Nosial/socialbox-php
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Add ExportedSession and improve RPC client handling.

Browse source
This commit is contained in:
netkas 2024-12-19 12:54:15 -05:00
parent 0b51b47859
commit 42ba7013f7
6 changed files with 469 additions and 236 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

466
src/Socialbox/Classes/RpcClient.php
View file

@ -3,11 +3,14 @@
namespace Socialbox\Classes; namespace Socialbox\Classes;
use Socialbox\Enums\StandardHeaders; use Socialbox\Enums\StandardHeaders;
use Socialbox\Enums\Types\RequestType;
use Socialbox\Exceptions\CryptographyException; use Socialbox\Exceptions\CryptographyException;
use Socialbox\Exceptions\DatabaseOperationException; use Socialbox\Exceptions\DatabaseOperationException;
use Socialbox\Exceptions\ResolutionException; use Socialbox\Exceptions\ResolutionException;
use Socialbox\Exceptions\RpcException; use Socialbox\Exceptions\RpcException;
use Socialbox\Objects\RpcError; use Socialbox\Objects\ExportedSession;
use Socialbox\Objects\KeyPair;
use Socialbox\Objects\PeerAddress;
use Socialbox\Objects\RpcRequest; use Socialbox\Objects\RpcRequest;
use Socialbox\Objects\RpcResponse; use Socialbox\Objects\RpcResponse;
@ -15,270 +18,333 @@
{ {
private const string CLIENT_NAME = 'Socialbox PHP'; private const string CLIENT_NAME = 'Socialbox PHP';
private const string CLIENT_VERSION = '1.0'; private const string CLIENT_VERSION = '1.0';
private const string CONTENT_TYPE = 'application/json; charset=utf-8';
private string $domain; private bool $bypassSignatureVerification;
private string $endpoint; private PeerAddress $peerAddress;
private KeyPair $keyPair;
private string $encryptionKey;
private string $serverPublicKey; private string $serverPublicKey;
private ?string $sessionUuid; private string $rpcEndpoint;
private ?string $privateKey; private string $sessionUuid;
/** /**
* Constructor for initializing the server connection with a given domain. * Constructs a new instance with the specified peer address.
* *
* @param string $domain The domain used to resolve the server's endpoint and public key. * @param string|PeerAddress $peerAddress The peer address to be used for the instance (eg; johndoe@example.com)
* @throws ResolutionException * @param ExportedSession|null $exportedSession Optional. An exported session to be used to re-connect.
* @noinspection PhpUnhandledExceptionInspection * @throws CryptographyException If there is an error in the cryptographic operations.
* @throws RpcException If there is an error in the RPC request or if no response is received.
* @throws DatabaseOperationException If there is an error in the database operations.
* @throws ResolutionException If there is an error in the resolution process.
*/ */
public function __construct(string $domain) public function __construct(string|PeerAddress $peerAddress, ?ExportedSession $exportedSession=null)
{ {
$resolved = ServerResolver::resolveDomain($domain); $this->bypassSignatureVerification = false;
$this->domain = $domain; // If an exported session is provided, no need to re-connect.
$this->endpoint = $resolved->getEndpoint(); if($exportedSession !== null)
$this->serverPublicKey = $resolved->getPublicKey(); {
$this->sessionUuid = null; $this->peerAddress = PeerAddress::fromAddress($exportedSession->getPeerAddress());
$this->privateKey = null; $this->keyPair = new KeyPair($exportedSession->getPublicKey(), $exportedSession->getPrivateKey());
$this->encryptionKey = $exportedSession->getEncryptionKey();
$this->serverPublicKey = $exportedSession->getServerPublicKey();
$this->rpcEndpoint = $exportedSession->getRpcEndpoint();
$this->sessionUuid = $exportedSession->getSessionUuid();
return;
}
// If the peer address is a string, we need to convert it to a PeerAddress object
if(is_string($peerAddress))
{
$peerAddress = PeerAddress::fromAddress($peerAddress);
}
// Set the initial properties
$this->peerAddress = $peerAddress;
$this->keyPair = Cryptography::generateKeyPair();
$this->encryptionKey = Cryptography::generateEncryptionKey();
// Resolve the domain and get the server's Public Key & RPC Endpoint
$resolvedServer = ServerResolver::resolveDomain($this->peerAddress->getDomain(), false);
$this->serverPublicKey = $resolvedServer->getPublicKey();
$this->rpcEndpoint = $resolvedServer->getEndpoint();
// Attempt to create an encrypted session with the server
