renaming

awslabs · Oct 6, 2023 · 6e626ab · 6e626ab
1 parent 095679c
commit 6e626ab
Show file tree

Hide file tree

Showing 5 changed files with 50 additions and 76 deletions.
diff --git a/include/aws/io/pem.h b/include/aws/io/pem.h
@@ -58,10 +58,11 @@ struct aws_pem_object {
 };
 
 /**
- * Cleans up and securely zeroes out the outputs of 'aws_decode_pem_to_object_list()'
- * and 'aws_read_and_decode_pem_file_to_object_list()'
+ * Cleans up elements of pem_objects list 'aws_pem_objects_init_from_file_contents()'
+ * and 'aws_pem_objects_init_from_file_path()'.
+ * Does not clean_up list itself.
  */
-AWS_IO_API void aws_pem_objects_clean_up(struct aws_array_list *pem_objects);
+AWS_IO_API void aws_pem_objects_clear(struct aws_array_list *pem_objects);
 
 /**
  * Decodes PEM data and reads objects sequentially adding them to pem_objects.
@@ -70,11 +71,11 @@ AWS_IO_API void aws_pem_objects_clean_up(struct aws_array_list *pem_objects);
  * If no objects can be read PEM or objects could not be base 64 decoded,
  * AWS_ERROR_PEM_MALFORMED is raised.
  * out_pem_objects stores aws_pem_object struct by value.
- * Caller must initialize out_pem_objects before calling the function.
+ * Function will initialize pem_objects list.
  * This code is slow, and it allocates, so please try
  * not to call this in the middle of something that needs to be fast or resource sensitive.
  */
-AWS_IO_API int aws_decode_pem_to_object_list(
+AWS_IO_API int aws_pem_objects_init_from_file_contents(
     struct aws_allocator *alloc,
     struct aws_byte_cursor pem_cursor,
     struct aws_array_list *out_pem_objects);
@@ -86,11 +87,11 @@ AWS_IO_API int aws_decode_pem_to_object_list(
  * If no objects can be read PEM or objects could not be base 64 decoded,
  * AWS_ERROR_PEM_MALFORMED is raised.
  * out_pem_objects stores aws_pem_object struct by value.
- * Caller must initialize out_pem_objects before calling the function.
+ * Function will initialize pem_objects list.
  * This code is slow, and it allocates, so please try
  * not to call this in the middle of something that needs to be fast or resource sensitive.
  */
-AWS_IO_API int aws_read_and_decode_pem_file_to_object_list(
+AWS_IO_API int aws_pem_objects_init_from_file_path(
     struct aws_allocator *allocator,
     const char *filename,
     struct aws_array_list *out_pem_objects);

diff --git a/source/darwin/darwin_pki_utils.c b/source/darwin/darwin_pki_utils.c
@@ -38,13 +38,9 @@ int aws_import_ecc_key_into_keychain(
 
     int result = AWS_OP_ERR;
     struct aws_array_list decoded_key_buffer_list;
-    /* Init empty array list, ideally, the PEM should only has one key included. */
-    if (aws_array_list_init_dynamic(&decoded_key_buffer_list, alloc, 1, sizeof(struct aws_pem_object))) {
-        return result;
-    }
 
     /* Decode PEM format file to DER format */
-    if (aws_decode_pem_to_object_list(alloc, *private_key, &decoded_key_buffer_list)) {
+    if (aws_pem_objects_init_from_file_contents(alloc, *private_key, &decoded_key_buffer_list)) {
         AWS_LOGF_ERROR(AWS_LS_IO_PKI, "static: Failed to decode PEM private key to DER format.");
         goto ecc_import_cleanup;
     }
@@ -90,7 +86,7 @@ int aws_import_ecc_key_into_keychain(
 
 ecc_import_cleanup:
     // Zero out the array list and release it
-    aws_pem_objects_clean_up(&decoded_key_buffer_list);
+    aws_pem_objects_clear(&decoded_key_buffer_list);
     aws_array_list_clean_up(&decoded_key_buffer_list);
     return result;
 }
@@ -208,12 +204,7 @@ int aws_import_public_and_private_keys_to_identity(
             "Using key from Keychain instead of the one provided.");
         struct aws_array_list cert_chain_list;
 
-        if (aws_array_list_init_dynamic(&cert_chain_list, alloc, 2, sizeof(struct aws_pem_object))) {
-            result = AWS_OP_ERR;
-            goto done;
-        }
-
-        if (aws_decode_pem_to_object_list(alloc, *public_cert_chain, &cert_chain_list)) {
+        if (aws_pem_objects_init_from_file_contents(alloc, *public_cert_chain, &cert_chain_list)) {
             AWS_LOGF_ERROR(AWS_LS_IO_PKI, "static: decoding certificate PEM failed.");
             aws_array_list_clean_up(&cert_chain_list);
             result = AWS_OP_ERR;
@@ -230,7 +221,7 @@ int aws_import_public_and_private_keys_to_identity(
             CFRelease(root_cert_data);
         }
 
-        aws_pem_objects_clean_up(&cert_chain_list);
+        aws_pem_objects_clear(&cert_chain_list);
         aws_array_list_clean_up(&cert_chain_list);
     } else {
         certificate_ref = (SecCertificateRef)CFArrayGetValueAtIndex(cert_import_output, 0);
@@ -325,11 +316,7 @@ int aws_import_trusted_certificates(
 
     struct aws_array_list certificates;
 
-    if (aws_array_list_init_dynamic(&certificates, alloc, 2, sizeof(struct aws_pem_object))) {
-        return AWS_OP_ERR;
-    }
-
-    if (aws_decode_pem_to_object_list(alloc, *certificates_blob, &certificates)) {
+    if (aws_pem_objects_init_from_file_contents(alloc, *certificates_blob, &certificates)) {
         AWS_LOGF_ERROR(AWS_LS_IO_PKI, "static: decoding CA PEM failed.");
         aws_array_list_clean_up(&certificates);
         return AWS_OP_ERR;
@@ -358,7 +345,7 @@ int aws_import_trusted_certificates(
     aws_mutex_unlock(&s_sec_mutex);
 
     *certs = temp_cert_array;
-    aws_pem_objects_clean_up(&certificates);
+    aws_pem_objects_clear(&certificates);
     aws_array_list_clean_up(&certificates);
     return err;
 }

diff --git a/source/pem.c b/source/pem.c
@@ -140,7 +140,7 @@ static struct aws_byte_cursor s_pem_type_parameters_cur = AWS_BYTE_CUR_INIT_FROM
 static struct aws_byte_cursor s_pem_type_cms_cur = AWS_BYTE_CUR_INIT_FROM_STRING_LITERAL("CMS");
 static struct aws_byte_cursor s_pem_type_sm2_parameters_cur = AWS_BYTE_CUR_INIT_FROM_STRING_LITERAL("SM2 PARAMETERS");
 
-void aws_pem_objects_clean_up(struct aws_array_list *cert_chain) {
+void aws_pem_objects_clear(struct aws_array_list *cert_chain) {
     for (size_t i = 0; i < aws_array_list_length(cert_chain); ++i) {
         struct aws_pem_object *pem_obj_ptr = NULL;
         aws_array_list_get_at_ptr(cert_chain, (void **)&pem_obj_ptr, i);
@@ -313,9 +313,10 @@ static int s_convert_pem_to_raw_base64(
 
                     } else {
                         struct aws_pem_object pem_object = {
-                            .data = current_obj_buf, 
-                            .type_string = aws_string_new_from_cursor(allocator, &current_obj_type_cur), 
-                            .type = current_obj_type,};
+                            .data = current_obj_buf,
+                            .type_string = aws_string_new_from_cursor(allocator, &current_obj_type_cur),
+                            .type = current_obj_type,
+                        };
 
                         if (aws_array_list_push_back(pem_objects, &pem_object)) {
                             goto on_end_of_loop;
@@ -358,17 +359,21 @@ static int s_convert_pem_to_raw_base64(
     }
 
     AWS_LOGF_ERROR(AWS_LS_IO_PEM, "Invalid PEM buffer.");
-    aws_pem_objects_clean_up(pem_objects);
+    aws_pem_objects_clear(pem_objects);
     return aws_raise_error(AWS_ERROR_PEM_MALFORMED);
 }
 
-int aws_decode_pem_to_object_list(
+int aws_pem_objects_init_from_file_contents(
     struct aws_allocator *allocator,
     struct aws_byte_cursor pem_cursor,
     struct aws_array_list *pem_objects) {
     AWS_PRECONDITION(allocator);
     AWS_PRECONDITION(pem_objects != NULL);
-    AWS_PRECONDITION(aws_array_list_length(pem_objects) == 0);
+
+    /* Init empty array list, ideally, the PEM should only has one key included. */
+    if (aws_array_list_init_dynamic(&pem_objects, allocator, 1, sizeof(struct aws_pem_object))) {
+        return AWS_OP_ERR;
+    }
 
     if (s_convert_pem_to_raw_base64(allocator, pem_cursor, pem_objects)) {
         goto on_error;
@@ -403,11 +408,11 @@ int aws_decode_pem_to_object_list(
     return AWS_OP_SUCCESS;
 
 on_error:
-    aws_pem_objects_clean_up(pem_objects);
+    aws_pem_objects_clear(pem_objects);
     return AWS_OP_ERR;
 }
 
-int aws_read_and_decode_pem_file_to_object_list(
+int aws_pem_objects_init_from_file_path(
     struct aws_allocator *alloc,
     const char *filename,
     struct aws_array_list *pem_objects) {
@@ -420,7 +425,7 @@ int aws_read_and_decode_pem_file_to_object_list(
     AWS_ASSERT(raw_file_buffer.buffer);
 
     struct aws_byte_cursor file_cursor = aws_byte_cursor_from_buf(&raw_file_buffer);
-    if (aws_decode_pem_to_object_list(alloc, file_cursor, pem_objects)) {
+    if (aws_pem_objects_init_from_file_contents(alloc, file_cursor, pem_objects)) {
         aws_byte_buf_clean_up_secure(&raw_file_buffer);
         AWS_LOGF_ERROR(AWS_LS_IO_PEM, "Failed to decode PEM file %s.", filename);
         return AWS_OP_ERR;

diff --git a/source/windows/windows_pki_utils.c b/source/windows/windows_pki_utils.c
@@ -184,11 +184,7 @@ int aws_import_trusted_certificates(
     *cert_store = NULL;
     int result = AWS_OP_ERR;
 
-    if (aws_array_list_init_dynamic(&certificates, alloc, 2, sizeof(struct aws_pem_object))) {
-        return AWS_OP_ERR;
-    }
-
-    if (aws_decode_pem_to_object_list(alloc, *certificates_blob, &certificates)) {
+    if (aws_pem_objects_init_from_file_contents(alloc, *certificates_blob, &certificates)) {
         goto clean_up;
     }
 
@@ -259,7 +255,7 @@ int aws_import_trusted_certificates(
 
 clean_up:
 
-    aws_pem_objects_clean_up(&certificates);
+    aws_pem_objects_clear(&certificates);
     aws_array_list_clean_up(&certificates);
 
     if (result == AWS_OP_ERR && *cert_store) {
@@ -565,21 +561,13 @@ int aws_import_key_pair_to_cert_context(
     int result = AWS_OP_ERR;
     BYTE *key = NULL;
 
-    if (aws_array_list_init_dynamic(&certificates, alloc, 2, sizeof(struct aws_pem_object))) {
-        return AWS_OP_ERR;
-    }
-
-    if (aws_decode_pem_to_object_list(alloc, *public_cert_chain, &certificates)) {
+    if (aws_pem_objects_init_from_file_contents(alloc, *public_cert_chain, &certificates)) {
         AWS_LOGF_ERROR(
             AWS_LS_IO_PKI, "static: failed to decode cert pem to buffer list with error %d", (int)aws_last_error());
         goto clean_up;
     }
 
