- code cleaned up
authorJan Hutter <jhutter@hsr.ch>
Tue, 6 Dec 2005 16:04:39 +0000 (16:04 -0000)
committerJan Hutter <jhutter@hsr.ch>
Tue, 6 Dec 2005 16:04:39 +0000 (16:04 -0000)
Source/charon/encoding/payloads/encryption_payload.c
Source/charon/testcases/hmac_signer_test.c
Source/charon/threads/receiver.h
Source/charon/threads/sender.c
Source/charon/threads/sender.h
Source/charon/transforms/signers/hmac_signer.c
Source/charon/transforms/signers/hmac_signer.h
Source/charon/transforms/signers/signer.c
Source/charon/transforms/signers/signer.h

index 7e5fb18..5ae44ac 100644 (file)
@@ -456,7 +456,7 @@ static status_t verify_signature(private_encryption_payload_t *this, chunk_t dat
        /* verify it */
        data_without_sig.len = data.len - sig.len;
        data_without_sig.ptr = data.ptr;
-       this->signer->verify_signature(this->signer, data_without_sig, sig, &valid);
+       valid = this->signer->verify_signature(this->signer, data_without_sig, sig);
        
        if (!valid)
        {
index a453fe6..016ee13 100644 (file)
@@ -99,10 +99,10 @@ void test_hmac_md5_signer(tester_t *tester)
                logger->log_chunk(logger,RAW,"expected signature:",&reference[i]);
                logger->log_chunk(logger,RAW,"signature:",&signature[i]);
                allocator_free(signature[i].ptr);
-               signer->verify_signature(signer, data[i],reference[i], &valid);
+               valid = signer->verify_signature(signer, data[i],reference[i]);
                tester->assert_true(tester, (valid == TRUE), "Signature valid check");
 
-               signer->verify_signature(signer, data[i],wrong_reference[i], &valid);
+               valid = signer->verify_signature(signer, data[i],wrong_reference[i]);
                tester->assert_true(tester, (valid == FALSE), "Signature not valid check");
        }
        
@@ -197,10 +197,10 @@ void test_hmac_sha1_signer(tester_t *tester)
                logger->log_chunk(logger,RAW,"expected signature:",&reference[i]);
                logger->log_chunk(logger,RAW,"signature:",&signature[i]);
                allocator_free(signature[i].ptr);
-               signer->verify_signature(signer, data[i],reference[i], &valid);
+               valid = signer->verify_signature(signer, data[i],reference[i]);
                tester->assert_true(tester, (valid == TRUE), "Signature valid check");
 
-               signer->verify_signature(signer, data[i],wrong_reference[i], &valid);
+               valid = signer->verify_signature(signer, data[i],wrong_reference[i]);
                tester->assert_true(tester, (valid == FALSE), "Signature not valid check");
        }
        
index a7269b7..415ea51 100644 (file)
 
 #include <types.h>
 
+
 typedef struct receiver_t receiver_t;
 
 /**
  * @brief Receives packets from the socket and adds them to the job queue.
  * 
  * The receiver starts a thread, wich reads on the blocking socket. If 
- * there is data available, a packet_t is created from the data, wrapped
+ * data is available, a packet_t object is created , wrapped
  * in an incoming_packet_job_t and added to the job queue.
  * 
  * @ingroup threads
index cb33d84..3719c6b 100644 (file)
 #include <utils/allocator.h>
 #include <utils/logger_manager.h>
 
+
 typedef struct private_sender_t private_sender_t;
 
 /**
- * Private data of a sender object
+ * Private data of a sender_t object.
  */
 struct private_sender_t {
        /**
-        * Public part of a sender object
+        * Public part of a sender_t object.
         */
         sender_t public;
 
         /**
-         * Assigned thread to the sender_t object
+         * Assigned thread.
          */
         pthread_t assigned_thread;
         
