[COLUG] Enterprise Two Factor Authentication
Jim
jep200404 at columbus.rr.com
Tue Mar 13 17:37:06 EST 2007
Re http://www.freeauth.org/site/wiki/One%20Time%20Passwords%20with%20PHP,
consider skipping the hexadecimal characterification of the md5() output.
I.e., consider changing:
$md5 = getOTP64(md5("$i$otphash"));
to
$md5 = getOTP64(md5("$i$otphash"),TRUE);
which allows one to remove the hex to integer conversions
and some of the bit shifting from encode(), simplifying encode():
function encode($j,$nBitsPerEncodedChar,$encoding)
{
if (strlen($encoding)!=(1<<$nBitsPerEncodedChar)) {
echo stderr "strlen(\"$encoding\")!=(1<<$nBitsPerEncodedChar)\n";
exit(EXIT_FAILURE);
}
$nBitsInJ=32;
$encodedJ="";
/* as long as there are enough bits,
* convert $nBitsPerEncodedChar most significant bits
* of $nBitsInJ least significant bits of $j
* to character from $encoding. */
HolyMacro
if ($nBitsInJ>0) { /* pad left over bits with zeros */
$j&=((1<<$nBitsInJ)-1); /* probably overly paranoid to compensate for ignorance of PHP's bit bucket handling */
$j <<=($nBitsPerEncodedChar-$nBitsInJ);
$nBitsInJ+=($nBitsPerEncodedChar-$nBitsInJ);
}
HolyMacro
return $encodedJ;
}
or for lsb oriented folks like myself:
function encode($j,$nBitsPerEncodedChar,$encoding)
{
if (strlen($encoding)!=(1<<$nBitsPerEncodedChar)) {
echo stderr "strlen(\"$encoding\")!=(1<<$nBitsPerEncodedChar)\n";
exit(EXIT_FAILURE);
}
/* Each loop converts $nBitsPerEncodedChar least significant bits of $j
* to character from $encoding. */
$s="";
for ($n=32;$n>0;$n-=$nBitsPerEncodedChar) {
$s=$encoding[$j & ((1<<$nBitsPerEncodedChar)-1)].$s;
$j>>=$nBitsPerEncodedChar;
$j&=((1<<$n)-1); /* to avoid issue of possible arithmetic shift right filling with 1s */
}
return $s;
}
Only one loop.
No nesting.
No cleanup code.
I like this code much much better.
More information about the colug432
mailing list