From f1046648362e045781ad7eee6f821d0675178b80 Mon Sep 17 00:00:00 2001 From: Jan Hutter Date: Tue, 6 Dec 2005 16:04:39 +0000 Subject: [PATCH] - code cleaned up --- .../encoding/payloads/encryption_payload.c | 2 +- Source/charon/testcases/hmac_signer_test.c | 8 ++-- Source/charon/threads/receiver.h | 3 +- Source/charon/threads/sender.c | 19 ++++---- Source/charon/threads/sender.h | 11 +++-- .../charon/transforms/signers/hmac_signer.c | 45 ++++++++++++------- .../charon/transforms/signers/hmac_signer.h | 4 +- Source/charon/transforms/signers/signer.c | 4 +- Source/charon/transforms/signers/signer.h | 43 ++++++++++++------ 9 files changed, 88 insertions(+), 51 deletions(-) diff --git a/Source/charon/encoding/payloads/encryption_payload.c b/Source/charon/encoding/payloads/encryption_payload.c index 7e5fb18ba..5ae44acc5 100644 --- a/Source/charon/encoding/payloads/encryption_payload.c +++ b/Source/charon/encoding/payloads/encryption_payload.c @@ -456,7 +456,7 @@ static status_t verify_signature(private_encryption_payload_t *this, chunk_t dat /* verify it */ data_without_sig.len = data.len - sig.len; data_without_sig.ptr = data.ptr; - this->signer->verify_signature(this->signer, data_without_sig, sig, &valid); + valid = this->signer->verify_signature(this->signer, data_without_sig, sig); if (!valid) { diff --git a/Source/charon/testcases/hmac_signer_test.c b/Source/charon/testcases/hmac_signer_test.c index a453fe6fd..016ee13c4 100644 --- a/Source/charon/testcases/hmac_signer_test.c +++ b/Source/charon/testcases/hmac_signer_test.c @@ -99,10 +99,10 @@ void test_hmac_md5_signer(tester_t *tester) logger->log_chunk(logger,RAW,"expected signature:",&reference[i]); logger->log_chunk(logger,RAW,"signature:",&signature[i]); allocator_free(signature[i].ptr); - signer->verify_signature(signer, data[i],reference[i], &valid); + valid = signer->verify_signature(signer, data[i],reference[i]); tester->assert_true(tester, (valid == TRUE), "Signature valid check"); - signer->verify_signature(signer, data[i],wrong_reference[i], &valid); + valid = signer->verify_signature(signer, data[i],wrong_reference[i]); tester->assert_true(tester, (valid == FALSE), "Signature not valid check"); } @@ -197,10 +197,10 @@ void test_hmac_sha1_signer(tester_t *tester) logger->log_chunk(logger,RAW,"expected signature:",&reference[i]); logger->log_chunk(logger,RAW,"signature:",&signature[i]); allocator_free(signature[i].ptr); - signer->verify_signature(signer, data[i],reference[i], &valid); + valid = signer->verify_signature(signer, data[i],reference[i]); tester->assert_true(tester, (valid == TRUE), "Signature valid check"); - signer->verify_signature(signer, data[i],wrong_reference[i], &valid); + valid = signer->verify_signature(signer, data[i],wrong_reference[i]); tester->assert_true(tester, (valid == FALSE), "Signature not valid check"); } diff --git a/Source/charon/threads/receiver.h b/Source/charon/threads/receiver.h index a7269b73f..415ea5191 100644 --- a/Source/charon/threads/receiver.h +++ b/Source/charon/threads/receiver.h @@ -25,13 +25,14 @@ #include + typedef struct receiver_t receiver_t; /** * @brief Receives packets from the socket and adds them to the job queue. * * The receiver starts a thread, wich reads on the blocking socket. If - * there is data available, a packet_t is created from the data, wrapped + * data is available, a packet_t object is created , wrapped * in an incoming_packet_job_t and added to the job queue. * * @ingroup threads diff --git a/Source/charon/threads/sender.c b/Source/charon/threads/sender.c index