-Install the library: `pip install ubirch-protocol`
-
-### Creating keypair and messages
+---
-```python
-import ubirch
-from uuid import UUID
-import binascii
+This repository contains a library providing an implementation of the [Ubirch-protocol](https://github.com/ubirch/ubirch-protocol) in **Python 3**.
-# create a keystore for the device keypair
-keystore = ubirch.KeyStore("demo-device.jks", "keystore")
+That, along with the helper classes `KeyStore` and `API`. These can be used to handle cryptografic keys and to communicate with the Ubirch backend.
-# create a UUID that identifies the device and load or create a keypair
-uuid = UUID(hex="575A5601FD744F8EB6AEEF592CDEE12C")
-if not keystore.exists_signing_key(uuid):
- keystore.create_ed25519_keypair(uuid)
+Additionally, you will find the raw documentation files rendered to the [documentation pages](https://developer.ubirch.com/ubirch-protocol-python/).
-# implement the _sign method of the ubirch.Protocol to use the just created keys to sign the message
-class ProtocolImpl(ubirch.Protocol):
- def _sign(self, uuid: UUID, message: bytes) -> bytes:
- return keystore.find_signing_key(uuid).sign(message)
+## Installation
+Optionally create environment to install to:
-# create an instance of the ubirch protocol
-proto = ProtocolImpl()
+`$ python -m venv venv`
-# create ubirch protocol messages
-print(binascii.hexlify(proto.message_chained(uuid, 0x00, [1, 2, 3])))
-print(binascii.hexlify(proto.message_chained(uuid, 0x00, [4, 5, 6])))
-```
-
-### Sending messages using the ubirch API
+`$ . venv/bin/activate`
-Please see [test-protocol.py](examples/test-protocol.py) for a comprehensive example, how to create a device and
-send data. Below is a snipped that will send two chained messages, using a generic key/value payload.
+Install the requirements and Ubirch library using pip:
-You will need a password for the ubirch backend. Go to https://console.demo.ubirch.com to register your UUID
-under `Things`. Then click on your device and copy the password from the `apiConfig`-field.
+`$ pip install -r requirements.txt`
-```python
-import ubirch
-from uuid import UUID
-import binascii
-from datetime import datetime
-
-# create a keystore for the device key pair
-keystore = ubirch.KeyStore("demo-device.jks", "keystore")
-
-# create a UUID that identifies the device and load or create a key pair
-uuid = UUID(hex="575A5601FD744F8EB6AEEF592CDEE12C")
-if not keystore.exists_signing_key(uuid):
- keystore.create_ed25519_keypair(uuid)
+`$ pip install ubirch-protocol`
+> The required version of the `ubirch-protocol` package to run the provided scripts is `3.1.0`.
+> Currently this version can only be installed through a [local install](docs/NotPip.md).
-# implement the _sign method of the ubirch.Protocol
-class ProtocolImpl(ubirch.Protocol):
- def _sign(self, _uuid: UUID, message: bytes) -> bytes:
- return keystore.find_signing_key(uuid).sign(message)
+If you want to install from another source than pip, follow along [here](docs/NotPip.md).
+## Setup
+Before anything, you will need to do/get a couple of things:
+- Open up the [uBirch Console](https://console.demo.ubirch.com) (`'demo'` stage)
+ - For guidance, check out the [uBirch console documentation](https://developer.ubirch.com/console.html)
+ - First register to get an account
+ - Then Create a "Thing":
+ - Using a UUID generated with a [UUID-Generator](https://www.uuidgenerator.net/)
+ - You will be using the shown UUID (ID) and the generated Auth-Token (password) from now on
+- Come up or [generate](https://www.random.org/passwords/) a password for the KeyStore, which is where public and private Keys will be stored locally
-# create an instance of the ubirch protocol
-proto = ProtocolImpl()
+> Open up the [Getting started](https://developer.ubirch.com/ubirch-protocol-python/GettingStarted.html) on the [Documentation and Examples](https://developer.ubirch.com/ubirch-protocol-python/) pages or continue below.
