1
0
mirror of https://github.com/Yubico/yubikey-val.git synced 2024-11-29 09:24:12 +01:00
yubikey-val/common.php

82 lines
2.1 KiB
PHP
Raw Normal View History

2008-09-26 05:21:11 +02:00
<?php
define('S_OK', 'OK');
define('S_BAD_OTP', 'BAD_OTP');
define('S_BAD_CLIENT', 'BAD_CLIENT'); // New, added by paul 20080920
define('S_REPLAYED_OTP', 'REPLAYED_OTP');
define('S_BAD_SIGNATURE', 'BAD_SIGNATURE');
define('S_MISSING_PARAMETER', 'MISSING_PARAMETER');
//define('S_NO_SUCH_CLIENT', 'NO_SUCH_CLIENT'); // Deprecated by paul 20080920
define('S_OPERATION_NOT_ALLOWED', 'OPERATION_NOT_ALLOWED');
define('S_BACKEND_ERROR', 'BACKEND_ERROR');
2008-12-03 08:49:32 +01:00
define('S_SECURITY_ERROR', 'SECURITY_ERROR');
2008-12-03 20:38:55 +01:00
define('TS_SEC', 0.119);
2008-12-03 08:49:32 +01:00
define('TS_TOLERANCE', 0.3);
2008-09-26 05:21:11 +02:00
2008-09-26 07:00:41 +02:00
function debug($msg, $exit = false) {
2008-09-26 05:21:11 +02:00
global $trace;
if ($trace) {
if (is_array($msg)) {
2008-10-08 08:29:19 +02:00
//print_r($msg);
2008-09-26 05:21:11 +02:00
} else {
2008-10-08 08:29:19 +02:00
echo '<p>Debug> ' . $msg;
2008-09-26 05:21:11 +02:00
}
echo "\n";
}
if ($exit) {
2008-09-26 07:00:41 +02:00
die('<font color=red><h4>Exit</h4></font>');
2008-09-26 05:21:11 +02:00
}
}
2008-09-26 07:00:41 +02:00
function genRandRaw($len) {
$h = hash_hmac('sha1', rand(9999,9999999), 'dj*ccbcuiiurubrvnubcdluul', true);
$a = str_split($h);
//print_r($a);
$a = array_slice($a, 0, $len);
//print_r($a);
$s = implode($a);
//outputToFile('out', $s);
return $s;
2008-09-26 05:21:11 +02:00
}
2008-11-21 07:41:13 +01:00
// Return eg. 2008-11-21T06:11:55
//
2008-09-27 11:04:49 +02:00
function getUTCTimeStamp() {
date_default_timezone_set('UTC');
2008-11-21 07:41:13 +01:00
return date('Y-m-d\TH:i:s', time());
2008-09-27 11:04:49 +02:00
}
// Sign a http query string in the array of key-value pairs
// return b64 encoded hmac hash
2008-10-08 08:29:19 +02:00
function sign($a, $apiKey, $debug=false) {
2008-09-27 11:04:49 +02:00
ksort($a);
$qs = '';
$n = count($a);
$i = 0;
foreach (array_keys($a) as $key) {
2008-11-21 22:41:26 +01:00
$qs .= trim($key).'='.trim($a[$key]);
2008-09-27 11:04:49 +02:00
if (++$i < $n) {
$qs .= '&';
}
}
// Generate the signature
2008-12-09 00:42:05 +01:00
// debug('API key: '.base64_encode($apiKey)); // API key of the client
2008-10-08 08:29:19 +02:00
debug('SIGN: '.$qs);
2008-09-27 11:04:49 +02:00
// the TRUE at the end states we want the raw value, not hexadecimal form
$hmac = hash_hmac('sha1', utf8_encode($qs), $apiKey, true);
$hmac = base64_encode($hmac);
2008-10-08 08:29:19 +02:00
if ($debug) {
2008-12-09 00:42:05 +01:00
debug('h='.$hmac);
2008-10-08 08:29:19 +02:00
}
2008-09-27 11:04:49 +02:00
return $hmac;
2008-10-08 08:29:19 +02:00
} // sign an array of query string
2008-09-27 11:04:49 +02:00
2008-09-26 07:00:41 +02:00
function outputToFile($outFname, $content, $mode, $append = false) {
$out = fopen($outFname, ($append ? "a" : "w"));
fwrite($out, $content);
fclose($out);
2008-09-26 05:21:11 +02:00
}
?>