public function testWeakCrypto() { $this->assertNotSame('', $this->otp_auth->generateSecret()); self::$weak_crypto = true; $this->assertSame('', $this->otp_auth->generateSecret()); self::$weak_crypto = false; $this->assertNotSame('', $this->otp_auth->generateSecret()); }
/** * Do the actual registration of a new security key. * * @return boolean Result of the registration. * @throws http_exception */ public function register() { $secret = $this->request->variable('secret', ''); $otp = $this->request->variable('register', ''); if (!$this->otp->checkTOTP($secret, $otp, 'sha1')) { throw new http_exception(400, 'TFA_OTP_INVALID_KEY'); } $sql_ary = array('user_id' => $this->user->data['user_id'], 'secret' => $secret, 'registered' => time(), 'last_used' => time()); $sql = 'INSERT INTO ' . $this->otp_registration_table . ' ' . $this->db->sql_build_array('INSERT', $sql_ary); $this->db->sql_query($sql); }
/** * @dataProvider data_testCheckHOTP */ public function testCheckHOTP($counter, $code_sha1, $code_sha256, $code_sha512, $expected) { $this->assertSame($expected, $this->otp_auth->checkHOTP('JBSWY3DPEHPK3PXP', $counter, $code_sha1, 'sha1')); $this->assertSame($expected, $this->otp_auth->checkHOTP('JBSWY3DPEHPK3PXP', $counter, $code_sha256, 'sha256')); $this->assertSame($expected, $this->otp_auth->checkHOTP('JBSWY3DPEHPK3PXP', $counter, $code_sha512, 'sha512')); }