Caching sourceAppAuditToken

App & System Services Networking
devfunshark OP
Created Jan ’20
Replies 2
Boosts 0
Views 620
Participants 2

Inside my NEFilterDataProvider, I am retrieving the code signature informations from socketFlow.sourceAppAuditToken (thanks to the good advice of Eskimo).


This takes a little bit of time though. Is it reasonable to cache the sourceAppAuditToken ?


I am thinking of keeping a dictionary that would map the sourceAppAuditToken to their String identifier. Is it reasonable, or is it insecure to do so?


Separately, I have seen that socketFlow.description contains a lot of really useful information, including bundleId, etc.

How is that bundleId computed? (there is an insecure way : just retrieving it from the Info.plist, and a secure way: retrieving it from the code signature). Also, is there a better way to access this information that parsing the socketFlow.description string itself?

Replies  2
Boosts  0
Views  620
Participants  2
DTS Engineer OP
Apple
Jan ’20

I am thinking of keeping a dictionary that would map the 

sourceAppAuditToken
to their 
String
identifier. Is it reasonable … ?

Yes.

Separately, I have seen that 

socketFlow.description
contains …

The 

description
property is intended for debugging and logging purposes only. You should never depend on the format of the string it returns. This can change without warning, resulting in problems like the one discussed here.

It’s unfortunate that our documentation fails to make this sufficiently clear (r. 54383819). The best discussion of this is the one you’ll find in the 

CFCopyDescription
docs, which says:

You can use this function for debugging Core Foundation objects in your code. Note, however, that the description for a given object may be different in different releases of the operating system. Do notcreate dependencies in your code on the content or format of the information returned by this function.

The only thing that needs tweaking here in the addition of an “unless otherwise documented”. Some types do guarantee that their description will conform to a specific format.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
0
devfunshark OP
Jan ’20

ok, thank you!

0
Caching sourceAppAuditToken
First post date Last post date
 
 
Q