Skip to content

Missing Hashable and Sendable Conformances #86

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Missing Hashable and Sendable Conformances #86

wants to merge 2 commits into from

Conversation

dimitribouniol
Copy link
Contributor

Added missing Hashable and Sendable conformances, since I was getting warnings after updating to 3.0.0:

image

I also audited the rest of the types and added it to some error types as well.

dimitribouniol
dimitribouniol commented May 9, 2025
View reviewed changes
Sources/AppStoreServerLibrary/SignedDataVerifier.swift
@@ -3,9 +3,9 @@
import Foundation

///A verifier and decoder class designed to decode signed data from the App Store.
public struct SignedDataVerifier {
public struct SignedDataVerifier: Sendable {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SignedDataVerifier must be sendable in order for it to be used by multiple concurrent tasks at the same time. This means that ChainVerifier must be updated to an actor to properly prevent data race issues.

Sources/AppStoreServerLibrary/ChainVerifier.swift
@@ -28,7 +27,7 @@ class ChainVerifier {
self.verifiedPublicKeyCache = [:]
}

func verify<T: DecodedSignedData>(signedData: String, type: T.Type, onlineVerification: Bool, environment: AppStoreEnvironment) async -> VerificationResult<T> where T: Decodable {
func verify<T: DecodedSignedData>(signedData: String, type: T.Type, onlineVerification: Bool, environment: AppStoreEnvironment) async -> VerificationResult<T> where T: Decodable & Sendable {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since ChainVerifier is now an actor, T must be Sendable here.

Sources/AppStoreServerLibrary/ChainVerifier.swift
@@ -120,7 +119,7 @@ class ChainVerifier {
return verificationResult
}

func verifyChainWithoutCaching(leaf: Certificate, intermediate: Certificate, online: Bool, validationTime: Date) async -> X509.VerificationResult {
nonisolated func verifyChainWithoutCaching(leaf: Certificate, intermediate: Certificate, online: Bool, validationTime: Date) async -> X509.VerificationResult {
var verifier = Verifier(rootCertificates: self.store) {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since Verifier is not Sendable, but becomes tied to the actor, we must mark this method nonisolated to detach this dependency and allow it to be safely used within the context of this method.

Sources/AppStoreServerLibrary/ChainVerifier.swift
Comment on lines -135 to 136
func getDate() -> Date {
nonisolated func getDate() -> Date {
return Date()
}
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure what the intent on making a separate getDate() method was, but it must now be nonisolated so it can be called by the above method, which is also nonisolated.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@dimitribouniol