static int s_build_canonical_stable_header

static int s_build_canonical_stable_header_list()

in source/aws_signing.c [1215:1334]
83 lines of code
16 McCabe index (conditional complexity)

static int s_build_canonical_stable_header_list(
    struct aws_signing_state_aws *state,
    struct aws_array_list *stable_header_list,
    size_t *out_required_capacity) {

    AWS_ASSERT(aws_array_list_length(stable_header_list) == 0);

    *out_required_capacity = 0;
    const struct aws_signable *signable = state->signable;

    /*
     * request headers
     */
    struct aws_array_list *signable_header_list = NULL;
    if (aws_signable_get_property_list(signable, g_aws_http_headers_property_list_name, &signable_header_list)) {
        return AWS_OP_ERR;
    }

    const size_t signable_header_count = aws_array_list_length(signable_header_list);
    for (size_t i = 0; i < signable_header_count; ++i) {
        struct stable_header header_wrapper;
        AWS_ZERO_STRUCT(header_wrapper);
        header_wrapper.original_index = i;

        if (aws_array_list_get_at(signable_header_list, &header_wrapper.header, i)) {
            return AWS_OP_ERR;
        }

        struct aws_byte_cursor *header_name_cursor = &header_wrapper.header.name;
        if (!s_should_sign_header(state, header_name_cursor)) {
            continue;
        }

        *out_required_capacity += header_wrapper.header.name.len + header_wrapper.header.value.len;

        if (aws_array_list_push_back(stable_header_list, &header_wrapper)) {
            return AWS_OP_ERR;
        }
    }

    /* If doing HEADERS signature type, add required X-Amz-*** headers.
     * NOTE: For QUERY_PARAMS signature type, X-Amz-*** params are added to query string instead. */
    if (state->config.signature_type == AWS_ST_HTTP_REQUEST_HEADERS) {

        /*
         * X-Amz-Security-Token
         */
        struct aws_byte_cursor session_token_cursor = aws_credentials_get_session_token(state->config.credentials);
        if (session_token_cursor.len > 0) {
            /* Note that if omit_session_token is true, it is added to final
             * signing result but NOT included in canonicalized headers. */
            if (state->config.flags.omit_session_token) {
                if (aws_signing_result_append_property_list(
                        &state->result,
                        g_aws_http_headers_property_list_name,
                        &s_amz_security_token_header_name,
                        &session_token_cursor)) {
                    return AWS_OP_ERR;
                }
            } else {
                if (s_add_authorization_header(
                        state,
                        stable_header_list,
                        out_required_capacity,
                        s_amz_security_token_header_name,
                        session_token_cursor)) {
                    return AWS_OP_ERR;
                }
            }
        }

        /*
         * X-Amz-Date
         */
        if (s_add_authorization_header(
                state,
                stable_header_list,
                out_required_capacity,
                s_amz_date_header_name,
                aws_byte_cursor_from_buf(&state->date))) {
            return AWS_OP_ERR;
        }

        *out_required_capacity += g_aws_signing_date_name->len + state->date.len;

        /*
         * x-amz-region-set
         */
        if (state->config.algorithm == AWS_SIGNING_ALGORITHM_V4_ASYMMETRIC) {
            if (s_add_authorization_header(
                    state,
                    stable_header_list,
                    out_required_capacity,
                    aws_byte_cursor_from_string(g_aws_signing_region_set_name),
                    state->config.region)) {
                return AWS_OP_ERR;
            }
        }

        /*
         * x-amz-content-sha256 (optional)
         */
        if (state->config.signed_body_header == AWS_SBHT_X_AMZ_CONTENT_SHA256) {
            if (s_add_authorization_header(
                    state,
                    stable_header_list,
                    out_required_capacity,
                    s_amz_content_sha256_header_name,
                    aws_byte_cursor_from_buf(&state->payload_hash))) {
                return AWS_OP_ERR;
            }
        }

        /* NOTE: Update MAX_AUTHORIZATION_HEADER_COUNT if more headers added */
    }

    *out_required_capacity += aws_array_list_length(stable_header_list) * 2; /*  ':' + '\n' per header */

    return AWS_OP_SUCCESS;
}