHP implementation of the Secure Hash Algorithm ( SHA-1 )
*
** This code is available under the GNU Lesser General Public License:
** http://www.gnu.org/licenses/lgpl.txt
*
** Based on the PHP implementation by Marcus Campbell
** http://www.tecknik.net/sha-1/
*
** This is a slightly modified version by me Jerome Clarke ( sinatosk@gmail.com )
** because I feel more comfortable with this
*/

function sha1_str2blks_SHA1($str)
{
    $strlen_str = strlen($str);
   
    $nblk = (($strlen_str + 8) >> 6) + 1;
   
    for ($i=0; $i < $nblk * 16; $i++) $blks[$i] = 0;
   
    for ($i=0; $i < $strlen_str; $i++)
    {
        $blks[$i >> 2] |= ord(substr($str, $i, 1)) << (24 - ($i % 4) * 8);
    }
   
    $blks[$i >> 2] |= 0x80 << (24 - ($i % 4) * 8);
    $blks[$nblk * 16 - 1] = $strlen_str * 8;
   
    return $blks;
}

function sha1_safe_add($x, $y)
{
    $lsw = ($x & 0xFFFF) + ($y & 0xFFFF);
    $msw = ($x >> 16) + ($y >> 16) + ($lsw >> 16);
   
    return ($msw << 16) | ($lsw & 0xFFFF);
}

function sha1_rol($num, $cnt)
{
    return ($num << $cnt) | sha1_zeroFill($num, 32 - $cnt);   
}

function sha1_zeroFill($a, $b)
{
    $bin = decbin($a);
   
    $strlen_bin = strlen($bin);
   
    $bin = $strlen_bin < $b ? 0 : substr($bin, 0, $strlen_bin - $b);
   
    for ($i=0; $i < $b; $i++) $bin = '0'.$bin;
   
    return bindec($bin);
}

function sha1_ft($t, $b, $c, $d)
{
    if ($t < 20) return ($b & $c) | ((~$b) & $d);
    if ($t < 40) return $b ^ $c ^ $d;
    if ($t < 60) return ($b & $c) | ($b & $d) | ($c & $d);
   
    return $b ^ $c ^ $d;
}

function sha1_kt($t)
{
    if ($t < 20) return 1518500249;
    if ($t < 40) return 1859775393;
    if ($t < 60) return -1894007588;
   
    return -899497514;
}

function sha1_80rounds($str, $raw_output=FALSE)
{
	$hash = '';

	for ($counter = 0; $counter <= 80; $counter++)
	{

		if ( $raw_output === TRUE ) return pack('H*', sha1_80rounds($str, FALSE));

		$x = sha1_str2blks_SHA1($str);
		$a =  1732584193;
		$b = -271733879;
		$c = -1732584194;
		$d =  271733878;
		$e = -1009589776;

		$x_count = count($x);

		for ($i = 0; $i < $x_count; $i += 16)
		{
			$olda = $a;
			$oldb = $b;
			$oldc = $c;
			$oldd = $d;
			$olde = $e;

			for ($j = 0; $j < $counter; $j++)
			{
				$w[$j] = ($j < 16) ? $x[$i + $j] : sha1_rol($w[$j - 3] ^ $w[$j - 8] ^ $w[$j - 14] ^ $w[$j - 16], 1);

				$t = sha1_safe_add(sha1_safe_add(sha1_rol($a, 5), sha1_ft($j, $b, $c, $d)), sha1_safe_add(sha1_safe_add($e, $w[$j]), sha1_kt($j)));
				$e = $d;
				$d = $c;
				$c = sha1_rol($b, 30);
				$b = $a;
				$a = $t;
			}

			$a = sha1_safe_add($a, $olda);
			$b = sha1_safe_add($b, $oldb);
			$c = sha1_safe_add($c, $oldc);
			$d = sha1_safe_add($d, $oldd);
			$e = sha1_safe_add($e, $olde);
		}

		$hash[$counter] = sprintf('%08x%08x%08x%08x%08x', $a, $b, $c, $d, $e);
	}

	return $hash;
}

//////
//Main
//////

$message1_block1 = 'F01EE8EEBDDFF313B2F59EE4BB37F2BB2F472A361C052F6A96403EF0F144298BDAF5519C7A90DD712BF3718EA7E3DE6DEFFA975E9B00AA956056E3EE2BA4483A';
$message1_block2 = 'F072633F0D32226ADFF7445998507743EEFE63DDFE10D5C5AFE33902EF74984E350272F7DB382ABC155B0414B800179D18ECD4BC154972131505284C60C4F869';
$message2_block1 = '001EE8843DDFF35322F59E940B37F2E81F472A3E1C052F2946403E824144299B2AF551FEBA90DD332BF371BE47E3DE2FCFFA973E7B00AAD44056E3BEEBA4487B';
$message2_block2 = '007263558D32222A4FF7442928507710DEFE63D5FE10D5867FE339705F74985EC50272951B382AFE155B0424580017DF38ECD4DCF54972523505281CA0C4F828';

$hash1 = sha1_80rounds(convert_hex2bin($message1_block1 . $message1_block2));
$hash2 = sha1_80rounds(convert_hex2bin($message2_block1 . $message2_block2));

$html = '';
$html = $html . '<html><head><title>Collisions for 75-step reduced SHA-1</title></head><body>';
$html = $html . '<table border="1">';
for ($counter = 0; $counter < count($hash1); $counter++)
{
	if ($hash1[$counter] == $hash2[$counter])
	{
		$html = $html . '<tr>';
		$html = $html . '<td>' . '<b>' . $counter . '</b>' . '</td>';
		$html = $html . '<td>' . '<b><font color="red">' . $hash1[$counter] . '</font></b>' . '</td>';
		$html = $html . '<td>' . '<b><font color="red">' . $hash2[$counter] . '</font></b>' . '</td>';
		$html = $html . '</tr>';
	}
	elseif ($counter == 80)
	{
		$html = $html . '<tr>';
		$html = $html . '<td>' . '<b>' . $counter . '</b>' . '</td>';
		$html = $html . '<td>' . '<b><font color="green">' . $hash1[$counter] . '</font></b>' . '</td>';
		$html = $html . '<td>' . '<b><font color="green">' . $hash2[$counter] . '</font></b>' . '</td>';
		$html = $html . '</tr>';
	}
	else
	{
		$html = $html . '<tr>';
		$html = $html . '<td>' . $counter . '</td>';
		$html = $html . '<td>' . $hash1[$counter] . '</td>';
		$html = $html . '<td>' . $hash2[$counter] . '</td>';
		$html = $html . '</tr>';
	}
}
$html = $html . '<tr>';
$html = $html . '<td>' . '<b>' . 'sha1()' . '</b>' . '</td>';
$html = $html . '<td>' . '<b><font color="black">' . sha1(convert_hex2bin($message1_block1 . $message1_block2)) . '</font></b>' . '</td>';
$html = $html . '<td>' . '<b><font color="black">' . sha1(convert_hex2bin($message2_block1 . $message2_block2)) . '</font></b>' . '</td>';
$html = $html . '</tr>';
$html = $html . '</table>';
$html = $html . '<br/><b><font color="red">' . 'red' . '</font>:</b>' . ' SHA-1 collision is found';
$html = $html . '<br/><b><font color="green">' . 'green' . '</font>:</b>' . ' final (80-step) value of third-party SHA-1 implementation - sha1_80rounds()';
$html = $html . '<br/><b><font color="black">' . 'black' . '</font>:</b>' . ' final (80-step) value of official PHP SHA-1 implementation - sha1()';
$html = $html . '<body></html>';

echo $html;

?>