yubikey-val/ykval-verify.php

<?php
require_once 'ykval-common.php';
require_once 'ykval-config.php';

$apiKey = '';

header("content-type: text/plain");

debug("Request: " . $_SERVER['QUERY_STRING']);

$conn = mysql_connect($baseParams['__YKVAL_DB_HOST__'],
		      $baseParams['__YKVAL_DB_USER__'],
		      $baseParams['__YKVAL_DB_PW__']);
if (!$conn) {
  sendResp(S_BACKEND_ERROR, $apiKey);
  exit;
}
if (!mysql_select_db($baseParams['__YKVAL_DB_NAME__'], $conn)) {
  sendResp(S_BACKEND_ERROR, $apiKey);
  exit;
}

//// Extract values from HTTP request
//
$h = getHttpVal('h', '');
$client = getHttpVal('id', 0);
$otp = getHttpVal('otp', '');
$otp = strtolower($otp);
$timestamp = getHttpVal('timestamp', 0);

//// Get Client info from DB
//
if ($client <= 0) {
  debug('Client ID is missing');
  sendResp(S_MISSING_PARAMETER, $apiKey);
  exit;
}

$cd = getClientData($conn, $client);
if ($cd == null) {
  debug('Invalid client id ' . $client);
  sendResp(S_NO_SUCH_CLIENT);
  exit;
}
debug("Client data:", $cd);

//// Check client signature
//
$apiKey = base64_decode($cd['secret']);

if ($h != '') {
  // Create the signature using the API key
  $a = array ();
  $a['id'] = $client;
  $a['otp'] = $otp;
  // include timestamp in signature if it exists
  if ($timestamp) $a['timestamp'] = $timestamp;
  $hmac = sign($a, $apiKey);

  // Compare it
  if ($hmac != $h) {
    debug('client hmac=' . $h . ', server hmac=' . $hmac);
    sendResp(S_BAD_SIGNATURE, $apiKey);
    exit;
  }
}

//// Sanity check OTP
//
if ($otp == '') {
  debug('OTP is missing');
  sendResp(S_MISSING_PARAMETER, $apiKey);
  exit;
}
if (strlen($otp) <= TOKEN_LEN) {
  debug('Too short OTP: ' . $otp);
  sendResp(S_BAD_OTP, $apiKey);
  exit;
}

//// Which YK-KSM should we talk to?
//
$urls = otp2ksmurls ($otp, $client);
if (!is_array($urls)) {
  sendResp(S_BACKEND_ERROR, $apiKey);
  exit;
}

//// Decode OTP from input
//
$otpinfo = KSMdecryptOTP($urls);
if (!is_array($otpinfo)) {
  sendResp(S_BAD_OTP, $apiKey);
  exit;
}
debug("Decrypted OTP:", $otpinfo);

//// Get Yubikey from DB
//
$devId = substr($otp, 0, strlen ($otp) - TOKEN_LEN);
$ad = getAuthData($conn, $devId);
if (!is_array($ad)) {
  debug('Discovered Yubikey ' . $devId);
  addNewKey($conn, $devId);
  $ad = getAuthData($conn, $devId);
  if (!is_array($ad)) {
    debug('Invalid Yubikey ' . $devId);
    sendResp(S_BACKEND_ERROR, $apiKey);
    exit;
  }
}
debug("Auth data:", $ad);
if ($ad['active'] != 1) {
  debug('De-activated Yubikey ' . $devId);
  sendResp(S_BAD_OTP, $apiKey);
  exit;
}

//// Check the session counter
//
$sessionCounter = $otpinfo["session_counter"]; // From the req
$seenSessionCounter = $ad['counter']; // From DB
if ($sessionCounter < $seenSessionCounter) {
  debug("Replay, session counter, seen=" . $seenSessionCounter .
	" this=" . $sessionCounter);
  sendResp(S_REPLAYED_OTP, $apiKey);
  exit;
}