         /**
-         * @brief The threads function, sends out packets.
+         * @brief The thread function, sends out packets.
          * 
-         * @param this         assigned sender object
+         * @param this         calling object
          */
         void (*send_packets) (private_sender_t * this);
         
         /**
-         * logger for this sender
+         * A logger for this sender_t object.
          */
         logger_t *logger;
 
 };
 
 /**
- * implements private_sender_t.send_packets
+ * Implementation of private_sender_t.send_packets.
  */
 static void send_packets(private_sender_t * this)
 {
@@ -90,7 +91,7 @@ static void send_packets(private_sender_t * this)
 }
 
 /**
- * implements sender_t.destroy
+ * Implementation of sender_t.destroy.
  */
 static void destroy(private_sender_t *this)
 {
@@ -106,7 +107,7 @@ static void destroy(private_sender_t *this)
 }
 
 /*
- * see header
+ * Described in header.
  */
 sender_t * sender_create()
 {
index 1192ef7..ea81241 100644 (file)
 typedef struct sender_t sender_t;
 
 /**
- * @brief Sends packets over the socket.
+ * @brief Thread responsible for sending packets over the socket.
+ * 
+ * @b Constructors:
+ *  - sender_create()
  * 
  * @ingroup threads
  */
 struct sender_t {
 
        /**
-        * @brief Destroys a sender object
+        * @brief Destroys a sender object.
         *
-        * @param sender        sender object
+        * @param sender        calling object
         */
        void (*destroy) (sender_t *sender);
 };
@@ -50,7 +53,7 @@ struct sender_t {
  * from the send queue and sends them out.
  * 
  * @return
- *                                     - created sender_t, or
+ *                                     - sender_t object
  *                                     - NULL of thread could not be started
  * 
  * @ingroup threads
index a389995..ed17b23 100644 (file)
 #include <transforms/prfs/hmac_prf.h>
 
 /**
- * This class represents a hmac signer with 12 byte (96 bit) output
+ * This class represents a hmac signer with 12 byte (96 bit) output.
  */
 #define BLOCK_SIZE     12
 
 typedef struct private_hmac_signer_t private_hmac_signer_t;
 
 /**
- * private data structure with signing context.
+ * Private data structure with signing context.
  */
 struct private_hmac_signer_t {
        /**
-        * Public interface for this signer.
+        * Public interface of hmac_signer_t.
         */
        hmac_signer_t public;
        
@@ -47,7 +47,9 @@ struct private_hmac_signer_t {
        prf_t *hmac_prf;
 };
 
-
+/**
+ * Implementation of signer_t.get_signature.
+ */
 static void get_signature (private_hmac_signer_t *this, chunk_t data, u_int8_t *buffer)
 {
        u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
@@ -58,6 +60,9 @@ static void get_signature (private_hmac_signer_t *this, chunk_t data, u_int8_t *
        memcpy(buffer,full_mac,BLOCK_SIZE);
 }
 
+/**
+ * Implementation of signer_t.allocate_signature.
+ */
 static void allocate_signature (private_hmac_signer_t *this, chunk_t data, chunk_t *chunk)
 {
        chunk_t signature;
@@ -68,13 +73,16 @@ static void allocate_signature (private_hmac_signer_t *this, chunk_t data, chunk
        signature.ptr = allocator_alloc(BLOCK_SIZE);
        signature.len = BLOCK_SIZE;
        
-       /* copy mac aka signature :-) */
+       /* copy signature */
        memcpy(signature.ptr,full_mac,BLOCK_SIZE);
 
        *chunk = signature;
 }
 
-static void verify_signature (private_hmac_signer_t *this, chunk_t data, chunk_t signature, bool *valid)
+/**
+ * Implementation of signer_t.verify_signature.
+ */
+static bool verify_signature (private_hmac_signer_t *this, chunk_t data, chunk_t signature)
 {
        u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
        
