public function testWeakCrypto()
{
$this->assertNotSame('', $this->otp_auth->generateSecret());
self::$weak_crypto = true;
$this->assertSame('', $this->otp_auth->generateSecret());
self::$weak_crypto = false;
$this->assertNotSame('', $this->otp_auth->generateSecret());
}
/**
* Do the actual registration of a new security key.
*
* @return boolean Result of the registration.
* @throws http_exception
*/
public function register()
{
$secret = $this->request->variable('secret', '');
$otp = $this->request->variable('register', '');
if (!$this->otp->checkTOTP($secret, $otp, 'sha1')) {
throw new http_exception(400, 'TFA_OTP_INVALID_KEY');
}
$sql_ary = array('user_id' => $this->user->data['user_id'], 'secret' => $secret, 'registered' => time(), 'last_used' => time());
$sql = 'INSERT INTO ' . $this->otp_registration_table . ' ' . $this->db->sql_build_array('INSERT', $sql_ary);
$this->db->sql_query($sql);
}
/**
* @dataProvider data_testCheckHOTP
*/
public function testCheckHOTP($counter, $code_sha1, $code_sha256, $code_sha512, $expected)
{
$this->assertSame($expected, $this->otp_auth->checkHOTP('JBSWY3DPEHPK3PXP', $counter, $code_sha1, 'sha1'));
$this->assertSame($expected, $this->otp_auth->checkHOTP('JBSWY3DPEHPK3PXP', $counter, $code_sha256, 'sha256'));
$this->assertSame($expected, $this->otp_auth->checkHOTP('JBSWY3DPEHPK3PXP', $counter, $code_sha512, 'sha512'));
}
