- code cleaned up

4 files changed, 64 insertions, 32 deletions

diff --git a/Source/charon/transforms/signers/hmac_signer.c b/Source/charon/transforms/signers/hmac_signer.c
index a38999567..ed17b23a6 100644
--- a/Source/charon/transforms/signers/hmac_signer.c
+++ b/Source/charon/transforms/signers/hmac_signer.c
@@ -26,18 +26,18 @@
 #include <transforms/prfs/hmac_prf.h>
 
 /**
- * This class represents a hmac signer with 12 byte (96 bit) output
+ * This class represents a hmac signer with 12 byte (96 bit) output.
  */
 #define BLOCK_SIZE	12
 
 typedef struct private_hmac_signer_t private_hmac_signer_t;
 
 /**
- * private data structure with signing context.
+ * Private data structure with signing context.
  */
 struct private_hmac_signer_t {
 	/**
-	 * Public interface for this signer.
+	 * Public interface of hmac_signer_t.
 	 */
 	hmac_signer_t public;
 	
@@ -47,7 +47,9 @@ struct private_hmac_signer_t {
 	prf_t *hmac_prf;
 };
 
-
+/**
+ * Implementation of signer_t.get_signature.
+ */
 static void get_signature (private_hmac_signer_t *this, chunk_t data, u_int8_t *buffer)
 {
 	u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
@@ -58,6 +60,9 @@ static void get_signature (private_hmac_signer_t *this, chunk_t data, u_int8_t *
 	memcpy(buffer,full_mac,BLOCK_SIZE);
 }
 
+/**
+ * Implementation of signer_t.allocate_signature.
+ */
 static void allocate_signature (private_hmac_signer_t *this, chunk_t data, chunk_t *chunk)
 {
 	chunk_t signature;
@@ -68,13 +73,16 @@ static void allocate_signature (private_hmac_signer_t *this, chunk_t data, chunk
 	signature.ptr = allocator_alloc(BLOCK_SIZE);
 	signature.len = BLOCK_SIZE;
 	
-	/* copy mac aka signature :-) */
+	/* copy signature */
 	memcpy(signature.ptr,full_mac,BLOCK_SIZE);
 
 	*chunk = signature;
 }
 
-static void verify_signature (private_hmac_signer_t *this, chunk_t data, chunk_t signature, bool *valid)
+/**
+ * Implementation of signer_t.verify_signature.
+ */
+static bool verify_signature (private_hmac_signer_t *this, chunk_t data, chunk_t signature)
 {
 	u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
 	
@@ -82,38 +90,46 @@ static void verify_signature (private_hmac_signer_t *this, chunk_t data, chunk_t
 	
 	if (signature.len != BLOCK_SIZE)
 	{
-		*valid = FALSE;
-		return;
+		return FALSE;
 	}
 	
 	/* compare mac aka signature :-) */
 	if (memcmp(signature.ptr,full_mac,BLOCK_SIZE) == 0)
 	{
-		*valid = TRUE;
+		return TRUE;
 	}
 	else
 	{
-		*valid = FALSE;
+		return FALSE;
 	}
 }
 
+/**
+ * Implementation of signer_t.get_key_size.
+ */
 static size_t get_key_size (private_hmac_signer_t *this)
 {
 	return this->hmac_prf->get_block_size(this->hmac_prf);
 }
-	
+
+/**
+ * Implementation of signer_t.get_block_size.
+ */
 static size_t get_block_size (private_hmac_signer_t *this)
 {
 	return BLOCK_SIZE;
 }
-	
+
+/**
+ * Implementation of signer_t.set_key.
+ */
 static void set_key (private_hmac_signer_t *this, chunk_t key)
 {
 	this->hmac_prf->set_key(this->hmac_prf,key);
 }
 
 /**
- * implementation of signer_t.destroy.
+ * Implementation of signer_t.destroy.
  */
 static status_t destroy(private_hmac_signer_t *this)
 {
@@ -122,7 +138,6 @@ static status_t destroy(private_hmac_signer_t *this)
 	return SUCCESS;
 }
 
-
 /*
  * Described in header
  */
@@ -142,7 +157,7 @@ hmac_signer_t *hmac_signer_create(hash_algorithm_t hash_algoritm)
 	/* interface functions */
 	this->public.signer_interface.get_signature = (void (*) (signer_t*, chunk_t, u_int8_t*))get_signature;
 	this->public.signer_interface.allocate_signature = (void (*) (signer_t*, chunk_t, chunk_t*))allocate_signature;
-	this->public.signer_interface.verify_signature = (void (*) (signer_t*, chunk_t, chunk_t,bool *))verify_signature;
+	this->public.signer_interface.verify_signature = (bool (*) (signer_t*, chunk_t, chunk_t))verify_signature;
 	this->public.signer_interface.get_key_size = (size_t (*) (signer_t*))get_key_size;
 	this->public.signer_interface.get_block_size = (size_t (*) (signer_t*))get_block_size;
 	this->public.signer_interface.set_key = (void (*) (signer_t*,chunk_t))set_key;
diff --git a/Source/charon/transforms/signers/hmac_signer.h b/Source/charon/transforms/signers/hmac_signer.h
index 3504b5311..1ce23622d 100644
--- a/Source/charon/transforms/signers/hmac_signer.h
+++ b/Source/charon/transforms/signers/hmac_signer.h
@@ -29,7 +29,7 @@
 typedef struct hmac_signer_t hmac_signer_t;
 
 /**
- * @brief Implementation of hmac_signer_t interface using the
+ * @brief Implementation of signer_t interface using the
  * HMAC algorithm in combination with either MD5 or SHA1.
  * 
  * @ingroup signers
@@ -48,7 +48,7 @@ struct hmac_signer_t {
  * @param hash_algorithm	Hash algorithm to use with signer
  * @return					
  * 							- hmac_signer_t
- * 							- NULL if hash not supported
+ * 							- NULL if hash algorithm not supported
  * 
  * @ingroup signers
  */
diff --git a/Source/charon/transforms/signers/signer.c b/Source/charon/transforms/signers/signer.c
index 4d6d3e837..55e3cfc45 100644
--- a/Source/charon/transforms/signers/signer.c
+++ b/Source/charon/transforms/signers/signer.c
@@ -25,7 +25,7 @@
 #include <transforms/signers/hmac_signer.h>
 
 /** 
- * string mappings for integrity_algorithm_t
+ * String mappings for integrity_algorithm_t.
  */
 mapping_t integrity_algorithm_m[] = {
 	{AUTH_UNDEFINED, "AUTH_UNDEFINED"},
@@ -39,7 +39,7 @@ mapping_t integrity_algorithm_m[] = {
 
 
 /*
- * see header
+ * Described in header.
  */
 signer_t *signer_create(integrity_algorithm_t integrity_algorithm)
 {
diff --git a/Source/charon/transforms/signers/signer.h b/Source/charon/transforms/signers/signer.h
index ef0a89aed..1c339178c 100644
--- a/Source/charon/transforms/signers/signer.h
+++ b/Source/charon/transforms/signers/signer.h
@@ -31,10 +31,21 @@ typedef enum integrity_algorithm_t integrity_algorithm_t;
 /**
  * @brief Integrity algorithm, as in IKEv2 draft 3.3.2.
  * 
+ * Currently only the following algorithms are implemented and therefore supported:
+ * - AUTH_HMAC_MD5_96
+ * - AUTH_HMAC_SHA1_96
+ * 
+ * @ingroup signers
  */
 enum integrity_algorithm_t {
 	AUTH_UNDEFINED = 1024,
+	/**
+	 * Implemented in class hmac_signer_t.
+	 */
 	AUTH_HMAC_MD5_96 = 1,
+	/**
+	 * Implemented in class hmac_signer_t.
+	 */
 	AUTH_HMAC_SHA1_96 = 2,
 	AUTH_DES_MAC = 3,
 	AUTH_KPDK_MD5 = 4,
@@ -42,7 +53,7 @@ enum integrity_algorithm_t {
 };
 
 /** 
- * string mappings for integrity_algorithm_t
+ * String mappings for integrity_algorithm_t.
  */
 extern mapping_t integrity_algorithm_m[];
 
@@ -52,13 +63,19 @@ typedef struct signer_t signer_t;
 /**
  * @brief Generig interface for a symmetric signature algorithm.
  * 
+ * @b Constructors:
+ *  - signer_create()
+ *  - hmac_signer_create()
+ * 
+ * @todo Implement more integrity algorithms
+ * 
  * @ingroup signers
  */
 struct signer_t {
 	/**
 	 * @brief Generate a signature.
 	 * 
-	 * @param this			calling signer
+	 * @param this			calling object
 	 * @param data			a chunk containing the data to sign
 	 * @param[out] buffer	pointer where the signature will be written
 	 */
@@ -67,7 +84,7 @@ struct signer_t {
 	/**
 	 * @brief Generate a signature and allocate space for it.
 	 * 
-	 * @param this			calling signer
+	 * @param this			calling object
 	 * @param data			a chunk containing the data to sign
 	 * @param[out] chunk	chunk which will hold the allocated signature
 	 */
@@ -76,17 +93,17 @@ struct signer_t {
 	/**
 	 * @brief Verify a signature.
 	 * 
-	 * @param this			calling signer
+	 * @param this			calling object
 	 * @param data			a chunk containing the data to verify
 	 * @param signature		a chunk containing the signature
-	 * @param[out] vaild	set to TRUE, if signature is valid, to FALSE otherwise
+	 * @return				TRUE, if signature is valid, FALSE otherwise
 	 */
-	void (*verify_signature) (signer_t *this, chunk_t data, chunk_t signature, bool *valid);
+	bool (*verify_signature) (signer_t *this, chunk_t data, chunk_t signature);
 	
 	/**
 	 * @brief Get the block size of this signature algorithm.
 	 * 
-	 * @param this			calling signer
+	 * @param this			calling object
 	 * @return				block size in bytes
 	 */
 	size_t (*get_block_size) (signer_t *this);
@@ -94,23 +111,23 @@ struct signer_t {
 	/**
 	 * @brief Get the key size of the signature algorithm.
 	 * 
-	 * @param this			calling signer
+	 * @param this			calling object
 	 * @return				key size in bytes
 	 */
 	size_t (*get_key_size) (signer_t *this);
 	
 	/**
-	 * @brief Set the key for this signer.
+	 * @brief Set the key for this object.
 	 * 
-	 * @param this			calling signer
+	 * @param this			calling object
 	 * @param key			key to set
 	 */
 	void (*set_key) (signer_t *this, chunk_t key);
 	
 	/**
-	 * @brief Destroys a signer object.
+	 * @brief Destroys a signer_t object.
 	 *
-	 * @param this			signer_t object to destroy
+	 * @param this			calling object
 	 */
 	void (*destroy) (signer_t *this);
 };
@@ -120,7 +137,7 @@ struct signer_t {
  * 
  * @param integrity_algorithm	Algorithm to use for signing and verifying.
  * @return
- * 								- signer_t if successfully, 
+ * 								- signer_t object
  * 								- NULL if signer not supported
  * 
  * @ingroup signers