include_once 'db.php'; include_once 'lib/BigInteger.php'; include_once 'lib/phpseclib1.0.1/Crypt/RSA.php'; dump("HOBA: Starting New Login"); foreach (getallheaders() as $name => $value) { //dump("Header:" . $name . " " . $value); if ($name == "Authorization" && stripos($value, "hoba") > -1) { list($junk, $authStr) = explode("result=", $value); $kidB64 = strtok($authStr, "."); $chalB64 = strtok("."); $nonceB64 = strtok("."); $sig = base64url_decode(strtok(".")); } } //dump("kidB64:" . $kidB64 . " chalB64:" . $chalB64 . " nonceB64:" . $nonceB64 ." sig:" . $sig); if (checkChal($chalB64, getPeer())) { dump("HOBA: Challenge accepted"); } else { dump("HOBA: Challenge failed"); setFailCookie(); exit(1); } $kid = base64url_decode($kidB64); $tbsOrigin = "https://" . $_SERVER['SERVER_NAME'] . ":" . $_SERVER['SERVER_PORT']; $sigText = genTbsBlob($nonceB64, $GLOBALS['alg'], $tbsOrigin, $kidB64, $chalB64); dbLogin(); $device = dbGetDeviceByKid($kid); if (!$device) { dump("HOBA: kid not found"); setFailCookie(); dbLogout();
function test() { $peer = "10.0.0.1"; $otherpeer = "10.0.0.2"; $foo = getChal($peer); $bar = checkChal($foo, $peer); print $foo . " is a " . ($bar ? "good" : "bad") . " challenge from " . $peer . "\n"; $bar = checkChal($foo, $otherpeer); print $foo . " is a " . ($bar ? "good" : "bad") . " challenge from " . $otherpeer . "\n"; sleep(2); $bar = checkChal($foo, $peer); print $foo . " is (now) a " . ($bar ? "good" : "bad") . " challenge from " . $peer . "\n"; }