From c118435dd8fd1e91db4f8aac036cfea98833949c Mon Sep 17 00:00:00 2001 From: Phillip Tennen Date: Tue, 21 Nov 2017 12:59:54 -0500 Subject: [PATCH 1/3] rename assert.* to tsk_assert.* to avoid import collision --- TrustKit.xcodeproj/project.pbxproj | 44 +++++++++---------- .../domain_registry/private/registry_search.c | 2 +- .../domain_registry/private/string_util.h | 2 +- .../domain_registry/private/trie_search.c | 2 +- .../private/{assert.c => tsk_assert.c} | 2 +- .../private/{assert.h => tsk_assert.h} | 0 6 files changed, 26 insertions(+), 26 deletions(-) rename TrustKit/Dependencies/domain_registry/private/{assert.c => tsk_assert.c} (98%) rename TrustKit/Dependencies/domain_registry/private/{assert.h => tsk_assert.h} (100%) diff --git a/TrustKit.xcodeproj/project.pbxproj b/TrustKit.xcodeproj/project.pbxproj index 2a6989dd..c3a23dd2 100644 --- a/TrustKit.xcodeproj/project.pbxproj +++ b/TrustKit.xcodeproj/project.pbxproj @@ -9,7 +9,7 @@ /* Begin PBXBuildFile section */ 075AA1091AC985FD00178223 /* TSKPinningValidatorTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 2FA2868CAFECA46ADE0B6E3E /* TSKPinningValidatorTests.m */; }; 0DB3B67C1DA3B24100DA730D /* init_registry_tables.c in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CCC11D6E5D5A009B3E7D /* init_registry_tables.c */; }; - 0DB3B67D1DA3B26700DA730D /* assert.c in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CCBF1D6E5D5A009B3E7D /* assert.c */; }; + 0DB3B67D1DA3B26700DA730D /* tsk_assert.c in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CCBF1D6E5D5A009B3E7D /* tsk_assert.c */; }; 0DB3B67E1DA3B26700DA730D /* registry_search.c in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CCC31D6E5D5A009B3E7D /* registry_search.c */; }; 0DB3B67F1DA3B26700DA730D /* trie_search.c in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CCC91D6E5D5A009B3E7D /* trie_search.c */; }; 0E64A7601B867BA000CA164A /* TSKReportsRateLimiter.m in Sources */ = {isa = PBXBuildFile; fileRef = 8C9EBE011B619BBE00CA7EE0 /* TSKReportsRateLimiter.m */; }; @@ -87,12 +87,12 @@ 8C84CC0D1D6E3C67009B3E7D /* vendor_identifier.m in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CC081D6E3C67009B3E7D /* vendor_identifier.m */; }; 8C84CC0E1D6E3C67009B3E7D /* vendor_identifier.m in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CC081D6E3C67009B3E7D /* vendor_identifier.m */; }; 8C84CC0F1D6E3C67009B3E7D /* vendor_identifier.m in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CC081D6E3C67009B3E7D /* vendor_identifier.m */; }; - 8C84CCCB1D6E5D5A009B3E7D /* assert.c in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CCBF1D6E5D5A009B3E7D /* assert.c */; }; - 8C84CCCC1D6E5D5A009B3E7D /* assert.c in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CCBF1D6E5D5A009B3E7D /* assert.c */; }; - 8C84CCCD1D6E5D5A009B3E7D /* assert.c in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CCBF1D6E5D5A009B3E7D /* assert.c */; }; - 8C84CCCE1D6E5D5A009B3E7D /* assert.h in Headers */ = {isa = PBXBuildFile; fileRef = 8C84CCC01D6E5D5A009B3E7D /* assert.h */; }; - 8C84CCCF1D6E5D5A009B3E7D /* assert.h in Headers */ = {isa = PBXBuildFile; fileRef = 