/** * @covers \Firehed\Security\HOTP */ public function testInvalidKeyLength() { $this->expectException(\LengthException::class); HOTP(new Secret('123456789012345'), 0x1234567890123456); }
/** * Time-based One-Time Password Algorithm * @see RFC 6238 * @param $key shared secret, treated as binary (note: Google Authenticator's keys are base32-encoded, and must be decoded before being passed in) * [@param $step = 30] Time step in seconds (section 4.1) * [@param $offset = 0] Unix time to start counting steps (section 4.1) (note: positive and negative $t0 in $step increments may be used to check the next and previous codes respectively, which can help address clock drift) * [@param $digits = 6] Length of the output code * [@param $algorithm = 'sha1'] HMAC algorithm - sha1, sha256, and sha512 permitted * @return string n-character numeric code */ function TOTP(Secret $key, array $options = []) : string { // Parse options $step = 30; $offset = 0; $digits = 6; $algorithm = 'sha1'; extract($options, \EXTR_IF_EXISTS); $counter = (int) floor(($_SERVER['REQUEST_TIME'] - $offset) / $step); return HOTP($key, $counter, $digits, $algorithm); }