在Perl中实施Google Authenticator [英] Google Authenticator implementation in Perl

问题描述

我正在寻找一个简单的Perl实现，该实现将验证已使用服务器端机密创建的Google身份验证器令牌.例如，

以下Google URL允许您以base32格式对服务器机密进行编码(在以下情况下，机密为 e4ytonjeim4hcsrhja5fe5kqfu )作为QR码，可以从Google身份验证器应用中读取(请参见下图) ):
https://chart.googleapis.com/chart?cht=qr&chs=100x100&chl=otpauth%3A%2F%2Ftotp%2Fmysite%3A29%3Fsecret%3De4ytonjeim4hcsrhja5fe5kqfu%26issuer>/p>

将QR码扫描到身份验证器应用后，它会生成令牌，例如:716340.如何验证令牌的正确性?

这个问题与这个Python问题的Perl等效: Python中的Google Authenticator实现

解决方案

好了一段时间，但是我有了Perl解决方案(希望这可以弥补这个懒惰的问题:)感谢Borodin的帮助这(在Perl中采用十六进制字符串的SHA1 HMAC )

#!/usr/bin/perl -w

use strict;
use warnings;

use Convert::Base32;
use Digest::HMAC_SHA1 qw/ hmac_sha1_hex /;

my $base_32_secret = "JBSWY3DPEHPK3PXP";
print "".totp_token($base_32_secret)."\n";

sub totp_token {
    my $secret = shift;

    my $key = unpack("H*", decode_base32($secret));
    my $lpad_time = sprintf("%016x", int(time()/30));
    my $hmac = hmac_sha1_hex_string($lpad_time, $key);

    my $offset = sprintf("%d", hex(substr($hmac, -1)));

    my $part1 = 0 + sprintf("%d", hex(substr($hmac, $offset*2, 8)));
    my $part2 = 0 + sprintf("%d", hex("7fffffff"));

    my $token = substr("".($part1 & $part2), -6);
    return $token;
}

sub  hmac_sha1_hex_string {
   my ($data, $key) = map pack('H*', $_), @_;
   hmac_sha1_hex($data, $key);
}

I am looking for a simple Perl implementation that verifies a Google authenticator token that has been created using a server side secret. For instance,

The following Google URL allows you to encode a server secret in base32 format (in the below case the secret is e4ytonjeim4hcsrhja5fe5kqfu) as a QR code that can be read from Google authenticator app (see image below):
https://chart.googleapis.com/chart?cht=qr&chs=100x100&chl=otpauth%3A%2F%2Ftotp%2Fmysite%3A29%3Fsecret%3De4ytonjeim4hcsrhja5fe5kqfu%26issuer%3Dmysite

Once the QR code is scanned into the authenticator app it produces tokens like: 716340. How do I verify the correctness of the token?

This question is the Perl equivalent of this Python question: Google Authenticator implementation in Python

解决方案

Ok it took a little while but I've got a Perl solution (hopefully this makes up for the slightly lazy question :) Thanks to Borodin for his help with this (Taking the SHA1 HMAC of hex strings in Perl)

#!/usr/bin/perl -w

use strict;
use warnings;

use Convert::Base32;
use Digest::HMAC_SHA1 qw/ hmac_sha1_hex /;

my $base_32_secret = "JBSWY3DPEHPK3PXP";
print "".totp_token($base_32_secret)."\n";

sub totp_token {
    my $secret = shift;

    my $key = unpack("H*", decode_base32($secret));
    my $lpad_time = sprintf("%016x", int(time()/30));
    my $hmac = hmac_sha1_hex_string($lpad_time, $key);

    my $offset = sprintf("%d", hex(substr($hmac, -1)));

    my $part1 = 0 + sprintf("%d", hex(substr($hmac, $offset*2, 8)));
    my $part2 = 0 + sprintf("%d", hex("7fffffff"));

    my $token = substr("".($part1 & $part2), -6);
    return $token;
}

sub  hmac_sha1_hex_string {
   my ($data, $key) = map pack('H*', $_), @_;
   hmac_sha1_hex($data, $key);
}

这篇关于在Perl中实施Google Authenticator的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！