Improve DHM documentation
- Rephrase file/function/parameter/enum/define/error descriptions into full
and clear sentences.
- Make sure to adhere to the Arm writing guidelines.
- Fix missing/incorrect Doxygen tags.
- Standardize terminology used within the file.
- Standardize defines documentation
GitHub PR: #1323
diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h
index 8a28ffa..b1750f1 100644
--- a/include/mbedtls/dhm.h
+++ b/include/mbedtls/dhm.h
@@ -1,10 +1,18 @@
/**
* \file dhm.h
*
- * \brief Diffie-Hellman-Merkle key exchange
+ * \brief Diffie-Hellman-Merkle key exchange.
+ *
+ * <em>RFC-3526: More Modular Exponential (MODP) Diffie-Hellman groups for
+ * Internet Key Exchange (IKE)</em> defines a number of standardized
+ * Diffie-Hellman groups for IKE.
+ *
+ * <em>RFC-5114: Additional Diffie-Hellman Groups for Use with IETF
+ * Standards</em> defines a number of standardized Diffie-Hellman
+ * groups that can be used.
*/
/*
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
@@ -19,8 +27,9 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*
- * This file is part of mbed TLS (https://tls.mbed.org)
+ * This file is part of Mbed TLS (https://tls.mbed.org)
*/
+
#ifndef MBEDTLS_DHM_H
#define MBEDTLS_DHM_H
@@ -35,7 +44,7 @@
/*
* DHM Error codes
*/
-#define MBEDTLS_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters to function. */
+#define MBEDTLS_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters. */
#define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */
#define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */
#define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */
@@ -43,22 +52,22 @@
#define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */
#define MBEDTLS_ERR_DHM_INVALID_FORMAT -0x3380 /**< The ASN.1 data is not formatted correctly. */
#define MBEDTLS_ERR_DHM_ALLOC_FAILED -0x3400 /**< Allocation of memory failed. */
-#define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read/write of file failed. */
+#define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read or write of file failed. */
#define MBEDTLS_ERR_DHM_HW_ACCEL_FAILED -0x3500 /**< DHM hardware accelerator failed. */
+
+ /* The following lists the source of the above groups in the standards:
+ * - RFC-3526 section 3: 2048-bit MODP Group
+ * - RFC-3526 section 4: 3072-bit MODP Group
+ * - RFC-3526 section 5: 4096-bit MODP Group
+ * - RFC-5114 section 2.2: 2048-bit MODP Group with 224-bit Prime Order Subgroup
+ * .
+ */
+
/**
- * RFC 3526 defines a number of standardized Diffie-Hellman groups
- * for IKE.
- * RFC 5114 defines a number of standardized Diffie-Hellman groups
- * that can be used.
- *
- * Some are included here for convenience.
- *
- * Included are:
- * RFC 3526 3. 2048-bit MODP Group
- * RFC 3526 4. 3072-bit MODP Group
- * RFC 3526 5. 4096-bit MODP Group
- * RFC 5114 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup
+ * The hexadecimal presentation of the prime underlying the 2048-bit MODP
+ * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
+ * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
*/
#define MBEDTLS_DHM_RFC3526_MODP_2048_P \
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
@@ -73,8 +82,18 @@
"DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \
"15728E5A8AACAA68FFFFFFFFFFFFFFFF"
+/**
+ * The hexadecimal presentation of the chosen generator of the 2048-bit MODP
+ * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
+ * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
+ */
#define MBEDTLS_DHM_RFC3526_MODP_2048_G "02"
+/**
+ * The hexadecimal presentation of the prime underlying the 3072-bit MODP
+ * Group, as defined in <em>RFC-3072: More Modular Exponential (MODP)
+ * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
+ */
#define MBEDTLS_DHM_RFC3526_MODP_3072_P \
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
@@ -93,8 +112,18 @@
"BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \
"43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF"
+/**
+ * The hexadecimal presentation of the chosen generator of the 3072-bit MODP
+ * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
+ * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
+ */
#define MBEDTLS_DHM_RFC3526_MODP_3072_G "02"
+/**
+ * The hexadecimal presentation of the prime underlying the 4096-bit MODP
+ * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
+ * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
+ */
#define MBEDTLS_DHM_RFC3526_MODP_4096_P \
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
@@ -119,8 +148,19 @@
"93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" \
"FFFFFFFFFFFFFFFF"
+/**
+ * The hexadecimal presentation of the chosen generator of the 4096-bit MODP
+ * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
+ * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
+ */
#define MBEDTLS_DHM_RFC3526_MODP_4096_G "02"
+/**
+ * The hexadecimal presentation of the prime underlying the
+ * 2048-bit MODP Group with 224-bit Prime Order Subgroup, as defined
+ * in <em>RFC-5114: Additional Diffie-Hellman Groups for Use with
+ * IETF Standards</em>.
