rooty/yubikey-val
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-val.git synced 2025-01-20 10:52:15 +01:00
Code Issues Projects Releases Wiki Activity

add key

Browse Source
This commit is contained in:
Paul Chen 2008-09-26 03:21:11 +00:00
parent 9336a2c6c4
commit 3ff2d0d93d
3 changed files with 142 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

101
add_key.php Normal file
View File

@ -0,0 +1,101 @@
<?php require_once '../yubiphpbase/appinclude.php';
require_once '../yubiphpbase/yubi_lib.php';
require_once 'common.php';
header("content-type: text/plain");
$trace = 1;
$client = getHttpVal('id', 0);
if ($client <= 0) {
debug('Client ID is missing, default to 1 (root)');
$client = 1;
}
$nonce = getHttpVal('nonce', '');
if ($nonce == '') {
reply(S_MISSING_PARAMETER, '', $client, '', 'nonce');
exit;
}
$h = getHttpVal('h', '');
if ($h == '') {
reply(S_MISSING_PARAMETER, '', $client, $nonce, 'h');
exit;
}
$op = getHttpVal('operation', '');
if ($op == '') {
reply(S_MISSING_PARAMETER, '', $client, $nonce, 'operation');
exit;
} else if ($op != 'add_key') {
reply(S_OPERATION_NOT_ALLOWED, $ci['secret'], $client, $nonce, $op);
exit;
}
$ci = getClientInfo($client);
if (! isset($ci['id'])) {
debug('Client '.$client.' not found!');
$client = 1;
if (($ci = getClientInfo($client)) == null) {
debug('Root client not found, service not installed properly!');
reply(S_BACKEND_ERROR, '', $client, $nonce, 'root client');
exit;
}
reply(S_BAD_CLIENT, $ci['secret'], $client, $nonce);
exit;
}
if ($ci['perm_id'] != 1 && $ci['perm_id'] != 2) {
reply(S_OPERATION_NOT_ALLOWED, $ci['secret'], $client, $nonce, $ci['perm_id']);
exit;
}
$tokenId = genRandB64(6);
$secret = genRandB64(16);
$keyid = addNewKey($tokenId, 1, $secret, '', $client);
if ($keyid > 0) {
debug('Key '.$keyid.' added');
reply(S_OK, $ci['secret'], $client, $nonce);
} else {
reply(S_BACKEND_ERROR, $ci['secret'], $client, $nonce);
exit;
}
function reply($status, $apiKey, $client_id, $nonce, $info=null) {
global $tokenId;
if ($status == null) {
$status = S_BACKEND_ERROR;
}
date_default_timezone_set('UTC');
$timestamp = date('Y-m-d\TH:i:s\ZZ', time());
//// Prepare the response to the user
//
$respParams = 'status='.$status.'&t='.$timestamp;
// Generate the signature
debug('API key: '.$apiKey); // API key of the client
debug('Signing: '.$respParams);
// the TRUE at the end states we want the raw value, not hexadecimal form
$hmac = hash_hmac('sha1', utf8_encode($respParams), $apiKey, true);
//outputToFile('hmac', $hmac, "b");
// now take that byte value and base64 encode it
$hmac = base64_encode($hmac);
echo 'h='.$hmac.PHP_EOL;
if ($info != null) {
echo 'info='.$info.PHP_EOL;
}
echo 'nonce='.$nonce.PHP_EOL;
echo 'status='.$status.PHP_EOL;
echo 't='.$timestamp.PHP_EOL;
echo PHP_EOL;
} // End reply
?>

39
common.php Normal file
View File

@ -0,0 +1,39 @@
<?php
define('S_OK', 'OK');
define('S_BAD_OTP', 'BAD_OTP');
define('S_BAD_CLIENT', 'BAD_CLIENT'); // New, added by paul 20080920
define('S_REPLAYED_OTP', 'REPLAYED_OTP');
define('S_BAD_SIGNATURE', 'BAD_SIGNATURE');
define('S_MISSING_PARAMETER', 'MISSING_PARAMETER');
//define('S_NO_SUCH_CLIENT', 'NO_SUCH_CLIENT'); // Deprecated by paul 20080920
define('S_OPERATION_NOT_ALLOWED', 'OPERATION_NOT_ALLOWED');
define('S_BACKEND_ERROR', 'BACKEND_ERROR');
function debug($msg, $exit=false) {
global $trace;
if ($trace) {
if (is_array($msg)) {
print_r($msg);
} else {
echo 'debug> '.$msg;
}
echo "\n";
}
if ($exit) {
die ('<font color=red><h4>Exit</h4></font>');
}
}
function genRandB64($len) {
$r = hash('sha1', rand(999,99999999));
$r = substr(0,$len);
return base64_encode($r);
}
function outputToFile($outFname, $content, $mode, $append=false) {
$out = fopen($outFname, ($append ? "a" : "w"));
fwrite($out, $content);
fclose($out);
}
?>

31
verifyOTP.php
View File

@ -1,15 +1,6 @@
<?php require_once '../yubiphpbase/appinclude.php'; <?php require_once '../yubiphpbase/appinclude.php';
require_once '../yubiphpbase/yubi_lib.php'; require_once '../yubiphpbase/yubi_lib.php';
require_once 'common.php';
define('S_OK', 'OK');
define('S_BAD_OTP', 'BAD_OTP');
define('S_BAD_CLIENT', 'BAD_CLIENT'); // New, added by paul 20080920
define('S_REPLAYED_OTP', 'REPLAYED_OTP');
define('S_BAD_SIGNATURE', 'BAD_SIGNATURE');
define('S_MISSING_PARAMETER', 'MISSING_PARAMETER');
//define('S_NO_SUCH_CLIENT', 'NO_SUCH_CLIENT'); // Deprecated by paul 20080920
define('S_OPERATION_NOT_ALLOWED', 'OPERATION_NOT_ALLOWED');
define('S_BACKEND_ERROR', 'BACKEND_ERROR');
header("content-type: text/plain"); header("content-type: text/plain");
@ -206,21 +197,6 @@ function sendResp($status, $info=null) {
} // End sendResp } // End sendResp
function debug($msg, $exit=false) {
global $trace;
if ($trace) {
if (is_array($msg)) {
print_r($msg);
} else {
echo 'debug> '.$msg;
}
echo "\n";
}
if ($exit) {
die ('<font color=red><h4>Exit</h4></font>');
}
}
function updDB($keyid, $new) { function updDB($keyid, $new) {
$stmt = 'UPDATE yubikeys SET '. $stmt = 'UPDATE yubikeys SET '.
'accessed=NOW(),'. 'accessed=NOW(),'.
@ -237,9 +213,4 @@ function updDB($keyid, $new) {
return true; return true;
} }
function outputToFile($outFname, $content, $mode, $append=false) {
$out = fopen($outFname, ($append ? "a" : "w"));
fwrite($out, $content);
fclose($out);
}
?> ?>