10:44 Authentication with onetime password | |
For one of my projects required to provide increased security for user authentication. It was decided to apply the technology to OTP (One-Time Password) using a stand-alone one-time passwords eToken PASS. Make an order in SoftKey. A few days later received a token and the key file. Authenticate written in PHP because project is working on it. To work with the token, we need only three small functions: public function authOTP ($ secret, $ pass, $ cnt, $ window = 10) { if (preg_match ( "/ (\ \ d {6 })$/", $ pass)) { $ cnt = intval ($ cnt) +1; $ i = 0; while ($ i <$ window) { if ($ this-> hotp ($ secret, $ cnt) == $ pass) { return $ cnt; } $ cnt + +; $ i + +; } } } public function hmac_sha1 ($ data, $ key) { if (function_exists ('hash_hmac')) { return hash_hmac ('sha1', $ data, $ key); ;} if (strlen ($ key)> 64) { $ key = pack ('H *', sha1 ($ key )); } $ key = str_pad ($ key, 64, chr (0x00)); $ ipad = str_repeat ( chr (0x36), 64); $ opad = str_repeat (chr (0x5c), 64); $ hmac = pack ('H *', sha1 (($ key ^ $ opad). pack ('H *', sha1 (($ key ^ $ ipad). $ data )))); return bin2hex ($ hmac); } public function hotp ($ secret, $ cnt, $ digits = 6) { $ secret = pack ('H *', $ secret); $ sha1_hash = $ this-> hmac_sha1 (pack ("NN", 0, $ cnt), $ secret); $ dwOffset = hexdec (substr ($ sha1_hash , -1, 1)); $ dbc1 = hexdec (substr ($ sha1_hash, $ dwOffset * 2, 8)); $ dbc2 ; = $ dbc1 & 0x7fffffff; $ hotp = $ dbc2% pow (10, $ digits); return $ hotp; } The first thing we need to get the count in the token. To do this, press the button on the token and hold it about 5 seconds. The screen will blink "888888", hit 4 more times on the button and see «F00055» - 55 and it will count. Each time the token generates a password, the counter increases. To perform authentication, the function authOTP pass:
Benefits of eToken PASS
| |
|
Total comments: 0 | |