function KSMdecryptOTP($urls, $logger, $curlopts)
{
if (!is_array($urls)) {
$urls = array($urls);
}
$response = retrieveURLasync('YK-KSM', $urls, $logger, $ans_req = 1, $match = '^OK', $returl = False, $timeout = 10, $curlopts);
if ($response === FALSE) {
return false;
}
$response = array_shift($response);
$logger->log(LOG_DEBUG, log_format('YK-KSM response: ', $response));
$ret = array();
if (sscanf($response, 'OK counter=%04x low=%04x high=%02x use=%02x', $ret['session_counter'], $ret['low'], $ret['high'], $ret['session_use']) !== 4) {
return false;
}
return $ret;
}
public function sync($ans_req, $timeout = 1)
{
// construct URLs
$urls = array();
$res = $this->db->findByMultiple('queue', array('modified' => $this->otpParams['modified'], 'server_nonce' => $this->server_nonce));
foreach ($res as $row) {
$urls[] = $row['server'] . "?otp=" . $row['otp'] . "&modified=" . $row['modified'] . "&" . $this->otpPartFromInfoString($row['info']);
}
// send out requests
$ans_arr = retrieveURLasync('YK-VAL sync', $urls, $this->myLog, $ans_req, $match = 'status=OK', $returl = True, $timeout, $this->curlopts);
if ($ans_arr === FALSE) {
$this->log(LOG_WARNING, 'No responses from validation server pool');
$ans_arr = array();
}
// parse responses
$localParams = $this->localParams;
$this->answers = count($ans_arr);
$this->valid_answers = 0;
foreach ($ans_arr as $answer) {
// parse out parameters from each response
$resParams = $this->parseParamsFromMultiLineString($answer);
$this->log(LOG_DEBUG, 'local db contains ', $localParams);
$this->log(LOG_DEBUG, 'response contains ', $resParams);
$this->log(LOG_DEBUG, 'OTP contains ', $this->otpParams);
// update internal DB (conditional)
$this->updateDbCounters($resParams);
/**
* Check for warnings
*
* See https://developers.yubico.com/yubikey-val/doc/ServerReplicationProtocol.html
*
* NOTE: We use localParams for validationParams comparison since they are actually the
* same in this situation and we have them at hand.
*/
if ($this->countersHigherThan($localParams, $resParams)) {
$this->log(LOG_NOTICE, 'Remote server out of sync');
}
if ($this->countersHigherThan($resParams, $localParams)) {
$this->log(LOG_NOTICE, 'Local server out of sync');
}
if ($this->countersEqual($resParams, $localParams) && $resParams['nonce'] != $localParams['nonce']) {
$this->log(LOG_NOTICE, 'Servers out of sync. Nonce differs. ');
}
if ($this->countersEqual($resParams, $localParams) && $resParams['modified'] != $localParams['modified']) {
$this->log(LOG_NOTICE, 'Servers out of sync. Modified differs. ');
}
if ($this->countersHigherThan($resParams, $this->otpParams)) {
$this->log(LOG_WARNING, 'OTP is replayed. Sync response counters higher than OTP counters.');
} elseif ($this->countersEqual($resParams, $this->otpParams) && $resParams['nonce'] != $this->otpParams['nonce']) {
$this->log(LOG_WARNING, 'OTP is replayed. Sync response counters equal to OTP counters and nonce differs.');
} else {
// the answer is ok since a REPLAY was not indicated
$this->valid_answers++;
}
// delete entry from table
$this->deleteQueueEntry($answer);
}
/**
* NULL queued_time for remaining entries in queue, to allow
* daemon to take care of them as soon as possible.
*/
$this->db->updateBy('queue', 'server_nonce', $this->server_nonce, array('queued' => NULL));
/**
* Return true if valid answers equals required answers.
* Since we only obtain the required amount of answers from
* retrieveAsync this indicates that all answers were actually valid.
* Otherwise, return false.
*/
if ($this->valid_answers == $ans_req) {
return true;
}
return false;
}
function KSMdecryptOTP($urls)
{
$ret = array();
if (!is_array($urls)) {
$response = retrieveURLsimple($urls);
} elseif (count($urls) == 1) {
$response = retrieveURLsimple($urls[0]);
} else {
$response = retrieveURLasync($urls);
}
if ($response) {
debug("YK-KSM response: " . $response);
}
if (sscanf($response, "OK counter=%04x low=%04x high=%02x use=%02x", $ret["session_counter"], $ret["low"], $ret["high"], $ret["session_use"]) != 4) {
return false;
}
return $ret;
}
function KSMdecryptOTP($urls, $logger)
{
$ret = array();
if (!is_array($urls)) {
$urls = array($urls);
}
$response = retrieveURLasync("YK-KSM", $urls, $logger, $ans_req = 1, $match = "^OK", $returl = False, $timeout = 10);
if (is_array($response)) {
$response = $response[0];
}
if ($response) {
$logger->log(LOG_DEBUG, log_format("YK-KSM response: ", $response));
}
if (sscanf($response, "OK counter=%04x low=%04x high=%02x use=%02x", $ret["session_counter"], $ret["low"], $ret["high"], $ret["session_use"]) != 4) {
return false;
}
return $ret;
}
function retrieveURLasync_wrap($urls, $ans_req = 1, $timeout = 1.0)
{
return retrieveURLasync("YK-VAL sync", $urls, $this->myLog, $ans_req, $match = "status=OK", $returl = True, $timeout);
}
<?php
include 'common.php';
$data = array('http://www.google.com:4711', 'http://smtp1.google.com', 'http://www.google.com/unknown', 'http://josefsson.org/key.txt', 'http://klcxkljsdfiojsafjiosaiojd.org/');
echo '<pre>';
$r = retrieveURLasync($data);
if ($r) {
print "ok {$r}";
} else {
print "err";
}
