Skip to content
Snippets Groups Projects
Commit 7b170729 authored by Adrien Béraud's avatar Adrien Béraud
Browse files

crypto: improve documentation

parent 05727a15
Branches
Tags
No related merge requests found
Show whitespace changes
Inline Side-by-side
include/opendht/crypto.h
+ 24
6
View file @ 7b170729
...@@ -53,11 +53,11 @@ class DecryptError : public CryptoException { ...@@ -53,11 +53,11 @@ class DecryptError : public CryptoException {
}; };
/** /**
* Generate an RSA key pair (2048 bits) and a certificate. * Generate an RSA key pair (4096 bits) and a certificate.
* @param name the name used in the generated certificate * @param name the name used in the generated certificate
* @param ca if set, the certificate authority that will sign the generated certificate. * @param ca if set, the certificate authority that will sign the generated certificate.
* If not set, the generated certificate will be a self-signed CA. * If not set, the generated certificate will be a self-signed CA.
* @param key_length stength of the generated provste key (bits). * @param key_length stength of the generated private key (bits).
*/ */
Identity generateIdentity(const std::string& name = "dhtnode", Identity ca = {}, unsigned key_length = 4096); Identity generateIdentity(const std::string& name = "dhtnode", Identity ca = {}, unsigned key_length = 4096);
...@@ -67,6 +67,10 @@ Identity generateIdentity(const std::string& name = "dhtnode", Identity ca = {}, ...@@ -67,6 +67,10 @@ Identity generateIdentity(const std::string& name = "dhtnode", Identity ca = {},
struct PublicKey struct PublicKey
{ {
PublicKey() {} PublicKey() {}
/**
* Takes ownership of an existing gnutls_pubkey.
*/
PublicKey(gnutls_pubkey_t k) : pk(k) {} PublicKey(gnutls_pubkey_t k) : pk(k) {}
PublicKey(const Blob& pk); PublicKey(const Blob& pk);
PublicKey(PublicKey&& o) noexcept : pk(o.pk) { o.pk = nullptr; }; PublicKey(PublicKey&& o) noexcept : pk(o.pk) { o.pk = nullptr; };
...@@ -202,6 +206,14 @@ struct Certificate { ...@@ -202,6 +206,14 @@ struct Certificate {
return b; return b;
} }
/**
* Import certificate chain (PEM or DER).
* Certificates are not checked during import.
*
* Iterator is the type of an iterator or pointer to
* gnutls_x509_crt_t or Blob instances to import, that should be
* ordered from subject to issuer.
*/
template<typename Iterator> template<typename Iterator>
void unpack(const Iterator& begin, const Iterator& end) void unpack(const Iterator& begin, const Iterator& end)
{ {
...@@ -218,10 +230,16 @@ struct Certificate { ...@@ -218,10 +230,16 @@ struct Certificate {
*this = first ? std::move(*first) : Certificate(); *this = first ? std::move(*first) : Certificate();
} }
/** /**
* Import certificate chain (PEM or DER), * Import certificate chain (PEM or DER).
* ordered from subject to issuer * Certificates are not checked during import.
*
* Iterator is the type of an iterator or pointer to the bytes of
* the certificates to import.
*
* @param certs list of (begin, end) iterator pairs, pointing to the
* PEM or DER certificate data to import, that should be
* ordered from subject to issuer.
*/ */
template<typename Iterator> template<typename Iterator>
void unpack(const std::vector<std::pair<Iterator, Iterator>>& certs) void unpack(const std::vector<std::pair<Iterator, Iterator>>& certs)
...@@ -298,7 +316,7 @@ private: ...@@ -298,7 +316,7 @@ private:
}; };
/** /**
* AES-GCM encryption. Key must be 128, 192 or 126 bits long (16, 24 or 32 bytes). * AES-GCM encryption. Key must be 128, 192 or 256 bits long (16, 24 or 32 bytes).
*/ */
Blob aesEncrypt(const Blob& data, const Blob& key); Blob aesEncrypt(const Blob& data, const Blob& key);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment