Nosial/socialbox-php
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Refactor EncryptionCreateChannel and EncryptionChannelManager to improve UUID handling and remove redundant validation checks

Browse source 
https://github.com/nosial/Socialbox-PHP/issues/20
This commit is contained in:
netkas 2025-03-07 21:56:14 -05:00
parent 6be9e90ceb
commit 83a8217b26
2 changed files with 8 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
src/Socialbox/Classes/StandardMethods/EncryptionChannel/EncryptionCreateChannel.php
View file

@ -3,15 +3,11 @@
namespace Socialbox\Classes\StandardMethods\EncryptionChannel; namespace Socialbox\Classes\StandardMethods\EncryptionChannel;
use Exception; use Exception;
use InvalidArgumentException;
use Socialbox\Abstracts\Method; use Socialbox\Abstracts\Method;
use Socialbox\Classes\Cryptography;
use Socialbox\Classes\Logger; use Socialbox\Classes\Logger;
use Socialbox\Classes\Validator;
use Socialbox\Enums\StandardError; use Socialbox\Enums\StandardError;
use Socialbox\Exceptions\DatabaseOperationException; use Socialbox\Exceptions\DatabaseOperationException;
use Socialbox\Exceptions\RpcException; use Socialbox\Exceptions\RpcException;
use Socialbox\Exceptions\Standard\InvalidRpcArgumentException;
use Socialbox\Exceptions\Standard\MissingRpcArgumentException; use Socialbox\Exceptions\Standard\MissingRpcArgumentException;
use Socialbox\Exceptions\Standard\StandardRpcException; use Socialbox\Exceptions\Standard\StandardRpcException;
use Socialbox\Interfaces\SerializableInterface; use Socialbox\Interfaces\SerializableInterface;
@ -57,19 +53,11 @@
{ {
throw new MissingRpcArgumentException('receiving_peer'); throw new MissingRpcArgumentException('receiving_peer');
} }
elseif(!Validator::validatePeerAddress($rpcRequest->getParameter('receiving_peer')))
{
throw new InvalidRpcArgumentException('receiving_peer', 'Invalid Receiving Peer Address');
}
if(!$rpcRequest->containsParameter('public_encryption_key')) if(!$rpcRequest->containsParameter('public_encryption_key'))
{ {
throw new MissingRpcArgumentException('public_encryption_key'); throw new MissingRpcArgumentException('public_encryption_key');
} }
elseif(!Cryptography::validatePublicEncryptionKey($rpcRequest->getParameter('public_encryption_key')))
{
throw new InvalidRpcArgumentException('public_encryption_key', 'The given public encryption key is invalid');
}
$receivingPeerAddress = PeerAddress::fromAddress($rpcRequest->getParameter('receiving_peer')); $receivingPeerAddress = PeerAddress::fromAddress($rpcRequest->getParameter('receiving_peer'));
Socialbox::resolvePeer($receivingPeerAddress); Socialbox::resolvePeer($receivingPeerAddress);
@ -92,10 +80,6 @@
callingPublicEncryptionKey: $rpcRequest->getParameter('public_encryption_ke') callingPublicEncryptionKey: $rpcRequest->getParameter('public_encryption_ke')
); );
} }
catch(InvalidArgumentException $e)
{
throw new InvalidRpcArgumentException(null, $e);
}
catch (DatabaseOperationException $e) catch (DatabaseOperationException $e)
{ {
throw new StandardRpcException('There was an error while trying to create a new encryption channel', StandardError::INTERNAL_SERVER_ERROR, $e); throw new StandardRpcException('There was an error while trying to create a new encryption channel', StandardError::INTERNAL_SERVER_ERROR, $e);
@ -133,21 +117,6 @@
throw new StandardRpcException('There was an error while trying to notify the external server of the encryption channel', StandardError::INTERNAL_SERVER_ERROR, $e); throw new StandardRpcException('There was an error while trying to notify the external server of the encryption channel', StandardError::INTERNAL_SERVER_ERROR, $e);
} }
// Check for sanity reasons
if($externalUuid !== $uuid)
{
try
{
EncryptionChannelManager::declineChannel($uuid, true);
}
catch(DatabaseOperationException $e)
{
Logger::getLogger()->error('Error declining channel as server', $e);
}
throw new StandardRpcException('The external server did not return the correct UUID', StandardError::UUID_MISMATCH);
}
} }
return null; return null;
@ -173,29 +142,17 @@
{ {
throw new MissingRpcArgumentException('receiving_peer'); throw new MissingRpcArgumentException('receiving_peer');
} }
elseif(!Validator::validatePeerAddress($rpcRequest->getParameter('receiving_peer')))
{
throw new InvalidRpcArgumentException('receiving_peer', 'Invalid Receiving Peer Address');
}
if(!$rpcRequest->containsParameter('public_encryption_key')) if(!$rpcRequest->containsParameter('public_encryption_key'))
{ {
throw new MissingRpcArgumentException('public_encryption_key'); throw new MissingRpcArgumentException('public_encryption_key');
} }
elseif(!Cryptography::validatePublicEncryptionKey($rpcRequest->getParameter('public_encryption_key')))
{
throw new InvalidRpcArgumentException('public_encryption_key', 'The given public encryption key is invalid');
}
// Check for an additional required parameter 'channel_uuid' // Check for an additional required parameter 'channel_uuid'
if(!$rpcRequest->containsParameter('channel_uuid')) if(!$rpcRequest->containsParameter('channel_uuid'))
{ {
throw new MissingRpcArgumentException('channel_uuid'); throw new MissingRpcArgumentException('channel_uuid');
} }
elseif(!Validator::validateUuid($rpcRequest->getParameter('channel_uuid')))
{
throw new InvalidRpcArgumentException('channel_uuid', 'The given UUID is not a valid UUID v4 format');
}
// Check if the UUID already is used on this server // Check if the UUID already is used on this server
try try
@ -236,7 +193,7 @@
callingPeer: $callingPeer, callingPeer: $callingPeer,
receivingPeer: $receivingPeerAddress, receivingPeer: $receivingPeerAddress,
callingPublicEncryptionKey: $rpcRequest->getParameter('public_encryption_key'), callingPublicEncryptionKey: $rpcRequest->getParameter('public_encryption_key'),
channelUUid: $rpcRequest->getParameter('channel_uuid') channelUuid: $rpcRequest->getParameter('channel_uuid')
); );
} }
catch(DatabaseOperationException $e) catch(DatabaseOperationException $e)

