da/studidcard
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
studidcard/card.php
Raphael Dannecker 48a5360d0d Initial commit
2025-02-25 16:10:55 +01:00

91 lines
3.4 KiB
PHP
Raw Permalink Blame History

<?php
/* This file is part of studidcard.
studidcard is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
studidcard is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
*/
require __DIR__ . '/vendor/autoload.php';
require __DIR__ . '/config/config.php';
use Spipu\Html2Pdf\Html2Pdf;
session_start();
if (!isset($_SESSION['id_token'])) {
header('Location: index.php');
exit();
}
// load keys
$private_key = file_get_contents('keys/private_key.bin');
$public_key = file_get_contents('keys/public_key.bin');
// create data_json
foreach ($CONFIG['oidc']['mappings'] as $key => $value) {
$data[$key] = $_SESSION[$key];
}
if ($CONFIG['version'] === '0.1') {
$data_json = json_encode($data);
$data_crypt = sodium_crypto_box_seal($data_json, sodium_crypto_sign_ed25519_pk_to_curve25519($public_key));
$message['verify'] = 'ausweis.steinbeis.schule';
$message['data'] = sodium_bin2base64($data_crypt, SODIUM_BASE64_VARIANT_URLSAFE);
$message['signature'] = sodium_bin2base64(sodium_crypto_sign_detached($message['verify'] . $message['data'], $private_key), SODIUM_BASE64_VARIANT_URLSAFE);
$message_encoded = urlencode(json_encode($message));
} elseif ($CONFIG['version'] === '0.2') {
$data_json = json_encode($data);
$data_crypt = sodium_crypto_box_seal($data_json, sodium_crypto_sign_ed25519_pk_to_curve25519($public_key));
$message_encoded = sodium_bin2base64(sodium_crypto_sign($data_crypt, $private_key), SODIUM_BASE64_VARIANT_URLSAFE);
} elseif ($CONFIG['version'] === '0.3') {
$nonce = random_bytes(SODIUM_CRYPTO_BOX_NONCEBYTES);
$keypair = sodium_crypto_box_keypair_from_secretkey_and_publickey(
sodium_crypto_sign_ed25519_sk_to_curve25519($private_key),
sodium_crypto_sign_ed25519_pk_to_curve25519($public_key));
$data_json = json_encode($data);
$data_crypt = sodium_crypto_box($data_json, $nonce, $keypair);
$data_crypt = sodium_crypto_box_seal($data_json, sodium_crypto_sign_ed25519_pk_to_curve25519($public_key));
$message_encoded = sodium_bin2base64(sodium_crypto_sign($data_crypt, $private_key), SODIUM_BASE64_VARIANT_URLSAFE);
}
//echo $message_encoded . "\n Length:" . strlen($message_encoded);
//$message_encoded = urlencode(gzcompress(json_encode($message),9));
//echo "data_json: " . $data_json . "\n";
//echo "data_crypt: " . $data_crypt . "\n";
//echo "message: ";
//var_dump($message);
//echo "\n";
/////// sodium_crypto_sign_ed25519_sk_to_curve25519($private_key)
//echo "Message: ".$message_encoded;
$url = $CONFIG['baseurl'] . 'verify.php?v=' . $CONFIG['version'] . '&d=' . $message_encoded;
// url is needed by qrcode.php
$_SESSION['url'] = $url;
$verified = true;
if (isset($_GET['pdf'])) {
$pdf=true;
ob_start();
include('idcard-print.php');
$out = ob_get_contents();
ob_end_clean();
$html2pdf = new Html2Pdf(orientation:'L', format:Array(96,65), margins:Array(5,5,5,0));
//$html2pdf = new Html2Pdf(orientation:'L', format:'BUSINESS_CARD',margins:Array(0,0,0,0));
$html2pdf->writeHTML($out);
$html2pdf->output('schuelerausweis.pdf','D');
} else {
include('idcard.php');
}
?>
Reference in a new issue View git blame Copy permalink