aboutsummaryrefslogtreecommitdiffstats
path: root/Source
diff options
context:
space:
mode:
Diffstat (limited to 'Source')
-rw-r--r--Source/charon/encoding/payloads/encryption_payload.c2
-rw-r--r--Source/charon/testcases/hmac_signer_test.c8
-rw-r--r--Source/charon/threads/receiver.h3
-rw-r--r--Source/charon/threads/sender.c19
-rw-r--r--Source/charon/threads/sender.h11
-rw-r--r--Source/charon/transforms/signers/hmac_signer.c45
-rw-r--r--Source/charon/transforms/signers/hmac_signer.h4
-rw-r--r--Source/charon/transforms/signers/signer.c4
-rw-r--r--Source/charon/transforms/signers/signer.h43
9 files changed, 88 insertions, 51 deletions
diff --git a/Source/charon/encoding/payloads/encryption_payload.c b/Source/charon/encoding/payloads/encryption_payload.c
index 7e5fb18ba..5ae44acc5 100644
--- a/Source/charon/encoding/payloads/encryption_payload.c
+++ b/Source/charon/encoding/payloads/encryption_payload.c
@@ -456,7 +456,7 @@ static status_t verify_signature(private_encryption_payload_t *this, chunk_t dat
/* verify it */
data_without_sig.len = data.len - sig.len;
data_without_sig.ptr = data.ptr;
- this->signer->verify_signature(this->signer, data_without_sig, sig, &valid);
+ valid = this->signer->verify_signature(this->signer, data_without_sig, sig);
if (!valid)
{
diff --git a/Source/charon/testcases/hmac_signer_test.c b/Source/charon/testcases/hmac_signer_test.c
index a453fe6fd..016ee13c4 100644
--- a/Source/charon/testcases/hmac_signer_test.c
+++ b/Source/charon/testcases/hmac_signer_test.c
@@ -99,10 +99,10 @@ void test_hmac_md5_signer(tester_t *tester)
logger->log_chunk(logger,RAW,"expected signature:",&reference[i]);
logger->log_chunk(logger,RAW,"signature:",&signature[i]);
allocator_free(signature[i].ptr);
- signer->verify_signature(signer, data[i],reference[i], &valid);
+ valid = signer->verify_signature(signer, data[i],reference[i]);
tester->assert_true(tester, (valid == TRUE), "Signature valid check");
- signer->verify_signature(signer, data[i],wrong_reference[i], &valid);
+ valid = signer->verify_signature(signer, data[i],wrong_reference[i]);
tester->assert_true(tester, (valid == FALSE), "Signature not valid check");
}
@@ -197,10 +197,10 @@ void test_hmac_sha1_signer(tester_t *tester)
logger->log_chunk(logger,RAW,"expected signature:",&reference[i]);
logger->log_chunk(logger,RAW,"signature:",&signature[i]);
allocator_free(signature[i].ptr);
- signer->verify_signature(signer, data[i],reference[i], &valid);
+ valid = signer->verify_signature(signer, data[i],reference[i]);
tester->assert_true(tester, (valid == TRUE), "Signature valid check");
- signer->verify_signature(signer, data[i],wrong_reference[i], &valid);
+ valid = signer->verify_signature(signer, data[i],wrong_reference[i]);
tester->assert_true(tester, (valid == FALSE), "Signature not valid check");
}
diff --git a/Source/charon/threads/receiver.h b/Source/charon/threads/receiver.h
index a7269b73f..415ea5191 100644
--- a/Source/charon/threads/receiver.h
+++ b/Source/charon/threads/receiver.h
@@ -25,13 +25,14 @@
#include <types.h>
+
typedef struct receiver_t receiver_t;
/**
* @brief Receives packets from the socket and adds them to the job queue.
*
* The receiver starts a thread, wich reads on the blocking socket. If
- * there is data available, a packet_t is created from the data, wrapped
+ * data is available, a packet_t object is created , wrapped
* in an incoming_packet_job_t and added to the job queue.
