Nosial/socialbox-php
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Refactor AddressBookTrustSignature and ContactManager to improve UUID and peer address validation

Browse source 
https://github.com/nosial/Socialbox-PHP/issues/35
This commit is contained in:
netkas 2025-03-11 22:46:36 -04:00
parent 8cd3b381cf
commit 81b3dcf3ea
Signed by: netkas
GPG key ID: 4D8629441B76E4CC
3 changed files with 33 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
src/Socialbox/Classes/StandardMethods/AddressBook/AddressBookTrustSignature.php
View file

@ -2,12 +2,10 @@
namespace Socialbox\Classes\StandardMethods\AddressBook;
use InvalidArgumentException;
use Socialbox\Abstracts\Method;
use Socialbox\Classes\Configuration;
use Socialbox\Enums\StandardError;
use Socialbox\Exceptions\DatabaseOperationException;
use Socialbox\Exceptions\Standard\InvalidRpcArgumentException;
use Socialbox\Exceptions\Standard\MissingRpcArgumentException;
use Socialbox\Exceptions\Standard\StandardRpcException;
use Socialbox\Interfaces\SerializableInterface;
@ -16,7 +14,6 @@
use Socialbox\Objects\PeerAddress;
use Socialbox\Objects\RpcRequest;
use Socialbox\Socialbox;
use Symfony\Component\Uid\Uuid;
class AddressBookTrustSignature extends Method
{
@ -30,29 +27,14 @@
throw new MissingRpcArgumentException('peer');
}
try
{
$address = PeerAddress::fromAddress($rpcRequest->getParameter('peer'));
}
catch(InvalidArgumentException $e)
{
throw new InvalidRpcArgumentException('peer', $e);
}
if(!$rpcRequest->containsParameter('signature_uuid'))
{
throw new MissingRpcArgumentException('signature_uuid');
}
try
{
$signatureUuid = Uuid::fromString($rpcRequest->getParameter('signature_uuid'));
}
catch(InvalidArgumentException $e)
{
throw new InvalidRpcArgumentException('signature_uuid', $e);
}
$signatureUuid = (string)$rpcRequest->getParameter('signature_uuid');
$signingKey = Socialbox::resolvePeerSignature($address, $signatureUuid);
try

30
src/Socialbox/Managers/ContactManager.php
View file

@ -77,6 +77,15 @@
{
$contactAddress = $contactAddress->getAddress();
}
elseif(!Validator::validatePeerAddress($contactAddress))
{
throw new InvalidArgumentException('The given contact address is not a valid peer address');
}
if(!Validator::validateUuid($peerUuid))
{
throw new InvalidArgumentException('The given internal peer UUID is not a valid UUID V4');
}
$uuid = UuidV4::v4()->toRfc4122();
@ -136,6 +145,15 @@
{
$contactAddress = $contactAddress->getAddress();
}
elseif(!Validator::validatePeerAddress($contactAddress))
{
throw new InvalidArgumentException('The given contact address is not a valid peer address');
}
if(!Validator::validateUuid($peerUuid))
{
throw new InvalidArgumentException('The given internal peer UUID is not a valid UUID V4');
}
try
{
@ -376,6 +394,10 @@
{
$contactUuid = $contactUuid->getUuid();
}
elseif(!Validator::validateUuid($contactUuid))
{
throw new InvalidArgumentException('The given contact UUID is not a valid UUID V4');
}
try
{
@ -473,6 +495,10 @@
{
$contactUuid = $contactUuid->getUuid();
}
elseif(!Validator::validateUuid($contactUuid))
{
throw new InvalidArgumentException('The given contact UUID is not a valid UUID V4');
}
try
{
@ -573,6 +599,10 @@
{
$contactUuid = $contactUuid->getUuid();
}
elseif(!Validator::validateUuid($contactUuid))
{
throw new InvalidArgumentException('The given contact UUID is not a valid UUID V4');
}
try
{

7
src/Socialbox/Socialbox.php
View file

@ -880,16 +880,9 @@
{
// Convert string peer address to object PeerAddress
if(is_string($peerAddress))
{
try
{
$peerAddress = PeerAddress::fromAddress($peerAddress);
}
catch(InvalidArgumentException $e)
{
throw new StandardRpcException($e->getMessage(), StandardError::RPC_INVALID_ARGUMENTS, $e);
}
}
// Prevent resolutions against any host
if($peerAddress->getUsername() == ReservedUsernames::HOST)