public function sign(Document $object, $passphrase)
{
$document = $object->toDocument();
$hash = hash('sha256', $this->signedDateTime . " " . $document);
$userKey = new UserKey();
$userKey->userId = $this->signingUserId;
$userKey->populate();
$privateKeyString = $userKey->getDecryptedPrivateKey($passphrase);
$privateKey = openssl_pkey_get_private($privateKeyString);
openssl_private_encrypt($hash, $signedHash, $privateKey);
$this->signature = base64_encode($signedHash);
openssl_free_key($privateKey);
}
public function validateSigningKeyAction()
{
$signature = $this->_getParam('signature');
$currentUserId = (int) Zend_Auth::getInstance()->getIdentity()->personId;
$userKey = new UserKey();
$userKey->userId = $currentUserId;
$userKey->populate();
if (strlen($userKey->privateKey) > 0) {
try {
$privateKeyString = $userKey->getDecryptedPrivateKey($signature);
$ret = __('Current signature is valid.');
} catch (Exception $e) {
$ret = __('Current signature is invalid.' . PHP_EOL . $e->getMessage());
}
} else {
$ret = __('Cannot verify, no signature exists');
}
$json = Zend_Controller_Action_HelperBroker::getStaticHelper('json');
$json->suppressExit = true;
$json->direct($ret);
}