diff -r 0dac837643a4 -r 647f0aa485dd plugins/yubikey/corelib.php
--- a/plugins/yubikey/corelib.php	Fri Jul 17 17:15:29 2009 -0400
+++ b/plugins/yubikey/corelib.php	Fri Jul 31 23:48:56 2009 -0400
@@ -57,6 +57,24 @@
         'error' => 'otp_invalid_chars'
       );
   }
+  // are we using local YMS?
+  if ( getConfig('yubikey_use_local_yms', 0) && defined('YMS_INSTALLED') )
+  {
+    $result = yms_validate_otp($otp, $api_id);
+    if ( $result == 'OK' )
+    {
+      return array(
+          'success' => true
+        );
+    }
+    else
+    {
+      return array(
+        'success' => false,
+        'error' => strtolower("response_{$result}")
+      );
+    }
+  }
   // make HTTP request
   require_once( ENANO_ROOT . '/includes/http.php' );
   $auth_url = getConfig('yubikey_auth_server', YK_DEFAULT_VERIFY_URL);
@@ -161,20 +179,33 @@
   }
 }
 
-function yubikey_sign($arr)
+function yubikey_sign($arr, $use_api_key = false)
 {
   static $api_key = false;
   
   ksort($arr);
   
-  if ( !$api_key )
+  if ( !$use_api_key )
   {
-    $api_key = getConfig('yubikey_api_key');
-    $api_key = hexencode(base64_decode($api_key), '', '');
+    if ( !$api_key )
+    {
+      $api_key = getConfig('yubikey_api_key');
+      $api_key = hexencode(base64_decode($api_key), '', '');
+    }
+    $use_api_key = $api_key;
   }
+  /*
+  else
+  {
+    $use_api_key = hexencode(base64_decode($use_api_key), '', '');
+  }
+  */
   
-  if ( isset($arr['h']) )
-    unset($arr['h']);
+  foreach ( array('h', 'title', 'auth', 'do') as $key )
+  {
+    if ( isset($arr[$key]) )
+      unset($arr[$key]);
+  }
   
   $req = array();
   foreach ( $arr as $key => $val )
@@ -183,7 +214,7 @@
   }
   $req = implode('&', $req);
   
-  $sig = hmac_sha1($req, $api_key);
+  $sig = hmac_sha1($req, $use_api_key);
   $sig = hexdecode($sig);
   $sig = base64_encode($sig);