From 81b3dcf3ead54866f621b2d95a8aa51c4bab57e2 Mon Sep 17 00:00:00 2001
From: netkas <netkas.nosial@gmail.com>
Date: Tue, 11 Mar 2025 22:46:36 -0400
Subject: [PATCH] Refactor AddressBookTrustSignature and ContactManager to
 improve UUID and peer address validation

https://github.com/nosial/Socialbox-PHP/issues/35
---
 .../AddressBook/AddressBookTrustSignature.php | 22 ++------------
 src/Socialbox/Managers/ContactManager.php     | 30 +++++++++++++++++++
 src/Socialbox/Socialbox.php                   |  9 +-----
 3 files changed, 33 insertions(+), 28 deletions(-)

diff --git a/src/Socialbox/Classes/StandardMethods/AddressBook/AddressBookTrustSignature.php b/src/Socialbox/Classes/StandardMethods/AddressBook/AddressBookTrustSignature.php
index da68386..4fc9da3 100644
--- a/src/Socialbox/Classes/StandardMethods/AddressBook/AddressBookTrustSignature.php
+++ b/src/Socialbox/Classes/StandardMethods/AddressBook/AddressBookTrustSignature.php
@@ -2,12 +2,10 @@
 
     namespace Socialbox\Classes\StandardMethods\AddressBook;
 
-    use InvalidArgumentException;
     use Socialbox\Abstracts\Method;
     use Socialbox\Classes\Configuration;
     use Socialbox\Enums\StandardError;
     use Socialbox\Exceptions\DatabaseOperationException;
-    use Socialbox\Exceptions\Standard\InvalidRpcArgumentException;
     use Socialbox\Exceptions\Standard\MissingRpcArgumentException;
     use Socialbox\Exceptions\Standard\StandardRpcException;
     use Socialbox\Interfaces\SerializableInterface;
@@ -16,7 +14,6 @@
     use Socialbox\Objects\PeerAddress;
     use Socialbox\Objects\RpcRequest;
     use Socialbox\Socialbox;
-    use Symfony\Component\Uid\Uuid;
 
     class AddressBookTrustSignature extends Method
     {
@@ -30,29 +27,14 @@
                 throw new MissingRpcArgumentException('peer');
             }
 
-            try
-            {
-                $address = PeerAddress::fromAddress($rpcRequest->getParameter('peer'));
-            }
-            catch(InvalidArgumentException $e)
-            {
-                throw new InvalidRpcArgumentException('peer', $e);
-            }
+            $address = PeerAddress::fromAddress($rpcRequest->getParameter('peer'));
 
             if(!$rpcRequest->containsParameter('signature_uuid'))
             {
                 throw new MissingRpcArgumentException('signature_uuid');
             }
 
-            try
-            {
-                $signatureUuid = Uuid::fromString($rpcRequest->getParameter('signature_uuid'));
-            }
-            catch(InvalidArgumentException $e)
-            {
-                throw new InvalidRpcArgumentException('signature_uuid', $e);
-            }
-
+            $signatureUuid = (string)$rpcRequest->getParameter('signature_uuid');
             $signingKey = Socialbox::resolvePeerSignature($address, $signatureUuid);
 
             try
diff --git a/src/Socialbox/Managers/ContactManager.php b/src/Socialbox/Managers/ContactManager.php
index 2496689..06d14a8 100644
--- a/src/Socialbox/Managers/ContactManager.php
+++ b/src/Socialbox/Managers/ContactManager.php
@@ -77,6 +77,15 @@
             {
                 $contactAddress = $contactAddress->getAddress();
             }
+            elseif(!Validator::validatePeerAddress($contactAddress))
+            {
+                throw new InvalidArgumentException('The given contact address is not a valid peer address');
+            }
+
+            if(!Validator::validateUuid($peerUuid))
+            {
+                throw new InvalidArgumentException('The given internal peer UUID is not a valid UUID V4');
+            }
 
             $uuid = UuidV4::v4()->toRfc4122();
 
@@ -136,6 +145,15 @@
             {
                 $contactAddress = $contactAddress->getAddress();
             }
+            elseif(!Validator::validatePeerAddress($contactAddress))
+            {
+                throw new InvalidArgumentException('The given contact address is not a valid peer address');
+            }
+
+            if(!Validator::validateUuid($peerUuid))
+            {
+                throw new InvalidArgumentException('The given internal peer UUID is not a valid UUID V4');
+            }
 
             try
             {
@@ -376,6 +394,10 @@
             {
                 $contactUuid = $contactUuid->getUuid();
             }
+            elseif(!Validator::validateUuid($contactUuid))
+            {
+                throw new InvalidArgumentException('The given contact UUID is not a valid UUID V4');
+            }
 
             try
             {
@@ -473,6 +495,10 @@
             {
                 $contactUuid = $contactUuid->getUuid();
             }
+            elseif(!Validator::validateUuid($contactUuid))
+            {
+                throw new InvalidArgumentException('The given contact UUID is not a valid UUID V4');
+            }
 
             try
             {
@@ -573,6 +599,10 @@
             {
                 $contactUuid = $contactUuid->getUuid();
             }
+            elseif(!Validator::validateUuid($contactUuid))
+            {
+                throw new InvalidArgumentException('The given contact UUID is not a valid UUID V4');
+            }
 
             try
             {
diff --git a/src/Socialbox/Socialbox.php b/src/Socialbox/Socialbox.php
index 4ca8a23..f2a6469 100644
--- a/src/Socialbox/Socialbox.php
+++ b/src/Socialbox/Socialbox.php
@@ -881,14 +881,7 @@
             // Convert string peer address to object PeerAddress
             if(is_string($peerAddress))
             {
-                try
-                {
-                    $peerAddress = PeerAddress::fromAddress($peerAddress);
-                }
-                catch(InvalidArgumentException $e)
-                {
-                    throw new StandardRpcException($e->getMessage(), StandardError::RPC_INVALID_ARGUMENTS, $e);
-                }
+                $peerAddress = PeerAddress::fromAddress($peerAddress);
             }
 
             // Prevent resolutions against any host