6 files changed, 193 insertions, 12 deletions
diff --git a/Source/charon/definitions.h b/Source/charon/definitions.h
index 3ad0b1614..e3bb85fda 100644
--- a/Source/charon/definitions.h
+++ b/Source/charon/definitions.h
@@ -63,7 +63,7 @@
 /**
  * @defgroup config
  * 
- * Configuration stuff.
+ * Classes which implement configuration related things.
  */
 
 /**
@@ -75,13 +75,13 @@
 /**
  * @defgroup network
  * 
- * Low level network stuff.
+ * Classes for network relevant stuff.
  */
  
  /**
  * @defgroup payloads
  * 
- * Classes representing a specific IKEv2 Payload type.
+ * Classes representing a specific IKEv2 Payload.
  * 
  * @ingroup encoding
  */
@@ -128,6 +128,14 @@
  */
  
 /**
+ * @defgroup rsa
+ * 
+ * RSA public key algorithm
+ * 
+ * @ingroup transforms
+ */
+ 
+/**
  * @defgroup prfs
  * 
  * Pseudo random functions, generate a lot of pseudo
diff --git a/Source/charon/queues/send_queue.c b/Source/charon/queues/send_queue.c
index af7240208..25ad1aaae 100644
--- a/Source/charon/queues/send_queue.c
+++ b/Source/charon/queues/send_queue.c
@@ -20,7 +20,7 @@
  * for more details.
  */
 
- #include <pthread.h>
+#include <pthread.h>
 
 #include "send_queue.h"
 
diff --git a/Source/charon/transforms/rsa/rsa_private_key.c b/Source/charon/transforms/rsa/rsa_private_key.c
index cc153f794..ce409979d 100644
--- a/Source/charon/transforms/rsa/rsa_private_key.c
+++ b/Source/charon/transforms/rsa/rsa_private_key.c
@@ -363,7 +363,7 @@ static status_t generate_key(private_rsa_private_key_t *this, size_t key_size)
 	mpz_t p, q, n, e, d, exp1, exp2, coeff;
 	mpz_t m, q1, t;
 	
-	if (key_size <= 0) 
+	if (key_size < 0) 
 	{
 		return INVALID_ARG;
 	}
diff --git a/Source/charon/transforms/rsa/rsa_private_key.h b/Source/charon/transforms/rsa/rsa_private_key.h
index 15f903308..ca4d3ab75 100644
--- a/Source/charon/transforms/rsa/rsa_private_key.h
+++ b/Source/charon/transforms/rsa/rsa_private_key.h
@@ -37,31 +37,125 @@ typedef struct rsa_private_key_t rsa_private_key_t;
  * 
  * Currently only supports signing using EMSA encoding.
  * 
- * @ingroup asymmetrics
+ * @todo Implement proper key set/get load/save
+ * methods using ASN1.
+ * 
+ * @b Constructors:
+ *  - rsa_private_key_create()
+ * 
+ * @see rsa_public_key_t
+ * 
+ * @ingroup rsa
  */
 struct rsa_private_key_t {
 
+	/**
+	 * @bief Build a signature over a chunk using EMSA-PKCS1 encoding.
+	 * 
+	 * This signature creates a hash using the specied hash algorithm, concatenates
+	 * it with an ASN1-OID of the hash algorithm and runs the RSASP1 function
+	 * on it.
+	 * 
+	 * @param this				rsa_private_key to use
+	 * @param hash_algorithm	hash algorithm to use for hashing
+	 * @param data				data to sign
+	 * @param[out] signature	allocated signature
+	 * @return
+	 * 							- SUCCESS
+	 * 							- INVALID_STATE, if key not set
+	 * 							- NOT_SUPPORTED, if hash algorithm not supported
+	 */
 	status_t (*build_emsa_pkcs1_signature) (rsa_private_key_t *this, hash_algorithm_t hash_algorithm, chunk_t data, chunk_t *signature);
 	
+	/**
+	 * @brief Set the key.
+	 * 
+	 * Currently uses a proprietary format which is only inteded
+	 * for testing. This should be replaced with a proper
+	 * ASN1 encoded key format, when charon gets the ASN1 
+	 * capabilities.
+	 * 
+	 * @param this				calling object
+	 * @param key				key (in a propriarity format)
+	 * @return					currently SUCCESS in any case
+	 */
 	status_t (*set_key) (rsa_private_key_t *this, chunk_t key);
 	
+	/**
+	 * @brief Gets the key.
+	 * 
+	 * Currently uses a proprietary format which is only inteded
+	 * for testing. This should be replaced with a proper
+	 * ASN1 encoded key format, when charon gets the ASN1 
+	 * capabilities.
+	 * 
+	 * @param this				calling object
+	 * @param key				key (in a propriarity format)
+	 * @return					
+	 * 							- SUCCESS
+	 * 							- INVALID_STATE, if key not set
+	 */
 	status_t (*get_key) (rsa_private_key_t *this, chunk_t *key);
 	
+	/**
+	 * @brief Loads a key from a file.
+	 * 
+	 * Not implemented!
+	 * 
+	 * @param this				calling object
+	 * @param file				file from which key should be read
+	 * @return					NOT_SUPPORTED
+	 */
 	status_t (*load_key) (rsa_private_key_t *this, char *file);
 	
+	/**
+	 * @brief Saves a key to a file.
+	 * 
+	 * Not implemented!
+	 * 
+	 * @param this				calling object
+	 * @param file				file to which the key should be written.
+	 * @return					NOT_SUPPORTED
+	 */
 	status_t (*save_key) (rsa_private_key_t *this, char *file);
 	
+	/**
+	 * @brief Generate a new key.
+	 * 
+	 * Generates a new private_key with specified key size
+	 * 
+	 * @param this				calling object
+	 * @param key_size			size of the key in bits
+	 * @return					
+	 * 							- SUCCESS
+	 * 							- INVALID_ARG if key_size invalid
+	 */
 	status_t (*generate_key) (rsa_private_key_t *this, size_t key_size);
 	
+	/**
+	 * @brief Create a rsa_public_key_t with the public
+	 * parts of the key.
+	 * 
+	 * @param this				calling object
+	 * @return					public_key
+	 */
 	rsa_public_key_t *(*get_public_key) (rsa_private_key_t *this);
-
+	
+	/**
+	 * @brief Destroys the private key.
+	 * 
+	 * @param this				private key to destroy
+	 */
 	void (*destroy) (rsa_private_key_t *this);
 };
 
 /**
- * Types are defined in public_key.h
+ * @brief Create a new rsa_private_key without
+ * any key inside.
+ * 
+ * @return created rsa_private_key_t.
  * 
- * @ingroup asymmetrics
+ * @ingroup rsa
  */
 rsa_private_key_t *rsa_private_key_create();
 
diff --git a/Source/charon/transforms/rsa/rsa_public_key.c b/Source/charon/transforms/rsa/rsa_public_key.c
index 3856fc89d..72520cd22 100644
--- a/Source/charon/transforms/rsa/rsa_public_key.c
+++ b/Source/charon/transforms/rsa/rsa_public_key.c
@@ -147,6 +147,11 @@ static status_t verify_emsa_pkcs1_signature(private_rsa_public_key_t *this, chun
 	chunk_t em;
 	u_int8_t *pos;
 	
+	if(!this->is_key_set)
+	{
+		return INVALID_STATE;	
+	}
+	
 	if (signature.len > this->k)
 	{
 		return INVALID_ARG;	
diff --git a/Source/charon/transforms/rsa/rsa_public_key.h b/Source/charon/transforms/rsa/rsa_public_key.h
index 10343f5da..6653bc643 100644
--- a/Source/charon/transforms/rsa/rsa_public_key.h
+++ b/Source/charon/transforms/rsa/rsa_public_key.h
@@ -37,26 +37,100 @@ typedef struct rsa_public_key_t rsa_public_key_t;
  * Currently only supports signature verification using
  * the EMSA encoding (see PKCS1)
  * 
- * @ingroup asymmetrics
+ * @b Constructors:
+ * - rsa_public_key_create()
+ * 
+ * @see rsa_private_key_t
+ * 
+ * @ingroup rsa
  */
 struct rsa_public_key_t {
 
+	/**
+	 * @bief Verify a EMSA-PKCS1 encodined signature.
+	 * 
+	 * Processes the supplied signature with the RSAVP1 function,
+	 * selects the hash algorithm form the resultign ASN1-OID and
+	 * verifies the hash against the supplied data.
+	 * 
+	 * @param this				rsa_private_key to use
+	 * @param data				data to sign
+	 * @param signature			signature to verify
+	 * @return
+	 * 							- SUCCESS, if signature ok
+	 * 							- INVALID_STATE, if key not set
+	 * 							- NOT_SUPPORTED, if hash algorithm not supported
+	 * 							- INVALID_ARG, if signature is not a signature
+	 * 							- FAILED if signature invalid or unable to verify
+	 */
 	status_t (*verify_emsa_pkcs1_signature) (rsa_public_key_t *this, chunk_t data, chunk_t signature);
 	
+	/**
+	 * @brief Set the key.
+	 * 
+	 * Currently uses a proprietary format which is only inteded
+	 * for testing. This should be replaced with a proper
+	 * ASN1 encoded key format, when charon gets the ASN1 
+	 * capabilities.
+	 * 
+	 * @param this				calling object
+	 * @param key				key (in a propriarity format)
+	 * @return					currently SUCCESS in any case
+	 */
 	status_t (*set_key) (rsa_public_key_t *this, chunk_t key);
 	
+	/**
+	 * @brief Gets the key.
+	 * 
+	 * Currently uses a proprietary format which is only inteded
+	 * for testing. This should be replaced with a proper
+	 * ASN1 encoded key format, when charon gets the ASN1 
+	 * capabilities.
+	 * 
+	 * @param this				calling object
+	 * @param key				key (in a propriarity format)
+	 * @return					
+	 * 							- SUCCESS
+	 * 							- INVALID_STATE, if key not set
+	 */
 	status_t (*get_key) (rsa_public_key_t *this, chunk_t *key);
 	
+	/**
+	 * @brief Loads a key from a file.
+	 * 
+	 * Not implemented!
+	 * 
+	 * @param this				calling object
+	 * @param file				file from which key should be read
+	 * @return					NOT_SUPPORTED
+	 */
 	status_t (*load_key) (rsa_public_key_t *this, char *file);
 	
+	/**
+	 * @brief Saves a key to a file.
+	 * 
+	 * Not implemented!
+	 * 
+	 * @param this				calling object
+	 * @param file				file to which the key should be written.
+	 * @return					NOT_SUPPORTED
+	 */
 	status_t (*save_key) (rsa_public_key_t *this, char *file);
-
+	
+	/**
+	 * @brief Destroys the public key.
+	 * 
+	 * @param this				public key to destroy
+	 */
 	void (*destroy) (rsa_public_key_t *this);
 };
 
 /**
+ * @brief Create a public key without any key inside.
+ * 
+ * @return created rsa_public_key_t.
  * 
- * @ingroup asymmetrics
+ * @ingroup rsa
  */
 rsa_public_key_t *rsa_public_key_create();