/**
* Decrypts a transparent authentication message using a TOTP
*
* @param string $encryptedData The encrypted data
*
* @return array The decrypted data
*/
private function _decryptWithTOTP($encryptedData)
{
if (empty($this->fofAuth_Key)) {
$this->_fofAuth_CryptoKey = null;
return null;
}
$totp = new FOFEncryptTotp($this->fofAuth_timeStep);
$period = $totp->getPeriod();
$period--;
for ($i = 0; $i <= 2; $i++) {
$time = ($period + $i) * $this->fofAuth_timeStep;
$otp = $totp->getCode($this->fofAuth_Key, $time);
$this->_fofAuth_CryptoKey = hash('sha256', $this->fofAuth_Key . $otp);
$aes = new FOFEncryptAes($this->_fofAuth_CryptoKey);
$ret = $aes->decryptString($encryptedData);
$ret = rtrim($ret, "");
$ret = json_decode($ret, true);
if (!is_array($ret)) {
continue;
}
if (!array_key_exists('username', $ret)) {
continue;
}
if (!array_key_exists('password', $ret)) {
continue;
}
// Successful decryption!
return $ret;
}
// Obviously if we're here we could not decrypt anything. Bail out.
$this->_fofAuth_CryptoKey = null;
return null;
}
