(PHP ActiveX) HOTP Algorithm: HMAC-Based One-Time Password Algorithm

Demonstrates how to generate an HMAC one-time password (HOTP) as specified in RFC 4226.

Note: This example requires Chilkat v9.5.0.77 or greater.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows Note: The php_com_dotnet.dll may need to be enabled inside of php.ini.

<?php

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Crypt2')
$crypt = new COM("Chilkat.Crypt2");

// Duplicate the following results from RFC 4226

// Appendix D - HOTP Algorithm: Test Values
// 
//   The following test data uses the ASCII string
//   "12345678901234567890" for the secret:
// 
//   Secret = 0x3132333435363738393031323334353637383930
// 
//                     Truncated
//   Count    Hexadecimal    Decimal        HOTP
//   0        4c93cf18       1284755224     755224
//   1        41397eea       1094287082     287082
//   2         82fef30        137359152     359152
//   3        66ef7655       1726969429     969429
//   4        61c5938a       1640338314     338314
//   5        33c083d4        868254676     254676
//   6        7256c032       1918287922     287922
//   7         4e5b397         82162583     162583
//   8        2823443f        673399871     399871
//   9        2679dc69        645520489     520489

$secret = '12345678901234567890';

for ($count = 0; $count <= 9; $count++) {
    $counterHex = $crypt->encodeInt($count,8,0,'hex');
    $hotp = $crypt->hotp($secret,'ascii',$counterHex,6,-1,'sha1');
    print $count . '  HOTP = ' . $hotp . "\n";
}

// Output is:
// 0  HOTP = 755224
// 1  HOTP = 287082
// 2  HOTP = 359152
// 3  HOTP = 969429
// 4  HOTP = 338314
// 5  HOTP = 254676
// 6  HOTP = 287922
// 7  HOTP = 162583
// 8  HOTP = 399871
// 9  HOTP = 520489

?>