8C84CCC01D6E5D5A009B3E7D /* assert.h */; }; - 8C84CCD01D6E5D5A009B3E7D /* assert.h in Headers */ = {isa = PBXBuildFile; fileRef = 8C84CCC01D6E5D5A009B3E7D /* assert.h */; }; + 8C84CCCB1D6E5D5A009B3E7D /* tsk_assert.c in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CCBF1D6E5D5A009B3E7D /* tsk_assert.c */; }; + 8C84CCCC1D6E5D5A009B3E7D /* tsk_assert.c in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CCBF1D6E5D5A009B3E7D /* tsk_assert.c */; }; + 8C84CCCD1D6E5D5A009B3E7D /* tsk_assert.c in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CCBF1D6E5D5A009B3E7D /* tsk_assert.c */; }; + 8C84CCCE1D6E5D5A009B3E7D /* tsk_assert.h in Headers */ = {isa = PBXBuildFile; fileRef = 8C84CCC01D6E5D5A009B3E7D /* tsk_assert.h */; }; + 8C84CCCF1D6E5D5A009B3E7D /* tsk_assert.h in Headers */ = {isa = PBXBuildFile; fileRef = 8C84CCC01D6E5D5A009B3E7D /* tsk_assert.h */; }; + 8C84CCD01D6E5D5A009B3E7D /* tsk_assert.h in Headers */ = {isa = PBXBuildFile; fileRef = 8C84CCC01D6E5D5A009B3E7D /* tsk_assert.h */; }; 8C84CCD11D6E5D5A009B3E7D /* init_registry_tables.c in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CCC11D6E5D5A009B3E7D /* init_registry_tables.c */; }; 8C84CCD21D6E5D5A009B3E7D /* init_registry_tables.c in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CCC11D6E5D5A009B3E7D /* init_registry_tables.c */; }; 8C84CCD31D6E5D5A009B3E7D /* init_registry_tables.c in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CCC11D6E5D5A009B3E7D /* init_registry_tables.c */; }; @@ -182,7 +182,7 @@ 8CC5D22A1D6E64D10074F515 /* TSKBackgroundReporter.m in Sources */ = {isa = PBXBuildFile; fileRef = 6B2B06AE1B05157400FC749E /* TSKBackgroundReporter.m */; }; 8CC5D22B1D6E64D10074F515 /* TSKNSURLSessionDelegateProxy.m in Sources */ = {isa = PBXBuildFile; fileRef = 8CD5F7481BCB535E005801D8 /* TSKNSURLSessionDelegateProxy.m */; }; 8CC5D22D1D6E64D10074F515 /* registry_search.c in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CCC31D6E5D5A009B3E7D /* registry_search.c */; }; - 8CC5D22E1D6E64D10074F515 /* assert.c in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CCBF1D6E5D5A009B3E7D /* assert.c */; }; + 8CC5D22E1D6E64D10074F515 /* tsk_assert.c in Sources */ = {isa = PBXBuildFile; fileRef = 8C84CCBF1D6E5D5A009B3E7D /* tsk_assert.c */; }; 8CC5D22F1D6E64D10074F515 /* TSKPinFailureReport.m in Sources */ = {isa = PBXBuildFile; fileRef = 8C15F99F1B16094D00F06C0E /* TSKPinFailureReport.m */; }; 8CC5D2311D6E64D10074F515 /* TSKNSURLConnectionDelegateProxy.m in Sources */ = {isa = PBXBuildFile; fileRef = 8CD5F7301BC5ED4A005801D8 /* TSKNSURLConnectionDelegateProxy.m */; }; 8CC5D2321D6E64D10074F515 /* TrustKit.m in Sources */ = {isa = PBXBuildFile; fileRef = 8C84806C1A896F660017C155 /* TrustKit.m */; }; @@ -192,7 +192,7 @@ 8CC5D2381D6E64D10074F515 /* domain_registry.h in Headers */ = {isa = PBXBuildFile; fileRef = 8CE919291AEA0F7E002B29AE /* domain_registry.h */; }; 8CC5D23A1D6E64D10074F515 /* TSKNSURLSessionDelegateProxy.h in Headers */ = {isa = PBXBuildFile; fileRef = 8CD5F7471BCB535E005801D8 /* TSKNSURLSessionDelegateProxy.h */; }; 8CC5D23C1D6E64D10074F515 /* registry_tables.h in Headers */ = {isa = PBXBuildFile; fileRef = 8C84CCF01D6E5DE9009B3E7D /* registry_tables.h */; }; - 8CC5D23D1D6E64D10074F515 /* assert.h in Headers */ = {isa = PBXBuildFile; fileRef = 8C84CCC01D6E5D5A009B3E7D /* assert.h */; }; + 8CC5D23D1D6E64D10074F515 /* tsk_assert.h in Headers */ = {isa = PBXBuildFile; fileRef = 8C84CCC01D6E5D5A009B3E7D /* tsk_assert.h */; }; 8CC5D23E1D6E64D10074F515 /* TSKBackgroundReporter.h in Headers */ = {isa = PBXBuildFile; fileRef = 6B2B06AC1B05154A00FC749E /* TSKBackgroundReporter.h */; }; 8CC5D23F1D6E64D10074F515 /* trie_node.h in Headers */ = {isa = PBXBuildFile; fileRef = 8C84CCC71D6E5D5A009B3E7D /* trie_node.h */; }; 8CC5D2401D6E64D10074F515 /* string_util.h in Headers */ = {isa = PBXBuildFile; fileRef = 8C84CCC61D6E5D5A009B3E7D /* string_util.h */; }; @@ -376,8 +376,8 @@ 8C84CBDD1D6E1718009B3E7D /* TrustKit tvOS Tests.xctest */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; includeInIndex = 0; path = "TrustKit tvOS Tests.xctest"; sourceTree = BUILT_PRODUCTS_DIR; }; 8C84CC071D6E3C67009B3E7D /* vendor_identifier.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = vendor_identifier.h; path = Reporting/vendor_identifier.h; sourceTree = ""; }; 8C84CC081D6E3C67009B3E7D /* vendor_identifier.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = vendor_identifier.m; path = Reporting/vendor_identifier.m; sourceTree = ""; }; - 8C84CCBF1D6E5D5A009B3E7D /* assert.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = assert.c; path = Dependencies/domain_registry/private/assert.c; sourceTree = ""; }; - 8C84CCC01D6E5D5A009B3E7D /* assert.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = assert.h; path = Dependencies/domain_registry/private/assert.h; sourceTree = ""; }; + 8C84CCBF1D6E5D5A009B3E7D /* tsk_assert.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = tsk_assert.c; path = Dependencies/domain_registry/private/tsk_assert.c; sourceTree = ""; }; + 8C84CCC01D6E5D5A009B3E7D /* tsk_assert.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = tsk_assert.h; path = Dependencies/domain_registry/private/tsk_assert.h; sourceTree = ""; }; 8C84CCC11D6E5D5A009B3E7D /* init_registry_tables.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = init_registry_tables.c; path = Dependencies/domain_registry/private/init_registry_tables.c; sourceTree = ""; }; 8C84CCC31D6E5D5A009B3E7D /* registry_search.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = registry_search.c; path = Dependencies/domain_registry/private/registry_search.c; sourceTree = ""; }; 8C84CCC41D6E5D5A009B3E7D /* registry_types.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = registry_types.h; path = Dependencies/domain_registry/private/registry_types.h; sourceTree = ""; }; @@ -645,8 +645,8 @@ 8C84CCBE1D6E5D45009B3E7D /* private */ = { isa = PBXGroup; children = ( - 8C84CCBF1D6E5D5A009B3E7D /* assert.c */, - 8C84CCC01D6E5D5A009B3E7D /* assert.h */, + 8C84CCBF1D6E5D5A009B3E7D /* tsk_assert.c */, + 8C84CCC01D6E5D5A009B3E7D /* tsk_assert.h */, 8C84CCC11D6E5D5A009B3E7D /* init_registry_tables.c */, 8C84CCC31D6E5D5A009B3E7D /* registry_search.c */, 8C84CCC41D6E5D5A009B3E7D /* registry_types.h */, @@ -853,7 +853,7 @@ 