zoukankan      html  css  js  c++  java

  • C# Totp加密验证码算法实现

    using System;
using System.Security.Cryptography;
using System.Text;

namespace WeihanLi.Totp
{
    public class Totp
    {
        private readonly OtpHashAlgorithm _hashAlgorithm;
        private readonly int _codeSize;

        public Totp() : this(OtpHashAlgorithm.SHA1, 6)
        {
        }

        public Totp(OtpHashAlgorithm otpHashAlgorithm, int codeSize)
        {
            _hashAlgorithm = otpHashAlgorithm;

            // valid input parameter
            if (codeSize <= 0 || codeSize > 10)
            {
                throw new ArgumentOutOfRangeException(nameof(codeSize), codeSize, "length must between 1 and 9");
            }
            _codeSize = codeSize;
        }

        private static readonly Encoding Encoding = new UTF8Encoding(false, true);

        public virtual string Compute(string securityToken) => Compute(Encoding.GetBytes(securityToken));

        public virtual string Compute(byte[] securityToken) => Compute(securityToken, GetCurrentTimeStepNumber());

        private string Compute(byte[] securityToken, long counter)
        {
            HMAC hmac;
            switch (_hashAlgorithm)
            {
                case OtpHashAlgorithm.SHA1:
                    hmac = new HMACSHA1(securityToken);
                    break;

                case OtpHashAlgorithm.SHA256:
                    hmac = new HMACSHA256(securityToken);
                    break;

                case OtpHashAlgorithm.SHA512:
                    hmac = new HMACSHA512(securityToken);
                    break;

                default:
                    throw new ArgumentOutOfRangeException(nameof(_hashAlgorithm), _hashAlgorithm, null);
            }

            using (hmac)
            {
                var stepBytes = BitConverter.GetBytes(counter);
                if (BitConverter.IsLittleEndian)
                {
                    Array.Reverse(stepBytes); // need BigEndian
                }
                // See https://tools.ietf.org/html/rfc4226
                var hashResult = hmac.ComputeHash(stepBytes);

                var offset = hashResult[hashResult.Length - 1] & 0xf;
                var p = "";
                for (var i = 0; i < 4; i++)
                {
                    p += hashResult[offset + i].ToString("X2");
                }
                var num = Convert.ToInt64(p, 16) & 0x7FFFFFFF;

                //var binaryCode = (hashResult[offset] & 0x7f) << 24
                //                 | (hashResult[offset + 1] & 0xff) << 16
                //                 | (hashResult[offset + 2] & 0xff) << 8
                //                 | (hashResult[offset + 3] & 0xff);

                return (num % (int)Math.Pow(10, _codeSize)).ToString();
            }
        }

        public virtual bool Verify(string securityToken, string code) => Verify(Encoding.GetBytes(securityToken), code);

        public virtual bool Verify(string securityToken, string code, TimeSpan timeToleration) => Verify(Encoding.GetBytes(securityToken), code, timeToleration);

        public virtual bool Verify(byte[] securityToken, string code) => Verify(securityToken, code, TimeSpan.Zero);

        public virtual bool Verify(byte[] securityToken, string code, TimeSpan timeToleration)
        {
            var futureStep = (int)(timeToleration.TotalSeconds / 30);
            var step = GetCurrentTimeStepNumber();
            for (int i = -futureStep; i <= futureStep; i++)
            {
                if (step + i < 0)
                {
                    continue;
                }
                var totp = Compute(securityToken, step + i);
                if (totp == code)
                {
                    return true;
                }
            }
            return false;
        }

        private static readonly DateTime _unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc);

        /// <summary>
        /// timestep
        /// 30s(Recommend)
        /// </summary>
        private static readonly long _timeStepTicks = TimeSpan.TicksPerSecond * 30;

        // More info: https://tools.ietf.org/html/rfc6238#section-4
        private static long GetCurrentTimeStepNumber()
        {
            var delta = DateTime.UtcNow - _unixEpoch;
            return delta.Ticks / _timeStepTicks;
        }
    }


    public enum OtpHashAlgorithm
    {
        SHA1,
        SHA256,
        SHA512
    }
}
    实现
        var otp = new Totp(OtpHashAlgorithm.SHA1, 4); // 使用 SHA1算法,输出4位
    var secretKey = "12345678901234567890";
    var output = otp.Compute(secretKey);
    Console.WriteLine($"output: {output}");
    Thread.Sleep(1000 * 30);
    var verifyResult = otp.Verify(secretKey, output); // 使用默认的验证方式,30s内有效
    Console.WriteLine($"Verify result: {verifyResult}");
    verifyResult = otp.Verify(secretKey, output, TimeSpan.FromSeconds(60)); // 指定可容忍的时间差,60s内有效
    Console.WriteLine($"Verify result: {verifyResult}");
    使用方式
  • 相关阅读:
    Mac OS terminal 查看内存使用情况的命令
    【教程】5分钟在以太坊上发行自己的代币
    Mac下eclipse的快捷键
    Mac上编辑文本的一些实用快捷键:跳转、选中等操作
    Mysql数据库用source命令导入SQL文件,利用navicat修改MySQL用户root密码,忘记mysql密码如何修改
    比特币1个确认和6个确认的区别在哪里?什么是双花问题?
    以 1、3、bc1 开头的比特币地址都有啥区别?转账手续费那种便宜,隔离见证地址为什么手续费便宜?
    以太坊 2.0 中的 DeFi:城市、郊区、农村
    Mac版navicat生成ER图把表结构导出pdf
    下载文件(API接口,Angularjs前端)
  • 原文地址:https://www.cnblogs.com/FavoriteMango/p/15439761.html
Copyright © 2011-2022 走看看