91 lines
3.4 KiB
PHP
91 lines
3.4 KiB
PHP
<?php
|
|
|
|
/* This file is part of studidcard.
|
|
|
|
studidcard is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
studidcard is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
*/
|
|
|
|
require __DIR__ . '/vendor/autoload.php';
|
|
require __DIR__ . '/config/config.php';
|
|
|
|
use Spipu\Html2Pdf\Html2Pdf;
|
|
|
|
session_start();
|
|
|
|
if (!isset($_SESSION['id_token'])) {
|
|
header('Location: index.php');
|
|
exit();
|
|
}
|
|
|
|
// load keys
|
|
$private_key = file_get_contents('keys/private_key.bin');
|
|
$public_key = file_get_contents('keys/public_key.bin');
|
|
|
|
// create data_json
|
|
foreach ($CONFIG['oidc']['mappings'] as $key => $value) {
|
|
$data[$key] = $_SESSION[$key];
|
|
}
|
|
|
|
if ($CONFIG['version'] === '0.1') {
|
|
$data_json = json_encode($data);
|
|
$data_crypt = sodium_crypto_box_seal($data_json, sodium_crypto_sign_ed25519_pk_to_curve25519($public_key));
|
|
$message['verify'] = 'ausweis.steinbeis.schule';
|
|
$message['data'] = sodium_bin2base64($data_crypt, SODIUM_BASE64_VARIANT_URLSAFE);
|
|
$message['signature'] = sodium_bin2base64(sodium_crypto_sign_detached($message['verify'] . $message['data'], $private_key), SODIUM_BASE64_VARIANT_URLSAFE);
|
|
$message_encoded = urlencode(json_encode($message));
|
|
} elseif ($CONFIG['version'] === '0.2') {
|
|
$data_json = json_encode($data);
|
|
$data_crypt = sodium_crypto_box_seal($data_json, sodium_crypto_sign_ed25519_pk_to_curve25519($public_key));
|
|
$message_encoded = sodium_bin2base64(sodium_crypto_sign($data_crypt, $private_key), SODIUM_BASE64_VARIANT_URLSAFE);
|
|
} elseif ($CONFIG['version'] === '0.3') {
|
|
$nonce = random_bytes(SODIUM_CRYPTO_BOX_NONCEBYTES);
|
|
$keypair = sodium_crypto_box_keypair_from_secretkey_and_publickey(
|
|
sodium_crypto_sign_ed25519_sk_to_curve25519($private_key),
|
|
sodium_crypto_sign_ed25519_pk_to_curve25519($public_key));
|
|
$data_json = json_encode($data);
|
|
$data_crypt = sodium_crypto_box($data_json, $nonce, $keypair);
|
|
$data_crypt = sodium_crypto_box_seal($data_json, sodium_crypto_sign_ed25519_pk_to_curve25519($public_key));
|
|
$message_encoded = sodium_bin2base64(sodium_crypto_sign($data_crypt, $private_key), SODIUM_BASE64_VARIANT_URLSAFE);
|
|
}
|
|
|
|
//echo $message_encoded . "\n Length:" . strlen($message_encoded);
|
|
//$message_encoded = urlencode(gzcompress(json_encode($message),9));
|
|
|
|
//echo "data_json: " . $data_json . "\n";
|
|
//echo "data_crypt: " . $data_crypt . "\n";
|
|
//echo "message: ";
|
|
//var_dump($message);
|
|
//echo "\n";
|
|
/////// sodium_crypto_sign_ed25519_sk_to_curve25519($private_key)
|
|
//echo "Message: ".$message_encoded;
|
|
|
|
$url = $CONFIG['baseurl'] . 'verify.php?v=' . $CONFIG['version'] . '&d=' . $message_encoded;
|
|
|
|
// url is needed by qrcode.php
|
|
$_SESSION['url'] = $url;
|
|
|
|
$verified = true;
|
|
|
|
if (isset($_GET['pdf'])) {
|
|
$pdf=true;
|
|
ob_start();
|
|
include('idcard-print.php');
|
|
$out = ob_get_contents();
|
|
ob_end_clean();
|
|
$html2pdf = new Html2Pdf(orientation:'L', format:Array(96,65), margins:Array(5,5,5,0));
|
|
//$html2pdf = new Html2Pdf(orientation:'L', format:'BUSINESS_CARD',margins:Array(0,0,0,0));
|
|
$html2pdf->writeHTML($out);
|
|
$html2pdf->output('schuelerausweis.pdf','D');
|
|
} else {
|
|
include('idcard.php');
|
|
}
|
|
|
|
?>
|