public function testKnownTestVectors_sha512() { //Known test vectors for SHA512: https://tools.ietf.org/html/rfc6238#page-15 $secret = 'GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQGEZDGNA'; //== base32encode('1234567890123456789012345678901234567890123456789012345678901234') $tfa = new TwoFactorAuth('Test', 8, 30, 'sha512'); $this->assertEquals('90693936', $tfa->getCode($secret, 59)); $this->assertEquals('25091201', $tfa->getCode($secret, 1111111109)); $this->assertEquals('99943326', $tfa->getCode($secret, 1111111111)); $this->assertEquals('93441116', $tfa->getCode($secret, 1234567890)); $this->assertEquals('38618901', $tfa->getCode($secret, 2000000000)); $this->assertEquals('47863826', $tfa->getCode($secret, 20000000000)); }
<!doctype html> <html> <head> <title>Demo</title> </head> <body> <ol> <?php require_once 'loader.php'; Loader::register('../lib', 'RobThree\\Auth'); use RobThree\Auth\TwoFactorAuth; $tfa = new TwoFactorAuth('MyApp'); echo '<li>First create a secret and associate it with a user'; $secret = $tfa->createSecret(); echo '<li>Next create a QR code and let the user scan it:<br><img src="' . $tfa->getQRCodeImageAsDataUri('My label', $secret) . '"><br>...or display the secret to the user for manual entry: ' . chunk_split($secret, 4, ' '); $code = $tfa->getCode($secret); echo '<li>Next, have the user verify the code; at this time the code displayed by a 2FA-app would be: <span style="color:#00c">' . $code . '</span> (but that changes periodically)'; echo '<li>When the code checks out, 2FA can be / is enabled; store (encrypted?) secret with user and have the user verify a code each time a new session is started.'; echo '<li>When aforementioned code (' . $code . ') was entered, the result would be: ' . ($tfa->verifyCode($secret, $code) === true ? '<span style="color:#0c0">OK</span>' : '<span style="color:#c00">FAIL</span>'); ?> </ol> <p>Note: Make sure your server-time is <a href="http://en.wikipedia.org/wiki/Network_Time_Protocol">NTP-synced</a>! Depending on the $discrepancy allowed your time cannot drift too much from the users' time!</p> </body> </html>