function testDifferentHashes()
{
$NUM_HASHES = 50;
$md5s = array();
$sha1s = array();
$sha256s = array();
try {
$this->assertFalse(hexstr2int($parameter), "null parameter should throw exception and return false.");
} catch (Exception $e) {
$this->pass("Properly threw exception on null parameter");
}
}
function __otp_hash($hexstr)
{
for ($i = 0; $i < 5; ++$i) {
$cur[$i] = substr($hexstr, $i * 8, 8);
$cur[$i] = pack("L", hexstr2int($cur[$i]));
}
/* now apply xor algorithm to fold into 64 bit key
according to algorithm RFC 2289 :
"The secure hash algorithms listed above have the property that they
accept an input that is arbitrarily long and produce a fixed size
output. The OTP system folds this output to 64 bits using the
algorithms in the Appendix A. 64 bits is also the length of the one-
time passwords. This is believed to be long enough to be secure and
short enough to be entered manually (see below, Form of Output) when
necessary."
AND
"Fold the 160 bit result to 64 bits
sha.digest[0] ^= sha.digest[2];
sha.digest[1] ^= sha.digest[3];
sha.digest[0] ^= sha.digest[4];"
*/
$fin[0] = pack("L", 0x0);
$fin[1] = pack("L", 0x0);
$cur[0] = $cur[0] ^ $cur[2];
$fin[1] = $cur[1] ^ $cur[3];
$fin[0] = $cur[0] ^ $cur[4];
/* note should force specific byte-order to be little endian here */
return ulong2hexstr($fin[0], 8) . ulong2hexstr($fin[1], 8);
// added left-zero padding to force return size of 16 hex digits
}
function testNonBinString()
{
$parameter = "55999ZZ";
try {
$this->assertFalse(hexstr2int($parameter), "non-binary string parameter should throw exception and return false.");
} catch (Exception $e) {
$this->pass("Properly threw exception on non-binary string parameter");
}
}
