39 lines
1.3 KiB
PHP
Executable File
39 lines
1.3 KiB
PHP
Executable File
<?php
|
|
// /var/www/html/downloadFull.php
|
|
require_once __DIR__ . '/common.php';
|
|
|
|
// Bearer Token
|
|
$headers = function_exists('getallheaders') ? getallheaders() : [];
|
|
$auth = $headers['Authorization'] ?? $headers['authorization'] ?? '';
|
|
if (stripos($auth, 'Bearer ') !== 0) {
|
|
http_response_code(403); echo "Kein Token übergeben"; exit;
|
|
}
|
|
$token = substr($auth, 7);
|
|
if (!token_is_valid($token)) {
|
|
http_response_code(403); echo "Ungültiger Token"; exit;
|
|
}
|
|
|
|
// Master-verschlüsselte DB laden
|
|
$dbPath = __DIR__ . '/uploads/questionnaire_database';
|
|
if (!file_exists($dbPath)) { http_response_code(404); echo "Datenbank nicht gefunden"; exit; }
|
|
$encMaster = file_get_contents($dbPath);
|
|
if ($encMaster === false) { http_response_code(500); echo "Lesefehler"; exit; }
|
|
|
|
// Mit Master-Key entschlüsseln
|
|
$masterKey = get_master_key_bytes();
|
|
try {
|
|
$plain = aes256_cbc_decrypt_bytes($encMaster, $masterKey);
|
|
} catch (Throwable $e) {
|
|
http_response_code(500); echo "Entschlüsselung fehlgeschlagen"; exit;
|
|
}
|
|
|
|
// Für diese Session neu verschlüsseln (Key aus Token via HKDF)
|
|
$sessionKey = hkdf_session_key_from_token($token);
|
|
$out = aes256_cbc_encrypt_bytes($plain, $sessionKey);
|
|
|
|
// Ausliefern
|
|
header('Content-Type: application/octet-stream');
|
|
header('Content-Disposition: attachment; filename="questionnaire_database"');
|
|
header('Content-Length: ' . strlen($out));
|
|
echo $out;
|