static int raw_rsa_keyring_on

static int raw_rsa_keyring_on_decrypt()

in source/raw_rsa_keyring.c [105:153]
40 lines of code
10 McCabe index (conditional complexity)

static int raw_rsa_keyring_on_decrypt(
    struct aws_cryptosdk_keyring *kr,
    struct aws_allocator *request_alloc,
    struct aws_byte_buf *unencrypted_data_key,
    struct aws_array_list *keyring_trace,
    const struct aws_array_list *edks,
    const struct aws_hash_table *enc_ctx,
    enum aws_cryptosdk_alg_id alg) {
    (void)enc_ctx;
    (void)alg;
    struct raw_rsa_keyring *self = (struct raw_rsa_keyring *)kr;
    if (!self->rsa_private_key_pem) return aws_raise_error(AWS_CRYPTOSDK_ERR_BAD_STATE);

    size_t num_edks = aws_array_list_length(edks);

    for (size_t edk_idx = 0; edk_idx < num_edks; ++edk_idx) {
        const struct aws_cryptosdk_edk *edk;
        if (aws_array_list_get_at_ptr(edks, (void **)&edk, edk_idx)) {
            return AWS_OP_ERR;
        }

        if (!edk->provider_id.len || !edk->provider_info.len || !edk->ciphertext.len) continue;
        if (!aws_string_eq_byte_buf(self->key_namespace, &edk->provider_id)) continue;
        if (!aws_string_eq_byte_buf(self->key_name, &edk->provider_info)) continue;

        if (aws_cryptosdk_rsa_decrypt(
                unencrypted_data_key,
                request_alloc,
                aws_byte_cursor_from_array(edk->ciphertext.buffer, edk->ciphertext.len),
                self->rsa_private_key_pem,
                self->rsa_padding_mode)) {
            /* We are here either because of a ciphertext mismatch
             * or because of an OpenSSL error. In either case, nothing
             * better to do than just moving on to next EDK, so clear the error code.
             */
            aws_reset_error();
        } else {
            aws_cryptosdk_keyring_trace_add_record(
                request_alloc,
                keyring_trace,
                self->key_namespace,
                self->key_name,
                AWS_CRYPTOSDK_WRAPPING_KEY_DECRYPTED_DATA_KEY);
            return AWS_OP_SUCCESS;
        }
    }
    // None of the EDKs worked. Return success per materials.h
    return AWS_OP_SUCCESS;
}