Remove unused HAVE_SEC_TRUST_COPY_CERTIFICATE_CHAIN

https://bugs.webkit.org/show_bug.cgi?id=259495 rdar://112856927 Reviewed by Tim Horton. It is always true. This can be done after rdar://112856496 * Source/WTF/wtf/PlatformHave.h: * Source/WebCore/platform/network/cf/CertificateInfoCFNet.cpp: (WebCore::certificatesMatch): (WebCore::CertificateInfo::certificateChainFromSecTrust): (WebCore::CertificateInfo::containsNonRootSHA1SignedCertificate const): * Source/WebCore/platform/network/cocoa/CertificateInfoCocoa.mm: (WebCore::CertificateInfo::dump const): * Source/WebKit/Shared/mac/WebCoreArgumentCodersMac.mm: (IPC::encodeNSError): * Tools/TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm: (verifyCertificateAndPublicKey): * Tools/TestWebKitAPI/Tests/WebKitCocoa/ServiceWorkerBasic.mm: Canonical link: https://commits.webkit.org/266334@main
WebKit · Jul 26, 2023 · e8ee25a · e8ee25a
1 parent 96d6de2
commit e8ee25a
Show file tree

Hide file tree

Showing 6 changed files with 0 additions and 48 deletions.
diff --git a/Source/WTF/wtf/PlatformHave.h b/Source/WTF/wtf/PlatformHave.h
@@ -731,7 +731,6 @@
 #if PLATFORM(MAC) \
     || PLATFORM(IOS_FAMILY)
 #define HAVE_NETWORK_LOADER 1
-#define HAVE_SEC_TRUST_COPY_CERTIFICATE_CHAIN 1
 #define HAVE_OS_LAUNCHD_JOB 1
 #define HAVE_NSURL_EMPTY_PUNYCODE_CHECK 1
 #endif

diff --git a/Source/WebCore/platform/network/cf/CertificateInfoCFNet.cpp b/Source/WebCore/platform/network/cf/CertificateInfoCFNet.cpp
@@ -37,27 +37,17 @@ bool certificatesMatch(SecTrustRef trust1, SecTrustRef trust2)
     if (!trust1 || !trust2)
         return false;
 
-#if HAVE(SEC_TRUST_COPY_CERTIFICATE_CHAIN)
     auto chain1 = adoptCF(SecTrustCopyCertificateChain(trust1));
     auto chain2 = adoptCF(SecTrustCopyCertificateChain(trust2));
     CFIndex count1 = CFArrayGetCount(chain1.get());
     CFIndex count2 = CFArrayGetCount(chain2.get());
-#else
-    CFIndex count1 = SecTrustGetCertificateCount(trust1);
-    CFIndex count2 = SecTrustGetCertificateCount(trust2);
-#endif
 
     if (count1 != count2)
         return false;
 
     for (CFIndex i = 0; i < count1; i++) {
-#if HAVE(SEC_TRUST_COPY_CERTIFICATE_CHAIN)
         auto cert1 = CFArrayGetValueAtIndex(chain1.get(), i);
         auto cert2 = CFArrayGetValueAtIndex(chain2.get(), i);
-#else
-        auto cert1 = SecTrustGetCertificateAtIndex(trust1, i);
-        auto cert2 = SecTrustGetCertificateAtIndex(trust2, i);
-#endif
         RELEASE_ASSERT(cert1);
         RELEASE_ASSERT(cert2);
         if (!CFEqual(cert1, cert2))
@@ -77,30 +67,16 @@ RetainPtr<SecTrustRef> CertificateInfo::secTrustFromCertificateChain(CFArrayRef
 
 RetainPtr<CFArrayRef> CertificateInfo::certificateChainFromSecTrust(SecTrustRef trust)
 {
-#if HAVE(SEC_TRUST_COPY_CERTIFICATE_CHAIN)
     return adoptCF(SecTrustCopyCertificateChain(trust));
-#else
-    auto count = SecTrustGetCertificateCount(trust);
-    auto certificateChain = adoptCF(CFArrayCreateMutable(0, count, &kCFTypeArrayCallBacks));
-    for (CFIndex i = 0; i < count; i++)
-        CFArrayAppendValue(certificateChain.get(), SecTrustGetCertificateAtIndex(trust, i));
-    return certificateChain;
-#endif
 }
 
 bool CertificateInfo::containsNonRootSHA1SignedCertificate() const
 {
     if (m_trust) {
-#if HAVE(SEC_TRUST_COPY_CERTIFICATE_CHAIN)
         auto chain = adoptCF(SecTrustCopyCertificateChain(trust().get()));
-#endif
         // Allow only the root certificate (the last in the chain) to be SHA1.
         for (CFIndex i = 0, size = SecTrustGetCertificateCount(trust().get()) - 1; i < size; ++i) {
-#if HAVE(SEC_TRUST_COPY_CERTIFICATE_CHAIN)
             auto certificate = checked_cf_cast<SecCertificateRef>(CFArrayGetValueAtIndex(chain.get(), i));
-#else
-            auto certificate = SecTrustGetCertificateAtIndex(trust().get(), i);
-#endif
             if (SecCertificateGetSignatureHashAlgorithm(certificate) == kSecSignatureHashAlgorithmSHA1)
                 return true;
         }

diff --git a/Source/WebCore/platform/network/cocoa/CertificateInfoCocoa.mm b/Source/WebCore/platform/network/cocoa/CertificateInfoCocoa.mm
@@ -33,20 +33,12 @@
 {
     if (m_trust) {
 
