- moved algorithm definitions from payloads to corresponding transforms
authorMartin Willi <martin@strongswan.org>
Thu, 24 Nov 2005 16:22:04 +0000 (16:22 -0000)
committerMartin Willi <martin@strongswan.org>
Thu, 24 Nov 2005 16:22:04 +0000 (16:22 -0000)
- cleanup of docs in transforms

28 files changed:
Source/charon/definitions.h
Source/charon/encoding/payloads/transform_substructure.c
Source/charon/encoding/payloads/transform_substructure.h
Source/charon/network/packet.h
Source/charon/sa/ike_sa.c
Source/charon/testcases/event_queue_test.c
Source/charon/testcases/job_queue_test.c
Source/charon/threads/receiver.c
Source/charon/transforms/crypters/crypter.c
Source/charon/transforms/crypters/crypter.h
Source/charon/transforms/diffie_hellman.c
Source/charon/transforms/diffie_hellman.h
Source/charon/transforms/hashers/hasher.c
Source/charon/transforms/hashers/hasher.h
Source/charon/transforms/hashers/hasher_md5.c
Source/charon/transforms/hashers/hasher_md5.h
Source/charon/transforms/hashers/hasher_sha1.c
Source/charon/transforms/hashers/hasher_sha1.h
Source/charon/transforms/hmac.h
Source/charon/transforms/prf_plus.c
Source/charon/transforms/prf_plus.h
Source/charon/transforms/prfs/prf.c
Source/charon/transforms/prfs/prf.h
Source/charon/transforms/prfs/prf_hmac.c
Source/charon/transforms/prfs/prf_hmac.h
Source/charon/transforms/signers/signer.c
Source/charon/transforms/signers/signer.h
Source/charon/utils/gmp_helper.h

index 784d164..db9ed52 100644 (file)
 
 /**
  * @addtogroup transforms
+ * 
+ * Transform algorithms of different kind.
  */
  
 /**
  * @addtogroup prfs
  * 
+ * Pseudo random functions, generate a lot of pseudo
+ * randomness using random numbers.
+ * 
+ * @ingroup transforms
+ */
+
+/**
+ * @addtogroup signers
+ * 
+ * Symmetric signing algorithms, used to ensure 
+ * message integrity.
+ * 
+ * @ingroup transforms
+ */
+
+/**
+ * @addtogroup crypters
+ * 
+ * Symmetric encryption algorithms, used to en-
+ * and decrypt.
+ * 
  * @ingroup transforms
  */
  
+/**
+ * @addtogroup hashers
+ * 
+ * Hash algorithms
+ * 
+ * @ingroup transforms
+ */
 
 /**
  * macro gives back larger of two values
index e81aae5..586ce28 100644 (file)
@@ -99,67 +99,6 @@ mapping_t transform_type_m[] = {
 
 
 /** 
- * string mappings for encryption_algorithm_t
- */
-mapping_t encryption_algorithm_m[] = {
-       {ENCR_UNDEFINED, "ENCR_UNDEFINED"},
-       {ENCR_DES_IV64, "ENCR_DES_IV64"},
-       {ENCR_DES, "ENCR_DES"},
-       {ENCR_3DES, "ENCR_3DES"},
-       {ENCR_RC5, "ENCR_RC5"},
-       {ENCR_IDEA, "ENCR_IDEA"},
-       {ENCR_CAST, "ENCR_CAST"},
-       {ENCR_BLOWFISH, "ENCR_BLOWFISH"},
-       {ENCR_3IDEA, "ENCR_3IDEA"},
-       {ENCR_DES_IV32, "ENCR_DES_IV32"},
-       {ENCR_NULL, "ENCR_NULL"},
-       {ENCR_AES_CBC, "ENCR_AES_CBC"},
-       {ENCR_AES_CTR, "ENCR_AES_CTR"},
-       {MAPPING_END, NULL}
-};
-
-/** 
- * string mappings for encryption_algorithm_t
- */
-mapping_t pseudo_random_function_m[] = {
-       {PRF_UNDEFINED, "PRF_UNDEFINED"},
-       {PRF_HMAC_MD5, "PRF_HMAC_MD5"},
-       {PRF_HMAC_SHA1, "PRF_HMAC_SHA1"},
-       {PRF_HMAC_TIGER, "PRF_HMAC_TIGER"},
-       {PRF_AES128_CBC, "PRF_AES128_CBC"},
-       {MAPPING_END, NULL}
-};
-
-/** 
- * string mappings for integrity_algorithm_t
- */
-mapping_t integrity_algorithm_m[] = {
-       {AUTH_UNDEFINED, "AUTH_UNDEFINED"},
-       {AUTH_HMAC_MD5_96, "AUTH_HMAC_MD5_96"},
-       {AUTH_HMAC_SHA1_96, "AUTH_HMAC_SHA1_96"},
-       {AUTH_DES_MAC, "AUTH_DES_MAC"},
-       {AUTH_KPDK_MD5, "AUTH_KPDK_MD5"},
-       {AUTH_AES_XCBC_96, "AUTH_AES_XCBC_96"},
-       {MAPPING_END, NULL}
-};
-
-/** 
- * string mappings for diffie_hellman_group_t
- */
-mapping_t diffie_hellman_group_m[] = {
-       {MODP_UNDEFINED, "MODP_UNDEFINED"},
-       {MODP_768_BIT, "MODP_768_BIT"},
-       {MODP_1024_BIT, "MODP_1024_BIT"},
-       {MODP_1536_BIT, "MODP_1536_BIT"},
-       {MODP_2048_BIT, "MODP_2048_BIT"},
-       {MODP_3072_BIT, "MODP_3072_BIT"},
-       {MODP_4096_BIT, "MODP_4096_BIT"},
-       {MODP_6144_BIT, "MODP_6144_BIT"},
-       {MODP_8192_BIT, "MODP_8192_BIT"},
-       {MAPPING_END, NULL}
-};
-
-/** 
  * string mappings for extended_sequence_numbers_t
  */
 mapping_t extended_sequence_numbers_m[] = {
index e4b503a..8d49874 100644 (file)
 #include <encoding/payloads/payload.h>
 #include <encoding/payloads/transform_attribute.h>
 #include <utils/linked_list.h>
+#include <transforms/diffie_hellman.h>
+#include <transforms/signers/signer.h>
+#include <transforms/prfs/prf.h>
+#include <transforms/crypters/crypter.h>
 
