Nosial/socialbox-php
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Enhance validation in EncryptionAcceptChannel and SocialClient for UUIDs and public encryption keys

Browse source 
https://github.com/nosial/Socialbox-PHP/issues/14
This commit is contained in:
netkas 2025-03-07 14:54:22 -05:00
parent 43b62ee1c9
commit ba99c62e6a
2 changed files with 15 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
src/Socialbox/Classes/StandardMethods/EncryptionChannel/EncryptionAcceptChannel.php
View file

@ -4,14 +4,11 @@
use Exception;
use Socialbox\Abstracts\Method;
use Socialbox\Classes\Cryptography;
use Socialbox\Classes\Logger;
use Socialbox\Classes\Validator;
use Socialbox\Enums\StandardError;
use Socialbox\Enums\Status\EncryptionChannelStatus;
use Socialbox\Exceptions\DatabaseOperationException;
use Socialbox\Exceptions\RpcException;
use Socialbox\Exceptions\Standard\InvalidRpcArgumentException;
use Socialbox\Exceptions\Standard\MissingRpcArgumentException;
use Socialbox\Exceptions\Standard\StandardRpcException;
use Socialbox\Interfaces\SerializableInterface;
@ -55,19 +52,11 @@
{
throw new MissingRpcArgumentException('channel_uuid');
}
elseif(!Validator::validateUuid($rpcRequest->getParameter('channel_uuid')))
{
throw new InvalidRpcArgumentException('channel_uuid', 'The given channel uuid is not a valid UUID V4');
}
if(!$rpcRequest->containsParameter('public_encryption_key'))
{
throw new MissingRpcArgumentException('public_encryption_key');
}
elseif(!Cryptography::validatePublicEncryptionKey('public_encryption_key'))
{
throw new InvalidRpcArgumentException('public_encryption_key', 'The given public encryption key is invalid');
}
try
{
@ -155,19 +144,11 @@
{
throw new MissingRpcArgumentException('channel_uuid');
}
elseif(!Validator::validateUuid($rpcRequest->getParameter('channel_uuid')))
{
throw new InvalidRpcArgumentException('channel_uuid', 'The given channel uuid is not a valid UUID V4');
}
if(!$rpcRequest->containsParameter('public_encryption_key'))
{
throw new MissingRpcArgumentException('public_encryption_key');
}
elseif(!Cryptography::validatePublicEncryptionKey('public_encryption_key'))
{
throw new InvalidRpcArgumentException('public_encryption_key', 'The given public encryption key is invalid');
}
try
{

15
src/Socialbox/SocialClient.php
View file

@ -7,6 +7,7 @@
use InvalidArgumentException;
use Socialbox\Classes\Cryptography;
use Socialbox\Classes\RpcClient;
use Socialbox\Classes\Validator;
use Socialbox\Enums\PrivacyState;
use Socialbox\Enums\StandardMethods;
use Socialbox\Enums\Status\SignatureVerificationStatus;
@ -537,6 +538,20 @@
{
$identifiedAs = $identifiedAs->getAddress();
}
elseif(is_string($identifiedAs) && !Validator::validatePeerAddress($identifiedAs))
{
throw new InvalidArgumentException('Invalid Peer Address');
}
if(!Validator::validateUuid($channelUuid))
{
throw new InvalidArgumentException('Invalid Channel UUID V4');
}
if(!Cryptography::validatePublicEncryptionKey($publicEncryptionKey))
{
throw new InvalidArgumentException('Invalid Public Encryption Key');
}
return $this->sendRequest(
new RpcRequest(StandardMethods::ENCRYPTION_ACCEPT_CHANNEL, parameters: [