Merge pull request #71 from outfoxx/fix/matches-cert

Make `SecKeyPair.matchesCetificate` handle errors internally; no `throws`
outfoxx · Jun 11, 2023 · cb69191 · cb69191
2 parents 54f50fe + 3f7a9af
commit cb69191
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 17 deletions.
diff --git a/Sources/ShieldSecurity/SecKeyPair.swift b/Sources/ShieldSecurity/SecKeyPair.swift
@@ -270,12 +270,17 @@ public struct SecKeyPair {
   ///   - trustedCertificates: Any certificates needed to complete the "chain-of-trust" for `certificate`.
   /// - Returns: True if the public key of `certificate` and the key pair match.
   ///
-  public func matchesCertificate(certificate: SecCertificate, trustedCertificates: [SecCertificate]) throws -> Bool {
+  public func matchesCertificate(certificate: SecCertificate, trustedCertificates: [SecCertificate]) -> Bool {
 
-    let keyData =
-      try certificate.publicKeyValidated(trustedCertificates: trustedCertificates).encode()
+    do {
+
+      let keyData = try certificate.publicKeyValidated(trustedCertificates: trustedCertificates).encode()
 
-    return try encodedPublicKey() == keyData
+      return try encodedPublicKey() == keyData
+    }
+    catch {
+      return false
+    }
   }
 
 #if swift(>=5.5)
@@ -292,12 +297,17 @@ public struct SecKeyPair {
   public func matchesCertificate(
     certificate: SecCertificate,
     trustedCertificates: [SecCertificate]
-  ) async throws -> Bool {
+  ) async -> Bool {
 
-    let keyData =
-      try await certificate.publicKeyValidated(trustedCertificates: trustedCertificates).encode()
+    do {
+
+      let keyData = try await certificate.publicKeyValidated(trustedCertificates: trustedCertificates).encode()
 
-    return try encodedPublicKey() == keyData
+      return try encodedPublicKey() == keyData
+    }
+    catch {
+      return false
+    }
   }
 #endif
 

diff --git a/Tests/SecKeyPairTests.swift b/Tests/SecKeyPairTests.swift
@@ -126,16 +126,10 @@ class SecKeyPairTests: XCTestCase {
 
     DispatchQueue.global(qos: .userInitiated).async {
       defer { finishedX.fulfill() }
-      do {
 
-        let result = try self.rsaKeyPair.matchesCertificate(certificate: cert, trustedCertificates: [cert])
+      let result = self.rsaKeyPair.matchesCertificate(certificate: cert, trustedCertificates: [cert])
 
-        XCTAssertTrue(result)
-
-      }
-      catch {
-        XCTFail("\(error)")
-      }
+      XCTAssertTrue(result)
     }
 
     waitForExpectations(timeout: 10.0)
@@ -157,7 +151,7 @@ class SecKeyPairTests: XCTestCase {
 
     let cert = SecCertificateCreateWithData(nil, certData as CFData)!
 
-    let result = try await self.rsaKeyPair.matchesCertificate(certificate: cert, trustedCertificates: [cert])
+    let result = await self.rsaKeyPair.matchesCertificate(certificate: cert, trustedCertificates: [cert])
     XCTAssertTrue(result)
   }
 #endif