Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 11:48 am

All times are UTC + 1 hour




Post new topic Reply to topic  [ 2 posts ] 
Author Message
PostPosted: Mon Jun 16, 2008 7:18 pm 
Offline

Joined: Mon Jun 09, 2008 12:54 pm
Posts: 13
Location: Pennsylvania, U.S.A.
I have updated the Google Code project at http://code.google.com/p/yubico-php-lib/ with all the code I've been working on. Here's a brief intro:
  • ModHex class - lets anyone convert to/from ModHex
  • Yubikey class - decodes a Yubikey into a useful array of values
  • YubiAuthenticator - performs the standard validations per the cookbook, including private ID, counter, and timestamp. You extend this class to work with your own backend to store OTP data.

Documentation and a new zip file are available - the documention is also here: http://yubico-php-lib.googlecode.com/fi ... c-0.1.html

Please Contribute
I'm not a PHP ace, so if someone could help me make it better, please do. Areas that need work:
  • More efficient OTP processing
  • Extended counter validation
  • The timer code is pretty weak, and could use some help

Thoughts and criticism welcome.

Quick HOW-TO Guide
Based on the SQLite example.
  1. Populate a database with users and their public IDs and Yubikey AES keys and counters.
  2. Subclass AuthData into UserAuthData and add a $user field to it.
  3. Subclass YubiAuthenticator to use an UPDATE query in updateAuthData for storing OTP data.
  4. Get a username and OTP from a user.
  5. Create a new UserAuthData object and set the $user field to the username.
  6. Use a SELECT to get the AES key based on the username.
  7. Populate the UserAuthData object with the AES key.
  8. Call authenticate() to verify the user and their counter.
  9. If the result is SUCCESS, then all the checks were passed.


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Tue Jun 17, 2008 11:14 pm 
Offline

Joined: Mon Jun 09, 2008 12:54 pm
Posts: 13
Location: Pennsylvania, U.S.A.
I have updated the implementation to better support SQLite. You use the add_user() method to insert users into a database along with their Yubikey info. Use authenticate_user() to authenticate a user against the database. The method setup_database() creates a sample database. The constructor for the SQLiteAuth class takes the path to the database as its only parameter.

You can download the updates at:
http://code.google.com/p/yubico-php-lib/downloads/list


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group