 
 /**
@@ -62,92 +66,6 @@ enum transform_type_t {
  */
 extern mapping_t transform_type_m[];
 
-typedef enum encryption_algorithm_t encryption_algorithm_t;
-
-/**
- * Encryption algorithm, as in IKEv2 draft 3.3.2
- */
-enum encryption_algorithm_t {
-       ENCR_UNDEFINED = 1024,
-       ENCR_DES_IV64 = 1,
-       ENCR_DES = 2,
-       ENCR_3DES = 3,
-       ENCR_RC5 = 4,
-       ENCR_IDEA = 5,
-       ENCR_CAST = 6,
-       ENCR_BLOWFISH = 7,
-       ENCR_3IDEA = 8,
-       ENCR_DES_IV32 = 9,
-       RESERVED = 10,
-       ENCR_NULL = 11,
-       ENCR_AES_CBC = 12,
-       ENCR_AES_CTR = 13
-};
-
-/** 
- * string mappings for encryption_algorithm_t
- */
-extern mapping_t encryption_algorithm_m[];
-
-typedef enum pseudo_random_function_t pseudo_random_function_t;
-
-/**
- * Pseudo random function, as in IKEv2 draft 3.3.2
- */
-enum pseudo_random_function_t {
-       PRF_UNDEFINED = 1024,
-       PRF_HMAC_MD5 = 1,
-       PRF_HMAC_SHA1 = 2,
-       PRF_HMAC_TIGER = 3,
-       PRF_AES128_CBC = 4
-};
-
-/** 
- * string mappings for encryption_algorithm_t
- */
-extern mapping_t pseudo_random_function_m[];
-
-typedef enum integrity_algorithm_t integrity_algorithm_t;
-
-/**
- * Integrity algorithm, as in IKEv2 draft 3.3.2
- */
-enum integrity_algorithm_t {
-       AUTH_UNDEFINED = 1024,
-       AUTH_HMAC_MD5_96 = 1,
-       AUTH_HMAC_SHA1_96 = 2,
-       AUTH_DES_MAC = 3,
-       AUTH_KPDK_MD5 = 4,
-       AUTH_AES_XCBC_96 = 5
-};
-
-/** 
- * string mappings for integrity_algorithm_t
- */
-extern mapping_t integrity_algorithm_m[];
-
-
-typedef enum diffie_hellman_group_t diffie_hellman_group_t;
-
-/** 
- * Diffie-Hellman group, as in IKEv2 draft 3.3.2 and RFC 3526
- */
-enum diffie_hellman_group_t {
-       MODP_UNDEFINED = 1024,
-       MODP_768_BIT = 1,
-       MODP_1024_BIT = 2,
-       MODP_1536_BIT = 5,
-       MODP_2048_BIT = 14,
-       MODP_3072_BIT = 15,
-       MODP_4096_BIT = 16,
-       MODP_6144_BIT = 17,
-       MODP_8192_BIT = 18
-};
-
-/** 
- * string mappings for diffie_hellman_group_t
- */
-extern mapping_t diffie_hellman_group_m[];
 
 typedef enum extended_sequence_numbers_t extended_sequence_numbers_t;
 
index d1220df..2e41e8a 100644 (file)
@@ -71,7 +71,6 @@ struct packet_t {
 /**
  * @brief create an empty packet
  *  
- * @param family               address-family, such as AF_INET
  * @return                     - NULL when family not supported
  */
 packet_t *packet_create();
index 9747391..5e193ef 100644 (file)
@@ -39,6 +39,7 @@
 #include <encoding/payloads/transform_attribute.h>
 #include <sa/states/initiator_init.h>
 #include <sa/states/responder_init.h>
+#include <queues/jobs/delete_ike_sa_job.h>
 
 
 
index ed61bb7..b2d4376 100644 (file)
@@ -27,6 +27,7 @@
 
 #include <utils/allocator.h>
 #include <queues/event_queue.h>
+#include <queues/jobs/initiate_ike_sa_job.h>
 
 /**
  * Number of different times to insert per thread
index 8590b1e..13576e8 100644 (file)
@@ -29,6 +29,7 @@
 
 #include <utils/allocator.h>
 #include <queues/job_queue.h>
+#include <queues/jobs/initiate_ike_sa_job.h>
 
 
 typedef struct job_queue_test_s job_queue_test_t;
index b042c40..da751dc 100644 (file)
@@ -30,6 +30,7 @@
 #include <network/packet.h>
 #include <queues/job_queue.h>
 #include <queues/jobs/job.h>
+#include <queues/jobs/incoming_packet_job.h>
 #include <utils/allocator.h>
 #include <utils/logger_manager.h>
 
index e69de29..79a02cf 100644 (file)
@@ -0,0 +1,45 @@
+/**
+ * @file crypter.c
+ * 
+ * @brief Generic constructor for crypter_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+
+#include "crypter.h"
+
+
+/** 
+ * string mappings for encryption_algorithm_t
+ */
+mapping_t encryption_algorithm_m[] = {
+{ENCR_UNDEFINED, "ENCR_UNDEFINED"},
+{ENCR_DES_IV64, "ENCR_DES_IV64"},
+{ENCR_DES, "ENCR_DES"},
+{ENCR_3DES, "ENCR_3DES"},
+{ENCR_RC5, "ENCR_RC5"},
+{ENCR_IDEA, "ENCR_IDEA"},
+{ENCR_CAST, "ENCR_CAST"},
+{ENCR_BLOWFISH, "ENCR_BLOWFISH"},
+{ENCR_3IDEA, "ENCR_3IDEA"},
+{ENCR_DES_IV32, "ENCR_DES_IV32"},
+{ENCR_NULL, "ENCR_NULL"},
+{ENCR_AES_CBC, "ENCR_AES_CBC"},
+{ENCR_AES_CTR, "ENCR_AES_CTR"},
+{MAPPING_END, NULL}
+};
index 3d5a686..f9de213 100644 (file)
@@ -1,7 +1,7 @@
 /**
  * @file crypter.h
  * 
- * @brief Generic interface for encryption algorithms
+ * @brief Interface of crypter_t
  * 
  */
 
 #ifndef CRYPTER_H_
 #define CRYPTER_H_
 
-#include <encoding/payloads/transform_substructure.h>
+#include <types.h>
 
+typedef enum encryption_algorithm_t encryption_algorithm_t;
+
+/**
+ * @brief Encryption algorithm, as in IKEv2 draft 3.3.2
+ */
+enum encryption_algorithm_t {
+       ENCR_UNDEFINED = 1024,
+       ENCR_DES_IV64 = 1,
+       ENCR_DES = 2,
+       ENCR_3DES = 3,
+       ENCR_RC5 = 4,
+       ENCR_IDEA = 5,
+       ENCR_CAST = 6,
+       ENCR_BLOWFISH = 7,
+       ENCR_3IDEA = 8,
+       ENCR_DES_IV32 = 9,
+       RESERVED = 10,
+       ENCR_NULL = 11,
+       ENCR_AES_CBC = 12,
+       ENCR_AES_CTR = 13
+};
+
+/** 
+ * string mappings for encryption_algorithm_t
+ */
+extern mapping_t encryption_algorithm_m[];
 
 typedef struct crypter_t crypter_t;
 
 /**
- * Object representing a crypter object
+ * @brief Generic interface for symmetric encryption algorithms.
+ * 
+ * @ingroup crypters
  */
 struct crypter_t {
        /**
@@ -59,36 +87,38 @@ struct crypter_t {
        /**
         * @brief get the block size of this crypter
         * 
-        * @param this                  calling crypter
-        * @return                              block size in bytes
+        * @param this                          calling crypter
+        * @return                                      block size in bytes
         */
        size_t (*get_block_size) (crypter_t *this);
        
        /**
         * @brief Set the key for this crypter
         * 
-        * @param this                  calling crypter
-        * @return                              block size in bytes
+        * @param this                          calling crypter
+        * @param key                           key to set
+        * @return
+        *                                                      - SUCCESS in any case
         */
        status_t (*set_key) (crypter_t *this, chunk_t key);
        
        /**
-        * @brief Destroys a crypter object.
+        * @brief Destroys a crypter_t object.
         *
-        * @param this  crypter_t object to destroy
+        * @param this                          crypter_t object to destroy
         * @return              
-        *                              SUCCESS in any case
+        *                                                      - SUCCESS in any case
         */
        status_t (*destroy) (crypter_t *this);
 };
 
 /**
- * Creates a new crypter_t object
+ * @brief Generic constructor for crypter_t objects.
  * 
- * @param pseudo_random_function       Algorithm to use
+ * @param encryption_algorithm Algorithm to use for crypter
  * @return
- *                                                                     - crypter_t if successfully
- *                                                                     - NULL if out of ressources or crypter not supported
+ *                                                             - crypter_t if successfully
+ *                                                             - NULL if out of ressources or crypter not supported
  */
 crypter_t *crypter_create(encryption_algorithm_t encryption_algorithm);
 
index e018675..1992e57 100644 (file)
 #include <utils/gmp_helper.h>
 
 
+/** 
+ * string mappings for diffie_hellman_group_t
+ */
+mapping_t diffie_hellman_group_m[] = {
+       {MODP_UNDEFINED, "MODP_UNDEFINED"},
+       {MODP_768_BIT, "MODP_768_BIT"},
+       {MODP_1024_BIT, "MODP_1024_BIT"},
+       {MODP_1536_BIT, "MODP_1536_BIT"},
+       {MODP_2048_BIT, "MODP_2048_BIT"},
+       {MODP_3072_BIT, "MODP_3072_BIT"},
+       {MODP_4096_BIT, "MODP_4096_BIT"},
+       {MODP_6144_BIT, "MODP_6144_BIT"},
+       {MODP_8192_BIT, "MODP_8192_BIT"},
+       {MAPPING_END, NULL}
+};
+
+
 /**
  * Modulus of Group 1 (MODP_768_BIT)
  */
index ab1672d..04cfb98 100644 (file)
@@ -1,7 +1,7 @@
 /**
  * @file diffie_hellman.h
  * 
- * @brief Class to represent a diffie hellman exchange.
+ * @brief Interface of diffie_hellman_t.
  * 
  */
 
