- comments added
authorMartin Willi <martin@strongswan.org>
Sun, 4 Dec 2005 13:01:32 +0000 (13:01 -0000)
committerMartin Willi <martin@strongswan.org>
Sun, 4 Dec 2005 13:01:32 +0000 (13:01 -0000)
Source/charon/definitions.h
Source/charon/queues/send_queue.c
Source/charon/transforms/rsa/rsa_private_key.c
Source/charon/transforms/rsa/rsa_private_key.h
Source/charon/transforms/rsa/rsa_public_key.c
Source/charon/transforms/rsa/rsa_public_key.h

index 3ad0b16..e3bb85f 100644 (file)
@@ -63,7 +63,7 @@
 /**
  * @defgroup config
  * 
- * Configuration stuff.
+ * Classes which implement configuration related things.
  */
 
 /**
 /**
  * @defgroup network
  * 
- * Low level network stuff.
+ * Classes for network relevant stuff.
  */
  
  /**
  * @defgroup payloads
  * 
- * Classes representing a specific IKEv2 Payload type.
+ * Classes representing a specific IKEv2 Payload.
  * 
  * @ingroup encoding
  */
  */
  
 /**
+ * @defgroup rsa
+ * 
+ * RSA public key algorithm
+ * 
+ * @ingroup transforms
+ */
+/**
  * @defgroup prfs
  * 
  * Pseudo random functions, generate a lot of pseudo
index af72402..25ad1aa 100644 (file)
@@ -20,7 +20,7 @@
  * for more details.
  */
 
- #include <pthread.h>
+#include <pthread.h>
 
 #include "send_queue.h"
 
index cc153f7..ce40997 100644 (file)
@@ -363,7 +363,7 @@ static status_t generate_key(private_rsa_private_key_t *this, size_t key_size)
        mpz_t p, q, n, e, d, exp1, exp2, coeff;
        mpz_t m, q1, t;
        
-       if (key_size <= 0) 
+       if (key_size < 0) 
        {
                return INVALID_ARG;
        }
index 15f9033..ca4d3ab 100644 (file)
@@ -37,31 +37,125 @@ typedef struct rsa_private_key_t rsa_private_key_t;
  * 
  * Currently only supports signing using EMSA encoding.
  * 
- * @ingroup asymmetrics
+ * @todo Implement proper key set/get load/save
+ * methods using ASN1.
+ * 
+ * @b Constructors:
+ *  - rsa_private_key_create()
+ * 
+ * @see rsa_public_key_t
+ * 
+ * @ingroup rsa
  */
 struct rsa_private_key_t {
 
+       /**
+        * @bief Build a signature over a chunk using EMSA-PKCS1 encoding.
+        * 
+        * This signature creates a hash using the specied hash algorithm, concatenates
+        * it with an ASN1-OID of the hash algorithm and runs the RSASP1 function
+        * on it.
+        * 
+        * @param this                          rsa_private_key to use
+        * @param hash_algorithm        hash algorithm to use for hashing
+        * @param data                          data to sign
+        * @param[out] signature        allocated signature
+        * @return
+        *                                                      - SUCCESS
+        *                                                      - INVALID_STATE, if key not set
+        *                                                      - NOT_SUPPORTED, if hash algorithm not supported
+        */
        status_t (*build_emsa_pkcs1_signature) (rsa_private_key_t *this, hash_algorithm_t hash_algorithm, chunk_t data, chunk_t *signature);
        
+       /**
+        * @brief Set the key.
+        * 
+        * Currently uses a proprietary format which is only inteded
+        * for testing. This should be replaced with a proper
+        * ASN1 encoded key format, when charon gets the ASN1 
+        * capabilities.
+        * 
+        * @param this                          calling object
+        * @param key                           key (in a propriarity format)
+        * @return                                      currently SUCCESS in any case
+        */
        status_t (*set_key) (rsa_private_key_t *this, chunk_t key);
        
+       /**
+        * @brief Gets the key.
+        * 
+        * Currently uses a proprietary format which is only inteded
+        * for testing. This should be replaced with a proper
+        * ASN1 encoded key format, when charon gets the ASN1 
+        * capabilities.
+        * 
+        * @param this                          calling object
+        * @param key                           key (in a propriarity format)
+        * @return                                      
+        *                                                      - SUCCESS
+        *                                                      - INVALID_STATE, if key not set
+        */
        status_t (*get_key) (rsa_private_key_t *this, chunk_t *key);
        
+       /**
+        * @brief Loads a key from a file.
+        * 
+        * Not implemented!
+        * 
+        * @param this                          calling object
+        * @param file                          file from which key should be read
+        * @return                                      NOT_SUPPORTED
+        */
        status_t (*load_key) (rsa_private_key_t *this, char *file);
        
+       /**
+        * @brief Saves a key to a file.
+        * 
+        * Not implemented!
+        * 
+        * @param this                          calling object
+        * @param file                          file to which the key should be written.
+        * @return                                      NOT_SUPPORTED
+        */
        status_t (*save_key) (rsa_private_key_t *this, char *file);
        
