MediaWiki REL1_33
hotp.php
Go to the documentation of this file.
1<?php
11class HOTP {
18 public static function generateByCounter( $key, $counter ) {
19 // the counter value can be more than one byte long,
20 // so we need to pack it down properly.
21 $cur_counter = array( 0, 0, 0, 0, 0, 0, 0, 0 );
22 for ( $i = 7; $i >= 0; $i-- ) {
23 $cur_counter[$i] = pack( 'C*', $counter );
24 $counter = $counter >> 8;
25 }
26
27 $bin_counter = implode( $cur_counter );
28
29 // Pad to 8 chars
30 if ( strlen( $bin_counter ) < 8 ) {
31 $bin_counter = str_repeat( "\0", 8 - strlen( $bin_counter ) ) . $bin_counter;
32 }
33
34 // HMAC
35 $hash = hash_hmac( 'sha1', $bin_counter, $key );
36
37 return new HOTPResult( $hash );
38 }
39
49 public static function generateByTime( $key, $window, $timestamp = false ) {
50 if ( !$timestamp && $timestamp !== 0 ) {
51 $timestamp = HOTP::getTime();
52 }
53
54 $counter = (int)( $timestamp / $window );
55
56 return HOTP::generateByCounter( $key, $counter );
57 }
58
72 public static function generateByTimeWindow( $key, $window, $min = -1,
73 $max = 1, $timestamp = false
74 ) {
75 if ( !$timestamp && $timestamp !== 0 ) {
76 $timestamp = HOTP::getTime();
77 }
78
79 $counter = (int)( $timestamp / $window );
80 $window = range( $min, $max );
81
82 $out = array();
83 $length = count( $window );
84 for ( $i = 0; $i < $length; $i++ ) {
85 $shift_counter = $counter + $window[$i];
86 $out[$shift_counter] = HOTP::generateByCounter($key, $shift_counter);
87 }
88
89 return $out;
90 }
91
98 public static function getTime() {
99 return time(); // PHP's time is always UTC
100 }
101}
102
108class HOTPResult {
109 protected $hash;
110 protected $binary;
111 protected $decimal;
112 protected $hex;
113
118 public function __construct( $value ) {
119 // store raw
120 $this->hash = $value;
121
122 // store calculate decimal
123 $hmac_result = array();
124
125 // Convert to decimal
126 foreach ( str_split( $this->hash, 2 ) as $hex ) {
127 $hmac_result[] = hexdec($hex);
128 }
129
130 $offset = $hmac_result[19] & 0xf;
131
132 $this->decimal = (
133 ( ( $hmac_result[$offset+0] & 0x7f ) << 24 ) |
134 ( ( $hmac_result[$offset+1] & 0xff ) << 16 ) |
135 ( ( $hmac_result[$offset+2] & 0xff ) << 8 ) |
136 ( $hmac_result[$offset+3] & 0xff )
137 );
138
139 // calculate hex
140 $this->hex = dechex( $this->decimal );
141 }
142
147 public function toString() {
148 return $this->hash;
149 }
150
155 public function toHex() {
156 return $this->hex;
157 }
158
163 public function toDec() {
164 return $this->decimal;
165 }
166
172 public function toHOTP( $length ) {
173 $str = str_pad( $this->toDec(), $length, "0", STR_PAD_LEFT );
174 $str = substr( $str, ( -1 * $length ) );
175
176 return $str;
177 }
178
179}
and
and that you know you can do these things To protect your we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights These restrictions translate to certain responsibilities for you if you distribute copies of the or if you modify it For if you distribute copies of such a whether gratis or for a you must give the recipients all the rights that you have You must make sure that receive or can get the source code And you must show them these terms so they know their rights We protect your rights with two and(2) offer you this license which gives you legal permission to copy
HOTPResult
The HOTPResult Class converts an HOTP item to various forms Supported formats include hex,...
Definition hotp.php:108
HOTPResult\toString
toString()
Returns the string version of the HOTP.
Definition hotp.php:147
HOTPResult\toDec
toDec()
Returns the decimal version of the HOTP.
Definition hotp.php:163
HOTPResult\toHOTP
toHOTP( $length)
Returns the truncated decimal form of the HOTP.
Definition hotp.php:172
HOTPResult\toHex
toHex()
Returns the hex version of the HOTP.
Definition hotp.php:155
HOTPResult\__construct
__construct( $value)
Build an HOTP Result.
Definition hotp.php:118
HOTP
HOTP Class Based on the work of OAuth, and the sample implementation of HMAC OTP http://tools....
Definition hotp.php:11
HOTP\generateByTime
static generateByTime( $key, $window, $timestamp=false)
Generate a HOTP key based on a timestamp and window size.
Definition hotp.php:49
HOTP\generateByTimeWindow
static generateByTimeWindow( $key, $window, $min=-1, $max=1, $timestamp=false)
Generate a HOTP key collection based on a timestamp and window size all keys that could exist between...
Definition hotp.php:72
HOTP\getTime
static getTime()
Gets the current time Ensures we are operating in UTC for the entire framework Restores the timezone ...
Definition hotp.php:98
HOTP\generateByCounter
static generateByCounter( $key, $counter)
Generate a HOTP key based on a counter value (event based HOTP)
Definition hotp.php:18
$out
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that When $user is not it can be in the form of< username >< more info > e g for bot passwords intended to be added to log contexts Fields it might only if the login was with a bot password it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output $out
Definition hooks.txt:855
array
The wiki should then use memcached to cache various data To use multiple just add more items to the array To increase the weight of a make its entry a array("192.168.0.1:11211", 2))