 #define DIFFIE_HELLMAN_H_
 
 #include <types.h>
-#include <encoding/payloads/transform_substructure.h>
+
+
+typedef enum diffie_hellman_group_t diffie_hellman_group_t;
+
+/** 
+ * @brief Diffie-Hellman group.
+ * 
+ * The modulus (or group) to use for a Diffie-Hellman calculation.
+ * 
+ * @see IKEv2 draft 3.3.2 and RFC 3526.
+ */
+enum diffie_hellman_group_t {
+       MODP_UNDEFINED = 1024,
+       MODP_768_BIT = 1,
+       MODP_1024_BIT = 2,
+       MODP_1536_BIT = 5,
+       MODP_2048_BIT = 14,
+       MODP_3072_BIT = 15,
+       MODP_4096_BIT = 16,
+       MODP_6144_BIT = 17,
+       MODP_8192_BIT = 18
+};
+
+/** 
+ * string mappings for diffie_hellman_group_t
+ */
+extern mapping_t diffie_hellman_group_m[];
+
 
 typedef struct diffie_hellman_t diffie_hellman_t;
 
 /**
- * Object representing a diffie hellman exchange
+ * @brief Implementation of the widely used Diffie-Hellman algorithm.
  * 
+ * @ingroup transforms
  */
 struct diffie_hellman_t {
                
        /**
-        * @brief Returns the shared secret of this diffie hellman exchange
+        * @brief Returns the shared secret of this diffie hellman exchange.
         *      
-        * @warning Space for returned secret is allocated and has to get freed by the caller
+        * @warning Space for returned secret is allocated and must be 
+        * freed by the caller.
         * 
         * @param this                  calling diffie_hellman_t object
         * @param[out] secret   shared secret will be written into this chunk
         * @return                              
-        *                                              - SUCCESS
+        *                                              - SUCCESS, or
         *                                              - FAILED if not both DH values are set
         *                                              - OUT_OF_RES if out of ressources
         */
        status_t (*get_shared_secret) (diffie_hellman_t *this, chunk_t *secret);
        
        /**
-        * @brief Sets the public value of partner
+        * @brief Sets the public value of partner.
         *      
         * @warning chunk gets copied
         * 
         * @param this                  calling diffie_hellman_t object
         * @param public_value  public value of partner
         * @return                              
-        *                                              - SUCCESS
+        *                                              - SUCCESS, or
         *                                              - OUT_OF_RES if out of ressources
         */
        status_t (*set_other_public_value) (diffie_hellman_t *this, chunk_t public_value);
        
        /**
-        * @brief Gets the public value of partner
+        * @brief Gets the public value of partner.
         *      
         * @warning chunk gets copied
         * 
         * @param this                          calling diffie_hellman_t object
-        * @param[out] public_value     public value of partner is stored at this location
+        * @param[out] public_value public value of partner is stored at this location
         * @return                              
-        *                                                      - SUCCESS
+        *                                                      - SUCCESS, or
         *                                                      - OUT_OF_RES if out of ressources
         *                                                      - FAILED if other public value not set
         */
@@ -81,9 +110,9 @@ struct diffie_hellman_t {
         * @warning chunk gets copied
         * 
         * @param this                          calling diffie_hellman_t object
-        * @param[out] public_value     public value of caller is stored at this location
+        * @param[out] public_value public value of caller is stored at this location
         * @return                              
-        *                                                      - SUCCESS
+        *                                                      - SUCCESS, or
         *                                                      - OUT_OF_RES if out of ressources
         */
        status_t (*get_my_public_value) (diffie_hellman_t *this, chunk_t *public_value);
@@ -91,22 +120,24 @@ struct diffie_hellman_t {
        /**
         * @brief Destroys an diffie_hellman_t object.
         *
-        * @param this  diffie_hellman_t object to destroy
+        * @param this                          diffie_hellman_t object to destroy
         * @return              
-        *                              SUCCESS in any case
+        *                                                      - SUCCESS in any case
         */
        status_t (*destroy) (diffie_hellman_t *this);
 };
 
 /**
- * Creates a new diffie_hellman_t object
+ * @brief Creates a new diffie_hellman_t object.
  * 
- * The first diffie hellman public value gets automatically created
+ * The first diffie hellman public value gets automatically created.
  * 
  * @param dh_group_number      Diffie Hellman group number to use
  * @return
  *                                                     - diffie_hellman_t if successfully
  *                                                     - NULL if out of ressources or dh_group not supported
+ * 
+ * @ingroup transforms
  */
 diffie_hellman_t *diffie_hellman_create(diffie_hellman_group_t dh_group_number);
 
index 983ae4b..e71424e 100644 (file)
@@ -1,7 +1,7 @@
 /**
  * @file hasher.c
  * 
- * @brief Generic interface for hash functions
+ * @brief Generic constructor for hasher_t
  * 
  */
 
 #include <transforms/hashers/hasher_sha1.h>
 #include <transforms/hashers/hasher_md5.h>
 