@@ -82,38 +90,46 @@ static void verify_signature (private_hmac_signer_t *this, chunk_t data, chunk_t
        
        if (signature.len != BLOCK_SIZE)
        {
-               *valid = FALSE;
-               return;
+               return FALSE;
        }
        
        /* compare mac aka signature :-) */
        if (memcmp(signature.ptr,full_mac,BLOCK_SIZE) == 0)
        {
-               *valid = TRUE;
+               return TRUE;
        }
        else
        {
-               *valid = FALSE;
+               return FALSE;
        }
 }
 
+/**
+ * Implementation of signer_t.get_key_size.
+ */
 static size_t get_key_size (private_hmac_signer_t *this)
 {
        return this->hmac_prf->get_block_size(this->hmac_prf);
 }
-       
+
+/**
+ * Implementation of signer_t.get_block_size.
+ */
 static size_t get_block_size (private_hmac_signer_t *this)
 {
        return BLOCK_SIZE;
 }
-       
+
+/**
+ * Implementation of signer_t.set_key.
+ */
 static void set_key (private_hmac_signer_t *this, chunk_t key)
 {
        this->hmac_prf->set_key(this->hmac_prf,key);
 }
 
 /**
- * implementation of signer_t.destroy.
+ * Implementation of signer_t.destroy.
  */
 static status_t destroy(private_hmac_signer_t *this)
 {
@@ -122,7 +138,6 @@ static status_t destroy(private_hmac_signer_t *this)
        return SUCCESS;
 }
 
-
 /*
  * Described in header
  */
@@ -142,7 +157,7 @@ hmac_signer_t *hmac_signer_create(hash_algorithm_t hash_algoritm)
        /* interface functions */
        this->public.signer_interface.get_signature = (void (*) (signer_t*, chunk_t, u_int8_t*))get_signature;
        this->public.signer_interface.allocate_signature = (void (*) (signer_t*, chunk_t, chunk_t*))allocate_signature;
-       this->public.signer_interface.verify_signature = (void (*) (signer_t*, chunk_t, chunk_t,bool *))verify_signature;
+       this->public.signer_interface.verify_signature = (bool (*) (signer_t*, chunk_t, chunk_t))verify_signature;
        this->public.signer_interface.get_key_size = (size_t (*) (signer_t*))get_key_size;
        this->public.signer_interface.get_block_size = (size_t (*) (signer_t*))get_block_size;
        this->public.signer_interface.set_key = (void (*) (signer_t*,chunk_t))set_key;
index 3504b53..1ce2362 100644 (file)
@@ -29,7 +29,7 @@
 typedef struct hmac_signer_t hmac_signer_t;
 
 /**
- * @brief Implementation of hmac_signer_t interface using the
+ * @brief Implementation of signer_t interface using the
  * HMAC algorithm in combination with either MD5 or SHA1.
  * 
  * @ingroup signers
@@ -48,7 +48,7 @@ struct hmac_signer_t {
  * @param hash_algorithm       Hash algorithm to use with signer
  * @return                                     
  *                                                     - hmac_signer_t
- *                                                     - NULL if hash not supported
+ *                                                     - NULL if hash algorithm not supported
  * 
  * @ingroup signers
  */
index 4d6d3e8..55e3cfc 100644 (file)
@@ -25,7 +25,7 @@
 #include <transforms/signers/hmac_signer.h>
 
 /** 
- * string mappings for integrity_algorithm_t
+ * String mappings for integrity_algorithm_t.
  */
 mapping_t integrity_algorithm_m[] = {
        {AUTH_UNDEFINED, "AUTH_UNDEFINED"},
@@ -39,7 +39,7 @@ mapping_t integrity_algorithm_m[] = {
 
