Results 1 to 2 of 2

Thread: [RESOLVED] PHP code not matching Google Authenticator output.

Threaded View

  1. #1

    Thread Starter
    Fanatic Member
    Join Date
    Sep 2005
    Posts
    540

    Resolved [RESOLVED] PHP code not matching Google Authenticator output.

    Hello,

    I'm trying to get some PHP code matching what the Google Authenticator on my phone outputs. I'm using HOTP (Once I get this working, I'd image matching TOPT will be easy).

    For a key of:
    abcdefg234567777

    With index 1 (First count).
    The Google Authenticator outputs: 306115

    I've searched around, and found many PHP codes that claim to do the Google Authenticator in PHP, which in them selves work fine as HOTP and TOTP scripts, but none that match what the Authenticator outputs. Most seem to use RFC4226 and csRFC3548 character set for the key.

    I've gone as far to download the Google Authenticator code on Android (Written in C) and try to reconstruct it in PHP.

    Here's my current PHP code (I've obviously adapted it to fit into this post, I did not write it all, modified it from someone else's attempt at the TOTP):
    It outputs: 220505 with ?key=ABCDEFG234567777&counter=1
    PHP Code:
    <?php

    include_once "base32.php";

    $key=$_GET['key'];
    $counter=$_GET['counter'];

    echo 
    "Code: " generateKey($key,$counter) . "<br />";

    function 
    generateKey ($key$counter)
    {

      
    $b = new Base32(Base32::csRFC3548);
      
    $key $b->toString($key);
      
      
    $hash hash_hmac ('sha1'$counter$key);

      return 
    oath_truncate($hash6);

    }

    function 
    oath_truncate($hash$length 6)
    {
      
    // Convert to dec
      
    foreach(str_split($hash,2) as $hex)
      {
        
    $hmac_result[]=hexdec($hex);
      }
      
    // Find offset
      
    $offset $hmac_result[19] & 0xf;

      
    // Algorithm from RFC
      
    return
        (
        ((
    $hmac_result[$offset+0] & 0x7f) << 24 ) |
        ((
    $hmac_result[$offset+1] & 0xff) << 16 ) |
        ((
    $hmac_result[$offset+2] & 0xff) << ) |
        (
    $hmac_result[$offset+3] & 0xff)
        ) % 
    pow(10,$length);
    }
    base32.php can be found Here.

    Any help is appreciated!
    Last edited by Slyke; Feb 23rd, 2013 at 03:49 PM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width