mirror of
https://github.com/24eme/signaturepdf
synced 2026-03-14 13:55:44 +01:00
Infinit loop and check validity of symmetric key
This commit is contained in:
Vincent LAURENT
parent
45e71e38af
commit
dea3e5d851
3 changed files with 32 additions and 9 deletions
11
app.php
11
app.php
|
|
@ -282,8 +282,11 @@ $f3->route('GET /signature/@hash/pdf',
|
|||
$f3->set('activeTab', 'sign');
|
||||
$hash = Web::instance()->slug($f3->get('PARAMS.hash'));
|
||||
$symmetricKey = (isset($_COOKIE[$hash])) ? GPGCryptography::protectSymmetricKey($_COOKIE[$hash]) : null;
|
||||
|
||||
$pdfSignature = new PDFSignature($f3->get('PDF_STORAGE_PATH').$hash, $symmetricKey);
|
||||
if(!$pdfSignature->verifyEncryption()) {
|
||||
$f3->error(403, 'Unable to decrypt pdf because of wrong symmetric key');
|
||||
}
|
||||
|
||||
Web::instance()->send($pdfSignature->getPDF(), null, 0, TRUE, $pdfSignature->getPublicFilename());
|
||||
|
||||
if($f3->get('DEBUG')) {
|
||||
|
|
@ -298,6 +301,11 @@ $f3->route('POST /signature/@hash/save',
|
|||
function($f3) {
|
||||
$hash = Web::instance()->slug($f3->get('PARAMS.hash'));
|
||||
$symmetricKey = (isset($_COOKIE[$hash])) ? GPGCryptography::protectSymmetricKey($_COOKIE[$hash]) : null;
|
||||
$pdfSignature = new PDFSignature($f3->get('PDF_STORAGE_PATH').$hash, $symmetricKey);
|
||||
if(!$pdfSignature->verifyEncryption()) {
|
||||
$f3->error(403, 'Unable to decrypt pdf because of wrong symmetric key');
|
||||
}
|
||||
|
||||
$tmpfile = tempnam($f3->get('UPLOADS'), 'pdfsignature_save_'.uniqid($hash, true));
|
||||
unlink($tmpfile);
|
||||
$svgFiles = [];
|
||||
|
|
@ -316,7 +324,6 @@ $f3->route('POST /signature/@hash/save',
|
|||
$f3->error(403);
|
||||
}
|
||||
|
||||
$pdfSignature = new PDFSignature($f3->get('PDF_STORAGE_PATH').$hash, $symmetricKey);
|
||||
$pdfSignature->addSignature($svgFiles);
|
||||
|
||||
if(!$f3->get('DEBUG')) {
|
||||
|
|
|
|||
|
|
@ -74,7 +74,7 @@ class GPGCryptography
|
|||
|
||||
public function runDecryptFile($file, $outputFile) {
|
||||
putenv('HOME='.sys_get_temp_dir());
|
||||
shell_exec("gpg --batch --passphrase $this->symmetricKey --decrypt -o $outputFile $file > /dev/null");
|
||||
return shell_exec("gpg --batch --passphrase $this->symmetricKey --decrypt -o $outputFile $file > /dev/null");
|
||||
}
|
||||
|
||||
public function isEncrypted() {
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@ class PDFSignature
|
|||
protected $gpg = null;
|
||||
protected $toClean = [];
|
||||
protected $lockFile = null;
|
||||
protected $cacheDecryptFiles = [];
|
||||
|
||||
public function __construct($pathHash, $symmetricKey = null) {
|
||||
$this->symmetricKey = $symmetricKey;
|
||||
|
|
@ -29,22 +30,37 @@ class PDFSignature
|
|||
}
|
||||
}
|
||||
|
||||
public function verifyEncryption() {
|
||||
if(!$this->isEncrypted()) {
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
return file_exists($this->getDecryptFile($this->pathHash."/filename.txt"));
|
||||
}
|
||||
|
||||
public function isEncrypted() {
|
||||
return $this->isEncrypted();
|
||||
return $this->gpg->isEncrypted();
|
||||
}
|
||||
|
||||
public function getDecryptFile($file) {
|
||||
if($this->isEncrypted()) {
|
||||
$file = $this->gpg->decryptFile($file);
|
||||
$this->toClean[] = $file;
|
||||
if(!$this->isEncrypted()) {
|
||||
return $file;
|
||||
}
|
||||
|
||||
return $file;
|
||||
if(array_key_exists($file, $this->cacheDecryptFiles)) {
|
||||
return $this->cacheDecryptFiles[$file];
|
||||
}
|
||||
|
||||
$decryptFile = $this->gpg->decryptFile($file);
|
||||
$this->toClean[] = $decryptFile;
|
||||
$this->cacheDecryptFiles[$file] = $decryptFile;
|
||||
|
||||
return $decryptFile;
|
||||
}
|
||||
|
||||
public function getPDF() {
|
||||
$this->compile();
|
||||
|
||||
return $this->getDecryptFile($this->pathHash.'/final.pdf');
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue