[hipl-dev] [Branch ~hipl-core/hipl/ecc] Rev 5355: Merged trunk revision 5522.
- From: noreply@xxxxxxxxxxxxx
- To: HIPL core team <hipl-dev@xxxxxxxxxxxxx>
- Date: Sat, 15 Jan 2011 11:06:30 -0000
Merge authors:
Henrik Ziegeldorf (henrik-ziegeldorf)
Stefan Götz (stefan.goetz)
------------------------------------------------------------
revno: 5355 [merge]
committer: Henrik Ziegeldorf <henrik.ziegeldorf@xxxxxxxxxxxxxx>
branch nick: ecc
timestamp: Sat 2011-01-15 12:05:10 +0100
message:
Merged trunk revision 5522.
Refactored function hip_get_ecdsa_public_key to fit new way of memory
handling in hip_get_public_key and hip_add_host_id.
modified:
doc/HACKING
firewall/rule_management.c
hipd/hidb.c
--
lp:~hipl-core/hipl/ecc
https://code.launchpad.net/~hipl-core/hipl/ecc
Your team HIPL core team is subscribed to branch lp:~hipl-core/hipl/ecc.
To unsubscribe from this branch go to
https://code.launchpad.net/~hipl-core/hipl/ecc/+edit-subscription
=== modified file 'doc/HACKING'
--- doc/HACKING 2011-01-13 09:37:30 +0000
+++ doc/HACKING 2011-01-15 09:14:09 +0000
@@ -147,6 +147,10 @@
[DEFAULT]
BZR_EDITOR = nano
+NOTE: To support code quality and style, please use the stylecheck pre-commit
+hook found in tools/bazaar/plugins/stylecheck.py - this script contains its own
+documentation, including how to set it up. See also 'Style Checking'.
+
TBD: further useful commands
bzr conflicts/resolve
@@ -450,6 +454,10 @@
C code formatting and style:
----------------------------
+NOTE: As a tool to help with good style, please use the stylecheck pre-commit
+hook found in tools/bazaar/plugins/stylecheck.py - this script contains its own
+documentation, including how to set it up. See also 'Style Checking'.
+
This project uses the Kernighan & Ritchie (K&R) coding style in the
one true brace style (1TBS) variant. Indentation width is four
spaces.
@@ -558,6 +566,50 @@
}
+Style Checking
+--------------
+
+As a tool to help with good style, please use the stylecheck pre-commit
+hook found in tools/bazaar/plugins/stylecheck.py - this script contains its own
+documentation, including how to set it up.
+
+You are strongly recommended to use this hook based on the code beautification
+uncrustify because it gets things right almost all the time. This means that:
+1) At the time of this writing, only the syntactically confusing macros in the
+unit test code are not handled correctly by uncrustify. So you can and should
+throw all code at uncrustify (via the commit hook) to have it checked.
+2) uncrustify produces very good results and you can trust them. At the time of
+this writing, the only issue is with the alignment of consecutive variable
+declarations and initializations (where uncrustify might accidentally align
+unrelated code or not align related code). Obviously, it never hurts to check
+the uncrustify output.
+
+If the above style recommendations are unclear about a topic, you should trust
+the style decisions that uncrustify takes.
+
+The style rules used by uncrustify can be found in the .uncrustify*.cfg files
in
+the top-level directory of a branch. If these rules need to be changed, please
+make sure that
+0) other developers are okay with the change in code style;
+1) the modified rules have no undesirable side-effects across the code base
+ (always test new rules with the whole code base);
+2) all .uncrustify*.cfg files are modified and the rules remain consistent.
+
+The rationale for introducing and using the uncrustify-based pre-commit hook
has
+been derived from the HIPL development process. The fundamental problem is that
+poor style ties up resources and precious time. How? Well, first of all, it can
+be difficult to get code style right manually. Thus, a lot of commits and merge
+proposals can contain varying amounts of style violations of varying severity.
+Consequently, code reviewers are forced to look out for and comment on style
+violations and thus have less time to focus on a meaningful semantic review,
+spotting actual bugs or defects. And having to spend this time on these minor,
+non-functional issues creates friction both for the reviewers and the original
+authors.
+
+Thus, checking and enforcing style automatically may not always produce the
+perfect result but it frees valuable developer time for more important tasks.
+
+
CODING CONVENTIONS
==================
=== modified file 'firewall/rule_management.c'
--- firewall/rule_management.c 2011-01-14 16:59:25 +0000
+++ firewall/rule_management.c 2011-01-15 11:05:10 +0000
@@ -379,7 +379,6 @@
return option;
}
-
/**
* Load an RSA public key from a file and convert it into a hip_host_id.
