srchub-old

srchub-old Mercurial Source Tree


Root/pluf/src/Pluf/thirdparty/otp/otp.php

<?php
/*
 * Copyright (c) 2011 Le Lag
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.

 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 */

namespace OTPHP {
    /**
     * One Time Password Generator
     *
     * The OTP class allow the generation of one-time
     * password that is described in rfc 4xxx.
     *
     * This is class is meant to be compatible with
     * Google Authenticator.
     *
     * This class was originally ported from the rotp
     * ruby library available at https://github.com/mdp/rotp
     */
    class OTP {
        /**
         * The base32 encoded secret key
         * @var string
         */
        public $secret;

        /**
         * The algorithm used for the hmac hash function
         * @var string
         */
        public $digest;

        /**
         * The number of digits in the one-time password
         * @var integer
         */
        public $digits;

        /**
         * Constructor for the OTP class
         * @param string $secret the secret key
         * @param array $opt options array can contain the
         * following keys :
         *   @param integer digits : the number of digits in the one time password
         *   Currently Google Authenticator only support 6. Defaults to 6.
         *   @param string digest : the algorithm used for the hmac hash function
         *   Google Authenticator only support sha1. Defaults to sha1
         *
         * @return new OTP class.
         */
        public function __construct($secret, $opt = Array()) {
            $this->digits = isset($opt['digits']) ? $opt['digits'] : 6;
            $this->digest = isset($opt['digest']) ? $opt['digest'] : 'sha1';
            $this->secret = $secret;
        }

        /**
         * Generate a one-time password
         *
         * @param integer $input : number used to seed the hmac hash function.
         * This number is usually a counter (HOTP) or calculated based on the current
         * timestamp (see TOTP class).
         * @return integer the one-time password
         */
        public function generateOTP($input) {
            $hash = hash_hmac($this->digest, $this->intToBytestring($input), $this->byteSecret());
            foreach(str_split($hash, 2) as $hex) { // stupid PHP has bin2hex but no hex2bin WTF
                $hmac[] = hexdec($hex);
            }
            $offset = $hmac[19] & 0xf;
            $code = ($hmac[$offset+0] & 0x7F) << 24 |
                ($hmac[$offset + 1] & 0xFF) << 16 |
                ($hmac[$offset + 2] & 0xFF) << 8 |
                ($hmac[$offset + 3] & 0xFF);
            return $code % pow(10, $this->digits);
        }

        /**
         * Returns the binary value of the base32 encoded secret
         * @access private
         * This method should be private but was left public for
         * phpunit tests to work.
         * @return binary secret key
         */
        public function byteSecret() {
            return \Base32::decode($this->secret);
        }

        /**
         * Turns an integer in a OATH bytestring
         * @param integer $int
         * @access private
         * @return string bytestring
         */
        public function intToBytestring($int) {
            $result = Array();
            while($int != 0) {
                $result[] = chr($int & 0xFF);
                $int >>= 8;
            }
            return str_pad(join(array_reverse($result)), 8, "\000", STR_PAD_LEFT);
        }
    }
}
Source at commit 55305a934bac created 10 years 4 months ago.
By Nathan Adams, Fixing bug where password would not be hashed in database if user updated password

Archive Download this file

Branches

Tags

Page rendered in 1.20592s using 11 queries.