Respond to CR.

7 years ago · 8bd97aaaa0
parent 03f23b5f79
commit 8bd97aaaa0
2 changed files with 4 additions and 13 deletions
--- a/SignalServiceKit/src/Messages/UD/OWSUDManager.swift
+++ b/SignalServiceKit/src/Messages/UD/OWSUDManager.swift
@ -60,8 +60,6 @@ public class OWSUDManagerImpl: NSObject, OWSUDManager {

    private let dbConnection: YapDatabaseConnection

-    var certificateValidator: SMKCertificateValidator?
-
    // MARK: Local Configuration State
    private let kUDCollection = "kUDCollection"
    private let kUDCurrentSenderCertificateKey = "kUDCurrentSenderCertificateKey"
@ -76,8 +74,6 @@ public class OWSUDManagerImpl: NSObject, OWSUDManager {

        super.init()

-        self.certificateValidator = SMKCertificateDefaultValidator(trustRoot: trustRoot())
-
        SwiftSingletons.register(self)
    }

@ -268,11 +264,6 @@ public class OWSUDManagerImpl: NSObject, OWSUDManager {
    }

    private func isValidCertificate(_ certificate: SMKSenderCertificate) -> Bool {
-        guard let certificateValidator = self.certificateValidator else {
-            owsFail("Missing certificateValidator.")
-            return false
-        }
-
        // Ensure that the certificate will not expire in the next hour.
        // We want a threshold long enough to ensure that any outgoing message
        // sends will complete before the expiration.
@ -280,6 +271,8 @@ public class OWSUDManagerImpl: NSObject, OWSUDManager {
        let anHourFromNowMs = nowMs + kHourInMs

        do {
+            let certificateValidator = SMKCertificateDefaultValidator(trustRoot: trustRoot())
+
            try certificateValidator.validate(senderCertificate: certificate, validationTime: anHourFromNowMs)
            return true
        } catch {
--- a/SignalServiceKit/tests/Messages/OWSUDManagerTest.swift
+++ b/SignalServiceKit/tests/Messages/OWSUDManagerTest.swift
@ -38,15 +38,13 @@ class OWSUDManagerTest: SSKBaseTestSwift {

        let serverCertificate = SMKServerCertificate(keyId: 1,
                                                     key: try! ECPublicKey(keyData: Randomness.generateRandomBytes(ECCKeyLength)),
-                                                     // TODO: What's the right length?
-            signatureData: Randomness.generateRandomBytes(ECCSignatureLength))
+                                                     signatureData: Randomness.generateRandomBytes(ECCSignatureLength))
        let senderCertificate = SMKSenderCertificate(signer: serverCertificate,
                                                     key: try! ECPublicKey(keyData: Randomness.generateRandomBytes(ECCKeyLength)),
                                                     senderDeviceId: 1,
                                                     senderRecipientId: aliceRecipientId,
                                                     expirationTimestamp: NSDate.ows_millisecondTimeStamp() + kWeekInMs,
-                                                     // TODO: What's the right length?
-            signatureData: Randomness.generateRandomBytes(ECCSignatureLength))
+                                                     signatureData: Randomness.generateRandomBytes(ECCSignatureLength))

        udManager.setSenderCertificate(try! senderCertificate.serialized())
    }