*
* @ingroup threads
diff --git a/Source/charon/threads/sender.c b/Source/charon/threads/sender.c
index cb33d8405..3719c6b6c 100644
--- a/Source/charon/threads/sender.c
+++ b/Source/charon/threads/sender.c
@@ -32,38 +32,39 @@
#include <utils/allocator.h>
#include <utils/logger_manager.h>
+
typedef struct private_sender_t private_sender_t;
/**
- * Private data of a sender object
+ * Private data of a sender_t object.
*/
struct private_sender_t {
/**
- * Public part of a sender object
+ * Public part of a sender_t object.
*/
sender_t public;
/**
- * Assigned thread to the sender_t object
+ * Assigned thread.
*/
pthread_t assigned_thread;
/**
- * @brief The threads function, sends out packets.
+ * @brief The thread function, sends out packets.
*
- * @param this assigned sender object
+ * @param this calling object
*/
void (*send_packets) (private_sender_t * this);
/**
- * logger for this sender
+ * A logger for this sender_t object.
*/
logger_t *logger;
};
/**
- * implements private_sender_t.send_packets
+ * Implementation of private_sender_t.send_packets.
*/
static void send_packets(private_sender_t * this)
{
@@ -90,7 +91,7 @@ static void send_packets(private_sender_t * this)
}
/**
- * implements sender_t.destroy
+ * Implementation of sender_t.destroy.
*/
static void destroy(private_sender_t *this)
{
@@ -106,7 +107,7 @@ static void destroy(private_sender_t *this)
}
/*
- * see header
+ * Described in header.
*/
sender_t * sender_create()
{
diff --git a/Source/charon/threads/sender.h b/Source/charon/threads/sender.h
index 1192ef76e..ea8124147 100644
--- a/Source/charon/threads/sender.h
+++ b/Source/charon/threads/sender.h
@@ -28,16 +28,19 @@
typedef struct sender_t sender_t;
/**
- * @brief Sends packets over the socket.
+ * @brief Thread responsible for sending packets over the socket.
+ *
+ * @b Constructors:
+ * - sender_create()
*
* @ingroup threads
*/
struct sender_t {
/**
- * @brief Destroys a sender object
+ * @brief Destroys a sender object.
*
- * @param sender sender object
+ * @param sender calling object
*/
void (*destroy) (sender_t *sender);
};
@@ -50,7 +53,7 @@ struct sender_t {
* from the send queue and sends them out.
*
* @return
- * - created sender_t, or
+ * - sender_t object
* - NULL of thread could not be started
*
* @ingroup threads
diff --git a/Source/charon/transforms/signers/hmac_signer.c b/Source/charon/transforms/signers/hmac_signer.c
index a38999567..ed17b23a6 100644
--- a/Source/charon/transforms/signers/hmac_signer.c
+++ b/Source/charon/transforms/signers/hmac_signer.c
@@ -26,18 +26,18 @@
#include <transforms/prfs/hmac_prf.h>
/**
- * This class represents a hmac signer with 12 byte (96 bit) output
+ * This class represents a hmac signer with 12 byte (96 bit) output.
*/
#define BLOCK_SIZE 12
typedef struct private_hmac_signer_t private_hmac_signer_t;
/**
- * private data structure with signing context.
+ * Private data structure with signing context.
*/
struct private_hmac_signer_t {
/**
- * Public interface for this signer.
+ * Public interface of hmac_signer_t.
*/
hmac_signer_t public;
@@ -47,7 +47,9 @@ struct private_hmac_signer_t {
prf_t *hmac_prf;
};
-
+/**
+ * Implementation of signer_t.get_signature.
+ */
static void get_signature (private_hmac_signer_t *this, chunk_t data, u_int8_t *buffer)
{
u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
@@ -58,6 +60,9 @@ static void get_signature (private_hmac_signer_t *this, chunk_t data, u_int8_t *
memcpy(buffer,full_mac,BLOCK_SIZE);
}
+/**
+ * Implementation of signer_t.allocate_signature.
+ */
static void allocate_signature (private_hmac_signer_t *this, chunk_t data, chunk_t *chunk)
{
chunk_t signature;
@@ -68,13 +73,16 @@ static void allocate_signature (private_hmac_signer_t *this, chunk_t data, chunk
signature.ptr = allocator_alloc(BLOCK_SIZE);
signature.len = BLOCK_SIZE;
- /* copy mac aka signature :-) */
+ /* copy signature */
memcpy(signature.ptr,full_mac,BLOCK_SIZE);
*chunk = signature;
}
-static void verify_signature (private_hmac_signer_t *this, chunk_t data, chunk_t signature, bool *valid)
+/**
+ * Implementation of signer_t.verify_signature.