$this->sessionUuid = $this->createSession();
$this->sendDheExchange();
} }
/** /**
* Retrieves the domain. * Creates a new session by sending an HTTP GET request to the RPC endpoint.
* The request includes specific headers required for session initiation.
* *
* @return string The domain. * @return string Returns the session UUID received from the server.
* @throws RpcException If the server response is invalid, the session creation fails, or no session UUID is returned.
*/ */
public function getDomain(): string private function createSession(): string
{ {
return $this->domain; $ch = curl_init();
}
/** curl_setopt($ch, CURLOPT_URL, $this->rpcEndpoint);
* Retrieves the endpoint URL. curl_setopt($ch, CURLOPT_HTTPGET, true);
* curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
* @return string The endpoint URL. curl_setopt($ch, CURLOPT_HTTPHEADER, [
*/ StandardHeaders::REQUEST_TYPE->value . ': ' . RequestType::INITIATE_SESSION->value,
public function getEndpoint(): string StandardHeaders::CLIENT_NAME->value . ': ' . self::CLIENT_NAME,
{ StandardHeaders::CLIENT_VERSION->value . ': ' . self::CLIENT_VERSION,
return $this->endpoint; StandardHeaders::PUBLIC_KEY->value . ': ' . $this->keyPair->getPublicKey(),
} StandardHeaders::IDENTIFY_AS->value . ': ' . $this->peerAddress->getAddress(),
/**
* Retrieves the server's public key.
*
* @return string The server's public key.
*/
public function getServerPublicKey(): string
{
return $this->serverPublicKey;
}
/**
* Retrieves the session UUID.
*
* @return string|null The session UUID or null if not set.
*/
public function getSessionUuid(): ?string
{
return $this->sessionUuid;
}
/**
* Sets the session UUID.
*
* @param string|null $sessionUuid The session UUID to set. Can be null.
* @return void
*/
public function setSessionUuid(?string $sessionUuid): void
{
$this->sessionUuid = $sessionUuid;
}
/**
* Retrieves the private key.
*
* @return string|null The private key if available, or null if not set.
*/
public function getPrivateKey(): ?string
{
return $this->privateKey;
}
/**
* Sets the private key.
*
* @param string|null $privateKey The private key to be set. Can be null.
* @return void
*/
public function setPrivateKey(?string $privateKey): void
{
$this->privateKey = $privateKey;
}
/**
* Sends an RPC request to the specified endpoint.
*
* @param RpcRequest $request The RPC request to be sent.
* @return RpcResponse|RpcError|null The response from the RPC server, an error object, or null if no content.
* @throws CryptographyException If an error occurs during the signing of the content.
* @throws RpcException If an error occurs while sending the request or processing the response.
*/
public function sendRequest(RpcRequest $request): RpcResponse|RpcError|null
{
$curl = curl_init($this->endpoint);
$content = Utilities::jsonEncode($request->toArray());
curl_setopt_array($curl, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_HTTPHEADER => $this->getHeaders($content),
CURLOPT_POSTFIELDS => $content,
]); ]);
$response = curl_exec($curl); $response = curl_exec($ch);
$httpCode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
if(curl_errno($curl)) if($response === false)
{ {
throw new RpcException(sprintf('Failed to send request: %s', curl_error($curl))); curl_close($ch);
throw new RpcException('Failed to create the session, no response received');
} }
curl_close($curl); $responseCode = curl_getinfo($ch, CURLINFO_RESPONSE_CODE);
if($responseCode !== 201)
// Return null if the response is empty
if($httpCode === 204)
{ {
return null; curl_close($ch);
} throw new RpcException('Failed to create the session, server responded with ' . $responseCode . ': ' . $response);
if(!$this->isSuccessful($httpCode))
{
if(!empty($response))
{
throw new RpcException($response);
}
throw new RpcException(sprintf('Error occurred while processing request: %d', $httpCode));
} }
if(empty($response)) if(empty($response))
{ {
throw new RpcException('Response was empty but status code was successful'); curl_close($ch);
throw new RpcException('Failed to create the session, server did not return a session UUID');
} }
return RpcResponse::fromArray(Utilities::jsonDecode($response)); curl_close($ch);
return $response;
} }
/** /**
* Sends multiple requests to the designated endpoint and returns their responses. * Sends a Diffie-Hellman Ephemeral (DHE) exchange request to the server.
* *
