misc/infrastructure/php/d0_blind_id.inc

   1 <?php
   2
   3 // you may want to override these after including this file
   4 $d0_blind_id_keygen = "crypto-keygen-standalone";
   5 $d0_blind_id_d0pk = "key_0.d0pk";
   6
   7 // usage:
   8 //   list($status, $idfp) = get_d0_blind_id();
   9 // return values:
  10 //   null, null = signature failed
  11 //   "", 0      = not signed
  12 //   idfp, 0    = signed, ID was not signed by CA
  13 //   idfp, 1    = signed, ID was signed by CA
  14 function d0_blind_id_verify()
  15 {
  16         global $d0_blind_id_keygen;
  17         global $d0_blind_id_d0pk;
  18
  19         $postdata = file_get_contents("php://input");
  20         if($postdata === false)
  21                 die("Cannot read from input");
  22         $sig = $_SERVER["HTTP_X_D0_BLIND_ID_DETACHED_SIGNATURE"];
  23         if($sig)
  24         {
  25                 // check signature
  26                 putenv("KEYGEN=$d0_blind_id_keygen");
  27                 $checker = proc_open(
  28                                 "\"\$KEYGEN\" -p /dev/fd/3 -d /dev/fd/4 -s /dev/fd/5",
  29                                 array(
  30                                         1 => array("pipe", "w"),
  31                                         3 => array("file", $d0_blind_id_d0pk, "r"),
  32                                         4 => array("pipe", "r"),
  33                                         5 => array("pipe", "r")
  34                                      ),
  35                                 $pipes,
  36                                 null,
  37                                 null,
  38                                 array("binary_pipes")
  39                                 );
  40                 if(!$checker)
  41                         die("Cannot start process");
  42                 $outfh = $pipes[1];
  43                 $buffers = array(
  44                                 4 => $postdata,
  45                                 5 => base64_decode($sig)
  46                                 );
  47                 $rpipes = array(
  48                                 4 => $pipes[4],
  49                                 5 => $pipes[5]
  50                                );
  51                 foreach($rpipes as $p)
  52                         stream_set_blocking($p, 0);
  53                 while(!empty($rpipes))
  54                 {
  55                         $readers = null;
  56                         $writers = $rpipes;
  57                         $errorers = $rpipes;
  58                         $n = stream_select($readers, $writers, $errorers, 1, 0);
  59                         if($n == 0)
  60                                 break;
  61                         $n = 0;
  62                         foreach($errorers as $e)
  63                         {
  64                                 $i = array_search($e, $rpipes);
  65                                 if($i === false)
  66                                         continue;
  67                                 fclose($pipes[$i]);
  68                                 unset($buffers[$i]);
  69                                 unset($rpipes[$i]);
  70                                 ++$n;
  71                         }
  72                         foreach($writers as $w)
  73                         {
  74                                 $i = array_search($w, $rpipes);
  75                                 if($i === false)
  76                                         continue;
  77                                 $written = fwrite($w, $buffers[$i], strlen($buffers[$i]));
  78                                 if($written)
  79                                         $buffers[$i] = substr($buffers[$i], $written);
  80                                 if($buffers[$i] == "")
  81                                 {
  82                                         fclose($pipes[$i]);
  83                                         unset($buffers[$i]);
  84                                         unset($rpipes[$i]);
  85                                 }
  86                                 ++$n;
  87                         }
  88                         if(!$n)
  89                                 break;
  90                 }
  91                 if($buffers)
  92                         die("could not write data to process");
  93                 $status = stream_get_line($outfh, 8192, "\n");
  94                 $idfp = stream_get_line($outfh, 8192, "\n");
  95                 $ret = proc_close($checker);
  96                 if($ret != 0)
  97                         return array(null, null);
  98                 return array($idfp, $status);
  99         }
 100         else
 101                 return array("", 0);
 102 }
 103 ?>