/**
* Decrypts a transparent authentication message using a TOTP
*
* @param string $encryptedData The encrypted data
*
* @return array The decrypted data
*/
private function decryptWithTOTP($encryptedData)
{
if (empty($this->totpKey)) {
$this->cryptoKey = null;
return null;
}
$totp = new Totp($this->timeStep);
$period = $totp->getPeriod();
$period--;
for ($i = 0; $i <= 2; $i++) {
$time = ($period + $i) * $this->timeStep;
$otp = $totp->getCode($this->totpKey, $time);
$this->cryptoKey = hash('sha256', $this->totpKey . $otp);
$aes = new Aes($this->cryptoKey);
try {
$ret = $aes->decryptString($encryptedData);
} catch (\Exception $e) {
continue;
}
$ret = rtrim($ret, "");
$ret = json_decode($ret, true);
if (!is_array($ret)) {
continue;
}
if (!array_key_exists('username', $ret)) {
continue;
}
if (!array_key_exists('password', $ret)) {
continue;
}
// Successful decryption!
return $ret;
}
// Obviously if we're here we could not decrypt anything. Bail out.
$this->cryptoKey = null;
return null;
}