//// Check the session use
//
$sessionUse = $otpinfo["session_use"]; // From the req
$seenSessionUse = $ad['sessionUse']; // From DB
if ($sessionCounter == $seenSessionCounter && $sessionUse <= $seenSessionUse) {
  debug("Replay, session use, seen=" . $seenSessionUse .
	' this=' . $sessionUse);
  sendResp(S_REPLAYED_OTP, $apiKey);
  exit;
}

//// Valid OTP, update database
//
$stmt = 'UPDATE yubikeys SET accessed=NOW()' .
  ', counter=' .$otpinfo['session_counter'] .
  ', sessionUse=' . $otpinfo['session_use'] .
  ', low=' . $otpinfo['low'] .
  ', high=' . $otpinfo['high'] .
  ' WHERE id=' . $ad['id'];
query($conn, $stmt);

//// Check the time stamp
//
if ($sessionCounter == $seenSessionCounter && $sessionUse > $seenSessionUse) {
  $ts = ($otpinfo['high'] << 16) + $otpinfo['low'];
  $seenTs = ($ad['high'] << 16) + $ad['low'];
  $tsDiff = $ts - $seenTs;
  $tsDelta = $tsDiff * TS_SEC;

  //// Check the real time
  //
  $lastTime = strtotime($ad['accessed']);
  $now = time();
  $elapsed = $now - $lastTime;
  $deviation = abs($elapsed - $tsDelta);

  // Time delta server might verify multiple OTPS in a row. In such case validation server doesn't 
  // have time to tick a whole second and we need to avoid division by zero. 
  if ($elapsed != 0) {
    $percent = $deviation/$elapsed;
  } else {
    $percent = 1;
  }
  debug("Timestamp seen=" . $seenTs . " this=" . $ts .
	" delta=" . $tsDiff . ' secs=' . $tsDelta .
	' accessed=' . $lastTime .' (' . $ad['accessed'] . ') now='
	. $now . ' (' . strftime("%Y-%m-%d %H:%M:%S", $now)
	. ') elapsed=' . $elapsed .
	' deviation=' . $deviation . ' secs or '.
	round(100*$percent) . '%');
  if ($deviation > TS_ABS_TOLERANCE && $percent > TS_REL_TOLERANCE) {
    debug("OTP failed phishing test");
    if (0) {
      sendResp(S_DELAYED_OTP, $apiKey);
      exit;
    }
  }
}

if ($timestamp==1){
  $extra['timestamp'] = ($otpinfo['high'] << 16) + $otpinfo['low'];
  $extra['sessioncounter'] = $sessionCounter;
  $extra['sessionuse'] = $sessionUse;
  sendResp(S_OK, $apiKey, $extra);
 } else {
  sendResp(S_OK, $apiKey);
 }  
?>
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00			`<?php`
Rename and cleanup. 2009-05-04 16:41:18 +02:00			`require_once 'ykval-common.php';`
			`require_once 'ykval-config.php';`
Init, experiment 2008-09-17 19:11:16 +02:00
Cleanups. 2009-05-06 17:07:05 +02:00			`$apiKey = '';`

Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00			`header("content-type: text/plain");`
Init, experiment 2008-09-17 19:11:16 +02:00
Code cleanups. 2009-03-11 01:54:19 +01:00			`debug("Request: " . $_SERVER['QUERY_STRING']);`
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00
Lay foundation for get-api-key service. 2009-08-28 12:55:56 +02:00			`$conn = mysql_connect($baseParams['__YKVAL_DB_HOST__'],`
			`$baseParams['__YKVAL_DB_USER__'],`
			`$baseParams['__YKVAL_DB_PW__']);`
Don't use die. 2009-05-06 16:23:04 +02:00			`if (!$conn) {`
Cleanups. 2009-05-06 17:07:05 +02:00			`sendResp(S_BACKEND_ERROR, $apiKey);`
Don't use die. 2009-05-06 16:23:04 +02:00			`exit;`
			`}`
Lay foundation for get-api-key service. 2009-08-28 12:55:56 +02:00			`if (!mysql_select_db($baseParams['__YKVAL_DB_NAME__'], $conn)) {`
Cleanups. 2009-05-06 17:07:05 +02:00			`sendResp(S_BACKEND_ERROR, $apiKey);`
Don't use die. 2009-05-06 16:23:04 +02:00			`exit;`
			`}`
Cleanup. 2009-03-11 02:42:23 +01:00
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00			`//// Extract values from HTTP request`
			`//`
Sanity check OTP before asking KSM, to get a better error code. 2009-03-18 15:39:32 +01:00			`$h = getHttpVal('h', '');`
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00			`$client = getHttpVal('id', 0);`
			`$otp = getHttpVal('otp', '');`
			`$otp = strtolower($otp);`
Added option to get timestamp and session counters in the response. Use with verify?id=x&otp=xxx..&timestamp=1 returns timestamp, sessoncounter and session use in response 2009-10-05 16:53:28 +02:00			`$timestamp = getHttpVal('timestamp', 0);`
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00
			`//// Get Client info from DB`
			`//`
Cleanups. 2009-05-06 17:07:05 +02:00			`if ($client <= 0) {`
			`debug('Client ID is missing');`
			`sendResp(S_MISSING_PARAMETER, $apiKey);`
			`exit;`
			`}`

More cleanups. 2009-03-11 03:06:02 +01:00			`$cd = getClientData($conn, $client);`
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00			`if ($cd == null) {`
Cleanups. 2009-05-06 17:07:05 +02:00			`debug('Invalid client id ' . $client);`
			`sendResp(S_NO_SUCH_CLIENT);`
			`exit;`
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00			`}`
Support parallel queries to multiple KSMs. 2009-04-27 19:57:24 +02:00			`debug("Client data:", $cd);`
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00
			`//// Check client signature`
			`//`
			`$apiKey = base64_decode($cd['secret']);`

Always check signatures. 2009-03-18 16:05:59 +01:00			`if ($h != '') {`
Cleanups. 2009-05-06 17:07:05 +02:00			`// Create the signature using the API key`
			`$a = array ();`
			`$a['id'] = $client;`
			`$a['otp'] = $otp;`
Added option to get timestamp and session counters in the response. Use with verify?id=x&otp=xxx..&timestamp=1 returns timestamp, sessoncounter and session use in response 2009-10-05 16:53:28 +02:00			`// include timestamp in signature if it exists`
			`if ($timestamp) $a['timestamp'] = $timestamp;`
Cleanups. 2009-05-06 17:07:05 +02:00			`$hmac = sign($a, $apiKey);`

			`// Compare it`
			`if ($hmac != $h) {`
			`debug('client hmac=' . $h . ', server hmac=' . $hmac);`
			`sendResp(S_BAD_SIGNATURE, $apiKey);`
			`exit;`
			`}`
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00			`}`

Sanity check OTP before asking KSM, to get a better error code. 2009-03-18 15:39:32 +01:00			`//// Sanity check OTP`
			`//`
Cleanups. 2009-05-06 17:07:05 +02:00			`if ($otp == '') {`
			`debug('OTP is missing');`
			`sendResp(S_MISSING_PARAMETER, $apiKey);`
			`exit;`
			`}`
Sanity check OTP before asking KSM, to get a better error code. 2009-03-18 15:39:32 +01:00			`if (strlen($otp) <= TOKEN_LEN) {`
			`debug('Too short OTP: ' . $otp);`
Cleanups. 2009-05-06 17:07:05 +02:00			`sendResp(S_BAD_OTP, $apiKey);`
Sanity check OTP before asking KSM, to get a better error code. 2009-03-18 15:39:32 +01:00			`exit;`
			`}`

Support parallel queries to multiple KSMs. 2009-04-27 19:57:24 +02:00			`//// Which YK-KSM should we talk to?`
			`//`
			`$urls = otp2ksmurls ($otp, $client);`
			`if (!is_array($urls)) {`
Cleanups. 2009-05-06 17:07:05 +02:00			`sendResp(S_BACKEND_ERROR, $apiKey);`
Support parallel queries to multiple KSMs. 2009-04-27 19:57:24 +02:00			`exit;`
			`}`

Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00			`//// Decode OTP from input`
			`//`
Support parallel queries to multiple KSMs. 2009-04-27 19:57:24 +02:00			`$otpinfo = KSMdecryptOTP($urls);`
Improve checking of OTPs. 2009-03-11 01:19:59 +01:00			`if (!is_array($otpinfo)) {`
Cleanups. 2009-05-06 17:07:05 +02:00			`sendResp(S_BAD_OTP, $apiKey);`
			`exit;`
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00			`}`
Support parallel queries to multiple KSMs. 2009-04-27 19:57:24 +02:00			`debug("Decrypted OTP:", $otpinfo);`
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00
Reorder db query after yk-ksm query. 2009-03-11 12:02:55 +01:00			`//// Get Yubikey from DB`
			`//`
Don't hard code prefix length. 2009-03-18 12:00:48 +01:00			`$devId = substr($otp, 0, strlen ($otp) - TOKEN_LEN);`
Reorder db query after yk-ksm query. 2009-03-11 12:02:55 +01:00			`$ad = getAuthData($conn, $devId);`
Auto-discover yubikeys known by the ykksm. 2009-04-01 18:09:29 +02:00			`if (!is_array($ad)) {`
Cleanups. 2009-05-06 17:07:05 +02:00			`debug('Discovered Yubikey ' . $devId);`
			`addNewKey($conn, $devId);`
			`$ad = getAuthData($conn, $devId);`
			`if (!is_array($ad)) {`
			`debug('Invalid Yubikey ' . $devId);`
			`sendResp(S_BACKEND_ERROR, $apiKey);`
			`exit;`
			`}`
Reorder db query after yk-ksm query. 2009-03-11 12:02:55 +01:00			`}`
Support parallel queries to multiple KSMs. 2009-04-27 19:57:24 +02:00			`debug("Auth data:", $ad);`
Auto-discover yubikeys known by the ykksm. 2009-04-01 18:09:29 +02:00			`if ($ad['active'] != 1) {`
Cleanups. 2009-05-06 17:07:05 +02:00			`debug('De-activated Yubikey ' . $devId);`
			`sendResp(S_BAD_OTP, $apiKey);`
			`exit;`
Auto-discover yubikeys known by the ykksm. 2009-04-01 18:09:29 +02:00			`}`
Reorder db query after yk-ksm query. 2009-03-11 12:02:55 +01:00
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00			`//// Check the session counter`
			`//`
Improve checking of OTPs. 2009-03-11 01:19:59 +01:00			`$sessionCounter = $otpinfo["session_counter"]; // From the req`
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00			`$seenSessionCounter = $ad['counter']; // From DB`
Improve checking of OTPs. 2009-03-11 01:19:59 +01:00			`if ($sessionCounter < $seenSessionCounter) {`
Cleanups. 2009-05-06 17:07:05 +02:00			`debug("Replay, session counter, seen=" . $seenSessionCounter .`
			`" this=" . $sessionCounter);`
			`sendResp(S_REPLAYED_OTP, $apiKey);`
			`exit;`
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00			`}`

			`//// Check the session use`
			`//`
Improve checking of OTPs. 2009-03-11 01:19:59 +01:00			`$sessionUse = $otpinfo["session_use"]; // From the req`
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00			`$seenSessionUse = $ad['sessionUse']; // From DB`
Improve checking of OTPs. 2009-03-11 01:19:59 +01:00			`if ($sessionCounter == $seenSessionCounter && $sessionUse <= $seenSessionUse) {`
Cleanups. 2009-05-06 17:07:05 +02:00			`debug("Replay, session use, seen=" . $seenSessionUse .`
			`' this=' . $sessionUse);`
			`sendResp(S_REPLAYED_OTP, $apiKey);`
			`exit;`
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00			`}`