+ */
#define MBEDTLS_DHM_RFC5114_MODP_2048_P \
"AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1" \
"B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" \
@@ -134,6 +174,11 @@
"C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71" \
"CF9DE5384E71B81C0AC4DFFE0C10E64F"
+/**
+ * The hexadecimal presentation of the chosen generator of the 2048-bit MODP
+ * Group with 224-bit Prime Order Subgroup, as defined in <em>RFC-5114:
+ * Additional Diffie-Hellman Groups for Use with IETF Standards</em>.
+ */
#define MBEDTLS_DHM_RFC5114_MODP_2048_G \
"AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"\
"74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"\
@@ -152,59 +197,62 @@
#endif
/**
- * \brief DHM context structure
+ * \brief The DHM context structure.
*/
typedef struct
{
- size_t len; /*!< size(P) in chars */
- mbedtls_mpi P; /*!< prime modulus */
- mbedtls_mpi G; /*!< generator */
- mbedtls_mpi X; /*!< secret value */
- mbedtls_mpi GX; /*!< self = G^X mod P */
- mbedtls_mpi GY; /*!< peer = G^Y mod P */
- mbedtls_mpi K; /*!< key = GY^X mod P */
- mbedtls_mpi RP; /*!< cached R^2 mod P */
- mbedtls_mpi Vi; /*!< blinding value */
- mbedtls_mpi Vf; /*!< un-blinding value */
- mbedtls_mpi pX; /*!< previous X */
+ size_t len; /*!< The size of \p P in Bytes. */
+ mbedtls_mpi P; /*!< The prime modulus. */
+ mbedtls_mpi G; /*!< The generator. */
+ mbedtls_mpi X; /*!< Our secret value. */
+ mbedtls_mpi GX; /*!< Our public key = \c G^X mod \c P. */
+ mbedtls_mpi GY; /*!< The public key of the peer = \c G^Y mod \c P. */
+ mbedtls_mpi K; /*!< The shared secret = \c G^(XY) mod \c P. */
+ mbedtls_mpi RP; /*!< The cached value = \c R^2 mod \c P. */
+ mbedtls_mpi Vi; /*!< The blinding value. */
+ mbedtls_mpi Vf; /*!< The unblinding value. */
+ mbedtls_mpi pX; /*!< The previous \c X. */
}
mbedtls_dhm_context;
/**
- * \brief Initialize DHM context
+ * \brief This function initializes the DHM context.
*
- * \param ctx DHM context to be initialized
+ * \param ctx The DHM context to initialize.
*/
void mbedtls_dhm_init( mbedtls_dhm_context *ctx );
/**
- * \brief Parse the ServerKeyExchange parameters
+ * \brief This function parses the ServerKeyExchange parameters.
*
- * \param ctx DHM context
- * \param p &(start of input buffer)
- * \param end end of buffer
+ * \param ctx The DHM context.
+ * \param p The start of the input buffer.
+ * \param end The end of the input buffer.
