Startsida Utforska Hjälp
Logga in
ben
/
dancecamps-payment-api
Bevaka 1
Stjärnmärk 0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Gren: master
Grenar Taggar
dancecamps-p...
/
PHP
/
TOTP.php

TOTP.php 2.8 KB
Permalänk Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. <?php
    2. 

  2. /*
    3. 

  3.     TOTP v0.2.1 - a simple TOTP (RFC 6238) class using the SHA1 default
    4. 

  4.     (c) 2014 Robin Leffmann <djinn at stolendata dot net>
    5. 

  5.     https://github.com/stolendata/totp/
    6. 

  6.     Licensed under CC BY-NC-SA 4.0 - http://creativecommons.org/licenses/by-nc-sa/4.0/
    7. 

  7. */
    8. 

  8. class TOTP
    9. 

  9. {
    10. 

  10.     private static $base32Map = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567';
    11. 

  11.     private static function base32Decode( $in )
    12. 

  12.     {
    13. 

  13.         $out = "";
    14. 

  14.         $l = strlen( $in );
    15. 

  15.         $n = $bs = 0;
    16. 

  16.         for( $i = 0; $i < $l; $i++ )
    17. 

  17.         {
    18. 

  18.             $n <<= 5;
    19. 

  19.             $n += stripos( self::$base32Map, $in[$i] );
    20. 

  20.             $bs = ( $bs + 5 ) % 8;
    21. 

  21.             $out .= $bs < 5 ? chr( ($n & (255 << $bs)) >> $bs ) : null;
    22. 

  22.         }
    23. 

  23.         return $out;
    24. 

  24.     }
    25. 

  25.     public static function getOTP( $secret, $digits = 6, $period = 30, $offset = 0 )
    26. 

  26.     {
    27. 

  27.         if( strlen($secret) < 16 || strlen($secret) % 8 != 0 )
    28. 

  28.             return [ 'err'=>'length of secret must be a multiple of 8, and at least 16 characters' ];
    29. 

  29.         if( preg_match('/[^a-z2-7]/i', $secret) === 1 )
    30. 

  30.             return [ 'err'=>'secret contains non-base32 characters' ];
    31. 

  31.         $digits = intval( $digits );
    32. 

  32.         if( $digits < 6 || $digits > 8 )
    33. 

  33.             return [ 'err'=>'digits must be 6, 7 or 8' ];
    34. 

  34.         $seed = self::base32Decode( $secret );
    35. 

  35.         $time = str_pad( pack('N', intval($offset + time() / $period)), 8, "\x00", STR_PAD_LEFT );
    36. 

  36.         $hash = hash_hmac( 'sha1', $time, $seed, false );
    37. 

  37.         $otp = ( hexdec(substr($hash, hexdec($hash[39]) * 2, 8)) & 0x7fffffff ) % pow( 10, $digits );
    38. 

  38.         return [ 'otp'=>sprintf("%'0{$digits}u", $otp) ];
    39. 

  39.     }
    40. 

  40.     public static function genSecret( $length = 24 )
    41. 

  41.     {
    42. 

  42.         if( $length < 16 || $length % 8 !== 0 )
    43. 

  43.             return [ 'err'=>'length must be a multiple of 8, and at least 16' ];
    44. 

  44.         $secret = "";
    45. 

  45.         while( $length-- )
    46. 

  46.         {
    47. 

  47.             $c = @gettimeofday()['usec'] % 53;
    48. 

  48.             while( $c-- )
    49. 

  49.                 mt_rand();
    50. 

  50.             $secret .= self::$base32Map[mt_rand(0, 31)];
    51. 

  51.         }
    52. 

  52.         return [ 'secret'=>$secret ];
    53. 

  53.     }
    54. 

  54.     public static function genURI( $account, $secret, $digits = null, $period = null, $issuer = null )
    55. 

  55.     {
    56. 

  56.         if( empty($account) || empty($secret) )
    57. 

  57.             return [ 'err'=>'you must provide at least an account and a secret' ];
    58. 

  58.         if( mb_strpos($account . $issuer, ':') !== false )
    59. 

  59.             return [ 'err'=>'neither account nor issuer can contain a colon (:) character' ];
    60. 

  60.         $account = rawurlencode( $account );
    61. 

  61.         $issuer = rawurlencode( $issuer );
    62. 

  62.         $label = empty( $issuer ) ? $account : "$issuer:$account";
    63. 

  63.         return [ 'uri'=>'otpauth://totp/' . $label . "?secret=$secret" .
    64. 

  64.             (is_null($digits) ? '' : "&digits=$digits") .
    65. 

  65.             (is_null($period) ? '' : "&period=$period") .
    66. 

  66.             (empty($issuer) ? '' : "&issuer=$issuer") ];
    67. 

  67.     }
    68. 

  68. }
    69. 

  69. ?>
    70.