*
@@ -388,7 +387,7 @@
*
* @return 0 on success, negative on error
*/
-static int load_rsa_file(FILE *fp, struct hip_host_id *hi)
+static int load_rsa_file(FILE *fp, struct hip_host_id *const hi)
{
int err = 0;
RSA *rsa = NULL;
@@ -422,7 +421,7 @@
*
* @return 0 on success, negative on error
*/
-static int load_dsa_file(FILE *fp, struct hip_host_id *hi)
+static int load_dsa_file(FILE *fp, struct hip_host_id *const hi)
{
int err = 0;
DSA *dsa = NULL;
@@ -459,10 +458,10 @@
*/
static int load_ecdsa_file(FILE *fp, struct hip_host_id *const hi)
{
- int err = 0;
- EC_KEY *ecdsa = NULL;
+ int err = 0;
+ EC_KEY *ecdsa = NULL;
unsigned char *ecdsa_key_rr = NULL;
- int ecdsa_key_rr_len;
+ int ecdsa_key_rr_len;
HIP_IFEL(!hi, -1, "Cannot write return value, because passed hi is
NULL\n");
=== modified file 'hipd/hidb.c'
--- hipd/hidb.c 2011-01-14 16:33:24 +0000
+++ hipd/hidb.c 2011-01-15 11:05:10 +0000
@@ -75,127 +75,124 @@
* @param host_id the host identifier with its private key component
* @return An allocated hip_host_id structure. Caller must deallocate.
*/
-static struct hip_host_id *hip_get_ecdsa_public_key(const struct
hip_host_id_priv *const host_id)
+static int hip_get_ecdsa_public_key(const struct hip_host_id_priv *const
host_id, struct hip_host_id *const ret)
{
- int err = 0;
+ int err = 0;
struct hip_ecdsa_keylen key_lens;
- struct hip_host_id *host_id_pub;
HIP_IFEL(hip_get_ecdsa_keylen(host_id, &key_lens),
-1, "Failed computing key sizes.\n");
- HIP_IFEL(!(host_id_pub = (struct hip_host_id *) malloc(sizeof(struct
hip_host_id))),
- -ENOMEM, "Could not allocate memory for hip_host_id\n");
-
/* copy the header (header size is the whole struct without the key and
the hostname)*/
- memcpy(host_id_pub, host_id, sizeof(struct hip_host_id) -
sizeof(host_id_pub->key) - sizeof(host_id_pub->hostname));
+ memcpy(ret, host_id, sizeof(struct hip_host_id) - sizeof(ret->key) -
sizeof(ret->hostname));
/* copy the key rr
* the size of the key rr has the size of the public key + 2 bytes for the
curve identifier (see RFC5201-bis 5.2.8.)*/
- memcpy(host_id_pub->key, host_id->key, key_lens.Y_len +
HIP_CURVE_ID_LENGTH);
+ memcpy(ret->key, host_id->key, key_lens.Y_len + HIP_CURVE_ID_LENGTH);
/* set the hi length
* the hi length is the length of the key rr data + the key rr header */
- host_id_pub->hi_length = htons(key_lens.Y_len + HIP_CURVE_ID_LENGTH +
sizeof(struct hip_host_id_key_rdata));
+ ret->hi_length = htons(key_lens.Y_len + HIP_CURVE_ID_LENGTH +
sizeof(struct hip_host_id_key_rdata));
- hip_set_param_contents_len((struct hip_tlv_common *) host_id_pub,
+ hip_set_param_contents_len((struct hip_tlv_common *) ret,
sizeof(struct hip_host_id) - sizeof(struct
hip_tlv_common));
- return host_id_pub;
-
out_err:
- free(host_id_pub);
- return NULL;
+ return err;
}
-
/**
* Strips a DSA public key out of a host id with private key component
*
- * @param hi the host identifier with its private key component
- * @return An allocated hip_host_id structure. Caller must deallocate.
+ * @param hi the host identifier with its private key component
+ * @param ret a pointer to an allocated host identity struct
+ * in which the public host identity will be returned
+ *
+ * @return 0 on success, negative on error (if the T-value is invalid)
*/
-static struct hip_host_id *hip_get_dsa_public_key(const struct
hip_host_id_priv *const hi)
+static int hip_get_dsa_public_key(const struct hip_host_id_priv *const hi,
struct hip_host_id *const ret)
{
int key_len;
/* T could easily have been an int, since the compiler will
* probably add 3 alignment bytes here anyway. */
- uint8_t T;
- uint16_t temp;
- struct hip_host_id *ret;
+ uint8_t T;
+ uint16_t temp;
/* check T, Miika won't like this */
T = *((const uint8_t *) (hi->key));
if (T > 8) {
HIP_ERROR("Invalid T-value in DSA key (0x%x)\n", T);
- return NULL;
+ return -1;
}
if (T != 8) {
HIP_DEBUG("T-value in DSA-key not 8 (0x%x)!\n", T);
}
key_len = 64 + (T * 8);
- ret = calloc(1, sizeof(struct hip_host_id));
/* Copy the header and key_rr header */
memcpy(ret, hi, sizeof(struct hip_host_id) - sizeof(ret->key) -
sizeof(ret->hostname));
/* the secret component of the DSA key is always 20 bytes */
- temp = ntohs(hi->hi_length) - DSA_PRIV;
+ temp = ntohs(hi->hi_length) - DSA_PRIV;
memcpy(ret->key, hi->key, temp);
ret->hi_length = htons(temp);
memcpy(ret->hostname, hi->hostname, sizeof(ret->hostname));
ret->length = htons(sizeof(struct hip_host_id));
- return ret;
+ return 0;
}
/**
* Strips the RSA public key from a Host Identity
*
- * @param tmp a pointer to a Host Identity.
- * @return A pointer to a newly allocated host identity with only the
public key.
- * Caller deallocates.
+ * @param hi a pointer to a Host Identity.
+ * @param ret a pointer to an allocated host identity struct
+ * in which the public host identity will be returned
+ *
+ * @return 0
+ *
+ * @note the function returns an int (always 0) in order to be
+ * compatible with hip_get_rsa_public_key, resp. hip_get_public_key.
*/
-static struct hip_host_id *hip_get_rsa_public_key(const struct
hip_host_id_priv *const tmp)
+static int hip_get_rsa_public_key(const struct hip_host_id_priv *const hi,
struct hip_host_id *const ret)
{
int rsa_pub_len;
struct hip_rsa_keylen keylen;
- struct hip_host_id *ret;
/** @todo check some value in the RSA key? */
- hip_get_rsa_keylen(tmp, &keylen, 1);
+ hip_get_rsa_keylen(hi, &keylen, 1);
rsa_pub_len = keylen.e_len + keylen.e + keylen.n;
- ret = malloc(sizeof(struct hip_host_id));
- memcpy(ret, tmp, sizeof(struct hip_host_id) -
+ memcpy(ret, hi, sizeof(struct hip_host_id) -
sizeof(ret->key) - sizeof(ret->hostname));
ret->hi_length = htons(rsa_pub_len + sizeof(struct hip_host_id_key_rdata));
- memcpy(ret->key, tmp->key, rsa_pub_len);
- memcpy(ret->hostname, tmp->hostname, sizeof(ret->hostname));
+ memcpy(ret->key, hi->key, rsa_pub_len);
+ memcpy(ret->hostname, hi->hostname, sizeof(ret->hostname));
ret->length = htons(sizeof(struct hip_host_id));
- return ret;
+ return 0;
}
/**
* Transforms a private/public key pair to a public key, private key is
deleted.
*
* @param hid a pointer to a host identity.
- * @return a pointer to a host identity if the transformation was
- * successful, NULL otherwise.
+ * @param ret a pointer to an allocated host identity struct
+ * in which the public host identity will be returned
+ * @return 0 on succes, negative on error
*/
-static struct hip_host_id *hip_get_public_key(const struct hip_host_id_priv
*hid)
+static int hip_get_public_key(const struct hip_host_id_priv *hid, struct
hip_host_id *const ret)
{
int alg = hip_get_host_id_algo((const struct hip_host_id *) hid);
switch (alg) {
case HIP_HI_RSA:
- return hip_get_rsa_public_key(hid);
+ return hip_get_rsa_public_key(hid, ret);
case HIP_HI_DSA:
- return hip_get_dsa_public_key(hid);
+ return hip_get_dsa_public_key(hid, ret);
case HIP_HI_ECDSA:
- return hip_get_ecdsa_public_key(hid);
+ return hip_get_ecdsa_public_key(hid, ret);
default:
HIP_ERROR("Unsupported HI algorithm (%d)\n", alg);
- return NULL;
+ return -1;
}
}
@@ -545,7 +542,10 @@
HIP_DEBUG("Generating a new R1 set.\n");
HIP_IFEL(!(id_entry->r1 = hip_init_r1()), -ENOMEM, "Unable to allocate
R1s.\n");
- id_entry->host_id = hip_get_public_key(host_id);
+ HIP_IFEL(!(id_entry->host_id = malloc(sizeof(struct hip_host_id))),
+ -ENOMEM, "Unable to allocate host id\n");
+ HIP_IFEL(hip_get_public_key(host_id, id_entry->host_id),
+ -1, "Unable to get public key from private host id\n");
switch (hip_get_host_id_algo(id_entry->host_id)) {
case HIP_HI_RSA:
signature_func = hip_rsa_sign;
Other related posts:
- » [hipl-dev] [Branch ~hipl-core/hipl/ecc] Rev 5355: Merged trunk revision 5522. - noreply