 
 /*
- * see header
+ * Described in header.
  */
 signer_t *signer_create(integrity_algorithm_t integrity_algorithm)
 {
index ef0a89a..1c33917 100644 (file)
@@ -31,10 +31,21 @@ typedef enum integrity_algorithm_t integrity_algorithm_t;
 /**
  * @brief Integrity algorithm, as in IKEv2 draft 3.3.2.
  * 
+ * Currently only the following algorithms are implemented and therefore supported:
+ * - AUTH_HMAC_MD5_96
+ * - AUTH_HMAC_SHA1_96
+ * 
+ * @ingroup signers
  */
 enum integrity_algorithm_t {
        AUTH_UNDEFINED = 1024,
+       /**
+        * Implemented in class hmac_signer_t.
+        */
        AUTH_HMAC_MD5_96 = 1,
+       /**
+        * Implemented in class hmac_signer_t.
+        */
        AUTH_HMAC_SHA1_96 = 2,
        AUTH_DES_MAC = 3,
        AUTH_KPDK_MD5 = 4,
@@ -42,7 +53,7 @@ enum integrity_algorithm_t {
 };
 
 /** 
- * string mappings for integrity_algorithm_t
+ * String mappings for integrity_algorithm_t.
  */
 extern mapping_t integrity_algorithm_m[];
 
@@ -52,13 +63,19 @@ typedef struct signer_t signer_t;
 /**
  * @brief Generig interface for a symmetric signature algorithm.
  * 
+ * @b Constructors:
+ *  - signer_create()
+ *  - hmac_signer_create()
+ * 
+ * @todo Implement more integrity algorithms
+ * 
  * @ingroup signers
  */
 struct signer_t {
        /**
         * @brief Generate a signature.
         * 
-        * @param this                  calling signer
+        * @param this                  calling object
         * @param data                  a chunk containing the data to sign
         * @param[out] buffer   pointer where the signature will be written
         */
@@ -67,7 +84,7 @@ struct signer_t {
        /**
         * @brief Generate a signature and allocate space for it.
         * 
-        * @param this                  calling signer
+        * @param this                  calling object
         * @param data                  a chunk containing the data to sign
         * @param[out] chunk    chunk which will hold the allocated signature
         */
@@ -76,17 +93,17 @@ struct signer_t {
        /**
         * @brief Verify a signature.
         * 
-        * @param this                  calling signer
+        * @param this                  calling object
         * @param data                  a chunk containing the data to verify
         * @param signature             a chunk containing the signature
-        * @param[out] vaild    set to TRUE, if signature is valid, to FALSE otherwise
+        * @return                              TRUE, if signature is valid, FALSE otherwise
         */
-       void (*verify_signature) (signer_t *this, chunk_t data, chunk_t signature, bool *valid);
+       bool (*verify_signature) (signer_t *this, chunk_t data, chunk_t signature);
        
        /**
         * @brief Get the block size of this signature algorithm.
         * 
-        * @param this                  calling signer
+        * @param this                  calling object
         * @return                              block size in bytes
         */
        size_t (*get_block_size) (signer_t *this);
@@ -94,23 +111,23 @@ struct signer_t {
        /**
         * @brief Get the key size of the signature algorithm.
         * 
-        * @param this                  calling signer
+        * @param this                  calling object
         * @return                              key size in bytes
         */
        size_t (*get_key_size) (signer_t *this);
        
        /**
-        * @brief Set the key for this signer.
+        * @brief Set the key for this object.
         * 
-        * @param this                  calling signer
+        * @param this                  calling object
         * @param key                   key to set
         */
        void (*set_key) (signer_t *this, chunk_t key);
        
        /**
-        * @brief Destroys a signer object.
+        * @brief Destroys a signer_t object.
         *
-        * @param this                  signer_t object to destroy
+        * @param this                  calling object
         */
        void (*destroy) (signer_t *this);
 };
@@ -120,7 +137,7 @@ struct signer_t {
  * 
  * @param integrity_algorithm  Algorithm to use for signing and verifying.
  * @return
- *                                                             - signer_t if successfully, 
+ *                                                             - signer_t object
  *                                                             - NULL if signer not supported
  * 
  * @ingroup signers