Nosial/socialbox-php
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Made message signing in Cryptography use SHA512 as the message content for... #1

Closed
netkas wants to merge 421 commits from master into dev
pull from: master
merge into: Nosial:dev
Conversation 3 Commits 421 Files changed 226 +209 -76
8 changed files with 209 additions and 76 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit 1d452bc71b - Show all commits

11
src/Socialbox/Classes/CliCommands/InitializeCommand.php
View file

@ -3,7 +3,6 @@
namespace Socialbox\Classes\CliCommands;
use Exception;
use LogLib\Log;
use PDOException;
use Socialbox\Abstracts\CacheLayer;
use Socialbox\Classes\Configuration;
@ -97,22 +96,28 @@ class InitializeCommand implements CliCommandInterface
}
}
if(!Configuration::getInstanceConfiguration()->getPublicKey() || !Configuration::getInstanceConfiguration()->getPrivateKey())
if(
!Configuration::getInstanceConfiguration()->getPublicKey() ||
!Configuration::getInstanceConfiguration()->getPrivateKey() ||
!Configuration::getInstanceConfiguration()->getEncryptionKey()
)
{
try
{
Logger::getLogger()->info('Generating new key pair...');
$keyPair = Cryptography::generateKeyPair();
$encryptionKey = Cryptography::randomBytes(230, 314);
}
catch (CryptographyException $e)
{
Logger::getLogger()->error('Failed to generate keypair', $e);
Logger::getLogger()->error('Failed to generate cryptography values', $e);
return 1;
}
Logger::getLogger()->info('Updating configuration...');
Configuration::getConfigurationLib()->set('instance.private_key', $keyPair->getPrivateKey());
Configuration::getConfigurationLib()->set('instance.public_key', $keyPair->getPublicKey());
Configuration::getConfigurationLib()->set('instance.encryption_key', $encryptionKey);
Configuration::getConfigurationLib()->save();
Logger::getLogger()->info(sprintf('Set the DNS TXT record for the domain %s to the following value:', Configuration::getInstanceConfiguration()->getDomain()));

1
src/Socialbox/Classes/Configuration.php
View file

@ -36,6 +36,7 @@ class Configuration
$config->setDefault('instance.rpc_endpoint', null);
$config->setDefault('instance.private_key', null);
$config->setDefault('instance.public_key', null);
$config->setDefault('instance.encryption_key', null);
// Security Configuration
$config->setDefault('security.display_internal_exceptions', false);

21
src/Socialbox/Classes/Configuration/InstanceConfiguration.php
View file

@ -1,15 +1,15 @@
<?php
namespace Socialbox\Classes\Configuration;
namespace Socialbox\Classes\Configuration;
class InstanceConfiguration
{
class InstanceConfiguration
{
private bool $enabled;
private ?string $domain;
private ?string $rpcEndpoint;
private ?string $privateKey;
private ?string $publicKey;
private ?string $encryptionKey;
/**
* Constructor that initializes object properties with the provided data.
@ -24,6 +24,7 @@ class InstanceConfiguration
$this->rpcEndpoint = $data['rpc_endpoint'];
$this->privateKey = $data['private_key'];
$this->publicKey = $data['public_key'];
$this->encryptionKey = $data['encryption_key'];
}
/**
@ -73,4 +74,14 @@ class InstanceConfiguration
{
return $this->publicKey;
}
}
/**
* Retrieves the encryption key.
*
* @return string|null The encryption key.
*/
public function getEncryptionKey(): ?string
{
return $this->encryptionKey;
}
}

21
src/Socialbox/Classes/Cryptography.php
View file

@ -3,6 +3,7 @@
namespace Socialbox\Classes;
use InvalidArgumentException;
use Random\RandomException;
use Socialbox\Exceptions\CryptographyException;
use Socialbox\Objects\KeyPair;
@ -266,4 +267,24 @@ class Cryptography
return true;
}
/**
* Generates a random sequence of bytes with a length determined between the specified minimum and maximum.
*
* @param int $minLength The minimum length of the generated byte sequence.
* @param int $maxLength The maximum length of the generated byte sequence.
* @return string A hexadecimal string representing the random byte sequence.
* @throws CryptographyException If the random byte generation fails.
*/
public static function randomBytes(int $minLength, int $maxLength): string
{
try
{
return bin2hex(random_bytes(random_int($minLength, $maxLength)));
}
catch(RandomException $e)
{
throw new CryptographyException('Failed to generate random bytes: ' . $e->getMessage());
}
}
}

4
src/Socialbox/Enums/StandardError.php
View file

@ -31,6 +31,7 @@ enum StandardError : int
case PEER_NOT_FOUND = -4000;
case INVALID_USERNAME = -4001;
case USERNAME_ALREADY_EXISTS = -4002;
case NOT_REGISTERED = -4003;
/**
* Returns the default generic message for the error
@ -62,7 +63,8 @@ enum StandardError : int
self::PEER_NOT_FOUND => 'The requested peer was not found',
self::INVALID_USERNAME => 'The given username is invalid, it must be Alphanumeric with a minimum of 3 character but no greater than 255 characters',
self::USERNAME_ALREADY_EXISTS => 'The given username already exists on the network'
self::USERNAME_ALREADY_EXISTS => 'The given username already exists on the network',
self::NOT_REGISTERED => 'The given username is not registered on the server',
};
}

3
src/Socialbox/Enums/StandardMethods.php
View file

@ -3,6 +3,7 @@
namespace Socialbox\Enums;
use Socialbox\Classes\StandardMethods\CreateSession;
use Socialbox\Classes\StandardMethods\Identify;
use Socialbox\Classes\StandardMethods\VerificationAnswerImageCaptcha;
use Socialbox\Classes\StandardMethods\VerificationGetImageCaptcha;
use Socialbox\Classes\StandardMethods\GetMe;
@ -18,6 +19,7 @@ enum StandardMethods : string
case PING = 'ping';
case CREATE_SESSION = 'createSession';
case REGISTER = 'register';
case IDENTIFY = 'identify';
case GET_ME = 'getMe';
case VERIFICATION_GET_IMAGE_CAPTCHA = 'verificationGetImageCaptcha';
case VERIFICATION_ANSWER_IMAGE_CAPTCHA = 'verificationAnswerImageCaptcha';
@ -35,6 +37,7 @@ enum StandardMethods : string
self::PING => Ping::execute($request, $rpcRequest),
self::CREATE_SESSION => CreateSession::execute($request, $rpcRequest),
self::REGISTER => Register::execute($request, $rpcRequest),
self::IDENTIFY => Identify::execute($request, $rpcRequest),
self::GET_ME => GetMe::execute($request, $rpcRequest),
self::VERIFICATION_GET_IMAGE_CAPTCHA => VerificationGetImageCaptcha::execute($request, $rpcRequest),
self::VERIFICATION_ANSWER_IMAGE_CAPTCHA => VerificationAnswerImageCaptcha::execute($request, $rpcRequest),

95
src/Socialbox/Managers/SessionManager.php
View file

@ -10,6 +10,7 @@
use Socialbox\Classes\Cryptography;
use Socialbox\Classes\Database;
use Socialbox\Classes\Logger;
use Socialbox\Classes\Utilities;
use Socialbox\Enums\SessionState;
use Socialbox\Enums\StandardError;
use Socialbox\Exceptions\DatabaseOperationException;
@ -224,4 +225,98 @@
throw new DatabaseOperationException('Failed to update session state', $e);
}
}
/**
* Retrieves the flags associated with a specific session.
*
* @param string $uuid The UUID of the session to retrieve flags for.
* @return array An array of flags associated with the specified session.
* @throws StandardException If the specified session does not exist.
* @throws DatabaseOperationException If there
*/
private static function getFlags(string $uuid): array
{
Logger::getLogger()->verbose(sprintf("Retrieving flags for session %s", $uuid));
try
{
$statement = Database::getConnection()->prepare("SELECT flags FROM sessions WHERE uuid=?");
$statement->bindParam(1, $uuid);
$statement->execute();
$data = $statement->fetch(PDO::FETCH_ASSOC);
if ($data === false)
{
throw new StandardException(sprintf("The requested session '%s' does not exist", $uuid), StandardError::SESSION_NOT_FOUND);
}
return Utilities::unserializeList($data['flags']);
}
catch (PDOException $e)
{
throw new DatabaseOperationException(sprintf('Failed to retrieve flags for session %s', $uuid), $e);
}
}
/**
* Adds the specified flags to the session identified by the given UUID.
*
* @param string $uuid The unique identifier of the session to which the flags will be added.
* @param array $flags The flags to add to the session.
* @return void
* @throws DatabaseOperationException|StandardException If there is an error while updating the session in the database.
*/
public static function addFlags(string $uuid, array $flags): void
{
Logger::getLogger()->verbose(sprintf("Adding flags to session %s", $uuid));
// First get the existing flags
$existingFlags = self::getFlags($uuid);
// Merge the new flags with the existing ones
$flags = array_unique(array_merge($existingFlags, $flags));
try
{
$statement = Database::getConnection()->prepare("UPDATE sessions SET flags=? WHERE uuid=?");
$statement->bindValue(1, Utilities::serializeList($flags));
$statement->bindParam(2, $uuid);
$statement->execute();
}
catch (PDOException $e)
{
throw new DatabaseOperationException('Failed to add flags to session', $e);
}
}
/**
* Removes specified flags from the session associated with the given UUID.
*
* @param string $uuid The UUID of the session from which the flags will be removed.
* @param array $flags An array of flags to be removed from the session.
* @return void
* @throws DatabaseOperationException|StandardException If there is an error while updating the session in the database.
*/
public static function removeFlags(string $uuid, array $flags): void
{
Logger::getLogger()->verbose(sprintf("Removing flags from session %s", $uuid));
// First get the existing flags
$existingFlags = self::getFlags($uuid);
// Remove the specified flags
$flags = array_diff($existingFlags, $flags);
try
{
$statement = Database::getConnection()->prepare("UPDATE sessions SET flags=? WHERE uuid=?");
$statement->bindValue(1, Utilities::serializeList($flags));
$statement->bindParam(2, $uuid);
$statement->execute();
}
catch (PDOException $e)
{
throw new DatabaseOperationException('Failed to remove flags from session', $e);
}
}
}

5
src/Socialbox/Objects/Database/SessionRecord.php
View file

@ -85,11 +85,6 @@
return false;
}
if(in_array(SessionFlags::AUTHENTICATED, $this->flags))
{
return true;
}
return $this->authenticated;
}