diff --git a/src/Socialbox/Classes/StandardMethods/Verification/VerificationPasswordAuthentication.php b/src/Socialbox/Classes/StandardMethods/Verification/VerificationPasswordAuthentication.php index 7a8b078..1ff2bfa 100644 --- a/src/Socialbox/Classes/StandardMethods/Verification/VerificationPasswordAuthentication.php +++ b/src/Socialbox/Classes/StandardMethods/Verification/VerificationPasswordAuthentication.php @@ -4,11 +4,9 @@ use Exception; use Socialbox\Abstracts\Method; - use Socialbox\Classes\Cryptography; use Socialbox\Enums\Flags\SessionFlags; use Socialbox\Enums\StandardError; use Socialbox\Exceptions\CryptographyException; - use Socialbox\Exceptions\Standard\InvalidRpcArgumentException; use Socialbox\Exceptions\Standard\MissingRpcArgumentException; use Socialbox\Exceptions\Standard\StandardRpcException; use Socialbox\Interfaces\SerializableInterface; @@ -30,11 +28,6 @@ throw new MissingRpcArgumentException('password'); } - if(!Cryptography::validateSha512($rpcRequest->getParameter('password'))) - { - throw new InvalidRpcArgumentException('password', 'Invalid SHA-512 hash'); - } - try { $session = $request->getSession(); diff --git a/src/Socialbox/Managers/PasswordManager.php b/src/Socialbox/Managers/PasswordManager.php index 71b848a..4966dc3 100644 --- a/src/Socialbox/Managers/PasswordManager.php +++ b/src/Socialbox/Managers/PasswordManager.php @@ -8,6 +8,7 @@ use Socialbox\Classes\Configuration; use Socialbox\Classes\Cryptography; use Socialbox\Classes\Database; + use Socialbox\Classes\Validator; use Socialbox\Exceptions\CryptographyException; use Socialbox\Exceptions\DatabaseOperationException; use Socialbox\Objects\Database\PeerDatabaseRecord; @@ -162,6 +163,15 @@ { $peerUuid = $peerUuid->getUuid(); } + elseif(!Validator::validateUuid($peerUuid)) + { + throw new CryptographyException('The given internal peer UUID is not a valid UUID V4'); + } + + if(!Cryptography::validateSha512($sha512)) + { + throw new CryptographyException('Invalid SHA-512 hash'); + } try {