-    if (aws_array_list_init_dynamic(&private_keys, alloc, 1, sizeof(struct aws_pem_object))) {
-        goto clean_up;
-    }
-
-    if (aws_decode_pem_to_object_list(alloc, *private_key, &private_keys)) {
+    if (aws_pem_objects_init_from_file_contents(alloc, *private_key, &private_keys)) {
         AWS_LOGF_ERROR(
             AWS_LS_IO_PKI, "static: failed to decode key pem to buffer list with error %d", (int)aws_last_error());
         goto clean_up;
@@ -730,9 +718,9 @@ int aws_import_key_pair_to_cert_context(
     }
 
 clean_up:
-    aws_pem_objects_clean_up(&certificates);
+    aws_pem_objects_clear(&certificates);
     aws_array_list_clean_up(&certificates);
-    aws_pem_objects_clean_up(&private_keys);
+    aws_pem_objects_clear(&private_keys);
     aws_array_list_clean_up(&private_keys);
 
     LocalFree(key);

diff --git a/tests/pem_test.c b/tests/pem_test.c
@@ -210,7 +210,7 @@ static int s_test_pem_cert_parse_from_file(struct aws_allocator *allocator, void
     struct aws_array_list output_list;
 
     ASSERT_SUCCESS(aws_array_list_init_dynamic(&output_list, allocator, 1, sizeof(struct aws_pem_object)));
-    ASSERT_SUCCESS(aws_read_and_decode_pem_file_to_object_list(allocator, "testparse.crt", &output_list));
+    ASSERT_SUCCESS(aws_pem_objects_init_from_file_path(allocator, "testparse.crt", &output_list));
     ASSERT_UINT_EQUALS(1, aws_array_list_length(&output_list));
 
     struct aws_pem_object *pem_object = NULL;
@@ -219,7 +219,7 @@ static int s_test_pem_cert_parse_from_file(struct aws_allocator *allocator, void
     ASSERT_CURSOR_VALUE_CSTRING_EQUALS(aws_byte_cursor_from_string(&pem_object->type_string), "CERTIFICATE");
     ASSERT_INT_EQUALS(AWS_PEM_TYPE_X509, pem_object->type);
 
-    aws_pem_objects_clean_up(&output_list);
+    aws_pem_objects_clear(&output_list);
     aws_array_list_clean_up(&output_list);
 
     return AWS_OP_SUCCESS;
@@ -302,7 +302,7 @@ static int s_test_pem_private_key_parse_from_file(struct aws_allocator *allocato
     struct aws_array_list output_list;
 
     ASSERT_SUCCESS(aws_array_list_init_dynamic(&output_list, allocator, 1, sizeof(struct aws_pem_object)));
-    ASSERT_SUCCESS(aws_read_and_decode_pem_file_to_object_list(allocator, "unittests.key", &output_list));
+    ASSERT_SUCCESS(aws_pem_objects_init_from_file_path(allocator, "unittests.key", &output_list));
     ASSERT_UINT_EQUALS(1, aws_array_list_length(&output_list));
 
     struct aws_pem_object *pem_object = NULL;
@@ -311,7 +311,7 @@ static int s_test_pem_private_key_parse_from_file(struct aws_allocator *allocato
     ASSERT_CURSOR_VALUE_CSTRING_EQUALS(aws_byte_cursor_from_string(&pem_object->type_string), "RSA PRIVATE KEY");
     ASSERT_INT_EQUALS(AWS_PEM_TYPE_PRIVATE_RSA_PKCS1, pem_object->type);
 
-    aws_pem_objects_clean_up(&output_list);
+    aws_pem_objects_clear(&output_list);
     aws_array_list_clean_up(&output_list);
 
     return AWS_OP_SUCCESS;
@@ -379,8 +379,7 @@ static int s_test_pem_single_cert_parse(struct aws_allocator *allocator, void *c
     struct aws_byte_cursor pem_data = aws_byte_cursor_from_c_str(s_rsa_1024_sha224_client_crt_pem);
     struct aws_array_list output_list;
 
