From f2fdb9693128466ec6a9a6ee8748c23e3e00ca7d Mon Sep 17 00:00:00 2001
From: Matthew Chen <matthew@signal.org>
Date: Thu, 19 Jul 2018 11:59:39 -0400
Subject: [PATCH] Clean up ahead of PR.

---
 .../src/Contacts/CDSSigningCertificate.h      |  2 --
 .../src/Contacts/CDSSigningCertificate.m      |  3 ++-
 .../src/Contacts/ContactDiscoveryService.m    | 19 ++++++++-----------
 .../src/Network/API/TSNetworkManager.m        | 14 --------------
 4 files changed, 10 insertions(+), 28 deletions(-)

diff --git a/SignalServiceKit/src/Contacts/CDSSigningCertificate.h b/SignalServiceKit/src/Contacts/CDSSigningCertificate.h
index 8a43b3f37..37067cb33 100644
--- a/SignalServiceKit/src/Contacts/CDSSigningCertificate.h
+++ b/SignalServiceKit/src/Contacts/CDSSigningCertificate.h
@@ -8,8 +8,6 @@ NS_ASSUME_NONNULL_BEGIN
 
 + (nullable CDSSigningCertificate *)parseCertificateFromPem:(NSString *)certificatePem;
 
-//- (BOOL)isDebugQuote;
-
 - (BOOL)verifySignatureOfBody:(NSString *)body signature:(NSData *)theirSignature;
 
 @end
diff --git a/SignalServiceKit/src/Contacts/CDSSigningCertificate.m b/SignalServiceKit/src/Contacts/CDSSigningCertificate.m
index 0ae874ec3..c975378ef 100644
--- a/SignalServiceKit/src/Contacts/CDSSigningCertificate.m
+++ b/SignalServiceKit/src/Contacts/CDSSigningCertificate.m
@@ -136,7 +136,8 @@ NS_ASSUME_NONNULL_BEGIN
         return nil;
     }
 
-    // TODO:
+    // `kSecTrustResultUnspecified` is confusingly named.  It indicates success.
+    // See the comments in the header where it is defined.
     BOOL isValid = (result == kSecTrustResultUnspecified || result == kSecTrustResultProceed);
     if (!isValid) {
         DDLogError(@"%@ Certificate evaluation failed.", self.logTag);
diff --git a/SignalServiceKit/src/Contacts/ContactDiscoveryService.m b/SignalServiceKit/src/Contacts/ContactDiscoveryService.m
index f0aa6d059..c0ad3f105 100644
--- a/SignalServiceKit/src/Contacts/ContactDiscoveryService.m
+++ b/SignalServiceKit/src/Contacts/ContactDiscoveryService.m
@@ -385,11 +385,10 @@ NS_ASSUME_NONNULL_BEGIN
         return nil;
     }
 
-    if (![self verifyIasSignature:nil
-                     certificates:certificates
-                    signatureBody:signatureBody
-                        signature:signature
-                            quote:quote]) {
+    if (![self verifyIasSignatureWithCertificates:certificates
+                                    signatureBody:signatureBody
+                                        signature:signature
+                                            quote:quote]) {
         OWSProdLogAndFail(@"%@ couldn't verify ias signature.", self.logTag);
         return nil;
     }
@@ -425,13 +424,11 @@ NS_ASSUME_NONNULL_BEGIN
     return result;
 }
 
-- (BOOL)verifyIasSignature:(nullable id)trustStore
-              certificates:(NSString *)certificates
-             signatureBody:(NSString *)signatureBody
-                 signature:(NSData *)signature
-                     quote:(CDSQuote *)quote
+- (BOOL)verifyIasSignatureWithCertificates:(NSString *)certificates
+                             signatureBody:(NSString *)signatureBody
+                                 signature:(NSData *)signature
+                                     quote:(CDSQuote *)quote
 {
-    //    OWSAssert(trustStore);
     OWSAssert(certificates.length > 0);
     OWSAssert(signatureBody.length > 0);
     OWSAssert(signature.length > 0);
diff --git a/SignalServiceKit/src/Network/API/TSNetworkManager.m b/SignalServiceKit/src/Network/API/TSNetworkManager.m
index 84d13dcba..e73e77217 100644
--- a/SignalServiceKit/src/Network/API/TSNetworkManager.m
+++ b/SignalServiceKit/src/Network/API/TSNetworkManager.m
@@ -116,31 +116,17 @@ typedef void (^failureBlock)(NSURLSessionDataTask *task, NSError *error);
     } else {
         if ([request isKindOfClass:[CDSAttestationRequest class]]) {
             CDSAttestationRequest *attestationRequest = (CDSAttestationRequest *)request;
-            //            [sessionManager.requestSerializer
-            //             setAuthorizationHeaderFieldWithUsername:attestationRequest.username
-            //             password:attestationRequest.password];
-            DDLogVerbose(@"%@ auth %@", self.logTag, attestationRequest.authToken);
-
             NSData *basicAuthCredentials = [attestationRequest.authToken dataUsingEncoding:NSUTF8StringEncoding];
             NSString *base64AuthCredentials =
                 [basicAuthCredentials base64EncodedStringWithOptions:(NSDataBase64EncodingOptions)0];
             [sessionManager.requestSerializer setValue:[NSString stringWithFormat:@"Basic %@", base64AuthCredentials]
                                     forHTTPHeaderField:@"Authorization"];
-            //            [sessionManager.requestSerializer setValue:[NSString stringWithFormat:@"Basic %@",
-            //            attestationRequest.authToken] forHTTPHeaderField:@"Authorization"];
-            DDLogVerbose(@"%@ attestationRequest.authToken %@", self.logTag, attestationRequest.authToken);
         } else if (request.shouldHaveAuthorizationHeaders) {
             [sessionManager.requestSerializer
                 setAuthorizationHeaderFieldWithUsername:[TSAccountManager localNumber]
                                                password:[TSAccountManager serverAuthToken]];
-            DDLogVerbose(
-                @"%@ auth %@, %@", self.logTag, [TSAccountManager localNumber], [TSAccountManager serverAuthToken]);
         }
 
-        DDLogVerbose(@"%@ request.URL %@ %@", self.logTag, request.HTTPMethod, request.URL);
-        DDLogVerbose(@"%@ request.parameters %@", self.logTag, request.parameters);
-        [DDLog flushLog];
-
         if ([request.HTTPMethod isEqualToString:@"GET"]) {
             [sessionManager GET:request.URL.absoluteString
                      parameters:request.parameters