- Cleaned up header documentation
diff --git a/include/polarssl/bignum.h b/include/polarssl/bignum.h
index d02520d..a635f26 100644
--- a/include/polarssl/bignum.h
+++ b/include/polarssl/bignum.h
@@ -90,6 +90,9 @@
/**
* \brief Enlarge to the specified number of limbs
*
+ * \param X MPI to grow
+ * \param nblimbs The target number of limbs
+ *
* \return 0 if successful,
* 1 if memory allocation failed
*/
@@ -98,6 +101,9 @@
/**
* \brief Copy the contents of Y into X
*
+ * \param X Destination MPI
+ * \param Y Source MPI
+ *
* \return 0 if successful,
* 1 if memory allocation failed
*/
@@ -105,12 +111,18 @@
/**
* \brief Swap the contents of X and Y
+ *
+ * \param X First MPI value
+ * \param Y Second MPI value
*/
void mpi_swap( mpi *X, mpi *Y );
/**
* \brief Set value from integer
*
+ * \param X MPI to set
+ * \param z Value to use
+ *
* \return 0 if successful,
* 1 if memory allocation failed
*/
@@ -118,25 +130,31 @@
/**
* \brief Return the number of least significant bits
+ *
+ * \param X MPI to use
*/
int mpi_lsb( mpi *X );
/**
* \brief Return the number of most significant bits
+ *
+ * \param X MPI to use
*/
int mpi_msb( mpi *X );
/**
* \brief Return the total size in bytes
+ *
+ * \param X MPI to use
*/
int mpi_size( mpi *X );
/**
* \brief Import from an ASCII string
*
- * \param X destination mpi
- * \param radix input numeric base
- * \param s null-terminated string buffer
+ * \param X Destination MPI
+ * \param radix Input numeric base
+ * \param s Null-terminated string buffer
*
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code
*/
@@ -145,10 +163,10 @@
/**
* \brief Export into an ASCII string
*
- * \param X source mpi
- * \param radix output numeric base
- * \param s string buffer
- * \param slen string buffer size
+ * \param X Source MPI
+ * \param radix Output numeric base
+ * \param s String buffer
+ * \param slen String buffer size
*
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code
*
@@ -160,21 +178,21 @@
/**
* \brief Read X from an opened file
*
- * \param X destination mpi
- * \param radix input numeric base
- * \param fin input file handle
+ * \param X Destination MPI
+ * \param radix Input numeric base
+ * \param fin Input file handle
*
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code
*/
int mpi_read_file( mpi *X, int radix, FILE *fin );
/**
- * \brief Write X into an opened file, or stdout
+ * \brief Write X into an opened file, or stdout if fout is NULL
*
- * \param p prefix, can be NULL
- * \param X source mpi
- * \param radix output numeric base
- * \param fout output file handle
+ * \param p Prefix, can be NULL
+ * \param X Source MPI
+ * \param radix Output numeric base
+ * \param fout Output file handle (can be NULL)
*
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code
*
@@ -185,9 +203,9 @@
/**
* \brief Import X from unsigned binary data, big endian
*
- * \param X destination mpi
- * \param buf input buffer
- * \param buflen input buffer size
+ * \param X Destination MPI
+ * \param buf Input buffer
+ * \param buflen Input buffer size
*
* \return 0 if successful,
* 1 if memory allocation failed
@@ -197,21 +215,21 @@
/**
* \brief Export X into unsigned binary data, big endian
*
- * \param X source mpi
- * \param buf output buffer
- * \param buflen output buffer size
+ * \param X Source MPI
+ * \param buf Output buffer
+ * \param buflen Output buffer size
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough
- *
- * \note Call this function with *buflen = 0 to obtain the
- * minimum required buffer size in *buflen.
