passepartoutvpn
/
wireguard-apple
mirror of https://github.com/passepartoutvpn/wireguard-apple.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Keychain: Remove unnecessary cast to String in Keychain queries 

Signed-off-by: Andrej Mihajlov <and@mullvad.net>
This commit is contained in:
Andrej Mihajlov 2020-12-02 18:09:39 +01:00
parent 7930b94981
commit 90b41aed89
1 changed files with 23 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
Sources/Shared/Keychain.swift
View File

@ -7,9 +7,9 @@ import Security
class Keychain { class Keychain {
static func openReference(called ref: Data) -> String? { static func openReference(called ref: Data) -> String? {
var result: CFTypeRef? var result: CFTypeRef?
let ret = SecItemCopyMatching([kSecClass as String: kSecClassGenericPassword, let ret = SecItemCopyMatching([kSecClass: kSecClassGenericPassword,
kSecValuePersistentRef as String: ref, kSecValuePersistentRef: ref,
kSecReturnData as String: true] as CFDictionary, kSecReturnData: true] as CFDictionary,
&result) &result)
if ret != errSecSuccess || result == nil { if ret != errSecSuccess || result == nil {
wg_log(.error, message: "Unable to open config from keychain: \(ret)") wg_log(.error, message: "Unable to open config from keychain: \(ret)")
@ -28,20 +28,20 @@ class Keychain {
if bundleIdentifier.hasSuffix(".network-extension") { if bundleIdentifier.hasSuffix(".network-extension") {
bundleIdentifier.removeLast(".network-extension".count) bundleIdentifier.removeLast(".network-extension".count)
} }
var items: [String: Any] = [kSecClass as String: kSecClassGenericPassword, var items: [CFString: Any] = [kSecClass: kSecClassGenericPassword,
kSecAttrLabel as String: "WireGuard Tunnel: " + name, kSecAttrLabel: "WireGuard Tunnel: " + name,
kSecAttrAccount as String: name + ": " + UUID().uuidString, kSecAttrAccount: name + ": " + UUID().uuidString,
kSecAttrDescription as String: "wg-quick(8) config", kSecAttrDescription: "wg-quick(8) config",
kSecAttrService as String: bundleIdentifier, kSecAttrService: bundleIdentifier,
kSecValueData as String: value.data(using: .utf8) as Any, kSecValueData: value.data(using: .utf8) as Any,
kSecReturnPersistentRef as String: true] kSecReturnPersistentRef: true]
#if os(iOS) #if os(iOS)
items[kSecAttrAccessGroup as String] = FileManager.appGroupId items[kSecAttrAccessGroup] = FileManager.appGroupId
items[kSecAttrAccessible as String] = kSecAttrAccessibleAfterFirstUnlock items[kSecAttrAccessible] = kSecAttrAccessibleAfterFirstUnlock
#elseif os(macOS) #elseif os(macOS)
items[kSecAttrSynchronizable as String] = false items[kSecAttrSynchronizable] = false
items[kSecAttrAccessible as String] = kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly items[kSecAttrAccessible] = kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly
guard let extensionPath = Bundle.main.builtInPlugInsURL?.appendingPathComponent("WireGuardNetworkExtension.appex").path else { guard let extensionPath = Bundle.main.builtInPlugInsURL?.appendingPathComponent("WireGuardNetworkExtension.appex").path else {
wg_log(.error, staticMessage: "Unable to determine app extension path") wg_log(.error, staticMessage: "Unable to determine app extension path")
@ -60,14 +60,14 @@ class Keychain {
return nil return nil
} }
var access: SecAccess? var access: SecAccess?
ret = SecAccessCreate((items[kSecAttrLabel as String] as? String)! as CFString, ret = SecAccessCreate((items[kSecAttrLabel] as? String)! as CFString,
[extensionApp!, mainApp!] as CFArray, [extensionApp!, mainApp!] as CFArray,
&access) &access)
if ret != errSecSuccess || access == nil { if ret != errSecSuccess || access == nil {
wg_log(.error, message: "Unable to create keychain ACL object: \(ret)") wg_log(.error, message: "Unable to create keychain ACL object: \(ret)")
return nil return nil
} }
items[kSecAttrAccess as String] = access! items[kSecAttrAccess] = access!
#else #else
#error("Unimplemented") #error("Unimplemented")
#endif #endif
@ -85,7 +85,7 @@ class Keychain {
} }
static func deleteReference(called ref: Data) { static func deleteReference(called ref: Data) {
let ret = SecItemDelete([kSecValuePersistentRef as String: ref] as CFDictionary) let ret = SecItemDelete([kSecValuePersistentRef: ref] as CFDictionary)
if ret != errSecSuccess { if ret != errSecSuccess {
wg_log(.error, message: "Unable to delete config from keychain: \(ret)") wg_log(.error, message: "Unable to delete config from keychain: \(ret)")
} }
@ -93,10 +93,10 @@ class Keychain {
static func deleteReferences(except whitelist: Set<Data>) { static func deleteReferences(except whitelist: Set<Data>) {
var result: CFTypeRef? var result: CFTypeRef?
let ret = SecItemCopyMatching([kSecClass as String: kSecClassGenericPassword, let ret = SecItemCopyMatching([kSecClass: kSecClassGenericPassword,
kSecAttrService as String: Bundle.main.bundleIdentifier as Any, kSecAttrService: Bundle.main.bundleIdentifier as Any,
kSecMatchLimit as String: kSecMatchLimitAll, kSecMatchLimit: kSecMatchLimitAll,
kSecReturnPersistentRef as String: true] as CFDictionary, kSecReturnPersistentRef: true] as CFDictionary,
&result) &result)
if ret != errSecSuccess || result == nil { if ret != errSecSuccess || result == nil {
return return
@ -110,8 +110,8 @@ class Keychain {
} }
static func verifyReference(called ref: Data) -> Bool { static func verifyReference(called ref: Data) -> Bool {
return SecItemCopyMatching([kSecClass as String: kSecClassGenericPassword, return SecItemCopyMatching([kSecClass: kSecClassGenericPassword,
kSecValuePersistentRef as String: ref] as CFDictionary, kSecValuePersistentRef: ref] as CFDictionary,
nil) != errSecItemNotFound nil) != errSecItemNotFound
} }
} }