14
src/Socialbox/Managers/EncryptionChannelManager.php
View file

@ -81,18 +81,18 @@
* @param string|PeerAddress $callingPeer The peer address of the caller. * @param string|PeerAddress $callingPeer The peer address of the caller.
* @param string|PeerAddress $receivingPeer The peer address of the receiver. * @param string|PeerAddress $receivingPeer The peer address of the receiver.
* @param string $callingPublicEncryptionKey The public encryption key of the caller. * @param string $callingPublicEncryptionKey The public encryption key of the caller.
* @param string|null $channelUUid The UUID of the channel. If not provided, a new UUID will be generated. * @param string|null $channelUuid The UUID of the channel. If not provided, a new UUID will be generated.
* @return string The UUID of the created channel. * @return string The UUID of the created channel.
* @throws DatabaseOperationException If the database operation fails. * @throws DatabaseOperationException If the database operation fails.
*/ */
public static function createChannel(string|PeerAddress $callingPeer, string|PeerAddress $receivingPeer, public static function createChannel(string|PeerAddress $callingPeer, string|PeerAddress $receivingPeer,
string $callingPublicEncryptionKey, ?string $channelUUid=null): string string $callingPublicEncryptionKey, ?string $channelUuid=null): string
{ {
if($channelUUid === null) if($channelUuid === null)
{ {
$channelUUid = Uuid::v4()->toRfc4122(); $channelUUid = Uuid::v4()->toRfc4122();
} }
elseif(!Validator::validateUuid($channelUUid)) elseif(!Validator::validateUuid($channelUuid))
{ {
throw new InvalidArgumentException('Invalid UUID V4'); throw new InvalidArgumentException('Invalid UUID V4');
} }
@ -122,15 +122,15 @@
try try
{ {
$channelUUid = $channelUUid ?? Uuid::v4()->toRfc4122(); $channelUuid = $channelUuid ?? Uuid::v4()->toRfc4122();
$stmt = Database::getConnection()->prepare('INSERT INTO encryption_channels (uuid, calling_peer_address, receiving_peer_address, calling_peer_address, calling_public_encryption_key) VALUES (:uuid, :calling_peer_address, :receiving_peer_address, :calling_peer_address, :calling_public_encryption_key)'); $stmt = Database::getConnection()->prepare('INSERT INTO encryption_channels (uuid, calling_peer_address, receiving_peer_address, calling_peer_address, calling_public_encryption_key) VALUES (:uuid, :calling_peer_address, :receiving_peer_address, :calling_peer_address, :calling_public_encryption_key)');
$stmt->bindParam(':uuid', $channelUUid); $stmt->bindParam(':uuid', $channelUuid);
$stmt->bindParam(':calling_peer_address', $callingPeer); $stmt->bindParam(':calling_peer_address', $callingPeer);
$stmt->bindParam(':receiving_peer_address', $receivingPeer); $stmt->bindParam(':receiving_peer_address', $receivingPeer);
$stmt->bindParam(':calling_public_encryption_key', $callingPublicEncryptionKey); $stmt->bindParam(':calling_public_encryption_key', $callingPublicEncryptionKey);
$stmt->execute(); $stmt->execute();
return $channelUUid; return $channelUuid;
} }
catch (PDOException $e) catch (PDOException $e)
{ {