Make objective-c functions more readable

MatteoPologruto · MatteoPologruto · commit e10948e63d88 · 2024-04-30T09:26:56.000+02:00
diff --git a/certificates/certs.h b/certificates/certs.h
@@ -0,0 +1,4 @@
+const char *installCert(const char *path);
+const char *uninstallCert();
+const char *evaluateCert();
+const char *getExpirationDate(char *expirationDate);
diff --git a/certificates/certs.m b/certificates/certs.m
@@ -0,0 +1,167 @@
+#import <Cocoa/Cocoa.h>
+#include "certs.h"
+
+const char *installCert(const char *path) {
+    NSURL *url = [NSURL fileURLWithPath:@(path) isDirectory:NO];
+    NSData *rootCertData = [NSData dataWithContentsOfURL:url];
+
+    OSStatus err = noErr;
+    SecCertificateRef rootCert = SecCertificateCreateWithData(kCFAllocatorDefault, (CFDataRef) rootCertData);
+
+    CFTypeRef result;
+
+    NSDictionary* dict = [NSDictionary dictionaryWithObjectsAndKeys:
+        (id)kSecClassCertificate, kSecClass,
+        rootCert, kSecValueRef,
+        nil];
+
+    err = SecItemAdd((CFDictionaryRef)dict, &result);
+
+    if (err == noErr) {
+        NSLog(@"Install root certificate success");
+    } else if (err == errSecDuplicateItem) {
+        NSString *errString = [@"duplicate root certificate entry. Error: " stringByAppendingFormat:@"%d", err];
+        NSLog(@"%@", errString);
+        return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];;
+    } else {
+        NSString *errString = [@"install root certificate failure. Error: " stringByAppendingFormat:@"%d", err];
+        NSLog(@"%@", errString);
+        return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];
+    }
+
+    NSDictionary *newTrustSettings = @{(id)kSecTrustSettingsResult: [NSNumber numberWithInt:kSecTrustSettingsResultTrustRoot]};
+    err = SecTrustSettingsSetTrustSettings(rootCert, kSecTrustSettingsDomainUser, (__bridge CFTypeRef)(newTrustSettings));
+    if (err != errSecSuccess) {
+        NSString *errString = [@"Could not change the trust setting for a certificate. Error: " stringByAppendingFormat:@"%d", err];
+        NSLog(@"%@", errString);
+        return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];
+    }
+
+    return "";
+}
+
+const char *uninstallCert() {
+    // Each line is a key-value of the dictionary. Note: the the inverted order, value first then key.
+    NSDictionary* dict = [NSDictionary dictionaryWithObjectsAndKeys:
+        (id)kSecClassCertificate, kSecClass,
+        CFSTR("Arduino"), kSecAttrLabel,
+        kSecMatchLimitOne, kSecMatchLimit,
+        kCFBooleanTrue, kSecReturnAttributes,
+        nil];
+
+    OSStatus err = noErr;
+    // Use this function to check for errors
+    err = SecItemCopyMatching((CFDictionaryRef)dict, nil);
+    if (err == noErr) {
+        err = SecItemDelete((CFDictionaryRef)dict);
+        if (err != noErr) {
+            NSString *errString = [@"Could not delete the certificates. Error: " stringByAppendingFormat:@"%d", err];
+            NSLog(@"%@", errString);
+            return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];;
+        }
+    } else if (err != errSecItemNotFound){
+        NSString *errString = [@"Error: " stringByAppendingFormat:@"%d", err];
+        NSLog(@"%@", errString);
+        return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];;
+    }
+    return "";
+}
+
+const char *evaluateCert(){
+    // Each line is a key-value of the dictionary. Note: the the inverted order, value first then key.
+    NSDictionary* dict = [NSDictionary dictionaryWithObjectsAndKeys:
+        (id)kSecClassCertificate, kSecClass,
+        CFSTR("Arduino"), kSecAttrLabel,
+        kSecMatchLimitOne, kSecMatchLimit,
+        kCFBooleanFalse, kSecReturnAttributes,
+        kCFBooleanTrue, kSecReturnData,
+        nil];
+
+    OSStatus err = noErr;
+    CFTypeRef cert;
+    // Use this function to check for errors
+    err = SecItemCopyMatching((CFDictionaryRef)dict, &cert);
+    if (err == noErr) {
+        SecPolicyRef policy = SecPolicyCreateBasicX509();
+        SecTrustRef trust;
+        err = SecTrustCreateWithCertificates(cert, policy, &trust);
+        CFRelease(policy);
+        if (err != noErr) {
+            NSString *errString = [@"Could not create a trust item from the certificates. Error: " stringByAppendingFormat:@"%d", err];
+            NSLog(@"%@", errString);
+            return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];;
+        }
+        SecTrustEvaluateAsyncWithError(trust, dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0),
+            ^(SecTrustRef evaluatedTrust, bool trustResult, CFErrorRef error) {
+                if (trustResult == YES) {
+                    // Evaluation succeeded!
+                } else {
+                    // Evaluation failed: Check the error
+                    SecTrustResultType trustResult;
+                    SecTrustGetTrustResult(trust, &trustResult);
+                    if (trustResult == kSecTrustResultRecoverableTrustFailure) {
+                        // Make changes and try again.
+                    }
+                }
+
+                // Finally, release the trust and error.
+                if (evaluatedTrust) { CFRelease(evaluatedTrust); }
+                if (error)          { CFRelease(error); }
+            }
+        );
+    } else if (err != errSecItemNotFound){
+        NSString *errString = [@"Error: " stringByAppendingFormat:@"%d", err];
+        NSLog(@"%@", errString);
+        return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];;
+    }
+    return "";
+}
+
+const char *getExpirationDate(char *expirationDate){
+    // Create a key-value dictionary used to query the Keychain and look for the "Arduino" root certificate.
+    NSDictionary *getquery = @{
+                (id)kSecClass:     (id)kSecClassCertificate,
+                (id)kSecAttrLabel: @"Arduino",
+                (id)kSecReturnRef: @YES,
+            };
+
+    OSStatus err = noErr;
+    SecCertificateRef cert = NULL;
+
+    // Use this function to check for errors
+    err = SecItemCopyMatching((CFDictionaryRef)getquery, (CFTypeRef *)&cert);
+
+    if (err != noErr){
+        NSString *errString = [@"Error: " stringByAppendingFormat:@"%d", err];
+        NSLog(@"%@", errString);
+        return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];
+    }
+
+    // Get data from the certificate. We just need the "invalidity date" property.
+    CFDictionaryRef valuesDict = SecCertificateCopyValues(cert, (__bridge CFArrayRef)@[(__bridge id)kSecOIDInvalidityDate], NULL);
+
+    id expirationDateValue;
+    if(valuesDict){
+        CFDictionaryRef invalidityDateDictionaryRef = CFDictionaryGetValue(valuesDict, kSecOIDInvalidityDate);
+        if(invalidityDateDictionaryRef){
+            CFTypeRef invalidityRef = CFDictionaryGetValue(invalidityDateDictionaryRef, kSecPropertyKeyValue);
+            if(invalidityRef){
+                expirationDateValue = CFBridgingRelease(invalidityRef);
+            }
+        }
+        CFRelease(valuesDict);
+    }
+
+    NSString *outputString = [@"" stringByAppendingFormat:@"%@", expirationDateValue];
+    if([outputString isEqualToString:@""]){
+        NSString *errString = @"Error: the expiration date of the certificate could not be found";
+        NSLog(@"%@", errString);
+        return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];
+    }
+
+    // This workaround allows to obtain the expiration date alongside the error message
+    strncpy(expirationDate, [outputString cStringUsingEncoding:[NSString defaultCStringEncoding]], 32);
+    expirationDate[32-1] = 0;
+
+    return "";
+}
diff --git a/certificates/install_darwin.go b/certificates/install_darwin.go
@@ -22,172 +22,7 @@ package certificates
 #cgo CFLAGS: -x objective-c
 // Pass the list of macOS frameworks needed by this piece of Objective-C code.
