function KSMdecryptOTP($urls, $logger, $curlopts) { if (!is_array($urls)) { $urls = array($urls); } $response = retrieveURLasync('YK-KSM', $urls, $logger, $ans_req = 1, $match = '^OK', $returl = False, $timeout = 10, $curlopts); if ($response === FALSE) { return false; } $response = array_shift($response); $logger->log(LOG_DEBUG, log_format('YK-KSM response: ', $response)); $ret = array(); if (sscanf($response, 'OK counter=%04x low=%04x high=%02x use=%02x', $ret['session_counter'], $ret['low'], $ret['high'], $ret['session_use']) !== 4) { return false; } return $ret; }
public function sync($ans_req, $timeout = 1) { // construct URLs $urls = array(); $res = $this->db->findByMultiple('queue', array('modified' => $this->otpParams['modified'], 'server_nonce' => $this->server_nonce)); foreach ($res as $row) { $urls[] = $row['server'] . "?otp=" . $row['otp'] . "&modified=" . $row['modified'] . "&" . $this->otpPartFromInfoString($row['info']); } // send out requests $ans_arr = retrieveURLasync('YK-VAL sync', $urls, $this->myLog, $ans_req, $match = 'status=OK', $returl = True, $timeout, $this->curlopts); if ($ans_arr === FALSE) { $this->log(LOG_WARNING, 'No responses from validation server pool'); $ans_arr = array(); } // parse responses $localParams = $this->localParams; $this->answers = count($ans_arr); $this->valid_answers = 0; foreach ($ans_arr as $answer) { // parse out parameters from each response $resParams = $this->parseParamsFromMultiLineString($answer); $this->log(LOG_DEBUG, 'local db contains ', $localParams); $this->log(LOG_DEBUG, 'response contains ', $resParams); $this->log(LOG_DEBUG, 'OTP contains ', $this->otpParams); // update internal DB (conditional) $this->updateDbCounters($resParams); /** * Check for warnings * * See https://developers.yubico.com/yubikey-val/doc/ServerReplicationProtocol.html * * NOTE: We use localParams for validationParams comparison since they are actually the * same in this situation and we have them at hand. */ if ($this->countersHigherThan($localParams, $resParams)) { $this->log(LOG_NOTICE, 'Remote server out of sync'); } if ($this->countersHigherThan($resParams, $localParams)) { $this->log(LOG_NOTICE, 'Local server out of sync'); } if ($this->countersEqual($resParams, $localParams) && $resParams['nonce'] != $localParams['nonce']) { $this->log(LOG_NOTICE, 'Servers out of sync. Nonce differs. '); } if ($this->countersEqual($resParams, $localParams) && $resParams['modified'] != $localParams['modified']) { $this->log(LOG_NOTICE, 'Servers out of sync. Modified differs. '); } if ($this->countersHigherThan($resParams, $this->otpParams)) { $this->log(LOG_WARNING, 'OTP is replayed. Sync response counters higher than OTP counters.'); } elseif ($this->countersEqual($resParams, $this->otpParams) && $resParams['nonce'] != $this->otpParams['nonce']) { $this->log(LOG_WARNING, 'OTP is replayed. Sync response counters equal to OTP counters and nonce differs.'); } else { // the answer is ok since a REPLAY was not indicated $this->valid_answers++; } // delete entry from table $this->deleteQueueEntry($answer); } /** * NULL queued_time for remaining entries in queue, to allow * daemon to take care of them as soon as possible. */ $this->db->updateBy('queue', 'server_nonce', $this->server_nonce, array('queued' => NULL)); /** * Return true if valid answers equals required answers. * Since we only obtain the required amount of answers from * retrieveAsync this indicates that all answers were actually valid. * Otherwise, return false. */ if ($this->valid_answers == $ans_req) { return true; } return false; }
function KSMdecryptOTP($urls) { $ret = array(); if (!is_array($urls)) { $response = retrieveURLsimple($urls); } elseif (count($urls) == 1) { $response = retrieveURLsimple($urls[0]); } else { $response = retrieveURLasync($urls); } if ($response) { debug("YK-KSM response: " . $response); } if (sscanf($response, "OK counter=%04x low=%04x high=%02x use=%02x", $ret["session_counter"], $ret["low"], $ret["high"], $ret["session_use"]) != 4) { return false; } return $ret; }
function KSMdecryptOTP($urls, $logger) { $ret = array(); if (!is_array($urls)) { $urls = array($urls); } $response = retrieveURLasync("YK-KSM", $urls, $logger, $ans_req = 1, $match = "^OK", $returl = False, $timeout = 10); if (is_array($response)) { $response = $response[0]; } if ($response) { $logger->log(LOG_DEBUG, log_format("YK-KSM response: ", $response)); } if (sscanf($response, "OK counter=%04x low=%04x high=%02x use=%02x", $ret["session_counter"], $ret["low"], $ret["high"], $ret["session_use"]) != 4) { return false; } return $ret; }
function retrieveURLasync_wrap($urls, $ans_req = 1, $timeout = 1.0) { return retrieveURLasync("YK-VAL sync", $urls, $this->myLog, $ans_req, $match = "status=OK", $returl = True, $timeout); }
<?php include 'common.php'; $data = array('http://www.google.com:4711', 'http://smtp1.google.com', 'http://www.google.com/unknown', 'http://josefsson.org/key.txt', 'http://klcxkljsdfiojsafjiosaiojd.org/'); echo '<pre>'; $r = retrieveURLasync($data); if ($r) { print "ok {$r}"; } else { print "err"; }