From ce66feda1da52fcf2d02b9e31b85c6d960d9eb2e Mon Sep 17 00:00:00 2001 From: nuxsmin Date: Mon, 27 Jul 2015 14:29:26 +0200 Subject: [PATCH] Not needed --- res/test_2fa.php | 215 ----------------------------------------------- 1 file changed, 215 deletions(-) delete mode 100644 res/test_2fa.php diff --git a/res/test_2fa.php b/res/test_2fa.php deleted file mode 100644 index c563a532..00000000 --- a/res/test_2fa.php +++ /dev/null @@ -1,215 +0,0 @@ -. - * - * PHP Google two-factor authentication module. - * - * See http://www.idontplaydarts.com/2011/07/google-totp-two-factor-authentication-for-php/ - * for more details - * - * @author Phil - **/ -class Google2FA -{ - /** - * Interval between key regeneration - */ - const keyRegeneration = 30; - /** - * Length of the Token generated - */ - const otpLength = 6; - - /** - * Lookup needed for Base32 encoding - * - * @var array - */ - private static $lut = array( - "A" => 0, "B" => 1, - "C" => 2, "D" => 3, - "E" => 4, "F" => 5, - "G" => 6, "H" => 7, - "I" => 8, "J" => 9, - "K" => 10, "L" => 11, - "M" => 12, "N" => 13, - "O" => 14, "P" => 15, - "Q" => 16, "R" => 17, - "S" => 18, "T" => 19, - "U" => 20, "V" => 21, - "W" => 22, "X" => 23, - "Y" => 24, "Z" => 25, - "2" => 26, "3" => 27, - "4" => 28, "5" => 29, - "6" => 30, "7" => 31 - ); - - /** - * Generates a 16 digit secret key in base32 format - * - * @return string - **/ - public static function generate_secret_key($length = 16) - { - $b32 = "234567QWERTYUIOPASDFGHJKLZXCVBNM"; - $s = ""; - - for ($i = 0; $i < $length; $i++) - $s .= $b32[rand(0, 31)]; - - return $s; - } - - /** - * Returns the current Unix Timestamp devided by the keyRegeneration - * period. - * - * @return integer - **/ - public static function get_timestamp() - { - return floor(microtime(true) / self::keyRegeneration); - } - - /** - * Decodes a base32 string into a binary string. - **/ - public static function base32_decode($b32) - { - - $b32 = strtoupper($b32); - - if (!preg_match('/^[ABCDEFGHIJKLMNOPQRSTUVWXYZ234567]+$/', $b32, $match)) - throw new Exception('Invalid characters in the base32 string.'); - - $l = strlen($b32); - $n = 0; - $j = 0; - $binary = ""; - - for ($i = 0; $i < $l; $i++) { - - $n = $n << 5; // Move buffer left by 5 to make room - $n = $n + self::$lut[$b32[$i]]; // Add value into buffer - $j = $j + 5; // Keep track of number of bits in buffer - - if ($j >= 8) { - $j = $j - 8; - $binary .= chr(($n & (0xFF << $j)) >> $j); - } - } - - return $binary; - } - - /** - * Takes the secret key and the timestamp and returns the one time - * password. - * - * @param string $key - Secret key in binary form. - * @param int $counter - Timestamp as returned by get_timestamp. - * @return string - * @throws \Exception - */ - public static function oath_hotp($key, $counter) - { - if (strlen($key) < 8) - throw new \Exception('Secret key is too short. Must be at least 16 base 32 characters'); - - $bin_counter = pack('N*', 0) . pack('N*', $counter); // Counter must be 64-bit int - $hash = hash_hmac('sha1', $bin_counter, $key, true); - - return str_pad(self::oath_truncate($hash), self::otpLength, '0', STR_PAD_LEFT); - } - - /** - * Verifys a user inputted key against the current timestamp. Checks $window - * keys either side of the timestamp. - * - * @param string $b32seed - * @param string $key - User specified key - * @param integer $window - * @param boolean $useTimeStamp - * @return boolean - **/ - public static function verify_key($b32seed, $key, $window = 4, $useTimeStamp = true) - { - - $timeStamp = self::get_timestamp(); - - if ($useTimeStamp !== true) $timeStamp = (int)$useTimeStamp; - - $binarySeed = self::base32_decode($b32seed); - - for ($ts = $timeStamp - $window; $ts <= $timeStamp + $window; $ts++) - if (self::oath_hotp($binarySeed, $ts) == $key) - return true; - - return false; - - } - - /** - * Extracts the OTP from the SHA1 hash. - * - * @param string $hash - * @return int - **/ - public static function oath_truncate($hash) - { - $offset = ord($hash[19]) & 0xf; - - return ( - ((ord($hash[$offset + 0]) & 0x7f) << 24) | - ((ord($hash[$offset + 1]) & 0xff) << 16) | - ((ord($hash[$offset + 2]) & 0xff) << 8) | - (ord($hash[$offset + 3]) & 0xff) - ) % pow(10, self::otpLength); - } -} - -$InitalizationKey = "PEHMPSDNLXIOG65U"; // Set the inital key - -$TimeStamp = Google2FA::get_timestamp(); -$secretkey = Google2FA::base32_decode($InitalizationKey); // Decode it into binary -$otp = Google2FA::oath_hotp($secretkey, $TimeStamp); // Get current token - -echo("Init key: $InitalizationKey\n"); -echo("Timestamp: $TimeStamp\n"); -echo("One time password: $otp\n"); - -// Use this to verify a key as it allows for some time drift. - -$result = Google2FA::verify_key($InitalizationKey, "123456"); - -$githubUrl = 'https://www.google.com/chart?chs=200x200&chld=M|0&cht=qr&chl=' . 'otpauth://totp/sysPass:prueba@syspass.org?secret=' . $InitalizationKey; -$ch = curl_init($githubUrl); - -curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); -curl_setopt($ch, CURLOPT_HEADER, 0); -curl_setopt($ch, CURLOPT_USERAGENT, "sysPass App Updater"); -curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); -curl_setopt($ch, CURLOPT_TIMEOUT, 60); - -$data = curl_exec($ch); - -if ($data === false) { - return false; -} - -curl_close($ch); - -var_dump($result); - -printf('QR Code', base64_encode($data));