oath_hotp() 공개 메소드

Takes the secret key and the timestamp and returns the one time password.
public oath_hotp ( binary $key, integer $counter ) : string
$key binary - Secret key in binary form.
$counter integer - Timestamp as returned by get_timestamp.
리턴 string
예제 #1
0
파일: auth.php 프로젝트: valency/reactor
        $binarySeed = self::base32_decode($b32seed);
        for ($ts = $timeStamp - $window; $ts <= $timeStamp + $window; $ts++) {
            if (self::oath_hotp($binarySeed, $ts) == $key) {
                return true;
            }
        }
        return false;
    }
    public static function oath_truncate($hash)
    {
        $offset = ord($hash[19]) & 0xf;
        return ((ord($hash[$offset + 0]) & 0x7f) << 24 | (ord($hash[$offset + 1]) & 0xff) << 16 | (ord($hash[$offset + 2]) & 0xff) << 8 | ord($hash[$offset + 3]) & 0xff) % pow(10, self::otpLength);
    }
}
$InitalizationKey = "SMARTCUBEDEEPERA";
// Set the inital key
$TimeStamp = Google2FA::get_timestamp();
$secretkey = Google2FA::base32_decode($InitalizationKey);
// Decode it into binary
$otp = Google2FA::oath_hotp($secretkey, $TimeStamp);
// Get current token
//echo("Init key: $InitalizationKey\n");
//echo("Timestamp: $TimeStamp\n");
//echo("One time password: $otp\n");
// Use this to verify a key as it allows for some time drift.
$result = Google2FA::verify_key($InitalizationKey, $_GET["password"]);
if ($result) {
    echo "true";
} else {
    echo "false";
}
예제 #2
0
	{
	    $offset = ord($hash[19]) & 0xf;

	    return (
	        ((ord($hash[$offset+0]) & 0x7f) << 24 ) |
	        ((ord($hash[$offset+1]) & 0xff) << 16 ) |
	        ((ord($hash[$offset+2]) & 0xff) << 8 ) |
	        (ord($hash[$offset+3]) & 0xff)
	    ) % pow(10, self::otpLength);
	}



}

$InitalizationKey = "PEHMPSDNLXIOG65U";					// Set the inital key

$TimeStamp	  = Google2FA::get_timestamp();
$secretkey 	  = Google2FA::base32_decode($InitalizationKey);	// Decode it into binary
$otp       	  = Google2FA::oath_hotp($secretkey, $TimeStamp);	// Get current token

echo("Init key: $InitalizationKey\n");
echo("Timestamp: $TimeStamp\n");
echo("One time password: $otp\n");

// Use this to verify a key as it allows for some time drift.

$result = Google2FA::verify_key($InitalizationKey, "123456");

var_dump($result);
 /**
  * @covers cymapgt\core\application\authentication\UserCredential\services\UserCredentialGoogleAuthLoginService::authenticate
  */
 public function testAuthenticateStageEncKeyWrong()
 {
     //This should fail. Requesting Application did not respond with the correct Verification Hash generated in Stage 1
     $this->object->setMultiFactor(true);
     $this->object->setMultiFactorStages(array('current' => 1, 1 => array()));
     $this->object->setEncKeyLength(16);
     $this->object->setCurrentUserName('rhossis');
     $this->object->setCurrentPassword($this->password);
     $this->object->setPassword('123456');
     $this->object->initialize();
     $authResult = $this->object->authenticate();
     $encKey = $authResult[2]['enc_key'];
     $verificationHash = \crypt($this->object->getCurrentPassword(), $authResult[2]['enc_key']);
     $nowObj = new \DateTime();
     $nowObj->setTimestamp($nowObj->getTimestamp() - 181);
     $totpTimeLimit = 180;
     $this->object->setMultiFactor(true);
     $this->object->setMultiFactorStages(array('current' => 2, 1 => array('statuss' => true)));
     $this->object->setEncKeyLength(16);
     $this->object->setCurrentUserName('rhossis');
     $this->object->setCurrentPassword($this->password);
     $totpProfile = array('enc_key' => 'hElLoThErEiAmAwRoNgEnCkEy', 'totp_timestamp' => $nowObj, 'totp_timelimit' => $totpTimeLimit);
     $this->object->setUserTotpProfile($totpProfile);
     $this->object->setVerificationHash($verificationHash);
     $this->multiOtpWrapper->SetToken('rhossis');
     //die(print_r($this->multiOtpWrapper));
     $tokenSeed = $this->multiOtpWrapper->GetTokenSeed('yebo32');
     $TimeStamp = \Google2FA::get_timestamp();
     $secretKey = hex2bin($tokenSeed);
     $oneTimeToken = \Google2FA::oath_hotp($secretKey, $TimeStamp);
     //die($oneTimeToken);
     $this->object->setOneTimeToken($oneTimeToken);
     $this->object->initialize();
     $authResultStage2 = $this->object->authenticate();
     $this->assertEquals(false, $authResultStage2);
 }