 #cgo LDFLAGS: -framework Cocoa
-#import <Cocoa/Cocoa.h>
-
-const char *installCert(const char *path) {
-    NSURL *url = [NSURL fileURLWithPath:@(path) isDirectory:NO];
-    NSData *rootCertData = [NSData dataWithContentsOfURL:url];
-
-    OSStatus err = noErr;
-    SecCertificateRef rootCert = SecCertificateCreateWithData(kCFAllocatorDefault, (CFDataRef) rootCertData);
-
-    CFTypeRef result;
-
-    NSDictionary* dict = [NSDictionary dictionaryWithObjectsAndKeys:
-        (id)kSecClassCertificate, kSecClass,
-        rootCert, kSecValueRef,
-        nil];
-
-    err = SecItemAdd((CFDictionaryRef)dict, &result);
-
-    if (err == noErr) {
-        NSLog(@"Install root certificate success");
-    } else if (err == errSecDuplicateItem) {
-        NSString *errString = [@"duplicate root certificate entry. Error: " stringByAppendingFormat:@"%d", err];
-        NSLog(@"%@", errString);
-        return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];;
-    } else {
-        NSString *errString = [@"install root certificate failure. Error: " stringByAppendingFormat:@"%d", err];
-        NSLog(@"%@", errString);
-        return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];
-    }
-
-    NSDictionary *newTrustSettings = @{(id)kSecTrustSettingsResult: [NSNumber numberWithInt:kSecTrustSettingsResultTrustRoot]};
-    err = SecTrustSettingsSetTrustSettings(rootCert, kSecTrustSettingsDomainUser, (__bridge CFTypeRef)(newTrustSettings));
-    if (err != errSecSuccess) {
-        NSString *errString = [@"Could not change the trust setting for a certificate. Error: " stringByAppendingFormat:@"%d", err];
-        NSLog(@"%@", errString);
-        return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];
-    }
-
-    return "";
-}
-
-const char *uninstallCert() {
-    // Each line is a key-value of the dictionary. Note: the the inverted order, value first then key.
-    NSDictionary* dict = [NSDictionary dictionaryWithObjectsAndKeys:
-        (id)kSecClassCertificate, kSecClass,
-        CFSTR("Arduino"), kSecAttrLabel,
-        kSecMatchLimitOne, kSecMatchLimit,
-        kCFBooleanTrue, kSecReturnAttributes,
-        nil];
-
-    OSStatus err = noErr;
-    // Use this function to check for errors
-    err = SecItemCopyMatching((CFDictionaryRef)dict, nil);
-    if (err == noErr) {
-        err = SecItemDelete((CFDictionaryRef)dict);
-        if (err != noErr) {
-            NSString *errString = [@"Could not delete the certificates. Error: " stringByAppendingFormat:@"%d", err];
-            NSLog(@"%@", errString);
-            return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];;
-        }
-    } else if (err != errSecItemNotFound){
-        NSString *errString = [@"Error: " stringByAppendingFormat:@"%d", err];
-        NSLog(@"%@", errString);
-        return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];;
-    }
-    return "";
-}
-
-const char *evaluateCert(){
-    // Each line is a key-value of the dictionary. Note: the the inverted order, value first then key.