-
+/**
+ * mappings for hash_algorithm_t
+ */
+mapping_t hash_algorithm_m[] = {
+       {HASH_SHA1, "HASH_SHA1"},
+       {HASH_MD5, "HASH_MD5"},
+       {MAPPING_END, NULL}
+};
 
 /*
  * Described in header
index 8b4699a..ed4e0ee 100644 (file)
@@ -1,7 +1,7 @@
 /**
  * @file hasher.h
  * 
- * @brief Generic interface for hash functions
+ * @brief Interface for hasher_t.
  * 
  */
 
 typedef enum hash_algorithm_t hash_algorithm_t;
 
 /**
- * algorithms to use for hashing
+ * @brief Algorithms to use for hashing.
  */
 enum hash_algorithm_t {
        HASH_SHA1,
        HASH_MD5
 };
 
+/**
+ * string mappings for hash_algorithm_t
+ */
+extern mapping_t hash_algorithm_m[];
+
 
 typedef struct hasher_t hasher_t;
 
 /**
- * Object representing a hasher
+ * @brief Generic interface for all hash functions.
+ * 
+ * @ingroup hashers
  */
 struct hasher_t {
        /**
@@ -51,7 +58,7 @@ struct hasher_t {
         * If not, the result is written back and the hasher is reset.
         * 
         * @warning: the hash output parameter must hold at least
-        * #hash_t.get_block_size bytes.
+        * hash_t.get_block_size bytes.
         * 
         * @param this                  calling hasher
         * @param data                  data to hash
@@ -78,7 +85,7 @@ struct hasher_t {
        status_t (*allocate_hash) (hasher_t *this, chunk_t data, chunk_t *hash);
        
        /**
-        * @brief get the block size of this hashing function
+        * @brief Get the block size of this hashing function.
         * 
         * @param this                  calling hasher
         * @return                              block size in bytes
@@ -86,7 +93,7 @@ struct hasher_t {
        size_t (*get_block_size) (hasher_t *this);
        
        /**
-        * @brief reset the hashers state, which allows
+        * @brief Resets the hashers state, which allows
         * computation of a completly new hash.
         * 
         * @param this                  calling hasher
@@ -105,12 +112,14 @@ struct hasher_t {
 };
 
 /**
- * Creates a new hasher_t object
+ * @brief Generic interface to create a hasher_t.
  * 
- * @param hash_algorithm                       Algorithm to use for hashing
+ * @param hash_algorithm       Algorithm to use for hashing
  * @return
- *                                                                     - hasher_t if successfully
- *                                                                     - NULL if out of ressources 
+ *                                                     - hasher_t if successfully
+ *                                                     - NULL if out of ressources 
+ * 
+ * @ingroup hashers
  */
 hasher_t *hasher_create(hash_algorithm_t hash_algorithm);
 
index bfdd967..0011e92 100644 (file)
@@ -1,8 +1,7 @@
 /**
  * @file hasher_md5.c
  * 
- * @brief Implementation of hasher_t interface using the
- * md5 algorithm.
+ * @brief Implementation of hasher_md5_t.
  * 
  */
 
index d7e9124..9912d66 100644 (file)
@@ -1,8 +1,7 @@
 /**
  * @file hasher_md5.h
  * 
- * @brief Implementation of hasher_t interface using the
- * md5 algorithm.
+ * @brief Interface for hasher_md5_t.
  * 
  */
 
 typedef struct hasher_md5_t hasher_md5_t;
 
 /**
- * Object representing the md5 hasher
+ * @brief Implementation of hasher_t interface using the
+ * MD5 algorithm.
  * 
+ * @ingroup hashers
  */
 struct hasher_md5_t {
        
@@ -42,11 +43,13 @@ struct hasher_md5_t {
 };
 
 /**
- * Creates a new hasher_md5_t object
+ * @brief Creates a new hasher_md5_t.
  * 
  * @return
- *                                                     - hasher_md5_t if successfully
- *                                                     - NULL if out of ressources
+ *                             - hasher_md5_t if successfully
+ *                             - NULL if out of ressources
+ * 
+ * @ingroup hashers
  */
 hasher_md5_t *hasher_md5_create();
 
index 7505745..e9d27e8 100644 (file)
@@ -1,8 +1,7 @@
 /**
  * @file hasher_sha1.c
  * 
- * @brief Implementation of hasher_t interface using the
- * SHA1 algorithm.
+ * @brief Implementation of hasher_sha_t.
  * 
  */
 
index 1f96d5d..446dc65 100644 (file)
@@ -1,8 +1,7 @@
 /**
  * @file hasher_sha1.h
  * 
- * @brief Implementation of hasher_t interface using the
- * SHA1 algorithm.
+ * @brief Interface for the hasher_sha1_t
  * 
  */
 
 typedef struct hasher_sha1_t hasher_sha1_t;
 
 /**
- * Object representing the sha1 hasher
+ * @brief Implementation of hasher_t interface using the
+ * SHA1 algorithm.
  * 
+ * @ingroup hashers
  */
 struct hasher_sha1_t {
        
@@ -42,11 +43,13 @@ struct hasher_sha1_t {
 };
 