* @param array $requests An array of request objects, each implementing the method toArray(). * @throws RpcException If the encryption or the request fails.
* @return RpcResponse[]|RpcError[] An array of response objects, each implementing the method toArray().
* @throws CryptographyException If an error occurs during the signing of the content.
* @throws RpcException If any errors occur during the request process or in case of unsuccessful HTTP codes.
*/ */
public function sendRequests(array $requests): array private function sendDheExchange(): void
{ {
$curl = curl_init($this->endpoint); // Request body should contain the encrypted key, the client's public key, and the session UUID
$contents = null; // Upon success the server should return 204 without a body
try
foreach($requests as $request)
{ {
$contents[] = $request->toArray(); $encryptedKey = Cryptography::encryptContent($this->encryptionKey, $this->serverPublicKey);
}
catch (CryptographyException $e)
{
throw new RpcException('Failed to encrypt DHE exchange data', 0, $e);
} }
$content = Utilities::jsonEncode($contents); $ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->rpcEndpoint);
curl_setopt_array($curl, [ curl_setopt($ch, CURLOPT_POST, true);
CURLOPT_RETURNTRANSFER => true, curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
CURLOPT_POST => true, curl_setopt($ch, CURLOPT_HTTPHEADER, [
CURLOPT_HTTPHEADER => $this->getHeaders($content), StandardHeaders::REQUEST_TYPE->value . ': ' . RequestType::DHE_EXCHANGE->value,
CURLOPT_POSTFIELDS => $content, StandardHeaders::SESSION_UUID->value . ': ' . $this->sessionUuid,
]); ]);
curl_setopt($ch, CURLOPT_POSTFIELDS, $encryptedKey);
$response = curl_exec($curl); $response = curl_exec($ch);
$httpCode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
if(curl_errno($curl)) if($response === false)
{ {
throw new RpcException(sprintf('Failed to send request: %s', curl_error($curl))); curl_close($ch);
throw new RpcException('Failed to send DHE exchange, no response received');
} }
curl_close($curl); $responseCode = curl_getinfo($ch, CURLINFO_RESPONSE_CODE);
if($responseCode !== 204)
// Return null if the response is empty
if($httpCode === 204)
{ {
curl_close($ch);
throw new RpcException('Failed to send DHE exchange, server responded with ' . $responseCode . ': ' . $response);
}
curl_close($ch);
}
/**
* Sends an RPC request with the given JSON data.
*
* @param string $jsonData The JSON data to be sent in the request.
* @return array An array of RpcResult objects.
* @throws RpcException If the request fails, the response is invalid, or the decryption/signature verification fails.
*/
public function sendRawRequest(string $jsonData): array
{
try
{
$encryptedData = Cryptography::encryptTransport($jsonData, $this->encryptionKey);
$signature = Cryptography::signContent($jsonData, $this->keyPair->getPrivateKey());
}
catch (CryptographyException $e)
{
throw new RpcException('Failed to encrypt request data: ' . $e->getMessage(), 0, $e);
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->rpcEndpoint);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
StandardHeaders::REQUEST_TYPE->value . ': ' . RequestType::RPC->value,
StandardHeaders::SESSION_UUID->value . ': ' . $this->sessionUuid,
StandardHeaders::SIGNATURE->value . ': ' . $signature,
'Content-Type: application/encrypted-json',
]);
curl_setopt($ch, CURLOPT_POSTFIELDS, $encryptedData);
$response = curl_exec($ch);
if ($response === false)
{
curl_close($ch);
throw new RpcException('Failed to send request, no response received');
}
$responseCode = curl_getinfo($ch, CURLINFO_RESPONSE_CODE);
$responseString = $response;
if (!Utilities::isSuccessCodes($responseCode))
{
curl_close($ch);
if (!empty($responseString))
{
throw new RpcException($responseString);
}
throw new RpcException('Failed to send request (Empty Response): ' . $responseCode);
}
if ($responseCode == 204)
{
curl_close($ch);
return []; return [];
} }
if(!$this->isSuccessful($httpCode)) if (empty($responseString))
{ {
if(!empty($response)) curl_close($ch);
throw new RpcException('The request was successful but the server did not indicate an empty response');
}
curl_close($ch);
try
{
$decryptedResponse = Cryptography::decryptTransport($responseString, $this->encryptionKey);
}
catch (CryptographyException $e)
{
throw new RpcException('Failed to decrypt response: ' . $e->getMessage(), 0, $e);
}
if (!$this->bypassSignatureVerification)
