updated VerifyPeerSignature to make timed signatures optional, updated parameter names and improved validation

2025-02-08 00:33:19 -05:00 · 2025-02-08 00:33:19 -05:00 · 95dd4eb5f2
commit 95dd4eb5f2
parent 9e18db3e68
2 changed files with 110 additions and 25 deletions
--- a/src/Socialbox/Classes/StandardMethods/Core/VerifyPeerSignature.php
+++ b/src/Socialbox/Classes/StandardMethods/Core/VerifyPeerSignature.php
@ -2,13 +2,12 @@

    namespace Socialbox\Classes\StandardMethods\Core;

-    use Exception;
    use InvalidArgumentException;
    use Socialbox\Abstracts\Method;
-    use Socialbox\Enums\StandardError;
+    use Socialbox\Classes\Cryptography;
+    use Socialbox\Classes\Validator;
    use Socialbox\Exceptions\Standard\InvalidRpcArgumentException;
    use Socialbox\Exceptions\Standard\MissingRpcArgumentException;
-    use Socialbox\Exceptions\Standard\StandardRpcException;
    use Socialbox\Interfaces\SerializableInterface;
    use Socialbox\Objects\ClientRequest;
    use Socialbox\Objects\PeerAddress;
@ -24,19 +23,23 @@
        public static function execute(ClientRequest $request, RpcRequest $rpcRequest): ?SerializableInterface
        {
            // Check if the required 'peer' parameter is set.
-            if(!$rpcRequest->containsParameter('signing_peer'))
+            if(!$rpcRequest->containsParameter('peer'))
            {
-                throw new MissingRpcArgumentException('signing_peer');
+                throw new MissingRpcArgumentException('peer');
            }

            if(!$rpcRequest->containsParameter('signature_uuid'))
            {
                throw new MissingRpcArgumentException('signature_uuid');
            }
-
-            if(!$rpcRequest->containsParameter('signature_key'))
+            elseif(!Validator::validateUuid($rpcRequest->getParameter('signature_uuid')))
            {
-                throw new MissingRpcArgumentException('signature_key');
+                throw new InvalidRpcArgumentException('signature_uuid', 'Invalid UUID V4');
+            }
+
+            if(!$rpcRequest->containsParameter('signature_public_key'))
+            {
+                throw new MissingRpcArgumentException('signature_public_key');
            }

            if(!$rpcRequest->containsParameter('signature'))
@ -44,40 +47,48 @@
                throw new MissingRpcArgumentException('signature');
            }

-            if(!$rpcRequest->containsParameter('message_hash'))
+            if(!$rpcRequest->containsParameter('sha512'))
            {
-                throw new MissingRpcArgumentException('message_hash');
+                throw new MissingRpcArgumentException('sha512');
            }
-
-            if(!$rpcRequest->containsParameter('signature_time'))
+            elseif(!Cryptography::validateSha512($rpcRequest->getParameter('sha512')))
            {
-                throw new MissingRpcArgumentException('signature_time');
+                throw new InvalidRpcArgumentException('sha512', 'Invalid SHA512');
            }

            // Parse the peer address
            try
            {
-                $peerAddress = PeerAddress::fromAddress($rpcRequest->getParameter('signing_peer'));
+                $peerAddress = PeerAddress::fromAddress($rpcRequest->getParameter('peer'));
            }
            catch(InvalidArgumentException $e)
            {
-                throw new InvalidRpcArgumentException('signing_peer', $e);
+                throw new InvalidRpcArgumentException('peer', $e);
            }

-            try
+            if($rpcRequest->containsParameter('signature_time'))
            {
-                return $rpcRequest->produceResponse(Socialbox::verifyPeerSignature(
+                if(!is_numeric($rpcRequest->getParameter('signature_time')))
+                {
+                    throw new InvalidRpcArgumentException('signature_time', 'Invalid timestamp, must be a Unix Timestamp');
+                }
+
+                return $rpcRequest->produceResponse(Socialbox::verifyTimedSignature(
                    signingPeer: $peerAddress,
                    signatureUuid: $rpcRequest->getParameter('signature_uuid'),
-                    signatureKey: $rpcRequest->getParameter('signature_key'),
+                    signatureKey: $rpcRequest->getParameter('signature_public_key'),
                    signature: $rpcRequest->getParameter('signature'),
-                    messageHash: $rpcRequest->getParameter('message_hash'),
-                    signatureTime: $rpcRequest->getParameter('signature_time')
+                    messageHash: $rpcRequest->getParameter('sha512'),
+                    signatureTime: (int)$rpcRequest->getParameter('signature_time')
                )->value);
            }
-            catch (Exception $e)
-            {
-                throw new StandardRpcException('Failed to resolve peer signature', StandardError::INTERNAL_SERVER_ERROR, $e);
-            }
+
+            return $rpcRequest->produceResponse(Socialbox::verifySignature(
+                signingPeer: $peerAddress,
+                signatureUuid: $rpcRequest->getParameter('signature_uuid'),
+                signatureKey: $rpcRequest->getParameter('signature_public_key'),
+                signature: $rpcRequest->getParameter('signature'),
+                messageHash: $rpcRequest->getParameter('sha512'),
+            )->value);
        }
    }