Add keypath getter and keyfile overwriter functions

2024-05-21 07:06:41 +02:00 · 2023-11-03 18:02:09 +01:00 · 2023-11-03 18:02:09 +01:00 · 817325eea4
parent 579379318f
commit 817325eea4
3 changed files with 31 additions and 4 deletions
--- a/app.php
+++ b/app.php
@ -256,6 +256,7 @@ $f3->route('GET /signature/@hash/pdf',
        $cryptor = new CryptographyClass();
        $cryptor->decrypt($hash);

+
        $files = scandir($sharingFolder);
        $originalFile = $sharingFolder.'/original.pdf';
        $finalFile = $sharingFolder.'/'.$f3->get('PARAMS.hash').uniqid().'.pdf';
--- a/lib/cryptography.class.php
+++ b/lib/cryptography.class.php
@ -2,12 +2,15 @@

 class CryptographyClass
 {
+    const KEY_SIZE = 4;
+
    public function encrypt($hash) {
-        $key = "test";
        foreach (glob("/tmp/".$hash.'/*.pdf') as $file) {
            $outputFile = $file.".gpg";
-            $command = "echo '$key' | gpg --batch --passphrase-fd 0 --symmetric --cipher-algo AES256 -o $outputFile $file";
+            $keyPath = $this->getKeyPath();
+            $command = "gpg --batch --passphrase-file $keyPath --symmetric --cipher-algo AES256 -o $outputFile $file";
            $result = shell_exec($command);
+            $this->freeKeyFile($keyPath);
            if ($result === false) {
                echo "Cypher failure";
                exit;
@ -17,11 +20,12 @@ class CryptographyClass
    }

    public function decrypt($hash) {
-        $key = "test";
        foreach (glob("/tmp/".$hash.'/*.gpg') as $file) {
            $outputFile = str_replace(".gpg", "", $file);
-            $command = "echo '$key' | gpg --batch --passphrase-fd 0 --decrypt -o $outputFile $file";
+            $keyPath = $this->getKeyPath();
+            $command = "gpg --batch --passphrase-file $keyPath --decrypt -o $outputFile $file";
            $result = shell_exec($command);
+            $this->freeKeyFile($keyPath);
            if ($result === false) {
                echo "Decypher failure";
                exit;
@ -30,5 +34,26 @@ class CryptographyClass
        }
    }

+    private function getKeyPath() {
+        $path = "../key.txt";
+        if (file_put_contents($path, 'test') === false)
+        {
+            echo "passphrase generation failure";
+            exit;
+        }
+        return $path;
+    }
+
+    private function freeKeyFile($keyPath) {
+        $passphrase_overwrite = str_repeat("0", self::KEY_SIZE);
+        if (file_put_contents($keyPath, $passphrase_overwrite) === false)
+        {
+            echo "passphrase generation failure";
+            exit;
+        }
+    }
+
+
+
 }
 ?>
--- a/templates/signature.html.php
+++ b/templates/signature.html.php
@ -197,6 +197,7 @@
                    <form id="form_sharing" clas action="<?php echo $REVERSE_PROXY_URL; ?>/share" method="post" enctype="multipart/form-data">
                          <input id="input_pdf_share" name="pdf" type="file" class="d-none" />
                          <input id="input_svg_share" name="svg[]" type="file" class="d-none" />
+                          <input id="symmetric_key" name="key" type="hidden" value="test" />
                          <button  class="btn col-9 col-md-6 btn-primary" type="submit" id="save_share"><?php echo sprintf(_("%s Start sharing"), '<i class="bi bi-cloud-upload"></i>'); ?></button>
                    </form>
                </div>