PHP Classes

File: src/OTP/TOTP.php

Recommend this page to a friend!
  Classes of Scott Arciszewski   PHP Multi Factor Authentication   src/OTP/TOTP.php   Download  
File: src/OTP/TOTP.php
Role: Class source
Content type: text/plain
Description: Class source
Class: PHP Multi Factor Authentication
2 factor authentication independent of the vendor
Author: By
Last change:
Date: 4 years ago
Size: 3,520 bytes
 

Contents

Class file image Download
<?php
declare(strict_types=1);
namespace
ParagonIE\MultiFactor\OTP;

use
ParagonIE\ConstantTime\{
   
Binary,
   
Hex
};
use
ParagonIE\HiddenString\HiddenString;

/**
 * Class TOTP
 * @package ParagonIE\MultiFactor\OTP
 */
class TOTP implements OTPInterface
{
   
/**
     * @var string
     */
   
protected $algo;

   
/**
     * @var int
     */
   
protected $length;

   
/**
     * @var int
     */
   
protected $timeStep;

   
/**
     * @var int
     */
   
protected $timeZero;

   
/**
     * TOTP constructor.
     *
     * @param int $timeZero The start time for calculating the TOTP
     * @param int $timeStep How many seconds should each TOTP live?
     * @param int $length How many digits should each TOTP be?
     * @param string $algo Hash function to use
     */
   
public function __construct(
       
int $timeZero = 0,
       
int $timeStep = 30,
       
int $length = 6,
       
string $algo = 'sha1'
   
) {
       
$this->timeZero = $timeZero;
       
$this->timeStep = $timeStep;
       
$this->length = $length;
       
$this->algo = $algo;
    }

   
/**
     * Generate a TOTP secret in accordance with RFC 6238
     *
     * @ref https://tools.ietf.org/html/rfc6238
     * @param string|HiddenString $sharedSecret The key to use for determining the TOTP
     * @param int $counterValue Current time or HOTP counter
     * @return string
     * @throws \OutOfRangeException
     */
   
public function getCode(
       
$sharedSecret,
       
int $counterValue
   
): string {
        if (
$this->length < 1 || $this->length > 10) {
            throw new \
OutOfRangeException(
               
'Length must be between 1 and 10, as a consequence of RFC 6238.'
           
);
        }
       
$counterValue > 0 ? $counterValue: time();
       
$msg = $this->getTValue($counterValue, true);
       
$bytes = \hash_hmac($this->algo, $msg, is_string($sharedSecret) ? $sharedSecret : $sharedSecret->getString(), true);

       
$byteLen = Binary::safeStrlen($bytes);

       
// Per the RFC
       
$offset = \unpack('C', $bytes[$byteLen - 1])[1];
       
$offset &= 0x0f;

       
$unpacked = \array_values(
            \
unpack('C*', Binary::safeSubstr($bytes, $offset, 4))
        );

       
$intValue = (
            ((
$unpacked[0] & 0x7f) << 24)
            | ((
$unpacked[1] & 0xff) << 16)
            | ((
$unpacked[2] & 0xff) << 8)
            | ((
$unpacked[3] & 0xff) )
        );

       
$intValue %= 10 ** $this->length;

        return \
str_pad(
            (string)
$intValue,
           
$this->length,
           
'0',
            \
STR_PAD_LEFT
       
);
    }

   
/**
     * @return int
     */
   
public function getLength(): int
   
{
        return
$this->length;
    }

   
/**
     * @return int
     */
   
public function getTimeStep(): int
   
{
        return
$this->timeStep;
    }

   
/**
     * Get the binary T value
     *
     * @param int $unixTimestamp
     * @param bool $rawOutput
     * @return string
     */
   
protected function getTValue(
       
int $unixTimestamp,
       
bool $rawOutput = false
   
): string {
       
$value = \intdiv(
           
$unixTimestamp - $this->timeZero,
           
$this->timeStep !== 0
               
? $this->timeStep
               
: 1
       
);
       
$hex = \str_pad(
            \
dechex($value),
           
16,
           
'0',
           
STR_PAD_LEFT
       
);
        if (
$rawOutput) {
            return
Hex::decode($hex);
        }
        return
$hex;
    }
}