#!/usr/bin/perl
print "Content-type:text/html\n\n";
print <<EndOfHTML;
<html><head><title>SPCard Authentication Information</title></head>
<body background="a.jpg">
EndOfHTML

$ip=$ENV{'REMOTE_ADDR'};

read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@ans = split(/&/, $buffer);
#ans will contain variable "custadd=somestring", "transno=439585"

($temp, $id) = split(/=/, $ans[0]);
($temp, $response) = split(/=/, $ans[1]);
($temp, $custadd) = split(/=/, $ans[2]);
($temp, $compadd) = split(/=/, $ans[3]);
($temp, $transno) = split(/=/, $ans[4]);
($temp, $amount) = split(/=/, $ans[5]);
($temp, $url) = split(/=/, $ans[6]);

$id =~ tr/+/ /;
$id =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$response =~ tr/+/ /;
$response =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$custadd =~ tr/+/ /;
$custadd =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$compadd =~ tr/+/ /;
$compadd =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$transno =~ tr/+/ /;
$transno =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$amount =~ tr/+/ /;
$amount =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$url =~ tr/+/ /;
$url =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

open(outf,"$ip.txt");
flock(outf,2);
@ans=<outf>;
close(outf);
$temp=join("",@ans);
@ans=split(/\|/, $temp);
$challenge=$ans[0];

#now we have every variable

open(outf,"user.dat");
flock(outf,2);
@cust=<outf>;
close(outf);

$flag=0;
foreach $i (@cust)
{
 ($idd, $key)= split(/ /, $i);
 if ($idd eq $id)
 {
  open(outf,">$ip.tmp");
  flock(outf,2);
  print outf "$challenge";
  close(outf);
  system("./aes $ip.tmp e$ip.tmp E $key");
  open(outf,"e$ip.tmp");
  flock(outf,2);
  @ans=<outf>;
  close(outf);
  $encrypted=join("",@ans);
  #standardise encrypted
  for($iii==0;$iii<4;$iii++)
  {
   if($iii==0) { $ttt="\n";}
   if($iii==1) { $ttt="\r";}
   if($iii==2) { $ttt=chr(0);}
   if($iii==3) { $ttt=" ";}
   @temppp=split("$ttt",$encrpted);
   $encrpted=join("",@temppp);
  }
  if($response eq $encrypted) { $flag=1; }
  system("rm $ip.tmp e$ip.tmp");
 }
}

if($flag==0) 
{
 print "Sorry, authentification failed, hit back and try again"; 
 print "</body></html>";
}
else 
{

print <<EndOfHTML;
<H3 ALIGN="CENTER"><BR>Authentication Done Successfully</H3>
<H4 ALIGN="CENTER">To dispatch the payment, hit the button below</H4>
EndOfHTML

 ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst)=localtime time;
 $year+=1900;
 $mon+=1;
 open(outf,">dbill$ip.txt");
 flock(outf,2);
 print outf "Copy of Digital Bill:-Sender SPCcard Coorporations\n";
 print outf "In Favour of:- $compadd\n";
 print outf "Transaction Code:- $transno\n";
 print outf "Payment Required:- $amount\n";
 print outf "Payment Done by:- $custadd\n";
 print outf "SPCard Coorporations promises to pay the required amount\n";
 print outf "Time Stamp:- $hour:$min:$sec\n";
 print outf "Date Stamp:- $mday/$mon/$year\n";
 close(outf);
 system("./rsa S dbill$ip.txt dbill$ip.sign");
 open(outf,"dbill$ip.txt");
 flock(outf,2);
 @ans=<outf>;
 close(outf);
 $ii=0;
 foreach $i (@ans)
 {
  chomp($ans[$ii]);
  $ii++;
 }
 $dbill1=join("\n",@ans);
 open(outf,"dbill$ip.sign");
 flock(outf,2);
 @ans=<outf>;
 close(outf);
 $dbill2=join("\n",@ans);
print<<EndOfHTML;
 <form action="$url" method="POST">
 <input type=hidden name="plainbill" value="$dbill1">
 <input type=hidden name="signedbill" value="$dbill2">
 <input type=hidden name="transcode"  value="ffabc117692f">
<H4 ALIGN="CENTER"><input type="submit" value="Confirm Payment"></H4></form>
EndOfHTML
} #end of else