From 3be5cd104d46fbc721e5e054fd34983fdd46f111 Mon Sep 17 00:00:00 2001
From: netkas <netkas.nosial@gmail.com>
Date: Wed, 12 Mar 2025 20:50:00 -0400
Subject: [PATCH] Refactor VerifySignature to improve UUID and SHA512
 validation, removing unnecessary exception handling for invalid parameters.

https://github.com/nosial/Socialbox-PHP/issues/45
---
 .../StandardMethods/Core/VerifySignature.php  | 10 ----------
 src/Socialbox/Socialbox.php                   | 20 +++++++++++++++++++
 2 files changed, 20 insertions(+), 10 deletions(-)

diff --git a/src/Socialbox/Classes/StandardMethods/Core/VerifySignature.php b/src/Socialbox/Classes/StandardMethods/Core/VerifySignature.php
index f8e2633..a01000c 100644
--- a/src/Socialbox/Classes/StandardMethods/Core/VerifySignature.php
+++ b/src/Socialbox/Classes/StandardMethods/Core/VerifySignature.php
@@ -4,8 +4,6 @@
 
     use InvalidArgumentException;
     use Socialbox\Abstracts\Method;
-    use Socialbox\Classes\Cryptography;
-    use Socialbox\Classes\Validator;
     use Socialbox\Exceptions\Standard\InvalidRpcArgumentException;
     use Socialbox\Exceptions\Standard\MissingRpcArgumentException;
     use Socialbox\Interfaces\SerializableInterface;
@@ -32,10 +30,6 @@
             {
                 throw new MissingRpcArgumentException('signature_uuid');
             }
-            elseif(!Validator::validateUuid($rpcRequest->getParameter('signature_uuid')))
-            {
-                throw new InvalidRpcArgumentException('signature_uuid', 'Invalid UUID V4');
-            }
 
             if(!$rpcRequest->containsParameter('signature'))
             {
@@ -46,10 +40,6 @@
             {
                 throw new MissingRpcArgumentException('sha512');
             }
-            elseif(!Cryptography::validateSha512($rpcRequest->getParameter('sha512')))
-            {
-                throw new InvalidRpcArgumentException('sha512', 'Invalid SHA512');
-            }
 
             // Parse the peer address
             try
diff --git a/src/Socialbox/Socialbox.php b/src/Socialbox/Socialbox.php
index f2a6469..0c011b6 100644
--- a/src/Socialbox/Socialbox.php
+++ b/src/Socialbox/Socialbox.php
@@ -789,6 +789,16 @@
          */
         public static function verifyTimedSignature(PeerAddress|string $signingPeer, string $signatureUuid, string $signature, string $messageHash, int $signatureTime): SignatureVerificationStatus
         {
+            if(!Validator::validateUuid($signatureUuid))
+            {
+                return SignatureVerificationStatus::INVALID;
+            }
+
+            if(!Cryptography::validateSha512($messageHash))
+            {
+                return SignatureVerificationStatus::INVALID;
+            }
+
             // Resolve the peer signature key
             try
             {
@@ -838,6 +848,16 @@
          */
         public static function verifySignature(PeerAddress|string $signingPeer, string $signatureUuid, string $signature, string $messageHash): SignatureVerificationStatus
         {
+            if(!Validator::validateUuid($signatureUuid))
+            {
+                return SignatureVerificationStatus::INVALID;
+            }
+
+            if(!Cryptography::validateSha512($messageHash))
+            {
+                return SignatureVerificationStatus::INVALID;
+            }
+
             try
             {
                 $signingKey = self::resolvePeerSignature($signingPeer, $signatureUuid);