-    NSDictionary* dict = [NSDictionary dictionaryWithObjectsAndKeys:
-        (id)kSecClassCertificate, kSecClass,
-        CFSTR("Arduino"), kSecAttrLabel,
-        kSecMatchLimitOne, kSecMatchLimit,
-        kCFBooleanFalse, kSecReturnAttributes,
-        kCFBooleanTrue, kSecReturnData,
-        nil];
-
-    OSStatus err = noErr;
-    CFTypeRef cert;
-    // Use this function to check for errors
-    err = SecItemCopyMatching((CFDictionaryRef)dict, &cert);
-    if (err == noErr) {
-        SecPolicyRef policy = SecPolicyCreateBasicX509();
-        SecTrustRef trust;
-        err = SecTrustCreateWithCertificates(cert, policy, &trust);
-        CFRelease(policy);
-        if (err != noErr) {
-            NSString *errString = [@"Could not create a trust item from the certificates. Error: " stringByAppendingFormat:@"%d", err];
-            NSLog(@"%@", errString);
-            return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];;
-        }
-        SecTrustEvaluateAsyncWithError(trust, dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0),
-            ^(SecTrustRef evaluatedTrust, bool trustResult, CFErrorRef error) {
-                if (trustResult == YES) {
-                    // Evaluation succeeded!
-                } else {
-                    // Evaluation failed: Check the error
-                    SecTrustResultType trustResult;
-                    SecTrustGetTrustResult(trust, &trustResult);
-                    if (trustResult == kSecTrustResultRecoverableTrustFailure) {
-                        // Make changes and try again.
-                    }
-                }
-
-                // Finally, release the trust and error.
-                if (evaluatedTrust) { CFRelease(evaluatedTrust); }
-                if (error)          { CFRelease(error); }
-            }
-        );
-    } else if (err != errSecItemNotFound){
-        NSString *errString = [@"Error: " stringByAppendingFormat:@"%d", err];
-        NSLog(@"%@", errString);
-        return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];;
-    }
-    return "";
-}
-
-const char *getExpirationDate(char *expirationDate){
-    // Create a key-value dictionary used to query the Keychain and look for the "Arduino" root certificate.
-    NSDictionary *getquery = @{
-                (id)kSecClass:     (id)kSecClassCertificate,
-                (id)kSecAttrLabel: @"Arduino",
-                (id)kSecReturnRef: @YES,
-            };
-
-    OSStatus err = noErr;
-    SecCertificateRef cert = NULL;
-
-    // Use this function to check for errors
-    err = SecItemCopyMatching((CFDictionaryRef)getquery, (CFTypeRef *)&cert);
-
-    if (err != noErr){
-        NSString *errString = [@"Error: " stringByAppendingFormat:@"%d", err];
-        NSLog(@"%@", errString);
-        return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];
-    }
-
-    // Get data from the certificate. We just need the "invalidity date" property.
-    CFDictionaryRef valuesDict = SecCertificateCopyValues(cert, (__bridge CFArrayRef)@[(__bridge id)kSecOIDInvalidityDate], NULL);
-
-    id expirationDateValue;
-    if(valuesDict){
-        CFDictionaryRef invalidityDateDictionaryRef = CFDictionaryGetValue(valuesDict, kSecOIDInvalidityDate);
-        if(invalidityDateDictionaryRef){
-            CFTypeRef invalidityRef = CFDictionaryGetValue(invalidityDateDictionaryRef, kSecPropertyKeyValue);
-            if(invalidityRef){
-                expirationDateValue = CFBridgingRelease(invalidityRef);
-            }
-        }
-        CFRelease(valuesDict);
-    }
-
-    NSString *outputString = [@"" stringByAppendingFormat:@"%@", expirationDateValue];
-    if([outputString isEqualToString:@""]){
-        NSString *errString = @"Error: the expiration date of the certificate could not be found";
-        NSLog(@"%@", errString);
-        return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];
-    }
-
-    // This workaround allows to obtain the expiration date alongside the error message
-    strncpy(expirationDate, [outputString cStringUsingEncoding:[NSString defaultCStringEncoding]], 32);
-    expirationDate[32-1] = 0;
-
-    return "";
-}
+#include "certs.h"
 */
 import "C"
 import (
