Overview

Classes

  • u2flib_server\RegisterRequest
  • u2flib_server\Registration
  • u2flib_server\SignRequest
  • u2flib_server\U2F

Exceptions

  • u2flib_server\Error

Constants

  • u2flib_server\ERR_ATTESTATION_SIGNATURE
  • u2flib_server\ERR_ATTESTATION_VERIFICATION
  • u2flib_server\ERR_AUTHENTICATION_FAILURE
  • u2flib_server\ERR_BAD_RANDOM
  • u2flib_server\ERR_BAD_UA_RETURNING
  • u2flib_server\ERR_COUNTER_TOO_LOW
  • u2flib_server\ERR_NO_MATCHING_REGISTRATION
  • u2flib_server\ERR_NO_MATCHING_REQUEST
  • u2flib_server\ERR_OLD_OPENSSL
  • u2flib_server\ERR_PUBKEY_DECODE
  • u2flib_server\ERR_UNMATCHED_CHALLENGE
  • u2flib_server\U2F_VERSION
  • Overview
  • Class

Class U2F

Namespace: u2flib_server
Located at U2F.php
Methods summary
public
# __construct( string $appId, string|null $attestDir = null )

Parameters

$appId
Application id for the running application
$attestDir
Directory where trusted attestation roots may be found

Throws

u2flib_server\Error
If OpenSSL older than 1.0.0 is used
public array
# getRegisterData( array $registrations = array() )

Called to get a registration request to send to a user. Returns an array of one registration request and a array of sign requests.

Called to get a registration request to send to a user. Returns an array of one registration request and a array of sign requests.

Parameters

$registrations

List of current registrations for this user, to prevent the user from registering the same authenticator several times.

Returns

array

An array of two elements, the first containing a RegisterRequest the second being an array of SignRequest

Throws

u2flib_server\Error
public u2flib_server\Registration
# doRegister( u2flib_server\RegisterRequest $request, object $response, boolean $includeCert = true )

Called to verify and unpack a registration message.

Called to verify and unpack a registration message.

Parameters

$request
this is a reply to
$response
response from a user
$includeCert

set to true if the attestation certificate should be included in the returned Registration object

Returns

u2flib_server\Registration

Throws

u2flib_server\Error
public array
# getAuthenticateData( array $registrations )

Called to get an authentication request.

Called to get an authentication request.

Parameters

$registrations
An array of the registrations to create authentication requests for.

Returns

array
An array of SignRequest

Throws

u2flib_server\Error
public u2flib_server\Registration
# doAuthenticate( array $requests, array $registrations, object $response )

Called to verify an authentication response

Called to verify an authentication response

Parameters

$requests
An array of outstanding authentication requests
$registrations
An array of current registrations
$response
A response from the authenticator

Returns

u2flib_server\Registration

Throws

u2flib_server\Error

The Registration object returned on success contains an updated counter that should be saved for future authentications. If the Error returned is ERR_COUNTER_TOO_LOW this is an indication of token cloning or similar and appropriate action should be taken.

php-u2flib-server API API documentation generated by ApiGen