function login()
{
// Check Token so Login comming from https://127.0.0.1/index.php
$token = $_POST['token'];
if ($token == $_COOKIE['session_id']) {
if (empty($_POST['username'])) {
return false;
}
if (empty($_POST['password'])) {
return false;
}
$username = $_POST['username'];
$password = $_POST['password'];
$incheck = new InputChecker();
// Validate input ...
$validPass = $incheck->isValidPassword($password);
$validUserName = $incheck->isValidUsername($username);
echo 'Attempted login: '******'isLoggedIn'] = 1;
redirect("https://127.0.0.1/searchView.php");
} else {
redirect("https://127.0.0.1/");
}
}
$nonceB64 = strtok(".");
$sig = base64url_decode(strtok("."));
}
}
//dump("kidB64:" . $kidB64 . " chalB64:" . $chalB64 . " nonceB64:" . $nonceB64 ." sig:" . $sig);
if (checkChal($chalB64, getPeer())) {
dump("HOBA: Challenge accepted");
} else {
dump("HOBA: Challenge failed");
setFailCookie();
exit(1);
}
$kid = base64url_decode($kidB64);
$tbsOrigin = "https://" . $_SERVER['SERVER_NAME'] . ":" . $_SERVER['SERVER_PORT'];
$sigText = genTbsBlob($nonceB64, $GLOBALS['alg'], $tbsOrigin, $kidB64, $chalB64);
dbLogin();
$device = dbGetDeviceByKid($kid);
if (!$device) {
dump("HOBA: kid not found");
setFailCookie();
dbLogout();
exit(1);
}
$pem = jwkToPem($device['pubKey']);
$verified = openssl_verify($sigText, $sig, $pem, OPENSSL_ALGO_SHA256);
if ($verified) {
dump("HOBA: Key Verification Successful");
$user = dbGetDeviceByKid($kid);
$t = time() + $GLOBALS['sessionTimeout'];
$chocolate = getCookieVal($user['kid'], $user['did']);
dbAddDeviceSession($user['kid'], $user['did'], $chocolate, $t);