cb33d8405..3719c6b6c 100644 --- a/Source/charon/threads/sender.c +++ b/Source/charon/threads/sender.c @@ -32,38 +32,39 @@ #include #include + typedef struct private_sender_t private_sender_t; /** - * Private data of a sender object + * Private data of a sender_t object. */ struct private_sender_t { /** - * Public part of a sender object + * Public part of a sender_t object. */ sender_t public; /** - * Assigned thread to the sender_t object + * Assigned thread. */ pthread_t assigned_thread; /** - * @brief The threads function, sends out packets. + * @brief The thread function, sends out packets. * - * @param this assigned sender object + * @param this calling object */ void (*send_packets) (private_sender_t * this); /** - * logger for this sender + * A logger for this sender_t object. */ logger_t *logger; }; /** - * implements private_sender_t.send_packets + * Implementation of private_sender_t.send_packets. */ static void send_packets(private_sender_t * this) { @@ -90,7 +91,7 @@ static void send_packets(private_sender_t * this) } /** - * implements sender_t.destroy + * Implementation of sender_t.destroy. */ static void destroy(private_sender_t *this) { @@ -106,7 +107,7 @@ static void destroy(private_sender_t *this) } /* - * see header + * Described in header. */ sender_t * sender_create() { diff --git a/Source/charon/threads/sender.h b/Source/charon/threads/sender.h index 1192ef76e..ea8124147 100644 --- a/Source/charon/threads/sender.h +++ b/Source/charon/threads/sender.h @@ -28,16 +28,19 @@ typedef struct sender_t sender_t; /** - * @brief Sends packets over the socket. + * @brief Thread responsible for sending packets over the socket. + * + * @b Constructors: + * - sender_create() * * @ingroup threads */ struct sender_t { /** - * @brief Destroys a sender object + * @brief Destroys a sender object. * - * @param sender sender object + * @param sender calling object */ void (*destroy) (sender_t *sender); }; @@ -50,7 +53,7 @@ struct sender_t { * from the send queue and sends them out. * * @return - * - created sender_t, or + * - sender_t object * - NULL of thread could not be started * * @ingroup threads diff --git a/Source/charon/transforms/signers/hmac_signer.c b/Source/charon/transforms/signers/hmac_signer.c index a38999567..ed17b23a6 100644 --- a/Source/charon/transforms/signers/hmac_signer.c +++ b/Source/charon/transforms/signers/hmac_signer.c @@ -26,18 +26,18 @@ #include /** - * This class represents a hmac signer with 12 byte (96 bit) output + * This class represents a hmac signer with 12 byte (96 bit) output. */ #define BLOCK_SIZE 12 typedef struct private_hmac_signer_t private_hmac_signer_t; /** - * private data structure with signing context. + * Private data structure with signing context. */ struct private_hmac_signer_t { /** - * Public interface for this signer. + * Public interface of hmac_signer_t. */ hmac_signer_t public; @@ -47,7 +47,9 @@ struct private_hmac_signer_t { prf_t *hmac_prf; }; - +/** + * Implementation of signer_t.get_signature. + */ static void get_signature (private_hmac_signer_t *this, chunk_t data, u_int8_t *buffer) { u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)]; @@ -58,6 +60,9 @@ static void get_signature (private_hmac_signer_t *this, chunk_t data, u_int8_t * memcpy(buffer,full_mac,BLOCK_SIZE); } +/** + * Implementation of signer_t.allocate_signature. + */ static void allocate_signature (private_hmac_signer_t *this, chunk_t data, chunk_t *chunk) { chunk_t signature; @@ -68,13 +73,16 @@ static void allocate_signature (private_hmac_signer_t *this, chunk_t