+ */
+static bool verify_signature (private_hmac_signer_t *this, chunk_t data, chunk_t signature)
{
u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
@@ -82,38 +90,46 @@ static void verify_signature (private_hmac_signer_t *this, chunk_t data, chunk_t
if (signature.len != BLOCK_SIZE)
{
- *valid = FALSE;
- return;
+ return FALSE;
}
/* compare mac aka signature :-) */
if (memcmp(signature.ptr,full_mac,BLOCK_SIZE) == 0)
{
- *valid = TRUE;
+ return TRUE;
}
else
{
- *valid = FALSE;
+ return FALSE;
}
}
+/**
+ * Implementation of signer_t.get_key_size.
+ */
static size_t get_key_size (private_hmac_signer_t *this)
{
return this->hmac_prf->get_block_size(this->hmac_prf);
}
-
+
+/**
+ * Implementation of signer_t.get_block_size.
+ */
static size_t get_block_size (private_hmac_signer_t *this)
{
return BLOCK_SIZE;
}
-
+
+/**
+ * Implementation of signer_t.set_key.
+ */
static void set_key (private_hmac_signer_t *this, chunk_t key)
{
this->hmac_prf->set_key(this->hmac_prf,key);
}
/**
- * implementation of signer_t.destroy.
+ * Implementation of signer_t.destroy.
*/
static status_t destroy(private_hmac_signer_t *this)
{
@@ -122,7 +138,6 @@ static status_t destroy(private_hmac_signer_t *this)
return SUCCESS;
}
-
/*
* Described in header
*/
@@ -142,7 +157,7 @@ hmac_signer_t *hmac_signer_create(hash_algorithm_t hash_algoritm)
/* interface functions */
this->public.signer_interface.get_signature = (void (*) (signer_t*, chunk_t, u_int8_t*))get_signature;
this->public.signer_interface.allocate_signature = (void (*) (signer_t*, chunk_t, chunk_t*))allocate_signature;
- this->public.signer_interface.verify_signature = (void (*) (signer_t*, chunk_t, chunk_t,bool *))verify_signature;
+ this->public.signer_interface.verify_signature = (bool (*) (signer_t*, chunk_t, chunk_t))verify_signature;
this->public.signer_interface.get_key_size = (size_t (*) (signer_t*))get_key_size;
this->public.signer_interface.get_block_size = (size_t (*) (signer_t*))get_block_size;
this->public.signer_interface.set_key = (void (*) (signer_t*,chunk_t))set_key;
diff --git a/Source/charon/transforms/signers/hmac_signer.h b/Source/charon/transforms/signers/hmac_signer.h
index 3504b5311..1ce23622d 100644
--- a/Source/charon/transforms/signers/hmac_signer.h
+++ b/Source/charon/transforms/signers/hmac_signer.h
@@ -29,7 +29,7 @@
typedef struct hmac_signer_t hmac_signer_t;
/**
- * @brief Implementation of hmac_signer_t interface using the
+ * @brief Implementation of signer_t interface using the
* HMAC algorithm in combination with either MD5 or SHA1.
*
* @ingroup signers
@@ -48,7 +48,7 @@ struct hmac_signer_t {
* @param hash_algorithm Hash algorithm to use with signer
* @return
* - hmac_signer_t
- * - NULL if hash not supported
+ * - NULL if hash algorithm not supported
*
* @ingroup signers
*/
diff --git a/Source/charon/transforms/signers/signer.c b/Source/charon/transforms/signers/signer.c
index 4d6d3e837..55e3cfc45 100644
--- a/Source/charon/transforms/signers/signer.c
+++ b/Source/charon/transforms/signers/signer.c
@@ -25,7 +25,7 @@
#include <transforms/signers/hmac_signer.h>
/**
- * string mappings for integrity_algorithm_t
+ * String mappings for integrity_algorithm_t.
