Clean up ahead of PR.
This commit is contained in:
parent
460f7344ad
commit
f2fdb96931
|
@ -8,8 +8,6 @@ NS_ASSUME_NONNULL_BEGIN
|
|||
|
||||
+ (nullable CDSSigningCertificate *)parseCertificateFromPem:(NSString *)certificatePem;
|
||||
|
||||
//- (BOOL)isDebugQuote;
|
||||
|
||||
- (BOOL)verifySignatureOfBody:(NSString *)body signature:(NSData *)theirSignature;
|
||||
|
||||
@end
|
||||
|
|
|
@ -136,7 +136,8 @@ NS_ASSUME_NONNULL_BEGIN
|
|||
return nil;
|
||||
}
|
||||
|
||||
// TODO:
|
||||
// `kSecTrustResultUnspecified` is confusingly named. It indicates success.
|
||||
// See the comments in the header where it is defined.
|
||||
BOOL isValid = (result == kSecTrustResultUnspecified || result == kSecTrustResultProceed);
|
||||
if (!isValid) {
|
||||
DDLogError(@"%@ Certificate evaluation failed.", self.logTag);
|
||||
|
|
|
@ -385,11 +385,10 @@ NS_ASSUME_NONNULL_BEGIN
|
|||
return nil;
|
||||
}
|
||||
|
||||
if (![self verifyIasSignature:nil
|
||||
certificates:certificates
|
||||
signatureBody:signatureBody
|
||||
signature:signature
|
||||
quote:quote]) {
|
||||
if (![self verifyIasSignatureWithCertificates:certificates
|
||||
signatureBody:signatureBody
|
||||
signature:signature
|
||||
quote:quote]) {
|
||||
OWSProdLogAndFail(@"%@ couldn't verify ias signature.", self.logTag);
|
||||
return nil;
|
||||
}
|
||||
|
@ -425,13 +424,11 @@ NS_ASSUME_NONNULL_BEGIN
|
|||
return result;
|
||||
}
|
||||
|
||||
- (BOOL)verifyIasSignature:(nullable id)trustStore
|
||||
certificates:(NSString *)certificates
|
||||
signatureBody:(NSString *)signatureBody
|
||||
signature:(NSData *)signature
|
||||
quote:(CDSQuote *)quote
|
||||
- (BOOL)verifyIasSignatureWithCertificates:(NSString *)certificates
|
||||
signatureBody:(NSString *)signatureBody
|
||||
signature:(NSData *)signature
|
||||
quote:(CDSQuote *)quote
|
||||
{
|
||||
// OWSAssert(trustStore);
|
||||
OWSAssert(certificates.length > 0);
|
||||
OWSAssert(signatureBody.length > 0);
|
||||
OWSAssert(signature.length > 0);
|
||||
|
|
|
@ -116,31 +116,17 @@ typedef void (^failureBlock)(NSURLSessionDataTask *task, NSError *error);
|
|||
} else {
|
||||
if ([request isKindOfClass:[CDSAttestationRequest class]]) {
|
||||
CDSAttestationRequest *attestationRequest = (CDSAttestationRequest *)request;
|
||||
// [sessionManager.requestSerializer
|
||||
// setAuthorizationHeaderFieldWithUsername:attestationRequest.username
|
||||
// password:attestationRequest.password];
|
||||
DDLogVerbose(@"%@ auth %@", self.logTag, attestationRequest.authToken);
|
||||
|
||||
NSData *basicAuthCredentials = [attestationRequest.authToken dataUsingEncoding:NSUTF8StringEncoding];
|
||||
NSString *base64AuthCredentials =
|
||||
[basicAuthCredentials base64EncodedStringWithOptions:(NSDataBase64EncodingOptions)0];
|
||||
[sessionManager.requestSerializer setValue:[NSString stringWithFormat:@"Basic %@", base64AuthCredentials]
|
||||
forHTTPHeaderField:@"Authorization"];
|
||||
// [sessionManager.requestSerializer setValue:[NSString stringWithFormat:@"Basic %@",
|
||||
// attestationRequest.authToken] forHTTPHeaderField:@"Authorization"];
|
||||
DDLogVerbose(@"%@ attestationRequest.authToken %@", self.logTag, attestationRequest.authToken);
|
||||
} else if (request.shouldHaveAuthorizationHeaders) {
|
||||
[sessionManager.requestSerializer
|
||||
setAuthorizationHeaderFieldWithUsername:[TSAccountManager localNumber]
|
||||
password:[TSAccountManager serverAuthToken]];
|
||||
DDLogVerbose(
|
||||
@"%@ auth %@, %@", self.logTag, [TSAccountManager localNumber], [TSAccountManager serverAuthToken]);
|
||||
}
|
||||
|
||||
DDLogVerbose(@"%@ request.URL %@ %@", self.logTag, request.HTTPMethod, request.URL);
|
||||
DDLogVerbose(@"%@ request.parameters %@", self.logTag, request.parameters);
|
||||
[DDLog flushLog];
|
||||
|
||||
if ([request.HTTPMethod isEqualToString:@"GET"]) {
|
||||
[sessionManager GET:request.URL.absoluteString
|
||||
parameters:request.parameters
|
||||
|
|
Loading…
Reference in New Issue