data, chunk signature.ptr = allocator_alloc(BLOCK_SIZE); signature.len = BLOCK_SIZE; - /* copy mac aka signature :-) */ + /* copy signature */ memcpy(signature.ptr,full_mac,BLOCK_SIZE); *chunk = signature; } -static void verify_signature (private_hmac_signer_t *this, chunk_t data, chunk_t signature, bool *valid) +/** + * Implementation of signer_t.verify_signature. + */ +static bool verify_signature (private_hmac_signer_t *this, chunk_t data, chunk_t signature) { u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)]; @@ -82,38 +90,46 @@ static void verify_signature (private_hmac_signer_t *this, chunk_t data, chunk_t if (signature.len != BLOCK_SIZE) { - *valid = FALSE; - return; + return FALSE; } /* compare mac aka signature :-) */ if (memcmp(signature.ptr,full_mac,BLOCK_SIZE) == 0) { - *valid = TRUE; + return TRUE; } else { - *valid = FALSE; + return FALSE; } } +/** + * Implementation of signer_t.get_key_size. + */ static size_t get_key_size (private_hmac_signer_t *this) { return this->hmac_prf->get_block_size(this->hmac_prf); } - + +/** + * Implementation of signer_t.get_block_size. + */ static size_t get_block_size (private_hmac_signer_t *this) { return BLOCK_SIZE; } - + +/** + * Implementation of signer_t.set_key. + */ static void set_key (private_hmac_signer_t *this, chunk_t key) { this->hmac_prf->set_key(this->hmac_prf,key); } /** - * implementation of signer_t.destroy. + * Implementation of signer_t.destroy. */ static status_t destroy(private_hmac_signer_t *this) { @@ -122,7 +138,6 @@ static status_t destroy(private_hmac_signer_t *this) return SUCCESS; } - /* * Described in header */ @@ -142,7 +157,7 @@ hmac_signer_t *hmac_signer_create(hash_algorithm_t hash_algoritm) /* interface functions */ this->public.signer_interface.get_signature = (void (*) (signer_t*, chunk_t, u_int8_t*))get_signature; this->public.signer_interface.allocate_signature = (void (*) (signer_t*, chunk_t, chunk_t*))allocate_signature; - this->public.signer_interface.verify_signature = (void (*) (signer_t*, chunk_t, chunk_t,bool *))verify_signature; + this->public.signer_interface.verify_signature = (bool (*) (signer_t*, chunk_t, chunk_t))verify_signature; this->public.signer_interface.get_key_size = (size_t (*) (signer_t*))get_key_size; this->public.signer_interface.get_block_size = (size_t (*) (signer_t*))get_block_size; this->public.signer_interface.set_key = (void (*) (signer_t*,chunk_t))set_key; diff --git a/Source/charon/transforms/signers/hmac_signer.h b/Source/charon/transforms/signers/hmac_signer.h index 3504b5311..1ce23622d 100644 --- a/Source/charon/transforms/signers/hmac_signer.h +++ b/Source/charon/transforms/signers/hmac_signer.h @@ -29,7 +29,7 @@ typedef struct hmac_signer_t hmac_signer_t; /** - * @brief Implementation of hmac_signer_t interface using the + * @brief Implementation of signer_t interface using the * HMAC algorithm in combination with either MD5 or SHA1. * * @ingroup signers @@ -48,7 +48,7 @@ struct hmac_signer_t { * @param hash_algorithm Hash algorithm to use with signer * @return * - hmac_signer_t - * - NULL if hash not supported + * - NULL if hash algorithm not supported * * @ingroup signers */ diff --git a/Source/charon/transforms/signers/signer.c b/Source/charon/transforms/signers/signer.c index 4d6d3e837..55e3cfc45 100644 --- a/Source/charon/transforms/signers/signer.c +++ b/Source/charon/transforms/signers/signer.c @@ -25,7 +25,7 @@ #include /** - * string mappings for integrity_algorithm_t + * String mappings for integrity_algorithm_t. */ mapping_t integrity_algorithm_m[] = { {AUTH_UNDEFINED, "AUTH_UNDEFINED"}, @@ -39,7 +39,7 @@ mapping_t integrity_algorithm_m[] = { /* - * see header + * Described in header. */ signer_t *signer_create(integrity_algorithm_t integrity_algorithm) { diff --git a/Source/charon/transforms/signers/signer.h b/Source/charon/transforms/signers/signer.h index ef0a89aed..1c339178c 100644 --- a/Source/charon/transforms/signers/signer.h +++ b/Source/charon/transforms/signers/signer.h @@ -31,10 +31,21 @@ typedef enum integrity_algorithm_t integrity_algorithm_t; /** * @brief Integrity algorithm, as in IKEv2 draft 3.3.2. * + * Currently only the following algorithms are implemented and therefore supported: + * - AUTH_HMAC_MD5_96 + * - AUTH_HMAC_SHA1_96 + * + * @ingroup signers */ enum integrity_algorithm_t { AUTH_UNDEFINED = 1024, + /** + * Implemented in class hmac_signer_t. + */ AUTH_HMAC_MD5_96 = 1, + /** + * Implemented in class hmac_signer_t. + */ AUTH_HMAC_SHA1_96 = 2, AUTH_DES_MAC = 3, AUTH_KPDK_MD5 = 4, @@ -42,7 +53,7 @@ enum integrity_algorithm_t { }; /** - * string mappings for integrity_algorithm_t + * String mappings for integrity_algorithm_t. */ extern mapping_t integrity_algorithm_m[]; @@ -52,13 +63,19 @@ typedef struct signer_t signer_t; /** * @brief Generig interface for a symmetric signature algorithm. * + * @b Constructors: + * - signer_create() + * - hmac_signer_create() + * + * @todo Implement more integrity algorithms + * * @ingroup signers */ struct signer_t { /** * @brief Generate a signature. * - * @param this calling signer + * @param this calling object * @param data a chunk containing the data to sign * @param[out] buffer pointer where the signature will be written */ @@ -67,7 +84,7 @@ struct signer_t { /** * @brief Generate a signature and allocate space for it. * - * @param this calling signer + * @param this calling object * @param data a chunk containing the data to sign * @param[out] chunk chunk which will hold the allocated signature */ @@ -76,17 +93,17 @@ struct signer_t { /** * @brief Verify a signature. * - * @param this calling signer + * @param this calling object * @param data a chunk containing the data to verify * @param signature a chunk containing the signature - * @param[out] vaild set to TRUE, if signature is valid, to FALSE otherwise + * @return TRUE, if signature is valid, FALSE otherwise */ - void (*verify_signature) (signer_t *this, chunk_t data, chunk_t signature, bool *valid); + bool (*verify_signature) (signer_t *this, chunk_t data, chunk_t signature); /** * @brief Get the block size of this signature algorithm. * - * @param this calling signer + * @param this calling object * @return block size in bytes */ size_t (*get_block_size) (signer_t *this); @@ -94,23 +111,23 @@ struct signer_t { /** * @brief Get the key size of the signature algorithm. * - * @param this calling signer + * @param this calling object * @return key size in bytes */ size_t (*get_key_size) (signer_t *this); /** - * @brief Set the key for this signer. + * @brief Set the key for this object. * - * @param this calling signer + * @param this calling object * @param key key to set */ void (*set_key) (signer_t *this, chunk_t key); /** - * @brief Destroys a signer object. + * @brief Destroys a signer_t object. * - * @param this signer_t object to destroy + * @param this calling object */ void (*destroy) (signer_t *this); }; @@ -120,7 +137,7 @@ struct signer_t { * * @param integrity_algorithm Algorithm to use for signing and verifying. * @return - * - signer_t if successfully, + * - signer_t object * - NULL if signer not supported * * @ingroup signers