*
- * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
+ * \return \c 0 on success, or an \c MBEDTLS_ERR_DHM_XXX error code
+ * on failure.
*/
int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,
unsigned char **p,
const unsigned char *end );
/**
- * \brief Setup and write the ServerKeyExchange parameters
+ * \brief This function sets up and writes the ServerKeyExchange
+ * parameters.
*
- * \param ctx DHM context
- * \param x_size private value size in bytes
- * \param output destination buffer
- * \param olen number of chars written
- * \param f_rng RNG function
- * \param p_rng RNG parameter
+ * \param ctx The DHM context.
+ * \param x_size The private value size in Bytes.
+ * \param olen The number of characters written.
+ * \param output The destination buffer.
+ * \param f_rng The RNG function.
+ * \param p_rng The RNG parameter.
*
- * \note This function assumes that ctx->P and ctx->G
- * have already been properly set (for example
- * using mbedtls_mpi_read_string or mbedtls_mpi_read_binary).
+ * \note This function assumes that the \c ctx->P and \c ctx->G have
+ * already been properly set, for example, using
+ * mbedtls_mpi_read_string() or mbedtls_mpi_read_binary().
*
- * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
+ * \return \c 0 on success, or an \c MBEDTLS_ERR_DHM_XXX error code
+ * on failure.
*/
int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
unsigned char *output, size_t *olen,
@@ -212,28 +260,32 @@
void *p_rng );
/**
- * \brief Import the peer's public value G^Y
+ * \brief This function imports the public value G^Y of the peer.
*
- * \param ctx DHM context
- * \param input input buffer
- * \param ilen size of buffer
+ * \param ctx The DHM context.
+ * \param input The input buffer.
+ * \param ilen The size of the input buffer.
*
- * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
+ * \return \c 0 on success, or an \c MBEDTLS_ERR_DHM_XXX error code
+ * on failure.
*/
int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx,
const unsigned char *input, size_t ilen );
/**
- * \brief Create own private value X and export G^X
+ * \brief This function creates its own private value \c X and
+ * exports \c G^X.
*
- * \param ctx DHM context
- * \param x_size private value size in bytes
- * \param output destination buffer
- * \param olen must be at least equal to the size of P, ctx->len
- * \param f_rng RNG function
- * \param p_rng RNG parameter
+ * \param ctx The DHM context.
+ * \param x_size The private value size in Bytes.
+ * \param output The destination buffer.
+ * \param olen The length of the destination buffer. Must be at least
+ equal to ctx->len (the size of \c P).
+ * \param f_rng The RNG function.
+ * \param p_rng The RNG parameter.
*
- * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
+ * \return \c 0 on success, or an \c MBEDTLS_ERR_DHM_XXX error code
+ * on failure.
*/
int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,
unsigned char *output, size_t olen,
@@ -241,22 +293,24 @@
void *p_rng );
/**
- * \brief Derive and export the shared secret (G^Y)^X mod P
+ * \brief This function derives and exports the shared secret
+ * \c (G^Y)^X mod \c P.
*
- * \param ctx DHM context
- * \param output destination buffer
- * \param output_size size of the destination buffer
- * \param olen on exit, holds the actual number of bytes written
- * \param f_rng RNG function, for blinding purposes
- * \param p_rng RNG parameter
+ * \param ctx The DHM context.
+ * \param output The destination buffer.
+ * \param output_size The size of the destination buffer.
+ * \param olen On exit, holds the actual number of Bytes written.
+ * \param f_rng The RNG function, for blinding purposes.
+ * \param p_rng The RNG parameter.
*
- * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
+ * \return \c 0 on success, or an \c MBEDTLS_ERR_DHM_XXX error code
+ * on failure.
*
- * \note If non-NULL, f_rng is used to blind the input as
- * countermeasure against timing attacks. Blinding is
- * automatically used if and only if our secret value X is
- * re-used and costs nothing otherwise, so it is recommended
- * to always pass a non-NULL f_rng argument.
+ * \note If non-NULL, \p f_rng is used to blind the input as
+ * a countermeasure against timing attacks. Blinding is used
+ * only if our secret value \p X is re-used and omitted
+ * otherwise. Therefore, we recommend always passing a
+ * non-NULL \p f_rng argument.
*/
int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,
unsigned char *output, size_t output_size, size_t *olen,
@@ -264,23 +318,24 @@
void *p_rng );
/**
- * \brief Free and clear the components of a DHM key
+ * \brief This function frees and clears the components of a DHM key.
*
- * \param ctx DHM context to free and clear
+ * \param ctx The DHM context to free and clear.
*/
void mbedtls_dhm_free( mbedtls_dhm_context *ctx );
#if defined(MBEDTLS_ASN1_PARSE_C)
/** \ingroup x509_module */
/**
- * \brief Parse DHM parameters in PEM or DER format
+ * \brief This function parses DHM parameters in PEM or DER format.
*
- * \param dhm DHM context to be initialized
- * \param dhmin input buffer
- * \param dhminlen size of the buffer
- * (including the terminating null byte for PEM data)
+ * \param dhm The DHM context to initialize.
+ * \param dhmin The input buffer.
+ * \param dhminlen The size of the buffer, including the terminating null
+ * Byte for PEM data.
*
- * \return 0 if successful, or a specific DHM or PEM error code
+ * \return \c 0 on success, or a specific DHM or PEM error code
+ * on failure.
*/
int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
size_t dhminlen );
@@ -288,12 +343,13 @@
#if defined(MBEDTLS_FS_IO)
/** \ingroup x509_module */
/**
- * \brief Load and parse DHM parameters
+ * \brief This function loads and parses DHM parameters from a file.
*
- * \param dhm DHM context to be initialized
- * \param path filename to read the DHM Parameters from
+ * \param dhm The DHM context to load the parameters to.
+ * \param path The filename to read the DHM parameters from.
*
- * \return 0 if successful, or a specific DHM or PEM error code
+ * \return \c 0 on success, or a specific DHM or PEM error code
+ * on failure.
*/
int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path );
#endif /* MBEDTLS_FS_IO */
@@ -312,9 +368,9 @@
#endif
/**
- * \brief Checkup routine
+ * \brief The DMH checkup routine.
*
- * \return 0 if successful, or 1 if the test failed
+ * \return \c 0 on success, or \c 1 on failure.
*/
int mbedtls_dhm_self_test( int verbose );
diff --git a/library/error.c b/library/error.c
index f602686..d9ad638 100644
--- a/library/error.c
+++ b/library/error.c
@@ -227,7 +227,7 @@
#if defined(MBEDTLS_DHM_C)
if( use_ret == -(MBEDTLS_ERR_DHM_BAD_INPUT_DATA) )
- mbedtls_snprintf( buf, buflen, "DHM - Bad input parameters to function" );
+ mbedtls_snprintf( buf, buflen, "DHM - Bad input parameters" );
if( use_ret == -(MBEDTLS_ERR_DHM_READ_PARAMS_FAILED) )
mbedtls_snprintf( buf, buflen, "DHM - Reading of the DHM parameters failed" );
if( use_ret == -(MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED) )
@@ -243,7 +243,7 @@
if( use_ret == -(MBEDTLS_ERR_DHM_ALLOC_FAILED) )
mbedtls_snprintf( buf, buflen, "DHM - Allocation of memory failed" );
if( use_ret == -(MBEDTLS_ERR_DHM_FILE_IO_ERROR) )
- mbedtls_snprintf( buf, buflen, "DHM - Read/write of file failed" );
+ mbedtls_snprintf( buf, buflen, "DHM - Read or write of file failed" );
if( use_ret == -(MBEDTLS_ERR_DHM_HW_ACCEL_FAILED) )
mbedtls_snprintf( buf, buflen, "DHM - DHM hardware accelerator failed" );
#endif /* MBEDTLS_DHM_C */