*/
int mpi_write_binary( mpi *X, unsigned char *buf, int buflen );
/**
* \brief Left-shift: X <<= count
*
+ * \param X MPI to shift
+ * \param count Amount to shift
+ *
* \return 0 if successful,
* 1 if memory allocation failed
*/
@@ -220,6 +238,9 @@
/**
* \brief Right-shift: X >>= count
*
+ * \param X MPI to shift
+ * \param count Amount to shift
+ *
* \return 0 if successful,
* 1 if memory allocation failed
*/
@@ -228,6 +249,9 @@
/**
* \brief Compare unsigned values
*
+ * \param X Left-hand MPI
+ * \param Y Right-hand MPI
+ *
* \return 1 if |X| is greater than |Y|,
* -1 if |X| is lesser than |Y| or
* 0 if |X| is equal to |Y|
@@ -237,6 +261,9 @@
/**
* \brief Compare signed values
*
+ * \param X Left-hand MPI
+ * \param Y Right-hand MPI
+ *
* \return 1 if X is greater than Y,
* -1 if X is lesser than Y or
* 0 if X is equal to Y
@@ -246,6 +273,9 @@
/**
* \brief Compare signed values
*
+ * \param X Left-hand MPI
+ * \param z The integer value to compare to
+ *
* \return 1 if X is greater than z,
* -1 if X is lesser than z or
* 0 if X is equal to z
@@ -255,6 +285,10 @@
/**
* \brief Unsigned addition: X = |A| + |B|
*
+ * \param X Destination MPI
+ * \param A Left-hand MPI
+ * \param B Right-hand MPI
+ *
* \return 0 if successful,
* 1 if memory allocation failed
*/
@@ -263,6 +297,10 @@
/**
* \brief Unsigned substraction: X = |A| - |B|
*
+ * \param X Destination MPI
+ * \param A Left-hand MPI
+ * \param B Right-hand MPI
+ *
* \return 0 if successful,
* POLARSSL_ERR_MPI_NEGATIVE_VALUE if B is greater than A
*/
@@ -271,6 +309,10 @@
/**
* \brief Signed addition: X = A + B
*
+ * \param X Destination MPI
+ * \param A Left-hand MPI
+ * \param B Right-hand MPI
+ *
* \return 0 if successful,
* 1 if memory allocation failed
*/
@@ -279,6 +321,10 @@
/**
* \brief Signed substraction: X = A - B
*
+ * \param X Destination MPI
+ * \param A Left-hand MPI
+ * \param B Right-hand MPI
+ *
* \return 0 if successful,
* 1 if memory allocation failed
*/
@@ -287,6 +333,10 @@
/**
* \brief Signed addition: X = A + b
*
+ * \param X Destination MPI
+ * \param A Left-hand MPI
+ * \param b The integer value to add
+ *
* \return 0 if successful,
* 1 if memory allocation failed
*/
@@ -295,6 +345,10 @@
/**
* \brief Signed substraction: X = A - b
*
+ * \param X Destination MPI
+ * \param A Left-hand MPI
+ * \param b The integer value to subtract
+ *
* \return 0 if successful,
* 1 if memory allocation failed
*/
@@ -303,6 +357,10 @@
/**
* \brief Baseline multiplication: X = A * B
*
+ * \param X Destination MPI
+ * \param A Left-hand MPI
+ * \param B Right-hand MPI
+ *
* \return 0 if successful,
* 1 if memory allocation failed
*/
@@ -313,6 +371,10 @@
* Note: b is an unsigned integer type, thus
* Negative values of b are ignored.
*
+ * \param X Destination MPI
+ * \param A Left-hand MPI
+ * \param b The integer value to multiply with
+ *
* \return 0 if successful,
* 1 if memory allocation failed
*/
@@ -321,6 +383,11 @@
/**
* \brief Division by mpi: A = Q * B + R
*
+ * \param Q Destination MPI for the quotient
+ * \param R Destination MPI for the rest value
+ * \param A Left-hand MPI
+ * \param B Right-hand MPI
+ *
* \return 0 if successful,
* 1 if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0
@@ -332,6 +399,11 @@
/**
* \brief Division by int: A = Q * b + R
*
+ * \param Q Destination MPI for the quotient
+ * \param R Destination MPI for the rest value
+ * \param A Left-hand MPI
+ * \param b Integer to divide by
+ *
* \return 0 if successful,
* 1 if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0
@@ -343,6 +415,10 @@
/**
* \brief Modulo: R = A mod B
*
+ * \param R Destination MPI for the rest value
+ * \param A Left-hand MPI
+ * \param B Right-hand MPI
+ *
* \return 0 if successful,
