public function testCheckCode()
{
$secret = '4FDAGLLSP6BIVU5H';
$time = 1375000339;
$code = $this->totp->getCode($secret, $time);
$codePrev = $this->totp->getCode($secret, $time - 30);
$codeNext = $this->totp->getCode($secret, $time + 30);
$this->assertTrue($this->totp->checkCode($secret, $code, $time));
$this->assertTrue($this->totp->checkCode($secret, $codePrev, $time));
$this->assertTrue($this->totp->checkCode($secret, $codeNext, $time));
}
public function GetTestGetTransparentAuthenticationCredentials()
{
// Let's do some TOTP encoding
$totp = new Totp();
$otp = $totp->getCode(static::$totpKey);
$cryptoKey = hash('sha256', static::$totpKey . $otp);
$aes = new Aes($cryptoKey);
$plainText_right = json_encode(array('username' => 'FOF30test', 'password' => 'dummy'));
$plainText_missingPassword = json_encode(array('username' => 'FOF30test'));
$plainText_missingUsername = json_encode(array('password' => 'dummy'));
$plainText_crap = 'crap_data';
$encoded_right = $aes->encryptString($plainText_right);
$encoded_missingPassword = $aes->encryptString($plainText_missingPassword);
$encoded_missingUsername = $aes->encryptString($plainText_missingUsername);
$encoded_crap = $aes->encryptString($plainText_crap);
$otp = $totp->getCode(static::$totpKey, time() - 86400);
$cryptoKey = hash('sha256', static::$totpKey . $otp);
$aes = new Aes($cryptoKey);
$encodedOutdated = $aes->encryptString($plainText_right);
// Input data, server globals, do I expect correct username/password
return array(array(null, array('PHP_AUTH_USER' => 'FOF30test', 'PHP_AUTH_PW' => 'dummy'), true), array(null, array('PHP_AUTH_PW' => 'dummy'), false), array(null, array('PHP_AUTH_USER' => 'FOF30test'), false), array(array('testAuth' => json_encode(array('username' => 'FOF30test', 'password' => 'dummy'))), null, true), array(array('testAuth' => json_encode(array('password' => 'dummy'))), null, false), array(array('testAuth' => json_encode(array('username' => 'FOF30test'))), null, false), array(array('testAuth' => 'stupid_string_is_no_good_json_data'), null, false), array(array('FOF30Username' => 'FOF30test', 'FOF30Password' => 'dummy'), null, true), array(array('FOF30Password' => 'dummy'), null, false), array(array('FOF30Username' => 'FOF30test'), null, false), array(array('junk' => 'food'), null, false), array(null, array('PHP_AUTH_USER' => 'FOF30user', 'PHP_AUTH_PW' => $encoded_right), true), array(null, array('PHP_AUTH_USER' => 'FOF30user', 'PHP_AUTH_PW' => $encoded_missingUsername), false), array(null, array('PHP_AUTH_USER' => 'FOF30user', 'PHP_AUTH_PW' => $encoded_missingPassword), false), array(null, array('PHP_AUTH_USER' => 'FOF30user', 'PHP_AUTH_PW' => $encoded_crap), false), array(null, array('PHP_AUTH_USER' => 'FOF30user', 'PHP_AUTH_PW' => 'this_is_crap_data'), false), array(null, array('PHP_AUTH_USER' => 'FOF30user', 'PHP_AUTH_PW' => $encodedOutdated), false), array(array('testAuth' => $encoded_right), null, true), array(array('testAuth' => $encoded_missingUsername), null, false), array(null, array('testAuth' => $encoded_missingPassword), false), array(null, array('testAuth' => $encoded_crap), false), array(array('testAuth' => 'this_is_crap_data'), null, false), array(array('testAuth' => $encodedOutdated), null, false));
}
/**
* Decrypts a transparent authentication message using a TOTP
*
* @param string $encryptedData The encrypted data
*
* @return array The decrypted data
*/
private function decryptWithTOTP($encryptedData)
{
if (empty($this->totpKey)) {
$this->cryptoKey = null;
return null;
}
$totp = new Totp($this->timeStep);
$period = $totp->getPeriod();
$period--;
for ($i = 0; $i <= 2; $i++) {
$time = ($period + $i) * $this->timeStep;
$otp = $totp->getCode($this->totpKey, $time);
$this->cryptoKey = hash('sha256', $this->totpKey . $otp);
$aes = new Aes($this->cryptoKey);
try {
$ret = $aes->decryptString($encryptedData);
} catch (\Exception $e) {
continue;
}
$ret = rtrim($ret, "");
$ret = json_decode($ret, true);
if (!is_array($ret)) {
continue;
}
if (!array_key_exists('username', $ret)) {
continue;
}
if (!array_key_exists('password', $ret)) {
continue;
}
// Successful decryption!
return $ret;
}
// Obviously if we're here we could not decrypt anything. Bail out.
$this->cryptoKey = null;
return null;
}