8CE9192D1AEA0F7E002B29AE /* domain_registry.h in Headers */, 8CD5F7491BCB535E005801D8 /* TSKNSURLSessionDelegateProxy.h in Headers */, 8C84CCF11D6E5DE9009B3E7D /* registry_tables.h in Headers */, - 8C84CCCE1D6E5D5A009B3E7D /* assert.h in Headers */, + 8C84CCCE1D6E5D5A009B3E7D /* tsk_assert.h in Headers */, 2D4BF20D1F1FCC9600FB75AC /* TSKTrustKitConfig.h in Headers */, 6B2B06AD1B05154A00FC749E /* TSKBackgroundReporter.h in Headers */, 8C84CCE31D6E5D5A009B3E7D /* trie_node.h in Headers */, @@ -884,7 +884,7 @@ 8C84CBA21D6E0981009B3E7D /* domain_registry.h in Headers */, 8C84CBA41D6E0981009B3E7D /* TSKNSURLSessionDelegateProxy.h in Headers */, 8C84CCF31D6E5DE9009B3E7D /* registry_tables.h in Headers */, - 8C84CCD01D6E5D5A009B3E7D /* assert.h in Headers */, + 8C84CCD01D6E5D5A009B3E7D /* tsk_assert.h in Headers */, 8C84CBA61D6E0981009B3E7D /* TSKBackgroundReporter.h in Headers */, 2DA52E211F1FCFEF0059246E /* TSKTrustKitConfig.h in Headers */, 8C84CCE51D6E5D5A009B3E7D /* trie_node.h in Headers */, @@ -915,7 +915,7 @@ 8C4346D71E5B894A008023F9 /* configuration_utils.h in Headers */, 8CA6CC1B1BAE2B6600BDA419 /* TSKPinFailureReport.h in Headers */, 8C84CCF21D6E5DE9009B3E7D /* registry_tables.h in Headers */, - 8C84CCCF1D6E5D5A009B3E7D /* assert.h in Headers */, + 8C84CCCF1D6E5D5A009B3E7D /* tsk_assert.h in Headers */, 8CA6CC141BAE2B6600BDA419 /* TSKReportsRateLimiter.h in Headers */, 2DB0AA601F1FD34800AA07D9 /* TrustKit.h in Headers */, 2D8A76C51F1FD51F003A0750 /* TSKPinningValidatorCallback.h in Headers */, @@ -947,7 +947,7 @@ 8CC5D2381D6E64D10074F515 /* domain_registry.h in Headers */, 8CC5D23A1D6E64D10074F515 /* TSKNSURLSessionDelegateProxy.h in Headers */, 8CC5D23C1D6E64D10074F515 /* registry_tables.h in Headers */, - 8CC5D23D1D6E64D10074F515 /* assert.h in Headers */, + 8CC5D23D1D6E64D10074F515 /* tsk_assert.h in Headers */, 8CC5D23E1D6E64D10074F515 /* TSKBackgroundReporter.h in Headers */, 2DA52E221F1FCFF00059246E /* TSKTrustKitConfig.h in Headers */, 8CC5D23F1D6E64D10074F515 /* trie_node.h in Headers */, @@ -1271,7 +1271,7 @@ 8CD5F74B1BCB535E005801D8 /* TSKNSURLSessionDelegateProxy.m in Sources */, 8C84CCD71D6E5D5A009B3E7D /* registry_search.c in Sources */, 8C4346DA1E5B894A008023F9 /* configuration_utils.m in Sources */, - 8C84CCCB1D6E5D5A009B3E7D /* assert.c in Sources */, + 8C84CCCB1D6E5D5A009B3E7D /* tsk_assert.c in Sources */, 8C15F9A11B16094E00F06C0E /* TSKPinFailureReport.m in Sources */, 8CD5F7331BC5ED4A005801D8 /* TSKNSURLConnectionDelegateProxy.m in Sources */, 8C84806D1A896F660017C155 /* TrustKit.m in Sources */, @@ -1317,7 +1317,7 @@ 8C84CB951D6E0981009B3E7D /* TSKNSURLSessionDelegateProxy.m in Sources */, 8C84CCD91D6E5D5A009B3E7D /* registry_search.c in Sources */, 8C4346DD1E5B894A008023F9 /* configuration_utils.m in Sources */, - 8C84CCCD1D6E5D5A009B3E7D /* assert.c in Sources */, + 8C84CCCD1D6E5D5A009B3E7D /* tsk_assert.c in Sources */, 8C84CB971D6E0981009B3E7D /* TSKPinFailureReport.m in Sources */, 8C84CB991D6E0981009B3E7D /* TSKNSURLConnectionDelegateProxy.m in Sources */, 8C84CB9A1D6E0981009B3E7D /* TrustKit.m in Sources */, @@ -1351,7 +1351,7 @@ isa = PBXSourcesBuildPhase; buildActionMask = 2147483647; files = ( - 0DB3B67D1DA3B26700DA730D /* assert.c in Sources */, + 0DB3B67D1DA3B26700DA730D /* tsk_assert.c in Sources */, 0DB3B67E1DA3B26700DA730D /* registry_search.c in Sources */, FCE7D6311EE9F66A0081EEEF /* TSKTrustKitConfig.m in Sources */, 0DB3B67F1DA3B26700DA730D /* trie_search.c in Sources */, @@ -1388,7 +1388,7 @@ 8CD5F74D1BCB535E005801D8 /* TSKNSURLSessionDelegateProxy.m in Sources */, 8C5D98B51CEFF079008E654B /* parse_configuration.m in Sources */, 8C84CCD81D6E5D5A009B3E7D /* registry_search.c in Sources */, - 8C84CCCC1D6E5D5A009B3E7D /* assert.c in Sources */, + 8C84CCCC1D6E5D5A009B3E7D /* tsk_assert.c in Sources */, 8C4346DC1E5B894A008023F9 /* configuration_utils.m in Sources */, 8CA6CC1E1BAE2B6600BDA419 /* reporting_utils.m in Sources */, 8CA6CC261BAE2B6A00BDA419 /* TrustKit.m in Sources */, @@ -1436,7 +1436,7 @@ 8CC5D22B1D6E64D10074F515 /* TSKNSURLSessionDelegateProxy.m in Sources */, 8CC5D22D1D6E64D10074F515 /* registry_search.c in Sources */, 8C4346DE1E5B894A008023F9 /* configuration_utils.m in Sources */, - 8CC5D22E1D6E64D10074F515 /* assert.c in Sources */, + 8CC5D22E1D6E64D10074F515 /* tsk_assert.c in Sources */, 8CC5D22F1D6E64D10074F515 /* TSKPinFailureReport.m in Sources */, 8CC5D2311D6E64D10074F515 /* TSKNSURLConnectionDelegateProxy.m in Sources */, 8CC5D2321D6E64D10074F515 /* TrustKit.m in Sources */, diff --git a/TrustKit/Dependencies/domain_registry/private/registry_search.c b/TrustKit/Dependencies/domain_registry/private/registry_search.c index ddaad92e..cd9f304e 100644 --- a/TrustKit/Dependencies/domain_registry/private/registry_search.c +++ b/TrustKit/Dependencies/domain_registry/private/registry_search.c @@ -18,7 +18,7 @@ #include -#include "assert.h" +#include "tsk_assert.h" #include "string_util.h" #include "trie_search.h" diff --git a/TrustKit/Dependencies/domain_registry/private/string_util.h b/TrustKit/Dependencies/domain_registry/private/string_util.h index 9a0da0c3..8497abe1 100644 --- a/TrustKit/Dependencies/domain_registry/private/string_util.h +++ b/TrustKit/Dependencies/domain_registry/private/string_util.h @@ -20,7 +20,7 @@ #include #include -#include "assert.h" +#include "tsk_assert.h" static const char kUpperLowerDistance = 'A' - 'a'; diff --git a/TrustKit/Dependencies/domain_registry/private/trie_search.c b/TrustKit/Dependencies/domain_registry/private/trie_search.c index 701865cb..8ff3fc82 100644 --- a/TrustKit/Dependencies/domain_registry/private/trie_search.c +++ b/TrustKit/Dependencies/domain_registry/private/trie_search.c @@ -14,7 +14,7 @@ * limitations under the License. */ -#include "assert.h" +#include "tsk_assert.h" #include "string_util.h" #include "trie_search.h" diff --git a/TrustKit/Dependencies/domain_registry/private/assert.c b/TrustKit/Dependencies/domain_registry/private/tsk_assert.c similarity index 98% rename from TrustKit/Dependencies/domain_registry/private/assert.c rename to TrustKit/Dependencies/domain_registry/private/tsk_assert.c index 4803be51..b9f2164c 100644 --- a/TrustKit/Dependencies/domain_registry/private/assert.c +++ b/TrustKit/Dependencies/domain_registry/private/tsk_assert.c @@ -14,7 +14,7 @@ * limitations under the License. */ -#include "assert.h" +#include "tsk_assert.h" #include "../domain_registry.h" #include diff --git a/TrustKit/Dependencies/domain_registry/private/assert.h b/TrustKit/Dependencies/domain_registry/private/tsk_assert.h similarity index 100% rename from TrustKit/Dependencies/domain_registry/private/assert.h rename to TrustKit/Dependencies/domain_registry/private/tsk_assert.h From 42c673af08ede9d96e41f1bbfaf8f0b48ec32ebc Mon Sep 17 00:00:00 2001 From: Phillip Tennen Date: Tue, 21 Nov 2017 13:02:28 -0500 Subject: [PATCH 2/3] fix incorrect behavior when using TSKSPKIHashCache without an identifier --- TrustKit/Pinning/TSKSPKIHashCache.m | 7 +++++-- TrustKitTests/TSKPublicKeyAlgorithmTests.m | 5 +++++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/TrustKit/Pinning/TSKSPKIHashCache.m b/TrustKit/Pinning/TSKSPKIHashCache.m index fa815e8f..8cf8f2c4 100644 --- a/TrustKit/Pinning/TSKSPKIHashCache.m +++ b/TrustKit/Pinning/TSKSPKIHashCache.m @@ -215,7 +215,7 @@ - (NSData *)hashSubjectPublicKeyInfoFromCertificate:(SecCertificateRef)certifica - (NSMutableDictionary *)loadSPKICacheFromFileSystem { - NSMutableDictionary *spkiCache; + NSMutableDictionary *spkiCache = nil; NSData *serializedSpkiCache = [NSData dataWithContentsOfURL:[self SPKICachePath]]; if (serializedSpkiCache) { spkiCache = [NSKeyedUnarchiver unarchiveObjectWithData:serializedSpkiCache]; @@ -278,7 +278,10 @@ - (NSData *)getPublicKeyDataFromCertificate:(SecCertificateRef)certificate - (NSURL *)SPKICachePath { - NSAssert(self.spkiCacheFilename, @"SPKI filename should not be nil"); + if (!self.spkiCacheFilename) + { + return nil; + } NSURL *cachesDirUrl = [NSFileManager.defaultManager URLsForDirectory:NSCachesDirectory inDomains:NSUserDomainMask].firstObject; return [cachesDirUrl URLByAppendingPathComponent:self.spkiCacheFilename]; diff --git a/TrustKitTests/TSKPublicKeyAlgorithmTests.m b/TrustKitTests/TSKPublicKeyAlgorithmTests.m index 00891275..1a10726a 100644 --- a/TrustKitTests/TSKPublicKeyAlgorithmTests.m +++ b/TrustKitTests/TSKPublicKeyAlgorithmTests.m @@ -32,19 +32,24 @@ @interface TSKPublicKeyAlgorithmTests : XCTestCase @implementation TSKPublicKeyAlgorithmTests { TSKSPKIHashCache *spkiCache; + TSKSPKIHashCache *nonPersistentSpkiCache; } - (void)setUp { [super setUp]; [spkiCache resetSubjectPublicKeyInfoDiskCache]; + [nonPersistentSpkiCache resetSubjectPublicKeyInfoDiskCache]; spkiCache = [[TSKSPKIHashCache alloc] initWithIdentifier:@"test"]; + nonPersistentSpkiCache = [[TSKSPKIHashCache alloc] initWithIdentifier:nil]; } - (void)tearDown { [spkiCache resetSubjectPublicKeyInfoDiskCache]; + [nonPersistentSpkiCache resetSubjectPublicKeyInfoDiskCache]; spkiCache = nil; + nonPersistentSpkiCache = nil; [super tearDown]; } From 754cefd48573d3bab7b8c367f33c48447f597d26 Mon Sep 17 00:00:00 2001 From: Phillip Tennen Date: Mon, 27 Nov 2017 12:13:47 -0500 Subject: [PATCH 3/3] TSKSPKIHashCache must be passed a non-nil identifier --- TrustKit/Pinning/TSKSPKIHashCache.h | 5 ++--- TrustKit/Pinning/TSKSPKIHashCache.m | 8 +++----- TrustKitTests/TSKPublicKeyAlgorithmTests.m | 5 ----- 3 