{
$signature = curl_getinfo($ch, CURLINFO_HEADER_OUT)['Signature'] ?? null;
if ($signature === null)
{ {
throw new RpcException($response); throw new RpcException('The server did not provide a signature for the response');
} }
throw new RpcException(sprintf('Error occurred while processing request: %d', $httpCode)); try
{
if (!Cryptography::verifyContent($decryptedResponse, $signature, $this->serverPublicKey))
{
throw new RpcException('Failed to verify the response signature');
}
}
catch (CryptographyException $e)
{
throw new RpcException('Failed to verify the response signature: ' . $e->getMessage(), 0, $e);
}
} }
if(empty($response)) $decoded = json_decode($decryptedResponse, true);
if (is_array($decoded))
{ {
throw new RpcException('Response was empty but status code was successful'); $results = [];
foreach ($decoded as $responseMap)
{
$results[] = RpcResponse::fromArray($responseMap);
}
return $results;
} }
$results = Utilities::jsonDecode($response); if (is_object($decoded))
$responses = [];
foreach($results as $result)
{ {
$responses[] = RpcResponse::fromArray($result); return [RpcResponse::fromArray((array)$decoded)];
}
throw new RpcException('Failed to decode response');
}
/**
* Sends an RPC request and retrieves the corresponding RPC response.
*
* @param RpcRequest $request The RPC request to be sent.
* @return RpcResponse The received RPC response.
* @throws RpcException If no response is received from the request.
*/
public function sendRequest(RpcRequest $request): RpcResponse
{
$response = $this->sendRawRequest(json_encode($request));
if (count($response) === 0)
{
throw new RpcException('Failed to send request, no response received');
}
return $response[0];
}
/**
* Sends a batch of requests to the server, processes them into an appropriate format,
* and handles the response.
*
* @param RpcRequest[] $requests An array of RpcRequest objects to be sent to the server.
* @return RpcResponse[] An array of RpcResponse objects received from the server.
* @throws RpcException If no response is received from the server.
*/
public function sendRequests(array $requests): array
{
$parsedRequests = [];
foreach ($requests as $request)
{
$parsedRequests[] = $request->toArray();
}
$responses = $this->sendRawRequest(json_encode($parsedRequests));
if (count($responses) === 0)
{
throw new RpcException('Failed to send requests, no response received');
} }
return $responses; return $responses;
} }
/** /**
* Determines if the provided HTTP status code indicates a successful response. * Exports the current session details into an ExportedSession object.
* *
* @param int $code The HTTP status code to evaluate. * @return ExportedSession The exported session containing session-specific details.
* @return bool True if the status code represents success (2xx), false otherwise.
*/ */
private function isSuccessful(int $code): bool public function exportSession(): ExportedSession
{ {
return $code >= 200 && $code < 300; return new ExportedSession([
} 'peer_address' => $this->peerAddress->getAddress(),
'private_key' => $this->keyPair->getPrivateKey(),
/** 'public_key' => $this->keyPair->getPublicKey(),
* Generates an array of headers based on standard headers and instance-specific properties. 'encryption_key' => $this->encryptionKey,
* 'server_public_key' => $this->serverPublicKey,
* @param string $content The content to be signed if a private key is available. 'rpc_endpoint' => $this->rpcEndpoint,
* @return array An array of headers to be included in an HTTP request. 'session_uuid' => $this->sessionUuid
* @throws CryptographyException If an error occurs during the signing of the content. ]);
*/
private function getHeaders(string $content): array
{
$headers = [
sprintf('%s: %s', StandardHeaders::CLIENT_NAME->value, self::CLIENT_NAME),
sprintf('%s: %s', StandardHeaders::CLIENT_VERSION->value, self::CLIENT_VERSION),
sprintf('%s: %s', StandardHeaders::CONTENT_TYPE->value, self::CONTENT_TYPE),
];
if($this->sessionUuid !== null)
{
$headers[] = sprintf('%s: %s', StandardHeaders::SESSION_UUID->value, $this->sessionUuid);
}
if($this->privateKey !== null)
{
try
{
$headers[] = sprintf('%s: %s', StandardHeaders::SIGNATURE->value, Cryptography::signContent($content, $this->privateKey, true));
}
catch (CryptographyException $e)
{
Logger::getLogger()->error('Failed to sign content: ' . $e->getMessage());
throw $e;
}
}
return $headers;
} }
} }