 /**
- * Creates a new hasher_sha1_t object
+ * @brief Creates a new hasher_sha1_t.
  * 
  * @return
- *                                                     - hasher_sha1_t if successfully
- *                                                     - NULL if out of ressources
+ *                             - hasher_sha1_t if successfully
+ *                             - NULL if out of ressources
+ * 
+ * @ingroup hashers
  */
 hasher_sha1_t *hasher_sha1_create();
 
index 6b71a55..3df69e8 100644 (file)
@@ -51,7 +51,7 @@ struct hmac_t {
         * 
         * @param this                  calling hmac
         * @param data                  chunk of data to authenticate
-        * @param [out]buffer   pointer where the generated bytes will be written
+        * @param[out] buffer   pointer where the generated bytes will be written
         * @return                              
         *                                              - SUCCESS in any case
         */
@@ -68,7 +68,7 @@ struct hmac_t {
         * 
         * @param this                  calling hmac
         * @param data                  chunk of data to authenticate
-        * @param [out]chunk    chunk which will hold generated bytes
+        * @param[out] chunk    chunk which will hold generated bytes
         * @return                              
         *                                              - SUCCESS, or
         *                                              - OUT_OF_RES if space could not be allocated
index 2c6e16b..64783b1 100644 (file)
@@ -1,7 +1,7 @@
 /**
  * @file prf_plus.c
  * 
- * @brief Implements the prf+ function described in IKEv2 draft.
+ * @brief Implementation of prf_plus_t.
  * 
  */
 
index fb0e4ca..c7396b5 100644 (file)
@@ -1,7 +1,7 @@
 /**
  * @file prf_plus.h
  * 
- * @brief Implements the prf+ function described in IKEv2 draft.
+ * @brief Interface for prf_plus.h.
  * 
  */
 
 typedef struct prf_plus_t prf_plus_t;
 
 /**
- * Object representing a prf_plus
+ * @brief Implementation of the prf+ function described in IKEv2 draft.
+ *
+ * This class implements the prf+ algorithm. Internalliy it uses a pseudo random
+ * function, which implements the prf_t interface.
+ *
+ * @see IKEv2 draft 2.13
+ * 
+ * @ingroup transforms
  */
 struct prf_plus_t {
        /**
         * @brief Get pseudo random bytes.
         * 
+        * Get the next few bytes of the prf+ output. Space
+        * must be allocated by the caller.
+        * 
         * @param this                  calling prf_plus
         * @param length                number of bytes to get
-        * @param [out]buffer   pointer where the generated bytes will be written
+        * @param[out] buffer   pointer where the generated bytes will be written
         * @return                              
         *                                              - SUCCESS in any case
         */
@@ -47,9 +57,12 @@ struct prf_plus_t {
        /**
         * @brief Allocate pseudo random bytes.
         * 
+        * Get the next few bytes of the prf+ output. This function
+        * will allocate the required space.
+        * 
         * @param this                  calling prf_plus
         * @param length                number of bytes to get
-        * @param [out]chunk    chunk which will hold generated bytes
+        * @param[out] chunk    chunk which will hold generated bytes
         * @return                              
         *                                              - SUCCESS in any case
         *                                              - OUT_OF_RES if space could not be allocated
@@ -57,7 +70,7 @@ struct prf_plus_t {
        status_t (*allocate_bytes) (prf_plus_t *this, size_t length, chunk_t *chunk);
        
        /**
-        * @brief Destroys a prf_plus object.
+        * @brief Destroys a prf_plus_t object.
         *
         * @param this                  prf_plus_t object to destroy
         * @return              
@@ -67,7 +80,7 @@ struct prf_plus_t {
 };
 
 /**
- * Creates a new prf_plus_t object
+ * @brief Creates a new prf_plus_t object.
  * 
  * Seed will be cloned. prf will
  * not be cloned, must be destroyed outside after
@@ -77,7 +90,9 @@ struct prf_plus_t {
  * @param seed                         input seed for prf
  * @return
  *                                                     - prf_plus_t if successfully
- *                                                     - NULL if out of ressources or hash not supported
+ *                                                     - NULL if out of ressources
+ * 
+ * @ingroup transforms
  */
 prf_plus_t *prf_plus_create(prf_t *prf, chunk_t seed);
 
index ebf28d5..e1cc139 100644 (file)
@@ -1,7 +1,7 @@
 /**
  * @file prf.c
  * 
- * @brief Generic interface for pseudo-random-functions
+ * @brief Generic constructor for all prf_t
  * 
  */
 
 #include <transforms/prfs/prf_hmac.h>
 
 
+/** 
+ * string mappings for encryption_algorithm_t
+ */
+mapping_t pseudo_random_function_m[] = {
+{PRF_UNDEFINED, "PRF_UNDEFINED"},
+{PRF_HMAC_MD5, "PRF_HMAC_MD5"},
+{PRF_HMAC_SHA1, "PRF_HMAC_SHA1"},
+{PRF_HMAC_TIGER, "PRF_HMAC_TIGER"},
+{PRF_AES128_CBC, "PRF_AES128_CBC"},
+{MAPPING_END, NULL}
+};
+
+
 /*
  * Described in header
  */
index 2b6aab4..9a79c60 100644 (file)
@@ -1,7 +1,7 @@
 /**
  * @file prf.h
  * 
- * @brief Generic interface for pseudo-random-functions
+ * @brief Interface of prf_t.
  * 
  */
 
