Projects

phpSec

A PHP security library. * Session handler * XSS filter * CSRF protection * Password hashing * Encrypting data * Random data generator * Yubikey - one time tokens * One time passwords

yubiphpbase

Here is the core php library used by Yubikey's validation server, Yubikey management system, and other Yubico tools in php.

yubico-php-lib

Gives a base for other people to integrate the Yubico Yubikey into their PHP projects. Use the Yubikey class to decode a key, and the YubiAuthenticator to integrate the Yubikey into your security system. This code base is being used by the official Yubico services such as the Yubikey Management Service and the Yubikey OTP validation server.

yubikey-php-webservice-class

This PHP class allows you to authenticate a Yubikey to Yubico's web service API. Sanitation of the input otp is performed to check for proper length and modhex characters before query is sent to Yubico. This class fully implements SSL, including verifying the server's certificate domain ... [More] , expiration date and signing authority. There is also support for signing queries and verifying response signatures. Timestamp verification is performed with user configurable tolerances to account for clock drift. Both the timestamp tolerances and CURL timeout are readable and writable through accessor methods. [Less]

php-yubico

Auth_Yubico is a PHP class for verifying Yubico One-Time-Passwords. It is written as a PEAR module to make it easy to deploy. Check out the two demo page for this project: http://www.yubico.com/demo/ http://www.yubico.com/demo/demo.php http://www.yubico.com/demo/demo_version2.php For more information see the documentation: ReadMe

yubikey-simplesaml-admin

This is a small admin server that lets you manage Google Apps domains and their users, intended for use together with the simpleSAMLphp server. A live example of the server can be found at: https://saml.yubico.com/admin/

yubico-squirrelmail-plugin

AboutA plugin for Squirrelmail that implements Yubikey OTP authentication. NewsMay 02 - Release 0.8.1 Updates based on additional Squirrelmail dev feedback. Apr 03 - Release 0.7 Updates based on Squirrelmail dev feedback. The configuration has slightly changed, see INSTALL file. Mar 21 - ... [More] Release 0.6.1 Minor updates for error detection and notification. Mar 21 - Release 0.6 Support for custom service API url. Mar 12 - Release 0.5 Support for a primary and backup Yubikey per account. Detection of Yubikeys in both OTP and static mode. Feb 19 - Release 0.4 Security update to prevent potential use of un-authenticated OTP. [Less]

yubikey-timedelta-server-php

This is a server implementation in PHP for utilising Yubikey timestamps for more secure logins. It supports multiple OTPs at once for more secure one-time logins and the handling of OTPs during session logins. The implementation utilises the Yubikey API protocol for verification of OTPS as ... [More] implemented in http://code.google.com/p/yubikey-val-server-php/ For more information read the introduction at http://code.google.com/p/yubikey-timedelta-server-php/wiki/Introduction [Less]

yubikey-val-server-php

This is a server that validates Yubikey OTPs. It is written in PHP, for use with web servers such as Apache. The server implements the Yubico API protocol as defined in: http://yubico.com/developers/api/ This server talks to another service for decrypting the OTPs, to avoid storing any AES ... [More] keys within the validation server. One implementation of this service is YKKSM: http://code.google.com/p/yubikey-ksm/ Note that version 1.x is a minimal centralized server. Version 2.x is a replicated system that uses multiple machines. [Less]