Keychain: Avoid roundtrip via items when accessing item label (stored in kSecAttrLabel)

Signed-off-by: Andrej Mihajlov <and@mullvad.net>
2020-12-02 18:16:41 +01:00 · 2020-12-02 18:16:41 +01:00 · bcc34e0bb6
parent 90b41aed89
commit bcc34e0bb6
1 changed files with 3 additions and 4 deletions
--- a/Sources/Shared/Keychain.swift
+++ b/Sources/Shared/Keychain.swift
@ -28,8 +28,9 @@ class Keychain {
        if bundleIdentifier.hasSuffix(".network-extension") {
            bundleIdentifier.removeLast(".network-extension".count)
        }
+        let itemLabel = "WireGuard Tunnel: \(name)"
        var items: [CFString: Any] = [kSecClass: kSecClassGenericPassword,
-                                    kSecAttrLabel: "WireGuard Tunnel: " + name,
+                                    kSecAttrLabel: itemLabel,
                                    kSecAttrAccount: name + ": " + UUID().uuidString,
                                    kSecAttrDescription: "wg-quick(8) config",
                                    kSecAttrService: bundleIdentifier,
@ -60,9 +61,7 @@ class Keychain {
            return nil
        }
        var access: SecAccess?
-        ret = SecAccessCreate((items[kSecAttrLabel] as? String)! as CFString,
-                              [extensionApp!, mainApp!] as CFArray,
-                              &access)
+        ret = SecAccessCreate(itemLabel as CFString, [extensionApp!, mainApp!] as CFArray, &access)
        if ret != errSecSuccess || access == nil {
            wg_log(.error, message: "Unable to create keychain ACL object: \(ret)")
            return nil