 #ifndef PRF_H_
 #define PRF_H_
 
-#include <encoding/payloads/transform_substructure.h>
+#include <types.h>
+
+typedef enum pseudo_random_function_t pseudo_random_function_t;
+
+/**
+ * @brief Pseudo random function, as in IKEv2 draft 3.3.2.
+ */
+enum pseudo_random_function_t {
+       PRF_UNDEFINED = 1024,
+       PRF_HMAC_MD5 = 1,
+       PRF_HMAC_SHA1 = 2,
+       PRF_HMAC_TIGER = 3,
+       PRF_AES128_CBC = 4
+};
+
+/** 
+ * string mappings for encryption_algorithm_t
+ */
+extern mapping_t pseudo_random_function_m[];
 
 
 typedef struct prf_t prf_t;
 
 /**
- * Object representing a diffie hellman exchange
+ * @brief Generic interface for pseudo-random-functions.
  * 
  * @ingroup prfs
  */
 struct prf_t {
        /**
         * @brief generates pseudo random bytes and writes them
-        * in the buffer
+        * in the buffer.
         * 
         * @param this                  calling prf
         * @param seed                  a chunk containing the seed for the next bytes
-        * @param [out]buffer   pointer where the generated bytes will be written
+        * @param[out] buffer   pointer where the generated bytes will be written
         * @return                              
         *                                              - SUCCESS in any case
         */
        status_t (*get_bytes) (prf_t *this, chunk_t seed, u_int8_t *buffer);
        
        /**
-        * @brief generates pseudo random bytes and allocate space for them
+        * @brief generates pseudo random bytes and allocate space for them.
         * 
         * @param this                  calling prf
         * @param seed                  a chunk containing the seed for the next bytes
-        * @param [out]chunk    chunk which will hold generated bytes
+        * @param[out] chunk    chunk which will hold generated bytes
         * @return                              
         *                                              - SUCCESS in any case
         *                                              - OUT_OF_RES if space could not be allocated
@@ -59,7 +77,7 @@ struct prf_t {
        status_t (*allocate_bytes) (prf_t *this, chunk_t seed, chunk_t *chunk);
        
        /**
-        * @brief get the block size of this prf
+        * @brief get the block size of this prf.
         * 
         * @param this                  calling prf
         * @return                              block size in bytes
@@ -67,25 +85,27 @@ struct prf_t {
        size_t (*get_block_size) (prf_t *this);
        
        /**
-        * @brief Set the key for this prf
+        * @brief Set the key for this prf.
         * 
         * @param this                  calling prf
-        * @return                              block size in bytes
+        * @param key                   key to set
+        * @return                              
+        *                                              - SUCCESS in any case
         */
        status_t (*set_key) (prf_t *this, chunk_t key);
        
        /**
-        * @brief Destroys a prf object.
+        * @brief Destroys a prf object..
         *
-        * @param this  prf_t object to destroy
+        * @param this                  prf_t object to destroy
         * @return              
-        *                              SUCCESS in any case
+        *                                              - SUCCESS in any case
         */
        status_t (*destroy) (prf_t *this);
 };
 
 /**
- * Creates a new prf_t object
+ * @brief Generic constructor for a prf_t.
  * 
  * @param pseudo_random_function       Algorithm to use
  * @return
index fdcce4a..96e89ef 100644 (file)
@@ -1,8 +1,7 @@
 /**
  * @file prf_hmac.c
  * 
- * @brief Implementation of prf_t interface using the
- * a HMAC algorithm. This simply wraps a hmac in a prf.
+ * @brief Implementation for prf_hmac_t.
  * 
  */
 
index 427cdd4..25ffd73 100644 (file)
@@ -1,8 +1,7 @@
 /**
  * @file prf_hmac.h
  * 
- * @brief Implementation of prf_t interface using the
- * a HMAC algorithm. This simply wraps a hmac in a prf.
+ * @brief Interface for prf_hmac_t.
  * 
  */
 
 #ifndef PRF_HMAC_H_
 #define PRF_HMAC_H_
 
-#include "prf.h"
-
 #include <types.h>
+#include <transforms/prfs/prf.h>
 #include <transforms/hashers/hasher.h>
 
 typedef struct prf_hmac_t prf_hmac_t;
 
 /**
- * Object representing a prf using HMAC
+ * @brief Implementation of prf_t interface using the
+ * a HMAC algorithm.
  * 
+ * This simply wraps a hmac_t in a prf_t. More a question of
+ * interface matchig.
+ * 
+ * @ingroup prfs
  */
 struct prf_hmac_t {
        
        /**
-        * generic prf_t interface for this prf
+        * Generic prf_t interface for this prf_hmac_t class.
         */
        prf_t prf_interface;
 };
 
 /**
- * Creates a new prf_hmac_t object
+ * @brief Creates a new prf_hmac_t object
  * 
  * @param hash_algorithm                       hmac's hash algorithm
  * @return
  *                                                                     - prf_hmac_t if successfully
  *                                                                     - NULL if out of ressources
+ * 
+ * @ingroup prfs
  */
 prf_hmac_t *prf_hmac_create(hash_algorithm_t hash_algorithm);
 
index e69de29..3ecf580 100644 (file)
@@ -0,0 +1,37 @@
+/**
+ * @file signer.c
+ * 
+ * @brief Implementation of generic signer_t constructor.
+ * 
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "signer.h"
+
+
+/** 
+ * string mappings for integrity_algorithm_t
+ */
+mapping_t integrity_algorithm_m[] = {
+       {AUTH_UNDEFINED, "AUTH_UNDEFINED"},
+       {AUTH_HMAC_MD5_96, "AUTH_HMAC_MD5_96"},
+       {AUTH_HMAC_SHA1_96, "AUTH_HMAC_SHA1_96"},
+       {AUTH_DES_MAC, "AUTH_DES_MAC"},
+       {AUTH_KPDK_MD5, "AUTH_KPDK_MD5"},
+       {AUTH_AES_XCBC_96, "AUTH_AES_XCBC_96"},
+       {MAPPING_END, NULL}
+};
index b0a107e..5eb4c18 100644 (file)
@@ -1,7 +1,7 @@
 /**
  * @file signer.h
  * 
- * @brief Generic interface for integrity algorithms
+ * @brief Interface for signer_t.
  * 
  */
 
