From aa16fe6accfe779abbf927637c9ac00f608bc8c5 Mon Sep 17 00:00:00 2001
From: Vincent LAURENT <vince.laurent@gmail.com>
Date: Tue, 30 Jul 2024 17:15:24 +0200
Subject: [PATCH] Manage concurrency decryption

---
 app.php                    |  7 ++-----
 lib/cryptography.class.php | 14 +++++++-------
 2 files changed, 9 insertions(+), 12 deletions(-)

diff --git a/app.php b/app.php
index cd6f9a8..1619f85 100644
--- a/app.php
+++ b/app.php
@@ -272,14 +272,14 @@ function($f3) {
     function($f3) {
         $f3->set('activeTab', 'sign');
         $hash = Web::instance()->slug($f3->get('PARAMS.hash'));
-        $sharingFolder = $f3->get('PDF_STORAGE_PATH').$hash;
         $symmetricKey = null;
         if (isset($_COOKIE[$hash])) {
             $symmetricKey = CryptographyClass::protectSymmetricKey($_COOKIE[$hash]);
         }
 
         $cryptor = new CryptographyClass($symmetricKey, $f3->get('PDF_STORAGE_PATH').$hash);
-        if ($cryptor->decrypt() == false) {
+        $sharingFolder = $cryptor->decrypt();
+        if ($sharingFolder == false) {
             $f3->error(500, "PDF file could not be decrypted. Cookie encryption key might be missing.");
         }
 
@@ -308,9 +308,6 @@ function($f3) {
         }
         Web::instance()->send($finalFile, null, 0, TRUE, $filename);
 
-        if ($symmetricKey) {
-            $cryptor->encrypt($hash);
-        }
         if($f3->get('DEBUG')) {
             return;
         }
diff --git a/lib/cryptography.class.php b/lib/cryptography.class.php
index 02be4b3..0295c67 100644
--- a/lib/cryptography.class.php
+++ b/lib/cryptography.class.php
@@ -41,23 +41,23 @@ public function encrypt() {
 
     public function decrypt() {
         if (!$this->isEncrypted()) {
-            return true;
+            return $this->pathHash;
         }
         if (!$this->symmetricKey) {
             return false;
         }
+        $decryptFolder = sys_get_temp_dir()."/".uniqid('pdfsignature.'.getmypid(), true);
+        echo $decryptFolder."\n";
+        mkdir($decryptFolder);
         foreach ($this->getFiles(true) as $file) {
-            $outputFile = str_replace(".gpg", "", $file);
+            $outputFile = $decryptFolder."/".str_replace(".gpg", "", basename($file));
             $command = "gpg --batch --passphrase $this->symmetricKey --decrypt -o $outputFile $file";
             $result = shell_exec($command);
             if ($result) {
-                echo "Decypher failure";
-                return $result;
+                throw new Exception("Decypher failure");
             }
-
-            $this->hardUnlink($file);
         }
-        return true;
+        return $decryptFolder;
     }
 
     public function isEncrypted() {