files changed, 5 insertions(+), 13 deletions(-) diff --git a/TrustKit/Pinning/TSKSPKIHashCache.h b/TrustKit/Pinning/TSKSPKIHashCache.h index 5ed19da2..f0395fa1 100644 --- a/TrustKit/Pinning/TSKSPKIHashCache.h +++ b/TrustKit/Pinning/TSKSPKIHashCache.h @@ -30,13 +30,12 @@ typedef NSMutableDictionary SPKICacheDictionnary; /** Create a new cache of SPKI hashes. The identifier is required to ensure that multiple cache - instances do not attempt to use the same file on disk for persistence. If nil, persistence - will be disabled (not recommended). + instances do not attempt to use the same file on disk for persistence. @param uniqueIdentifier A unique identifier that is stable across app launches/instance creation @return An initialized hash cache. */ -- (instancetype _Nullable)initWithIdentifier:(NSString * _Nullable)uniqueIdentifier NS_DESIGNATED_INITIALIZER; +- (instancetype _Nullable)initWithIdentifier:(NSString*)uniqueIdentifier NS_DESIGNATED_INITIALIZER; /** Get a pin cache for the provided certificate and public key algorithm. The pins diff --git a/TrustKit/Pinning/TSKSPKIHashCache.m b/TrustKit/Pinning/TSKSPKIHashCache.m index 8cf8f2c4..7b267f34 100644 --- a/TrustKit/Pinning/TSKSPKIHashCache.m +++ b/TrustKit/Pinning/TSKSPKIHashCache.m @@ -116,7 +116,9 @@ - (instancetype)initWithIdentifier:(NSString *)uniqueIdentifier // Initialize our locks _lockQueue = dispatch_queue_create("TSKSPKIHashLock", DISPATCH_QUEUE_CONCURRENT); - _spkiCacheFilename = uniqueIdentifier; // if this value is nil, persistence will always fail. + // Ensure a non-nil identifier was provided + NSAssert(uniqueIdentifier, @"TSKSPKIHashCache initializer must be passed a unique identifier"); + _spkiCacheFilename = uniqueIdentifier; // First try to load a cached version from the filesystem _subjectPublicKeyInfoHashesCache = [self loadSPKICacheFromFileSystem]; @@ -278,10 +280,6 @@ - (NSData *)getPublicKeyDataFromCertificate:(SecCertificateRef)certificate - (NSURL *)SPKICachePath { - if (!self.spkiCacheFilename) - { - return nil; - } NSURL *cachesDirUrl = [NSFileManager.defaultManager URLsForDirectory:NSCachesDirectory inDomains:NSUserDomainMask].firstObject; return [cachesDirUrl URLByAppendingPathComponent:self.spkiCacheFilename]; diff --git a/TrustKitTests/TSKPublicKeyAlgorithmTests.m b/TrustKitTests/TSKPublicKeyAlgorithmTests.m index 1a10726a..00891275 100644 --- a/TrustKitTests/TSKPublicKeyAlgorithmTests.m +++ b/TrustKitTests/TSKPublicKeyAlgorithmTests.m @@ -32,24 +32,19 @@ @interface TSKPublicKeyAlgorithmTests : XCTestCase @implementation TSKPublicKeyAlgorithmTests { TSKSPKIHashCache *spkiCache; - TSKSPKIHashCache *nonPersistentSpkiCache; } - (void)setUp { [super setUp]; [spkiCache resetSubjectPublicKeyInfoDiskCache]; - [nonPersistentSpkiCache resetSubjectPublicKeyInfoDiskCache]; spkiCache = [[TSKSPKIHashCache alloc] initWithIdentifier:@"test"]; - nonPersistentSpkiCache = [[TSKSPKIHashCache alloc] initWithIdentifier:nil]; } - (void)tearDown { [spkiCache resetSubjectPublicKeyInfoDiskCache]; - [nonPersistentSpkiCache resetSubjectPublicKeyInfoDiskCache]; spkiCache = nil; - nonPersistentSpkiCache = nil; [super tearDown]; }