-    ASSERT_SUCCESS(aws_array_list_init_dynamic(&output_list, allocator, 1, sizeof(struct aws_pem_object)));
-    ASSERT_SUCCESS(aws_decode_pem_to_object_list(allocator, pem_data, &output_list));
+    ASSERT_SUCCESS(aws_pem_objects_init_from_file_contents(allocator, pem_data, &output_list));
     ASSERT_UINT_EQUALS(1, aws_array_list_length(&output_list));
 
     struct aws_pem_object *pem_object = NULL;
@@ -389,7 +388,7 @@ static int s_test_pem_single_cert_parse(struct aws_allocator *allocator, void *c
     ASSERT_CURSOR_VALUE_CSTRING_EQUALS(aws_byte_cursor_from_string(&pem_object->type_string), "CERTIFICATE");
     ASSERT_INT_EQUALS(AWS_PEM_TYPE_X509, pem_object->type);
 
-    aws_pem_objects_clean_up(&output_list);
+    aws_pem_objects_clear(&output_list);
     aws_array_list_clean_up(&output_list);
 
     return AWS_OP_SUCCESS;
@@ -593,8 +592,7 @@ static int s_test_pem_cert_chain_parse(struct aws_allocator *allocator, void *ct
     struct aws_byte_cursor pem_data = aws_byte_cursor_from_c_str(s_rsa_2048_pkcs1_crt_pem);
     struct aws_array_list output_list;
 
-    ASSERT_SUCCESS(aws_array_list_init_dynamic(&output_list, allocator, 1, sizeof(struct aws_pem_object)));
-    ASSERT_SUCCESS(aws_decode_pem_to_object_list(allocator, pem_data, &output_list));
+    ASSERT_SUCCESS(aws_pem_objects_init_from_file_contents(allocator, pem_data, &output_list));
     ASSERT_UINT_EQUALS(3, aws_array_list_length(&output_list));
 
     struct aws_pem_object *pem_object = NULL;
@@ -613,7 +611,7 @@ static int s_test_pem_cert_chain_parse(struct aws_allocator *allocator, void *ct
     ASSERT_CURSOR_VALUE_CSTRING_EQUALS(aws_byte_cursor_from_string(&pem_object->type_string), "CERTIFICATE");
     ASSERT_INT_EQUALS(AWS_PEM_TYPE_X509, pem_object->type);
 
-    aws_pem_objects_clean_up(&output_list);
+    aws_pem_objects_clear(&output_list);
     aws_array_list_clean_up(&output_list);
 
     return AWS_OP_SUCCESS;
@@ -723,8 +721,7 @@ static int s_test_pem_private_key_parse(struct aws_allocator *allocator, void *c
     struct aws_byte_cursor pem_data = aws_byte_cursor_from_c_str(s_private_key_pem);
     struct aws_array_list output_list;
 
-    ASSERT_SUCCESS(aws_array_list_init_dynamic(&output_list, allocator, 1, sizeof(struct aws_pem_object)));
-    ASSERT_SUCCESS(aws_decode_pem_to_object_list(allocator, pem_data, &output_list));
+    ASSERT_SUCCESS(aws_pem_objects_init_from_file_contents(allocator, pem_data, &output_list));
     ASSERT_UINT_EQUALS(1, aws_array_list_length(&output_list));
 
     struct aws_pem_object *pem_object = NULL;
@@ -733,7 +730,7 @@ static int s_test_pem_private_key_parse(struct aws_allocator *allocator, void *c
     ASSERT_CURSOR_VALUE_CSTRING_EQUALS(aws_byte_cursor_from_string(&pem_object->type_string), "RSA PRIVATE KEY");
     ASSERT_INT_EQUALS(AWS_PEM_TYPE_PRIVATE_RSA_PKCS1, pem_object->type);
 
