rooty/yubikey-val
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-val.git synced 2024-11-29 00:24:13 +01:00
Code Issues Projects Releases Wiki Activity

Added option to get timestamp and session counters in the response.

Browse Source 
Use with

verify?id=x&otp=xxx..&timestamp=1

returns timestamp, sessoncounter and session use in response
This commit is contained in:
Olov Danielson 2009-10-05 14:53:28 +00:00
parent ad914034fe
commit 65d150ccde
2 changed files with 28 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ykval-common.php
View File

@ -231,17 +231,25 @@ function getClientData($conn, $clientId) {
return null;
} // End getClientData
function sendResp($status, $apiKey = '') {
function sendResp($status, $apiKey = '', $extra = null) {
if ($status == null) {
$status = S_BACKEND_ERROR;
}
$a['status'] = $status;
$a['t'] = getUTCTimeStamp();
if ($extra){
foreach ($extra as $param => $value) $a[$param] = $value;
}
$h = sign($a, $apiKey);
echo "h=" . $h . "\r\n";
echo "t=" . ($a['t']) . "\r\n";
if ($extra){
foreach ($extra as $param => $value) {
echo $param . "=" . $value . "\r\n";
}
}
echo "status=" . ($a['status']) . "\r\n";
echo "\r\n";
}

21
ykval-verify.php
View File

@ -26,6 +26,7 @@ $h = getHttpVal('h', '');
$client = getHttpVal('id', 0);
$otp = getHttpVal('otp', '');
$otp = strtolower($otp);
$timestamp = getHttpVal('timestamp', 0);
//// Get Client info from DB
//
@ -52,6 +53,8 @@ if ($h != '') {
$a = array ();
$a['id'] = $client;
$a['otp'] = $otp;
// include timestamp in signature if it exists
if ($timestamp) $a['timestamp'] = $timestamp;
$hmac = sign($a, $apiKey);
// Compare it
@ -159,7 +162,14 @@ if ($sessionCounter == $seenSessionCounter && $sessionUse > $seenSessionUse) {
$now = time();
$elapsed = $now - $lastTime;
$deviation = abs($elapsed - $tsDelta);
$percent = $deviation/$elapsed;
// Time delta server might verify multiple OTPS in a row. In such case validation server doesn't
// have time to tick a whole second and we need to avoid division by zero.
if ($elapsed != 0) {
$percent = $deviation/$elapsed;
} else {
$percent = 1;
}
debug("Timestamp seen=" . $seenTs . " this=" . $ts .
" delta=" . $tsDiff . ' secs=' . $tsDelta .
' accessed=' . $lastTime .' (' . $ad['accessed'] . ') now='
@ -176,5 +186,12 @@ if ($sessionCounter == $seenSessionCounter && $sessionUse > $seenSessionUse) {
}
}
sendResp(S_OK, $apiKey);
if ($timestamp==1){
$extra['timestamp'] = ($otpinfo['high'] << 16) + $otpinfo['low'];
$extra['sessioncounter'] = $sessionCounter;
$extra['sessionuse'] = $sessionUse;
sendResp(S_OK, $apiKey, $extra);
} else {
sendResp(S_OK, $apiKey);
}
?>