*/
mapping_t integrity_algorithm_m[] = {
{AUTH_UNDEFINED, "AUTH_UNDEFINED"},
@@ -39,7 +39,7 @@ mapping_t integrity_algorithm_m[] = {
/*
- * see header
+ * Described in header.
*/
signer_t *signer_create(integrity_algorithm_t integrity_algorithm)
{
diff --git a/Source/charon/transforms/signers/signer.h b/Source/charon/transforms/signers/signer.h
index ef0a89aed..1c339178c 100644
--- a/Source/charon/transforms/signers/signer.h
+++ b/Source/charon/transforms/signers/signer.h
@@ -31,10 +31,21 @@ typedef enum integrity_algorithm_t integrity_algorithm_t;
/**
* @brief Integrity algorithm, as in IKEv2 draft 3.3.2.
*
+ * Currently only the following algorithms are implemented and therefore supported:
+ * - AUTH_HMAC_MD5_96
+ * - AUTH_HMAC_SHA1_96
+ *
+ * @ingroup signers
*/
enum integrity_algorithm_t {
AUTH_UNDEFINED = 1024,
+ /**
+ * Implemented in class hmac_signer_t.
+ */
AUTH_HMAC_MD5_96 = 1,
+ /**
+ * Implemented in class hmac_signer_t.
+ */
AUTH_HMAC_SHA1_96 = 2,
AUTH_DES_MAC = 3,
AUTH_KPDK_MD5 = 4,
@@ -42,7 +53,7 @@ enum integrity_algorithm_t {
};
/**
- * string mappings for integrity_algorithm_t
+ * String mappings for integrity_algorithm_t.
*/
extern mapping_t integrity_algorithm_m[];
@@ -52,13 +63,19 @@ typedef struct signer_t signer_t;
/**
* @brief Generig interface for a symmetric signature algorithm.
*
+ * @b Constructors:
+ * - signer_create()
+ * - hmac_signer_create()
+ *
+ * @todo Implement more integrity algorithms
+ *
* @ingroup signers
*/
struct signer_t {
/**
* @brief Generate a signature.
*
- * @param this calling signer
+ * @param this calling object
* @param data a chunk containing the data to sign
* @param[out] buffer pointer where the signature will be written
*/
@@ -67,7 +84,7 @@ struct signer_t {
/**
* @brief Generate a signature and allocate space for it.
*
- * @param this calling signer
+ * @param this calling object
* @param data a chunk containing the data to sign
* @param[out] chunk chunk which will hold the allocated signature
*/
@@ -76,17 +93,17 @@ struct signer_t {
/**
* @brief Verify a signature.
*
- * @param this calling signer
+ * @param this calling object
* @param data a chunk containing the data to verify
* @param signature a chunk containing the signature
- * @param[out] vaild set to TRUE, if signature is valid, to FALSE otherwise
+ * @return TRUE, if signature is valid, FALSE otherwise
*/
- void (*verify_signature) (signer_t *this, chunk_t data, chunk_t signature, bool *valid);
+ bool (*verify_signature) (signer_t *this, chunk_t data, chunk_t signature);
/**
* @brief Get the block size of this signature algorithm.
*
- * @param this calling signer
+ * @param this calling object
* @return block size in bytes
*/
size_t (*get_block_size) (signer_t *this);
@@ -94,23 +111,23 @@ struct signer_t {
/**
* @brief Get the key size of the signature algorithm.
*
- * @param this calling signer
+ * @param this calling object
* @return key size in bytes
*/
size_t (*get_key_size) (signer_t *this);
/**
- * @brief Set the key for this signer.
+ * @brief Set the key for this object.
*
- * @param this calling signer
+ * @param this calling object
* @param key key to set
*/
void (*set_key) (signer_t *this, chunk_t key);
/**
- * @brief Destroys a signer object.
+ * @brief Destroys a signer_t object.
*
- * @param this signer_t object to destroy
+ * @param this calling object
*/
void (*destroy) (signer_t *this);
};
@@ -120,7 +137,7 @@ struct signer_t {
*
* @param integrity_algorithm Algorithm to use for signing and verifying.
* @return
- * - signer_t if successfully,
+ * - signer_t object
* - NULL if signer not supported
*
* @ingroup signers
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-19 05:13:05 +0000