-    aws_pem_objects_clean_up(&output_list);
+    aws_pem_objects_clear(&output_list);
     aws_array_list_clean_up(&output_list);
 
     return AWS_OP_SUCCESS;
@@ -953,8 +950,7 @@ static int s_test_pem_cert_chain_comments_and_whitespace(struct aws_allocator *a
     struct aws_byte_cursor pem_data = aws_byte_cursor_from_c_str(s_pem_data_str);
     struct aws_array_list output_list;
 
-    ASSERT_SUCCESS(aws_array_list_init_dynamic(&output_list, allocator, 1, sizeof(struct aws_pem_object)));
-    ASSERT_SUCCESS(aws_decode_pem_to_object_list(allocator, pem_data, &output_list));
+    ASSERT_SUCCESS(aws_pem_objects_init_from_file_contents(allocator, pem_data, &output_list));
     ASSERT_UINT_EQUALS(3, aws_array_list_length(&output_list));
 
     struct aws_pem_object *pem_object = NULL;
@@ -973,7 +969,7 @@ static int s_test_pem_cert_chain_comments_and_whitespace(struct aws_allocator *a
     ASSERT_CURSOR_VALUE_CSTRING_EQUALS(aws_byte_cursor_from_string(&pem_object->type_string), "CERTIFICATE");
     ASSERT_INT_EQUALS(AWS_PEM_TYPE_X509, pem_object->type);
 
-    aws_pem_objects_clean_up(&output_list);
+    aws_pem_objects_clear(&output_list);
     aws_array_list_clean_up(&output_list);
 
     return AWS_OP_SUCCESS;
@@ -1003,8 +999,7 @@ static int s_test_pem_invalid_parse(struct aws_allocator *allocator, void *ctx)
     struct aws_byte_cursor pem_data = aws_byte_cursor_from_c_str(s_invalid_pem);
     struct aws_array_list output_list;
 
-    ASSERT_SUCCESS(aws_array_list_init_dynamic(&output_list, allocator, 1, sizeof(struct aws_pem_object)));
-    ASSERT_ERROR(AWS_ERROR_PEM_MALFORMED, aws_decode_pem_to_object_list(allocator, pem_data, &output_list));
+    ASSERT_ERROR(AWS_ERROR_PEM_MALFORMED, aws_pem_objects_init_from_file_contents(allocator, pem_data, &output_list));
     ASSERT_UINT_EQUALS(0, aws_array_list_length(&output_list));
 
     aws_array_list_clean_up(&output_list);
@@ -1036,8 +1031,7 @@ static int s_test_pem_valid_data_invalid_parse(struct aws_allocator *allocator,
     struct aws_byte_cursor pem_data = aws_byte_cursor_from_c_str(s_invalid_data);
     struct aws_array_list output_list;
 
-    ASSERT_SUCCESS(aws_array_list_init_dynamic(&output_list, allocator, 1, sizeof(struct aws_pem_object)));
-    ASSERT_ERROR(AWS_ERROR_PEM_MALFORMED, aws_decode_pem_to_object_list(allocator, pem_data, &output_list));
+    ASSERT_ERROR(AWS_ERROR_PEM_MALFORMED, aws_pem_objects_init_from_file_contents(allocator, pem_data, &output_list));
     ASSERT_UINT_EQUALS(0, aws_array_list_length(&output_list));
 
     aws_array_list_clean_up(&output_list);
@@ -1108,8 +1102,7 @@ static int s_test_pem_invalid_in_chain_parse(struct aws_allocator *allocator, vo
     struct aws_byte_cursor pem_data = aws_byte_cursor_from_c_str(s_invalid_data);
     struct aws_array_list output_list;
 
-    ASSERT_SUCCESS(aws_array_list_init_dynamic(&output_list, allocator, 1, sizeof(struct aws_pem_object)));
-    ASSERT_ERROR(AWS_ERROR_PEM_MALFORMED, aws_decode_pem_to_object_list(allocator, pem_data, &output_list));
+    ASSERT_ERROR(AWS_ERROR_PEM_MALFORMED, aws_pem_objects_init_from_file_contents(allocator, pem_data, &output_list));
     ASSERT_UINT_EQUALS(0, aws_array_list_length(&output_list));
 
     aws_array_list_clean_up(&output_list);