11
src/Socialbox/Classes/Utilities.php
View file

@ -215,4 +215,15 @@ class Utilities
{ {
return explode(',', $list); return explode(',', $list);
} }
/**
* Checks if the given HTTP response code indicates success or failure.
*
* @param int $responseCode The HTTP response code to check.
* @return bool True if the response code indicates success, false otherwise.
*/
public static function isSuccessCodes(int $responseCode): bool
{
return $responseCode >= 200 && $responseCode < 300;
}
} }

142
src/Socialbox/Objects/ExportedSession.php Normal file
View file

@ -0,0 +1,142 @@
<?php
namespace Socialbox\Objects;
/**
* Represents an exported session containing cryptographic keys, identifiers, and endpoints.
*/
class ExportedSession
{
private string $peerAddress;
private string $privateKey;
private string $publicKey;
private string $encryptionKey;
private string $serverPublicKey;
private string $rpcEndpoint;
private string $sessionUuid;
/**
* Initializes a new instance of the class with the provided data.
*
* @param array $data An associative array containing the configuration data.
* Expected keys:
* - 'peer_address': The address of the peer.
* - 'private_key': The private key for secure communication.
* - 'public_key': The public key for secure communication.
* - 'encryption_key': The encryption key used for communication.
* - 'server_public_key': The server's public key.
* - 'rpc_endpoint': The RPC endpoint for network communication.
* - 'session_uuid': The unique identifier for the session.
*
* @return void
*/
public function __construct(array $data)
{
$this->peerAddress = $data['peer_address'];
$this->privateKey = $data['private_key'];
$this->publicKey = $data['public_key'];
$this->encryptionKey = $data['encryption_key'];
$this->serverPublicKey = $data['server_public_key'];
$this->rpcEndpoint = $data['rpc_endpoint'];
$this->sessionUuid = $data['session_uuid'];
}
/**
* Retrieves the address of the peer.
*
* @return string The peer's address as a string.
*/
public function getPeerAddress(): string
{
return $this->peerAddress;
}
/**
* Retrieves the private key.
*
* @return string The private key.
*/
public function getPrivateKey(): string
{
return $this->privateKey;
}
/**
* Retrieves the public key.
*
* @return string The public key.
*/
public function getPublicKey(): string
{
return $this->publicKey;
}
/**
* Retrieves the encryption key.
*
* @return string The encryption key.
*/
public function getEncryptionKey(): string
{
return $this->encryptionKey;
}
/**
* Retrieves the public key of the server.
*
* @return string The server's public key.
*/
public function getServerPublicKey(): string
{
return $this->serverPublicKey;
}
/**
* Retrieves the RPC endpoint URL.
*
* @return string The RPC endpoint.
*/
public function getRpcEndpoint(): string
{
return $this->rpcEndpoint;
}
/**
* Retrieves the unique identifier for the current session.
*
* @return string The session UUID.
*/
public function getSessionUuid(): string
{
return $this->sessionUuid;
}
/**
* Converts the current instance into an array representation.
*
* @return array An associative array containing the instance properties and their respective values.
*/
public function toArray(): array
{
return [
'peer_address' => $this->peerAddress,
'private_key' => $this->privateKey,
'public_key' => $this->publicKey,
'encryption_key' => $this->encryptionKey,
'server_public_key' => $this->serverPublicKey,
'rpc_endpoint' => $this->rpcEndpoint,
'session_uuid' => $this->sessionUuid
];
}
/**
* Creates an instance of ExportedSession from the provided array.
*
* @param array $data The input data used to construct the ExportedSession instance.
* @return ExportedSession The new ExportedSession instance created from the given data.
*/
public static function fromArray(array $data): ExportedSession
{
return new ExportedSession($data);
}
}