 #ifndef SIGNER_H_
 #define SIGNER_H_
 
-#include <encoding/payloads/transform_substructure.h>
+#include <types.h>
+#include <definitions.h>
+
+typedef enum integrity_algorithm_t integrity_algorithm_t;
+
+/**
+ * @brief Integrity algorithm, as in IKEv2 draft 3.3.2.
+ * 
+ */
+enum integrity_algorithm_t {
+       AUTH_UNDEFINED = 1024,
+       AUTH_HMAC_MD5_96 = 1,
+       AUTH_HMAC_SHA1_96 = 2,
+       AUTH_DES_MAC = 3,
+       AUTH_KPDK_MD5 = 4,
+       AUTH_AES_XCBC_96 = 5
+};
+
+/** 
+ * string mappings for integrity_algorithm_t
+ */
+extern mapping_t integrity_algorithm_m[];
 
 
 typedef struct signer_t signer_t;
 
 /**
- * Object representing a diffie hellman exchange
+ * @brief Generig interface for a symmetric signature algorithm.
+ * 
+ * @ingroup signers
  */
 struct signer_t {
        /**
-        * @brief generates pseudo random bytes and writes them
-        * in the buffer
+        * @brief Generate a signature.
         * 
         * @param this                  calling signer
-        * @param seed                  a chunk containing the seed for the next bytes
-        * @param [out]buffer   pointer where the generated bytes will be written
+        * @param data                  a chunk containing the data to sign
+        * @param[out] buffer   pointer where the signature will be written
         * @return                              
         *                                              - SUCCESS in any case
         */
        status_t (*get_signature) (signer_t *this, chunk_t data, u_int8_t *buffer);
        
        /**
-        * @brief generates pseudo random bytes and allocate space for them
+        * @brief Generate a signature and allocate space for it.
         * 
         * @param this                  calling signer
-        * @param seed                  a chunk containing the seed for the next bytes
-        * @param [out]chunk    chunk which will hold generated bytes
+        * @param data                  a chunk containing the data to sign
+        * @param[out] chunk    chunk which will hold the allocated signature
         * @return                              
         *                                              - SUCCESS in any case
         *                                              - OUT_OF_RES if space could not be allocated
@@ -57,19 +79,19 @@ struct signer_t {
        status_t (*allocate_signature) (signer_t *this, chunk_t data, chunk_t *chunk);
        
        /**
-        * @brief generates pseudo random bytes and writes them
-        * in the buffer
+        * @brief Verify a signature.
         * 
         * @param this                  calling signer
-        * @param seed                  a chunk containing the seed for the next bytes
-        * @param [out]buffer   pointer where the generated bytes will be written
+        * @param data                  a chunk containing the data to verify
+        * @param signature             a chunk containing the signature
+        * @param[out] vaild    set to TRUE, if signature is valid, to FALSE otherwise
         * @return                              
         *                                              - SUCCESS in any case
         */
        status_t (*verify_signature) (signer_t *this, chunk_t data, chunk_t signature, bool *valid);
        
        /**
-        * @brief get the block size of this signer
+        * @brief Get the block size of this signature algorithm.
         * 
         * @param this                  calling signer
         * @return                              block size in bytes
@@ -77,30 +99,34 @@ struct signer_t {
        size_t (*get_block_size) (signer_t *this);
        
        /**
-        * @brief Set the key for this signer
+        * @brief Set the key for this signer.
         * 
         * @param this                  calling signer
-        * @return                              block size in bytes
+        * @param key                   key to set
+        * @return
+        *                                              - SUCCESS in any case
         */
        status_t (*set_key) (signer_t *this, chunk_t key);
        
        /**
         * @brief Destroys a signer object.
         *
-        * @param this  signer_t object to destroy
+       * @param this                   signer_t object to destroy
         * @return              
-        *                              SUCCESS in any case
+        *                                              - SUCCESS in any case
         */
        status_t (*destroy) (signer_t *this);
 };
 
 /**
- * Creates a new signer_t object
+ * @brief Creates a new signer_t object.
  * 
- * @param pseudo_random_function       Algorithm to use
+ * @param integrity_algorithm  Algorithm to use for signing and verifying.
  * @return
- *                                                                     - signer_t if successfully
- *                                                                     - NULL if out of ressources or signer not supported
+ *                                                             - signer_t if successfully
+ *                                                             - NULL if out of ressources or signer not supported
+ * 
+ * @ingroup signers
  */
 signer_t *signer_create(integrity_algorithm_t integrity_algorithm);
 
index 08a51db..92f7d2b 100644 (file)
@@ -1,5 +1,5 @@
 /**
- * @file gmp_helper.c
+ * @file gmp_helper.h
  * 
  * @brief Class with helper functions for gmp operations
  *