rooty/yubikey-val
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-val.git synced 2025-01-20 10:52:15 +01:00
Code Issues Projects Releases Wiki Activity

anti otp phishing

Browse Source
This commit is contained in:
Paul Chen 2008-12-03 18:41:02 +00:00
parent 15b2daaf19
commit 6dc200ad48
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
verifyOTP.php
View File

@ -156,8 +156,9 @@ if ($scDiff == 0) { // Same use session, check time stamp diff
$elapsed = time() - $lastTime; $elapsed = time() - $lastTime;
debug('Elapsed time from last validation: ' . $elapsed . ' secs'); debug('Elapsed time from last validation: ' . $elapsed . ' secs');
$deviation = abs($elapsed - $tsDelta); $deviation = abs($elapsed - $tsDelta);
$percent = truncate($deviation/$elapsed, 8) . '%';
debug("Key time deviation vs. elapsed time=".$deviation.' secs ('. debug("Key time deviation vs. elapsed time=".$deviation.' secs ('.
($deviation/$elapsed).'%)'); $percent.')');
if ($deviation > TS_TOLERANCE * $elapsed) { if ($deviation > TS_TOLERANCE * $elapsed) {
debug("Is the OTP generated from a real crypto key?"); debug("Is the OTP generated from a real crypto key?");
sendResp(S_SECURITY_ERROR); sendResp(S_SECURITY_ERROR);