[#11]
torben dot egmose at gmail dot com [2009-03-22 11:40:43]
HOTP Algorithm that works according to the RCF http://tools.ietf.org/html/draft-mraihi-oath-hmac-otp-04
The test cases from the RCF document the ASCII string as “123456787901234567890”.
But the hex decoded to a string is “12345678901234567890”.
Secret=”12345678901234567890″;
Count:
0 755224
1 287082
function oath_hotp(key,counter) {
// Convert to padded binary string
data = pack (‘C*’, counter);
data = str_pad(data,8,chr(0),STR_PAD_LEFT);
// HMAC
return hash_hmac(‘sha1’,data,key);
}
function oath_truncate(hash, length = 6) {
// Convert to dec
foreach(str_split(hash,2) as hex) {
hmac_result[]=hexdec(hex);
}
// Find offset
offset = hmac_result[19] & 0xf;
// Algorithm from RFC
return (
((hmac_result[offset+0] & 0x7f) <
((hmac_result[offset+1] & 0xff) <
((hmac_result[offset+2] & 0xff) <
(hmac_result[offset+3] & 0xff)
) % pow(10,$length);
}
print “
";Jetbrains全家桶1年46,售后保障稳定
print “Compare results with:”
print ” http://tools.ietf.org/html/draft-mraihi-oath-hmac-otp-04\n”;
print “Count\tHash\t\t\t\t\t\tPin\n”;
for(i=0;i<10;
print i.”\t”.(a=oath_hotp(“12345678901234567890”,
print “\t”.oath_truncate($a).”\n”;
版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 举报,一经查实,本站将立刻删除。
如需转载请保留出处:https://bianchenghao.cn/hz/138234.html