<?php
/**
* Certificate Generation and Security Library
*
* This library provides functionality for secure certificate generation,
* verification, and trusted signing.
*/
/**
* Generate a secure certificate
*/
class CertificateGenerator {
private $secretKey = 'popular_computer_institute_secure_cert_key';
/**
* Constructor
*/
public function __construct() {
// Try to get a secret key from the database
$this->secretKey = $this->getSecretKey();
}
/**
* Get a secret key for signing certificates
*
* @return string Secret key
*/
public function getSecretKey() {
// Default key - secure enough for most use cases
$defaultKey = 'popular_computer_institute_secure_cert_' . date('Ymd');
// Try to get from database if available
global $conn;
if (isset($conn) && $conn) {
try {
$query = "SELECT setting_value FROM site_settings WHERE setting_key = 'certificate_secret_key'";
$result = $conn->query($query);
if ($result && $result->num_rows > 0) {
$row = $result->fetch_assoc();
return $row['setting_value'];
}
} catch (Exception $e) {
// Just return the default key if there's an error
}
}
return $defaultKey;
}
/**
* Generate a unique verification code
*
* @return string Verification code
*/
public function generateVerificationCode() {
return strtoupper(substr(md5(uniqid(rand(), true)), 0, 8));
}
/**
* Sign certificate data
*
* @param array $data Certificate data to sign
* @return array Signed certificate data
*/
public function signCertificateData($data) {
// Convert data to JSON
$jsonData = json_encode($data);
// Generate data hash
$dataHash = md5($jsonData . $this->secretKey);
// Return data with signature
return [
'data' => $data,
'hash' => $dataHash,
'issued_at' => date('Y-m-d H:i:s'),
'valid_until' => date('Y-m-d H:i:s', strtotime('+10 years'))
];
}
/**
* Verify a certificate's signature
*
* @param array $signedData Signed certificate data
* @return bool True if signature is valid
*/
public function verifyCertificate($signedData) {
// Extract data
$data = $signedData['data'];
$jsonData = json_encode($data);
$expectedHash = md5($jsonData . $this->secretKey);
// Verify hash
return $expectedHash === $signedData['hash'];
}
/**
* Generate a certificate with security features
*
* @param array $certificateData Certificate data
* @return array Complete secure certificate data
*/
public function generateSecureCertificate($certificateData) {
// Generate verification code if not provided
if (!isset($certificateData['verification_code'])) {
$certificateData['verification_code'] = $this->generateVerificationCode();
}
// Set issue date if not provided
if (!isset($certificateData['issue_date'])) {
$certificateData['issue_date'] = date('Y-m-d H:i:s');
}
// Sign certificate data
$signedData = $this->signCertificateData($certificateData);
return $signedData;
}
}
/**
* Certificate Verifier class
*/
class CertificateVerifier {
public $generator;
/**
* Constructor
*/
public function __construct() {
$this->generator = new CertificateGenerator();
}
/**
* Verify a certificate by verification code
*
* @param string $verificationCode Verification code
* @param array $signedData Signed certificate data
* @return bool True if certificate is valid
*/
public function verifyByCode($verificationCode, $signedData) {
// Check verification code
if ($signedData['data']['verification_code'] !== $verificationCode) {
return false;
}
// Verify signature
return $this->generator->verifyCertificate($signedData);
}
/**
* Verify a certificate by certificate number
*
* @param string $certificateNumber Certificate number
* @param array $signedData Signed certificate data
* @return bool True if certificate is valid
*/
public function verifyByCertificateNumber($certificateNumber, $signedData) {
// Check certificate number
if ($signedData['data']['certificate_number'] !== $certificateNumber) {
return false;
}
// Verify signature
return $this->generator->verifyCertificate($signedData);
}
}
?>
