diff --git a/common.php b/common.php index 9d22a24..422b6d9 100644 --- a/common.php +++ b/common.php @@ -13,9 +13,9 @@ function debug($msg, $exit = false) { global $trace; if ($trace) { if (is_array($msg)) { - print_r($msg); + //print_r($msg); } else { - echo 'debug> ' . $msg; + echo '

Debug> ' . $msg; } echo "\n"; } @@ -42,7 +42,7 @@ function getUTCTimeStamp() { // Sign a http query string in the array of key-value pairs // return b64 encoded hmac hash -function sign($a, $apiKey) { +function sign($a, $apiKey, $debug=false) { ksort($a); $qs = ''; $n = count($a); @@ -56,15 +56,18 @@ function sign($a, $apiKey) { // Generate the signature //debug('API key: '.$apiKey); // API key of the client - debug('Signing: '.$qs); + debug('SIGN: '.$qs); // the TRUE at the end states we want the raw value, not hexadecimal form $hmac = hash_hmac('sha1', utf8_encode($qs), $apiKey, true); $hmac = base64_encode($hmac); - + if ($debug) { + debug('h='.$hmac); + debug('Submit the request >> '); + } return $hmac; -} // SignWithTime +} // sign an array of query string function outputToFile($outFname, $content, $mode, $append = false) { $out = fopen($outFname, ($append ? "a" : "w")); diff --git a/sign_demo.php b/sign_demo.php new file mode 100644 index 0000000..9797a88 --- /dev/null +++ b/sign_demo.php @@ -0,0 +1,37 @@ +

Generate a signature

+ +'. + ''. + 'api key: (use your api key issued to you by Yubico in b64 format): ' . + '

'. + 'id (your client id):

'. + 'otp:

'. + ''. + ''; + exit; +} + +$id = getHttpVal('id', ''); +$otp = getHttpVal('otp', ''); +$t = getHttpVal('t', ''); +$apiKey = base64_decode(getHttpVal('apikey', '')); + +$a['id']=$id; +$a['otp']=$otp; + +if ($t != '') { + $a['t']=$t; +} + +$hmac = sign($a, $apiKey, true); + +?> diff --git a/verifyOTP.php b/verifyOTP.php index df7c577..1957509 100644 --- a/verifyOTP.php +++ b/verifyOTP.php @@ -24,7 +24,6 @@ if ($otp == '') { // $devId = substr($otp, 0, 12); $ad = getAuthData($devId); -debug('Auth Data from DB:'); if ($ad == null) { debug('Invalid Yubikey '.$devId);