function computationStep($S, $numberOfOTPs)
{
$hash = $S;
for ($i = 1; $i <= $numberOfOTPs; $i++) {
$hash = __otp_hash(hash_wrapper($hash));
/////////////////////// length integrity check//////////////////////////
if (strlen($hash) != 16) {
error_log("computation step : __otp_hash produced strlen(hash) = " . strlen($hash));
}
///////////////////////////////////////////////////////////////////////
$otpList[$i] = $hash;
}
return $otpList;
}
$uid = get_user_id();
$otp = $_POST['form_challenge_response'];
$login = $_POST['login'];
/* LICENSED UNDER THE GPL */
###############################################################################################
#
# if they have clicked the login button
#
###############################################################################################
if ($login) {
// six word format test/convert
if (!is_array($otp)) {
$otp = explode(' ', $otp);
}
$cur = ivcs_transform_from($otp);
$last = __otp_hash(sha1($cur));
$sequence = get_otp_seq($uid);
$match = demo_compare_last_otp($sequence, $last, $uid);
if (!$match) {
print "<h1>Invalid OTP</h1>";
} else {
// update session/auth state
demo_set_last_otp($sequence + 1, $cur, $uid);
//redirect to requested page
header("Location: index.php");
exit;
}
} else {
}
###############################################################################################
#