-#if HAVE(SEC_TRUST_COPY_CERTIFICATE_CHAIN)
         auto chain = adoptCF(SecTrustCopyCertificateChain(trust().get()));
         CFIndex entries = CFArrayGetCount(chain.get());
-#else
-        CFIndex entries = SecTrustGetCertificateCount(trust().get());
-#endif
         NSLog(@"CertificateInfo SecTrust\n");
         NSLog(@"  Entries: %ld\n", entries);
         for (CFIndex i = 0; i < entries; ++i) {
-#if HAVE(SEC_TRUST_COPY_CERTIFICATE_CHAIN)
             RetainPtr<CFStringRef> summary = adoptCF(SecCertificateCopySubjectSummary(checked_cf_cast<SecCertificateRef>(CFArrayGetValueAtIndex(chain.get(), i))));
-#else
-            RetainPtr<CFStringRef> summary = adoptCF(SecCertificateCopySubjectSummary(SecTrustGetCertificateAtIndex(trust().get(), i)));
-#endif
             NSLog(@"  %@", (__bridge NSString *)summary.get());
         }
         return;

diff --git a/Source/WebKit/Shared/mac/WebCoreArgumentCodersMac.mm b/Source/WebKit/Shared/mac/WebCoreArgumentCodersMac.mm
@@ -123,14 +123,7 @@ static void encodeNSError(Encoder& encoder, NSError *nsError)
     id peerCertificateChain = [userInfo objectForKey:@"NSErrorPeerCertificateChainKey"];
     if (!peerCertificateChain) {
         if (SecTrustRef peerTrust = (__bridge SecTrustRef)[userInfo objectForKey:NSURLErrorFailingURLPeerTrustErrorKey]) {
-#if HAVE(SEC_TRUST_COPY_CERTIFICATE_CHAIN)
             peerCertificateChain = (__bridge NSArray *)adoptCF(SecTrustCopyCertificateChain(peerTrust)).autorelease();
-#else
-            CFIndex count = SecTrustGetCertificateCount(peerTrust);
-            peerCertificateChain = [NSMutableArray arrayWithCapacity:count];
-            for (CFIndex i = 0; i < count; ++i)
-                [peerCertificateChain addObject:(__bridge id)SecTrustGetCertificateAtIndex(peerTrust, i)];
-#endif
         }
     }
     ASSERT(!peerCertificateChain || [peerCertificateChain isKindOfClass:[NSArray class]]);

diff --git a/Tools/TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm b/Tools/TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm
@@ -451,11 +451,7 @@ static void verifyCertificateAndPublicKey(SecTrustRef trust)
 
     EXPECT_EQ(1, SecTrustGetCertificateCount(trust));
 
-#if HAVE(SEC_TRUST_COPY_CERTIFICATE_CHAIN)
     auto certificate = adoptCF(SecCertificateCopyData((SecCertificateRef)CFArrayGetValueAtIndex(adoptCF(SecTrustCopyCertificateChain(trust)).get(), 0)));
-#else
-    auto certificate = adoptCF(SecCertificateCopyData(SecTrustGetCertificateAtIndex(trust, 0)));
-#endif
     compareData(certificate, {
         0x30, 0x82, 0x05, 0x80, 0x30, 0x82, 0x03, 0x68, 0x02, 0x09, 0x00, 0x8a, 0x1e, 0x23, 0xd1, 0x53,
         0x93, 0x10, 0xb8, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,

diff --git a/Tools/TestWebKitAPI/Tests/WebKitCocoa/ServiceWorkerBasic.mm b/Tools/TestWebKitAPI/Tests/WebKitCocoa/ServiceWorkerBasic.mm
@@ -2210,12 +2210,8 @@ static bool isTestServerTrust(SecTrustRef trust)
     if (SecTrustGetCertificateCount(trust) != 1)
         return false;
 
-#if HAVE(SEC_TRUST_COPY_CERTIFICATE_CHAIN)
     auto chain = adoptCF(SecTrustCopyCertificateChain(trust));
     auto certificate = checked_cf_cast<SecCertificateRef>(CFArrayGetValueAtIndex(chain.get(), 0));
-#else
-    auto certificate = SecTrustGetCertificateAtIndex(trust, 0);
-#endif
     if (![adoptNS((NSString *)SecCertificateCopySubjectSummary(certificate)) isEqualToString:@"Me"])
         return false;