From 8bd97aaaa0a89a90f08f4fa5aec578259c663db9 Mon Sep 17 00:00:00 2001
From: Matthew Chen <matthew@signal.org>
Date: Thu, 11 Oct 2018 08:55:37 -0400
Subject: [PATCH] Respond to CR.

---
 SignalServiceKit/src/Messages/UD/OWSUDManager.swift   | 11 ++---------
 .../tests/Messages/OWSUDManagerTest.swift             |  6 ++----
 2 files changed, 4 insertions(+), 13 deletions(-)

diff --git a/SignalServiceKit/src/Messages/UD/OWSUDManager.swift b/SignalServiceKit/src/Messages/UD/OWSUDManager.swift
index ee9c43b9b..d2374ea2f 100644
--- a/SignalServiceKit/src/Messages/UD/OWSUDManager.swift
+++ b/SignalServiceKit/src/Messages/UD/OWSUDManager.swift
@@ -60,8 +60,6 @@ public class OWSUDManagerImpl: NSObject, OWSUDManager {
 
     private let dbConnection: YapDatabaseConnection
 
-    var certificateValidator: SMKCertificateValidator?
-
     // MARK: Local Configuration State
     private let kUDCollection = "kUDCollection"
     private let kUDCurrentSenderCertificateKey = "kUDCurrentSenderCertificateKey"
@@ -76,8 +74,6 @@ public class OWSUDManagerImpl: NSObject, OWSUDManager {
 
         super.init()
 
-        self.certificateValidator = SMKCertificateDefaultValidator(trustRoot: trustRoot())
-
         SwiftSingletons.register(self)
     }
 
@@ -268,11 +264,6 @@ public class OWSUDManagerImpl: NSObject, OWSUDManager {
     }
 
     private func isValidCertificate(_ certificate: SMKSenderCertificate) -> Bool {
-        guard let certificateValidator = self.certificateValidator else {
-            owsFail("Missing certificateValidator.")
-            return false
-        }
-
         // Ensure that the certificate will not expire in the next hour.
         // We want a threshold long enough to ensure that any outgoing message
         // sends will complete before the expiration.
@@ -280,6 +271,8 @@ public class OWSUDManagerImpl: NSObject, OWSUDManager {
         let anHourFromNowMs = nowMs + kHourInMs
 
         do {
+            let certificateValidator = SMKCertificateDefaultValidator(trustRoot: trustRoot())
+
             try certificateValidator.validate(senderCertificate: certificate, validationTime: anHourFromNowMs)
             return true
         } catch {
diff --git a/SignalServiceKit/tests/Messages/OWSUDManagerTest.swift b/SignalServiceKit/tests/Messages/OWSUDManagerTest.swift
index 75abb39b0..9250b1602 100644
--- a/SignalServiceKit/tests/Messages/OWSUDManagerTest.swift
+++ b/SignalServiceKit/tests/Messages/OWSUDManagerTest.swift
@@ -38,15 +38,13 @@ class OWSUDManagerTest: SSKBaseTestSwift {
 
         let serverCertificate = SMKServerCertificate(keyId: 1,
                                                      key: try! ECPublicKey(keyData: Randomness.generateRandomBytes(ECCKeyLength)),
-                                                     // TODO: What's the right length?
-            signatureData: Randomness.generateRandomBytes(ECCSignatureLength))
+                                                     signatureData: Randomness.generateRandomBytes(ECCSignatureLength))
         let senderCertificate = SMKSenderCertificate(signer: serverCertificate,
                                                      key: try! ECPublicKey(keyData: Randomness.generateRandomBytes(ECCKeyLength)),
                                                      senderDeviceId: 1,
                                                      senderRecipientId: aliceRecipientId,
                                                      expirationTimestamp: NSDate.ows_millisecondTimeStamp() + kWeekInMs,
-                                                     // TODO: What's the right length?
-            signatureData: Randomness.generateRandomBytes(ECCSignatureLength))
+                                                     signatureData: Randomness.generateRandomBytes(ECCSignatureLength))
 
         udManager.setSenderCertificate(try! senderCertificate.serialized())
     }