* 1 if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0,
@@ -353,6 +429,10 @@
/**
* \brief Modulo: r = A mod b
*
+ * \param a Destination t_int
+ * \param A Left-hand MPI
+ * \param b Integer to divide by
+ *
* \return 0 if successful,
* 1 if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0,
@@ -363,6 +443,12 @@
/**
* \brief Sliding-window exponentiation: X = A^E mod N
*
+ * \param X Destination MPI
+ * \param A Left-hand MPI
+ * \param E Exponent MPI
+ * \param N Modular MPI
+ * \param _RR Speed-up MPI used for recalculations
+ *
* \return 0 if successful,
* 1 if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or even
@@ -376,6 +462,10 @@
/**
* \brief Greatest common divisor: G = gcd(A, B)
*
+ * \param G Destination MPI
+ * \param A Left-hand MPI
+ * \param B Right-hand MPI
+ *
* \return 0 if successful,
* 1 if memory allocation failed
*/
@@ -384,16 +474,24 @@
/**
* \brief Modular inverse: X = A^-1 mod N
*
+ * \param X Destination MPI
+ * \param A Left-hand MPI
+ * \param N Right-hand MPI
+ *
* \return 0 if successful,
* 1 if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or nil
- * POLARSSL_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N
+ POLARSSL_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N
*/
int mpi_inv_mod( mpi *X, mpi *A, mpi *N );
/**
* \brief Miller-Rabin primality test
*
+ * \param X MPI to check
+ * \param f_rng RNG function
+ * \param p_rng RNG parameter
+ *
* \return 0 if successful (probably prime),
* 1 if memory allocation failed,
* POLARSSL_ERR_MPI_NOT_ACCEPTABLE if X is not prime
@@ -403,9 +501,9 @@
/**
* \brief Prime number generation
*
- * \param X destination mpi
- * \param nbits required size of X in bits
- * \param dh_flag if 1, then (X-1)/2 will be prime too
+ * \param X Destination MPI
+ * \param nbits Required size of X in bits
+ * \param dh_flag If 1, then (X-1)/2 will be prime too
* \param f_rng RNG function
* \param p_rng RNG parameter
*
diff --git a/include/polarssl/config.h b/include/polarssl/config.h
index 329b53d..785e54c 100644
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@@ -130,9 +130,12 @@
/*
* Module: library/camellia.c
- * Caller:
+ * Caller: library/ssl_tls.c
*
* This module enabled the following cipher suites:
+ * SSL_RSA_CAMELLIA_128_SHA
+ * SSL_RSA_CAMELLIA_256_SHA
+ * SSL_EDH_RSA_CAMELLIA_256_SHA
*/
#define POLARSSL_CAMELLIA_C
@@ -172,6 +175,7 @@
* This module enables the following ciphersuites:
* SSL_EDH_RSA_DES_168_SHA
* SSL_EDH_RSA_AES_256_SHA
+ * SSL_EDH_RSA_CAMELLIA_256_SHA
*/
#define POLARSSL_DHM_C
@@ -189,8 +193,8 @@
*
* Uncomment to enable support for (rare) MD2-signed X.509 certs.
*
-#define POLARSSL_MD2_C
*/
+#define POLARSSL_MD2_C
/*
* Module: library/md4.c
@@ -198,8 +202,8 @@
*
* Uncomment to enable support for (rare) MD4-signed X.509 certs.
*
-#define POLARSSL_MD4_C
*/
+#define POLARSSL_MD4_C
/*
* Module: library/md5.c
diff --git a/include/polarssl/havege.h b/include/polarssl/havege.h
index 1f6daa2..6ac2039 100644
--- a/include/polarssl/havege.h
+++ b/include/polarssl/havege.h
@@ -49,7 +49,7 @@
/**
* \brief HAVEGE rand function
*
- * \param rng_st points to an HAVEGE state
+ * \param p_rng A HAVEGE state
*
* \return A random int
*/
diff --git a/include/polarssl/net.h b/include/polarssl/net.h
index d07f0e3..f6a28af 100644
--- a/include/polarssl/net.h
+++ b/include/polarssl/net.h
@@ -40,6 +40,10 @@
/**
* \brief Initiate a TCP connection with host:port
*
+ * \param fd Socket to use
+ * \param host Host to connect to
+ * \param port Port to connect to
+ *
* \return 0 if successful, or one of:
* POLARSSL_ERR_NET_SOCKET_FAILED,
* POLARSSL_ERR_NET_UNKNOWN_HOST,
@@ -51,6 +55,10 @@
* \brief Create a listening socket on bind_ip:port.
* If bind_ip == NULL, all interfaces are binded.
*
+ * \param fd Socket to use
+ * \param bind_ip IP to bind to, can be NULL
+ * \param port Port number to use
+ *
* \return 0 if successful, or one of:
* POLARSSL_ERR_NET_SOCKET_FAILED,
* POLARSSL_ERR_NET_BIND_FAILED,
@@ -59,17 +67,23 @@
int net_bind( int *fd, char *bind_ip, int port );
/**
- * \brief Accept a connection from a remote client
+ * \brief Accept a connection from a remote client
*
- * \return 0 if successful, POLARSSL_ERR_NET_ACCEPT_FAILED, or
- * POLARSSL_ERR_NET_WOULD_BLOCK is bind_fd was set to
- * non-blocking and accept() is blocking.
+ * \param bind_fd Relevant socket
+ * \param client_fd Will contain the connected client socket
+ * \param client_ip Will contain the client IP address
+ *
+ * \return 0 if successful, POLARSSL_ERR_NET_ACCEPT_FAILED, or
+ * POLARSSL_ERR_NET_WOULD_BLOCK is bind_fd was set to
+ * non-blocking and accept() is blocking.
*/
int net_accept( int bind_fd, int *client_fd, void *client_ip );
/**
* \brief Set the socket blocking
*
+ * \param fd Socket to set
+ *
* \return 0 if successful, or a non-zero error code
*/
int net_set_block( int fd );
@@ -77,6 +91,8 @@
/**
* \brief Set the socket non-blocking
*
+ * \param fd Socket to set
+ *
* \return 0 if successful, or a non-zero error code
*/
int net_set_nonblock( int fd );
@@ -84,33 +100,45 @@
/**
* \brief Portable usleep helper
*
+ * \param usec Amount of microseconds to sleep
+ *
* \note Real amount of time slept will not be less than
* select()'s timeout granularity (typically, 10ms).
*/
void net_usleep( unsigned long usec );
/**
- * \brief Read at most 'len' characters. len is updated to
- * reflect the actual number of characters read.
+ * \brief Read at most 'len' characters. If no error occurs,
+ * the actual amount read is returned.
+ *
+ * \param ctx Socket
+ * \param buf The buffer to write to
+ * \param len Maximum length of the buffer
*
* \return This function returns the number of bytes received,
- * or a negative error code; POLARSSL_ERR_NET_TRY_AGAIN
+ * or a non-zero error code; POLARSSL_ERR_NET_TRY_AGAIN
* indicates read() is blocking.
*/
int net_recv( void *ctx, unsigned char *buf, int len );
/**
- * \brief Write at most 'len' characters. len is updated to
- * reflect the number of characters _not_ written.
+ * \brief Write at most 'len' characters. If no error occurs,
+ * the actual amount read is returned.
+ *
+ * \param ctx Socket
+ * \param buf The buffer to write to
+ * \param len Maximum length of the buffer
*
* \return This function returns the number of bytes sent,
- * or a negative error code; POLARSSL_ERR_NET_TRY_AGAIN
+ * or a non-zero error code; POLARSSL_ERR_NET_TRY_AGAIN
* indicates write() is blocking.
*/
int net_send( void *ctx, unsigned char *buf, int len );
/**
* \brief Gracefully shutdown the connection
+ *
+ * \param fd The socket to close
*/
void net_close( int fd );
diff --git a/include/polarssl/padlock.h b/include/polarssl/padlock.h
index 692b792..fc8941c 100644
--- a/include/polarssl/padlock.h
+++ b/include/polarssl/padlock.h
@@ -44,6 +44,8 @@
/**
* \brief PadLock detection routine
*
+ * \param The feature to detect
+ *
* \return 1 if CPU has support for the feature, 0 otherwise
*/
int padlock_supports( int feature );
diff --git a/include/polarssl/rsa.h b/include/polarssl/rsa.h
index 49a04b3..2e8e40c 100644
--- a/include/polarssl/rsa.h
+++ b/include/polarssl/rsa.h
@@ -24,6 +24,9 @@
#include "polarssl/bignum.h"
+/*
+ * RSA Error codes
+ */
#define POLARSSL_ERR_RSA_BAD_INPUT_DATA 0x0400
#define POLARSSL_ERR_RSA_INVALID_PADDING 0x0410
#define POLARSSL_ERR_RSA_KEY_GEN_FAILED 0x0420
@@ -56,27 +59,27 @@
#define RSA_CRYPT 2
#define ASN1_STR_CONSTRUCTED_SEQUENCE "\x30"
-#define ASN1_STR_NULL "\x05"
-#define ASN1_STR_OID "\x06"
-#define ASN1_STR_OCTET_STRING "\x04"
+#define ASN1_STR_NULL "\x05"
+#define ASN1_STR_OID "\x06"
+#define ASN1_STR_OCTET_STRING "\x04"
-#define OID_DIGEST_ALG_MDX "\x2A\x86\x48\x86\xF7\x0D\x02\x00"
-#define OID_HASH_ALG_SHA1 "\x2b\x0e\x03\x02\x1a"
-#define OID_HASH_ALG_SHA2X "\x60\x86\x48\x01\x65\x03\x04\x02\x00"
+#define OID_DIGEST_ALG_MDX "\x2A\x86\x48\x86\xF7\x0D\x02\x00"
+#define OID_HASH_ALG_SHA1 "\x2b\x0e\x03\x02\x1a"
+#define OID_HASH_ALG_SHA2X "\x60\x86\x48\x01\x65\x03\x04\x02\x00"
-#define OID_ISO_MEMBER_BODIES "\x2a"
-#define OID_ISO_IDENTIFIED_ORG "\x2b"
+#define OID_ISO_MEMBER_BODIES "\x2a"
+#define OID_ISO_IDENTIFIED_ORG "\x2b"
/*
* ISO Member bodies OID parts
*/
-#define OID_COUNTRY_US "\x86\x48"
-#define OID_RSA_DATA_SECURITY "\x86\xf7\x0d"
+#define OID_COUNTRY_US "\x86\x48"
+#define OID_RSA_DATA_SECURITY "\x86\xf7\x0d"
/*
* ISO Identified organization OID parts
*/
-#define OID_OIW_SECSIG_SHA1 "\x0e\x03\x02\x1a"
+#define OID_OIW_SECSIG_SHA1 "\x0e\x03\x02\x1a"
/*
* DigestInfo ::= SEQUENCE {
@@ -87,30 +90,30 @@
*
* Digest ::= OCTET STRING
*/
-#define ASN1_HASH_MDX \
-( \
+#define ASN1_HASH_MDX \
+( \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x20" \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x0C" \
- ASN1_STR_OID "\x08" \
- OID_DIGEST_ALG_MDX \
- ASN1_STR_NULL "\x00" \
- ASN1_STR_OCTET_STRING "\x10" \
+ ASN1_STR_OID "\x08" \
+ OID_DIGEST_ALG_MDX \
+ ASN1_STR_NULL "\x00" \
+ ASN1_STR_OCTET_STRING "\x10" \
)
-#define ASN1_HASH_SHA1 \
+#define ASN1_HASH_SHA1 \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x21" \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x09" \
- ASN1_STR_OID "\x05" \
- OID_HASH_ALG_SHA1 \
- ASN1_STR_NULL "\x00" \
+ ASN1_STR_OID "\x05" \
+ OID_HASH_ALG_SHA1 \
+ ASN1_STR_NULL "\x00" \
ASN1_STR_OCTET_STRING "\x14"
-#define ASN1_HASH_SHA2X \
+#define ASN1_HASH_SHA2X \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x11" \
ASN1_STR_CONSTRUCTED_SEQUENCE "\x0d" \
- ASN1_STR_OID "\x09" \
- OID_HASH_ALG_SHA2X \
- ASN1_STR_NULL "\x00" \
+ ASN1_STR_OID "\x09" \
+ OID_HASH_ALG_SHA2X \
+ ASN1_STR_NULL "\x00" \
ASN1_STR_OCTET_STRING "\x00"
/**
@@ -274,7 +277,7 @@
int mode, int *olen,
unsigned char *input,
unsigned char *output,
- int output_max_len);
+ int output_max_len );
/**
* \brief Do a private RSA to sign a message digest
@@ -324,6 +327,8 @@
/**
* \brief Free the components of an RSA key
+ *
+ * \param ctx RSA Context to free
*/
void rsa_free( rsa_context *ctx );
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 313d125..0b4dae8 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -31,6 +31,9 @@
#include "polarssl/sha1.h"
#include "polarssl/x509.h"
+/*
+ * SSL Error codes
+ */
#define POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE 0x1000
#define POLARSSL_ERR_SSL_BAD_INPUT_DATA 0x1800
#define POLARSSL_ERR_SSL_INVALID_MAC 0x2000
@@ -94,8 +97,8 @@
#define SSL_RSA_AES_256_SHA 53
#define SSL_EDH_RSA_AES_256_SHA 57
-#define SSL_RSA_CAMELLIA_128_SHA 0x41
-#define SSL_RSA_CAMELLIA_256_SHA 0x84
+#define SSL_RSA_CAMELLIA_128_SHA 0x41
+#define SSL_RSA_CAMELLIA_256_SHA 0x84
#define SSL_EDH_RSA_CAMELLIA_256_SHA 0x88
/*
@@ -502,11 +505,15 @@
/**
* \brief Notify the peer that the connection is being closed
+ *
+ * \param ssl SSL context
*/
int ssl_close_notify( ssl_context *ssl );
/**
* \brief Free an SSL context
+ *
+ * \param ssl SSL context
*/
void ssl_free( ssl_context *ssl );
diff --git a/include/polarssl/timing.h b/include/polarssl/timing.h
index 1bc7351..203ee9a 100644
--- a/include/polarssl/timing.h
+++ b/include/polarssl/timing.h
@@ -58,6 +58,8 @@
/**
* \brief Sleep for a certain amount of time
+ *
+ * \param Delay in milliseconds
*/
void m_sleep( int milliseconds );
diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h
index 1215e79..2f6d9c9 100644
--- a/include/polarssl/x509.h
+++ b/include/polarssl/x509.h
@@ -24,12 +24,21 @@
#include "polarssl/rsa.h"
+/*
+ * ASN1 Error codes
+ *
+ * These error codes will be OR'ed to X509 error codes for
+ * higher error granularity.
+ */
#define POLARSSL_ERR_ASN1_OUT_OF_DATA 0x0014
#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG 0x0016
#define POLARSSL_ERR_ASN1_INVALID_LENGTH 0x0018
#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH 0x001A
#define POLARSSL_ERR_ASN1_INVALID_DATA 0x001C
+/*
+ * X509 Error codes
+ */
#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE 0x0020
#define POLARSSL_ERR_X509_CERT_INVALID_PEM 0x0040
#define POLARSSL_ERR_X509_CERT_INVALID_FORMAT 0x0060
@@ -56,6 +65,9 @@
#define POLARSSL_ERR_X509_POINT_ERROR 0x0300
#define POLARSSL_ERR_X509_VALUE_TO_LENGTH 0x0320
+/*
+ * X509 Verify codes
+ */
#define BADCERT_EXPIRED 1
#define BADCERT_REVOKED 2
#define BADCERT_CN_MISMATCH 4
@@ -321,23 +333,51 @@
/**
* \brief Store the certificate DN in printable form into buf;
* no more than size characters will be written.
+ *
+ * \param buf Buffer to write to
+ * \param size Maximum size of buffer
+ * \param dn The X509 name to represent
+ *
+ * \return The amount of data written to the buffer, or -1 in
+ * case of an error.
*/
int x509parse_dn_gets( char *buf, size_t size, x509_name *dn );
/**
* \brief Returns an informational string about the
* certificate.
+ *
+ * \param buf Buffer to write to
+ * \param size Maximum size of buffer
+ * \param prefix A line prefix
+ * \param crt The X509 certificate to represent
+ *
+ * \return The amount of data written to the buffer, or -1 in
+ * case of an error.
*/
int x509parse_cert_info( char *buf, size_t size, char *prefix, x509_cert *crt );
/**
* \brief Returns an informational string about the
* CRL.
+ *
+ * \param buf Buffer to write to
+ * \param size Maximum size of buffer
+ * \param prefix A line prefix
+ * \param crt The X509 CRL to represent
+ *
+ * \return The amount of data written to the buffer, or -1 in
+ * case of an error.
*/
int x509parse_crl_info( char *buf, size_t size, char *prefix, x509_crl *crl );
/**
- * \brief Return 0 if the x509_time is still valid,
+ * \brief Check a given x509_time against the system time and check
+ * if it is valid.
+ *
+ * \param time x509_time to check
+ *
+ * \return Return 0 if the x509_time is still valid,
* or 1 otherwise.
*/
int x509parse_time_expired( x509_time *time );
@@ -369,11 +409,15 @@
/**
* \brief Unallocate all certificate data
+ *
+ * \param crt Certificate chain to free
*/
void x509_free( x509_cert *crt );
/**
* \brief Unallocate all CRL data
+ *
+ * \param crt CRL chain to free
*/
void x509_crl_free( x509_crl *crl );
