Skip to content

Commit 4e2d35f

Browse files
justin-fiedlerjustin-fiedler
authored
fix: remove MD5 usage (#456)
1 parent b54a60f commit 4e2d35f

File tree

1 file changed

+2
-28
lines changed

1 file changed

+2
-28
lines changed

Sources/Amplitude/Amplitude.m

Lines changed: 2 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -144,7 +144,7 @@ @implementation Amplitude {
144144

145145
BOOL _inForeground;
146146
BOOL _offline;
147-
147+
148148
int _numRetries;
149149
int _maxRetries;
150150
int _originalUploadPeriodsInSeconds;
@@ -740,7 +740,7 @@ - (void)logEvent:(NSString *)eventType withEventProperties:(NSDictionary *)event
740740
AMPLITUDE_ERROR(@"ERROR: JSONSerializing event type %@ resulted in an NULL string", eventType);
741741
return;
742742
}
743-
743+
744744
if ([eventType isEqualToString:IDENTIFY_EVENT] || [eventType isEqualToString:GROUP_IDENTIFY_EVENT]) {
745745
(void) [self.dbHelper addIdentify:jsonString];
746746
} else {
@@ -1106,12 +1106,6 @@ - (void)makeEventUploadPostRequest:(NSString *)url events:(NSString *)events num
11061106
NSString *timestampString = [[NSNumber numberWithLongLong:[[self currentTime] timeIntervalSince1970] * 1000] stringValue];
11071107
[postData appendData:[timestampString dataUsingEncoding:NSUTF8StringEncoding]];
11081108

1109-
// Add checksum
1110-
[postData appendData:[@"&checksum=" dataUsingEncoding:NSUTF8StringEncoding]];
1111-
NSString *checksumData = [NSString stringWithFormat:@"%@%@%@%@", apiVersionString, self.apiKey, events, timestampString];
1112-
NSString *checksum = [self md5HexDigest:checksumData];
1113-
[postData appendData:[checksum dataUsingEncoding:NSUTF8StringEncoding]];
1114-
11151109
[request setHTTPMethod:@"POST"];
11161110
[request setValue:self.contentTypeHeader forHTTPHeaderField:@"Content-Type"];
11171111
[request setValue:[NSString stringWithFormat:@"%lu", (unsigned long)[postData length]] forHTTPHeaderField:@"Content-Length"];
@@ -1775,26 +1769,6 @@ - (BOOL)isArgument:(id)argument validType:(Class)class methodName:(NSString *)me
17751769
}
17761770
}
17771771

1778-
- (NSString *)md5HexDigest:(NSString *)input {
1779-
const char *str = [input UTF8String];
1780-
unsigned char result[CC_MD5_DIGEST_LENGTH];
1781-
1782-
#pragma clang diagnostic push
1783-
#pragma clang diagnostic ignored "-Wdeprecated-declarations"
1784-
// As mentioned by @haoliu-amp in // https://github.com/amplitude/Amplitude-iOS/issues/250#issuecomment-655224554,
1785-
// > This crypto algorithm is used for our checksum field, actually you don't need to worry about the security concern for that.
1786-
// > However, we will see if we wanna switch it to SHA256.
1787-
// Based on this, we can silence the compile warning here until a fix is implemented.
1788-
CC_MD5(str, (CC_LONG) strlen(str), result);
1789-
#pragma clang diagnostic pop
1790-
1791-
NSMutableString *ret = [NSMutableString stringWithCapacity:CC_MD5_DIGEST_LENGTH*2];
1792-
for(int i = 0; i<CC_MD5_DIGEST_LENGTH; i++) {
1793-
[ret appendFormat:@"%02x",result[i]];
1794-
}
1795-
return ret;
1796-
}
1797-
17981772
- (NSString *)urlEncodeString:(NSString *)string {
17991773
NSCharacterSet * allowedCharacters = [[NSCharacterSet characterSetWithCharactersInString:@":/?#[]@!$ &'()*+,;=\"<>%{}|\\^~`"] invertedSet];
18001774
return [string stringByAddingPercentEncodingWithAllowedCharacters:allowedCharacters];

0 commit comments

Comments
 (0)