|
-
Feb 23rd, 2013, 03:44 PM
#1
Thread Starter
Fanatic Member
[RESOLVED] PHP code not matching Google Authenticator output.
Hello,
I'm trying to get some PHP code matching what the Google Authenticator on my phone outputs. I'm using HOTP (Once I get this working, I'd image matching TOPT will be easy).
For a key of:
abcdefg234567777
With index 1 (First count).
The Google Authenticator outputs: 306115
I've searched around, and found many PHP codes that claim to do the Google Authenticator in PHP, which in them selves work fine as HOTP and TOTP scripts, but none that match what the Authenticator outputs. Most seem to use RFC4226 and csRFC3548 character set for the key.
I've gone as far to download the Google Authenticator code on Android (Written in C) and try to reconstruct it in PHP.
Here's my current PHP code (I've obviously adapted it to fit into this post, I did not write it all, modified it from someone else's attempt at the TOTP):
It outputs: 220505 with ?key=ABCDEFG234567777&counter=1
PHP Code:
<?php
include_once "base32.php";
$key=$_GET['key']; $counter=$_GET['counter'];
echo "Code: " . generateKey($key,$counter) . "<br />";
function generateKey ($key, $counter) {
$b = new Base32(Base32::csRFC3548); $key = $b->toString($key); $hash = hash_hmac ('sha1', $counter, $key);
return oath_truncate($hash, 6);
}
function oath_truncate($hash, $length = 6) { // Convert to dec foreach(str_split($hash,2) as $hex) { $hmac_result[]=hexdec($hex); } // Find offset $offset = $hmac_result[19] & 0xf;
// Algorithm from RFC return ( (($hmac_result[$offset+0] & 0x7f) << 24 ) | (($hmac_result[$offset+1] & 0xff) << 16 ) | (($hmac_result[$offset+2] & 0xff) << 8 ) | ($hmac_result[$offset+3] & 0xff) ) % pow(10,$length); }
base32.php can be found Here.
Any help is appreciated!
Last edited by Slyke; Feb 23rd, 2013 at 03:49 PM.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|