54
src/Socialbox/Objects/KeyPair.php
View file

@ -1,25 +1,43 @@
<?php <?php
namespace Socialbox\Objects; namespace Socialbox\Objects;
class KeyPair class KeyPair
{
private string $publicKey;
private string $privateKey;
public function __construct(string $publicKey, string $privateKey)
{ {
$this->publicKey = $publicKey; private string $publicKey;
$this->privateKey = $privateKey; private string $privateKey;
}
public function getPublicKey(): string /**
{ * Constructor method for initializing the class with a public key and private key.
return $this->publicKey; *
} * @param string $publicKey The public key to be used.
* @param string $privateKey The private key to be used.
*
* @return void
*/
public function __construct(string $publicKey, string $privateKey)
{
$this->publicKey = $publicKey;
$this->privateKey = $privateKey;
}
public function getPrivateKey(): string /**
{ * Retrieves the public key associated with this instance.
return $this->privateKey; *
* @return string The public key.
*/
public function getPublicKey(): string
{
return $this->publicKey;
}
/**
* Retrieves the private key associated with the instance.
*
* @return string The private key as a string.
*/
public function getPrivateKey(): string
{
return $this->privateKey;
}
} }
}

1
tests/Socialbox/Classes/SecuredPasswordTest.php
View file

@ -11,7 +11,6 @@
{ {
print("Getting random encryption record\n"); print("Getting random encryption record\n");
$encryptionRecord = EncryptionRecordsManager::getRandomRecord(); $encryptionRecord = EncryptionRecordsManager::getRandomRecord();
var_dump($encryptionRecord);
print("Securing password\n"); print("Securing password\n");
$securedPassword = SecuredPassword::securePassword('123-123-123', 'password!', $encryptionRecord); $securedPassword = SecuredPassword::securePassword('123-123-123', 'password!', $encryptionRecord);

29
tests/test.php
View file

@ -1,24 +1,21 @@
<?php <?php
use Socialbox\Classes\SecuredPassword;
use Socialbox\Managers\EncryptionRecordsManager;
require 'ncc'; require 'ncc';
import('net.nosial.socialbox'); import('net.nosial.socialbox');
print("Getting random encryption record\n"); $client = new \Socialbox\Classes\RpcClient(generateRandomPeer());
$encryptionRecord = EncryptionRecordsManager::getRandomRecord(); var_dump($client->exportSession());
var_dump($encryptionRecord);
print("Securing password\n"); function generateRandomPeer()
$securedPassword = SecuredPassword::securePassword('123-123-123', 'password!', $encryptionRecord); {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
print("Verifying password\n"); for ($i = 0; $i < 16; $i++)
if(SecuredPassword::verifyPassword('password!', $securedPassword, EncryptionRecordsManager::getAllRecords())) {
{ $randomString .= $characters[rand(0, $charactersLength - 1)];
print("Password verified\n"); }
}
else return 'userTest' . $randomString . '@intvo.id';
{
print("Password not verified\n");
} }