+       /**
+        * @brief Generate a new key.
+        * 
+        * Generates a new private_key with specified key size
+        * 
+        * @param this                          calling object
+        * @param key_size                      size of the key in bits
+        * @return                                      
+        *                                                      - SUCCESS
+        *                                                      - INVALID_ARG if key_size invalid
+        */
        status_t (*generate_key) (rsa_private_key_t *this, size_t key_size);
        
+       /**
+        * @brief Create a rsa_public_key_t with the public
+        * parts of the key.
+        * 
+        * @param this                          calling object
+        * @return                                      public_key
+        */
        rsa_public_key_t *(*get_public_key) (rsa_private_key_t *this);
-
+       
+       /**
+        * @brief Destroys the private key.
+        * 
+        * @param this                          private key to destroy
+        */
        void (*destroy) (rsa_private_key_t *this);
 };
 
 /**
- * Types are defined in public_key.h
+ * @brief Create a new rsa_private_key without
+ * any key inside.
+ * 
+ * @return created rsa_private_key_t.
  * 
- * @ingroup asymmetrics
+ * @ingroup rsa
  */
 rsa_private_key_t *rsa_private_key_create();
 
index 3856fc8..72520cd 100644 (file)
@@ -147,6 +147,11 @@ static status_t verify_emsa_pkcs1_signature(private_rsa_public_key_t *this, chun
        chunk_t em;
        u_int8_t *pos;
        
+       if(!this->is_key_set)
+       {
+               return INVALID_STATE;   
+       }
+       
        if (signature.len > this->k)
        {
                return INVALID_ARG;     
index 10343f5..6653bc6 100644 (file)
@@ -37,26 +37,100 @@ typedef struct rsa_public_key_t rsa_public_key_t;
  * Currently only supports signature verification using
  * the EMSA encoding (see PKCS1)
  * 
- * @ingroup asymmetrics
+ * @b Constructors:
+ * - rsa_public_key_create()
+ * 
+ * @see rsa_private_key_t
+ * 
+ * @ingroup rsa
  */
 struct rsa_public_key_t {
 
+       /**
+        * @bief Verify a EMSA-PKCS1 encodined signature.
+        * 
+        * Processes the supplied signature with the RSAVP1 function,
+        * selects the hash algorithm form the resultign ASN1-OID and
+        * verifies the hash against the supplied data.
+        * 
+        * @param this                          rsa_private_key to use
+        * @param data                          data to sign
+        * @param signature                     signature to verify
+        * @return
+        *                                                      - SUCCESS, if signature ok
+        *                                                      - INVALID_STATE, if key not set
+        *                                                      - NOT_SUPPORTED, if hash algorithm not supported
+        *                                                      - INVALID_ARG, if signature is not a signature
+        *                                                      - FAILED if signature invalid or unable to verify
+        */
        status_t (*verify_emsa_pkcs1_signature) (rsa_public_key_t *this, chunk_t data, chunk_t signature);
        
+       /**
+        * @brief Set the key.
+        * 
+        * Currently uses a proprietary format which is only inteded
+        * for testing. This should be replaced with a proper
+        * ASN1 encoded key format, when charon gets the ASN1 
+        * capabilities.
+        * 
+        * @param this                          calling object
+        * @param key                           key (in a propriarity format)
+        * @return                                      currently SUCCESS in any case
+        */
        status_t (*set_key) (rsa_public_key_t *this, chunk_t key);
        
+       /**
+        * @brief Gets the key.
+        * 
+        * Currently uses a proprietary format which is only inteded
+        * for testing. This should be replaced with a proper
+        * ASN1 encoded key format, when charon gets the ASN1 
+        * capabilities.
+        * 
+        * @param this                          calling object
+        * @param key                           key (in a propriarity format)
+        * @return                                      
+        *                                                      - SUCCESS
+        *                                                      - INVALID_STATE, if key not set
+        */
        status_t (*get_key) (rsa_public_key_t *this, chunk_t *key);
        
+       /**
+        * @brief Loads a key from a file.
+        * 
+        * Not implemented!
+        * 
+        * @param this                          calling object
+        * @param file                          file from which key should be read
+        * @return                                      NOT_SUPPORTED
+        */
        status_t (*load_key) (rsa_public_key_t *this, char *file);
        
+       /**
+        * @brief Saves a key to a file.
+        * 
+        * Not implemented!
+        * 
+        * @param this                          calling object
+        * @param file                          file to which the key should be written.
+        * @return                                      NOT_SUPPORTED
+        */
        status_t (*save_key) (rsa_public_key_t *this, char *file);
-
+       
+       /**
+        * @brief Destroys the public key.
+        * 
+        * @param this                          public key to destroy
+        */
        void (*destroy) (rsa_public_key_t *this);
 };
 
 /**
+ * @brief Create a public key without any key inside.
+ * 
+ * @return created rsa_public_key_t.
  * 
- * @ingroup asymmetrics
+ * @ingroup rsa
  */
 rsa_public_key_t *rsa_public_key_create();