Code cleanups. 2009-03-11 01:54:19 +01:00			`//// Valid OTP, update database`
			`//`
			`$stmt = 'UPDATE yubikeys SET accessed=NOW()' .`
			`', counter=' .$otpinfo['session_counter'] .`
			`', sessionUse=' . $otpinfo['session_use'] .`
			`', low=' . $otpinfo['low'] .`
			`', high=' . $otpinfo['high'] .`
			`' WHERE id=' . $ad['id'];`
More cleanups. 2009-03-11 03:06:02 +01:00			`query($conn, $stmt);`
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00
Improve checking of OTPs. 2009-03-11 01:19:59 +01:00			`//// Check the time stamp`
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00			`//`
Improve checking of OTPs. 2009-03-11 01:19:59 +01:00			`if ($sessionCounter == $seenSessionCounter && $sessionUse > $seenSessionUse) {`
Use YKKSM instead of local secret. Remove more code. 2009-03-11 02:37:07 +01:00			`$ts = ($otpinfo['high'] << 16) + $otpinfo['low'];`
Improve checking of OTPs. 2009-03-11 01:19:59 +01:00			`$seenTs = ($ad['high'] << 16) + $ad['low'];`
			`$tsDiff = $ts - $seenTs;`
			`$tsDelta = $tsDiff * TS_SEC;`

			`//// Check the real time`
			`//`
			`$lastTime = strtotime($ad['accessed']);`
			`$now = time();`
			`$elapsed = $now - $lastTime;`
			`$deviation = abs($elapsed - $tsDelta);`
Added option to get timestamp and session counters in the response. Use with verify?id=x&otp=xxx..&timestamp=1 returns timestamp, sessoncounter and session use in response 2009-10-05 16:53:28 +02:00
			`// Time delta server might verify multiple OTPS in a row. In such case validation server doesn't`
			`// have time to tick a whole second and we need to avoid division by zero.`
			`if ($elapsed != 0) {`
			`$percent = $deviation/$elapsed;`
			`} else {`
			`$percent = 1;`
			`}`
Improve checking of OTPs. 2009-03-11 01:19:59 +01:00			`debug("Timestamp seen=" . $seenTs . " this=" . $ts .`
			`" delta=" . $tsDiff . ' secs=' . $tsDelta .`
			`' accessed=' . $lastTime .' (' . $ad['accessed'] . ') now='`
			`. $now . ' (' . strftime("%Y-%m-%d %H:%M:%S", $now)`
			`. ') elapsed=' . $elapsed .`
			`' deviation=' . $deviation . ' secs or '.`
Use absolute timestamp tolerance as well. 2009-03-11 01:26:57 +01:00			`round(100*$percent) . '%');`
			`if ($deviation > TS_ABS_TOLERANCE && $percent > TS_REL_TOLERANCE) {`
Improve checking of OTPs. 2009-03-11 01:19:59 +01:00			`debug("OTP failed phishing test");`
Drop chk_time. 2009-05-06 15:20:40 +02:00			`if (0) {`
Cleanups. 2009-05-06 17:07:05 +02:00			`sendResp(S_DELAYED_OTP, $apiKey);`
Improve checking of OTPs. 2009-03-11 01:19:59 +01:00			`exit;`
			`}`
			`}`
Move verifyOTP.php to verify.php. 2009-03-10 23:20:56 +01:00			`}`

Added option to get timestamp and session counters in the response. Use with verify?id=x&otp=xxx..&timestamp=1 returns timestamp, sessoncounter and session use in response 2009-10-05 16:53:28 +02:00			`if ($timestamp==1){`
			`$extra['timestamp'] = ($otpinfo['high'] << 16) + $otpinfo['low'];`
			`$extra['sessioncounter'] = $sessionCounter;`
			`$extra['sessionuse'] = $sessionUse;`
			`sendResp(S_OK, $apiKey, $extra);`
			`} else {`
			`sendResp(S_OK, $apiKey);`
			`}`
Init, experiment 2008-09-17 19:11:16 +02:00			`?>`