-# create an instance of the ubirch API and set the password
-api = ubirch.API()
-api.set_authentication(uuid, "<< password for the ubirch backend >>") # register your UUID at https://console.demo.ubirch.com and retrieve your password
-
-# message 1
-msg = proto.message_chained(uuid, 0x53, {'ts': int(datetime.utcnow().timestamp()), 'v': 99})
-print(binascii.hexlify(msg))
-# send message to ubirch backend
-r = api.send(uuid, msg)
-print("{}: {}".format(r.status_code, r.content))
-
-# message 2 (chained to message 1)
-msg = proto.message_chained(uuid, 0x53, {"ts": int(datetime.utcnow().timestamp()), "v": 100})
-print(binascii.hexlify(msg))
-# send message to ubirch backend
-r = api.send(uuid, msg)
-print("{}: {}".format(r.status_code, r.content))
-```
-
-### Verification of received message
+### Now you should have the following at hand:
+Our [Ubirch API](http://developer.ubirch.com/function_documentation/ubirch-protocol-python/)
+authentication with an uuid and a password:
```python
-import ubirch
-from ed25519 import VerifyingKey, BadSignatureError
from uuid import UUID
-remote_uuid = UUID(hex="9d3c78ff22f34441a5d185c636d486ff")
-remote_vk = VerifyingKey("a2403b92bc9add365b3cd12ff120d020647f84ea6983f98bc4c87e0f4be8cd66", encoding='hex')
-
-# create a keystore and insert the verifying key
-keystore = ubirch.KeyStore("demo-device.jks", "keystore")
-keystore.insert_ed25519_verifying_key(remote_uuid, remote_vk)
-
-# implement the _verify method of the ubirch.Protocol
-class ProtocolImpl(ubirch.Protocol):
- def _verify(self, uuid: UUID, message: bytes, signature: bytes) -> dict:
- return keystore.find_verifying_key(uuid).verify(signature, message)
-
-# create an instance of the ubirch protocol
-proto = ProtocolImpl()
-
-message = bytes.fromhex(
- "9623c4109d3c78ff22f34441a5d185c636d486ffc440a5b371acdfc8495790ee86802399585da50401b0d3c87f60946719338eb0283d36c0bac9b8a6a75a5385342e62932335da988b97c0ec211556db082e9f8478070081a76d657373616765bf796f7572207265717565737420686173206265656e207375626d6974746564c440c8529623a4c2335f7a8ae1eeea655768d2e9a0df141f481ced557c9dac7216e8f64ca9f6970fc6c1096ed49bcc6f7fa77d8f85d05bff5e1301588597edc9770e")
-
-# verify the message (throws an exception if the message could not be verified)
-try:
- print(proto.message_verify(message))
- print("verification successful!")
-except BadSignatureError as e:
- print("ERROR: verification failed!")
+uuid = UUID(hex = "f5ded8a3-d462-41c4-a8dc-af3fd072a217")
+auth = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
```
-### Existing keys
-
-In case you create a key pair from our demo website, use the following code to insert it into the key store:
-
+And credentials for a [KeyStore](http://developer.ubirch.com/function_documentation/ubirch-protocol-python/)
+to store your public and private key:
```python
-import ubirch
-import ed25519
-import uuid
-
-hwDeviceId = uuid.uuid4()
-keystore = ubirch.KeyStore("demo-device.jks", "keystore")
-key_encoded = input("paste the encoded private key here:")
-sk = ed25519.SigningKey(key_encoded, encoding='hex')
-vk = sk.get_verifying_key()
-
-keystore.insert_ed25519_keypair(hwDeviceId, vk, sk)
-```
-
-### Running the example
-
-```bash
-python3 -m venv venv3
-. venv3/bin/activate
-pip install -r requirements.txt
-pip install ubirch-protocol
-PYTHONPATH=. python3 examples/test-protocol.py
+keystore_name = "devices.jks"
+keystore_password = "XXXXXXXXXXX"
```
-At the first launch the script generates a random UUID for your device and you will be asked
-about the authentication token and the device group. You can safely ignore the device group, just press Enter.
-The script creates a file `demo-device.ini` which is loaded upon running the script again. If
-you need to change anything edit that file.
-
-The script goes through a number of steps:
+## A minimal application
+The smallest uBirch application looks something like this.
-1. checks the existence of the device and deletes the device if it exists
-2. registers the device with the backend
-3. generates a new identity for that device and stores it in the key store
-4. registers the new identity with the backend
-5. sends two consecutive chained messages to the backend
+*The code can be found in [`GettingStarted.py`](examples/GettingStarted.py) as well.*
-### Example: Web-of-Trust
+*Run it from your command prompt using `$ python examples/GettingStarted.py` or copy-paste the codeblocks.*
-#### Before First Execution
+Let's say we have got some environment-sensor data like:
-```bash
-python3 -m venv venv3
-pip install -r requirements.txt
+```python
+import time
+
+data = {
+ "timestamp": int(time.time()),
+ "temperature": 11.2,
+ "humidity": 35.8,
+ "status": "OK"
+}
```
-#### Running The Example
-
-```bash
-. venv3/bin/activate
-PYTHONPATH=. python3 examples/test-web-of-trust.py
-```
+To send a hash of the data to the Ubirch backend run these few lines inside of `examples/`:
+```python
+import ubirch
+from UbirchWrapper import UbirchWrapper
-During first launch the script generates key pairs for two users. Each user has one device and key pairs are created for
-these, too. All key pairs are stored in `test-web-of-trust.jks` while the association of users, their device and the
-respective key pair is stored in `demo-web-of-trust.ini`. In consecutive runs no new key pairs are generated and instead
-the ones referenced in `demo-web-of-trust.ini` are used.
+# (1) Initialize an UbirchWrapper instance and pass the credentials for a `KeyStore`
+client = UbirchWrapper(uuid, auth, keystore_name, keystore_password)
-The script always uploads all public keys, followed by creating and uploading a web-of-trust and searching all public
-keys trusted by `deviceA`. This search is repeated with different parameters. The results are then printed onto the
-terminal.
+# (2) Check if the public key is registered at the Ubirch key service and register it if necessary
+client.checkRegisterPubkey()
-The web-of-trust created looks as follows (trust knows a direction; always bidirectional in this example):
+# (3) Create a chained Ubirch protocol packet (UPP) that contains a hash of the data
+currentUPP = client.createUPP(data)
-```
-deviceA <--trustLevel=100--> user1 <--trustLevel=50--> user2 <--trustLevel=100--> deviceB
-```
+# (4) Send the UPP to the Ubirch backend using the API and handle the response
+response = client.api.send(uuid, currentUPP)
+client.handleMessageResponse(response)
-The first search for all trusted keys is for a minimum trust of 50 and a depth of 3 resulting in the the following keys
-being found:
+# (5) Verify that the response came from the backend
+client.verifyResponseSender(response)
-* user1
-* user2
-* deviceB
+# (6) Unpack the received UPP to get its previous signature
+previousSignatureInUPP = client.extractPreviousSignature(response)
-The second search increases the minimum trust to 60 resulting in:
+# (7) Make sure it is the same as the UPP signature sent
+client.assertSignatureCorrect(previousSignatureInUPP)
-* user1
+# (9) Persist signature: Save last signatures to a `.sig` file
+client.protocol.persist(uuid)
-And the third search is with a minimum trust of 50 again while the depth is now 2 resulting in:
+print("Successfully sent the UPP and verified the response!")
+```
-* user1
-* user2
+*This example uses the example [UbirchWrapper](examples/UbirchWrapper.py) that helps to implement general repetitive tasks.*
+> **Next:** Take a look at the Step-by-step-example on the [Documentation Pages](https://developer.ubirch.com/ubirch-protocol-python/)
-### Testing
-Unit tests are added to test the functionality of all objects provided in this library.
+## Testing
+Unit tests are added to test the functionality of objects provided in this library.
```bash
pip install -r requirements.test.txt
-python3 -m pytest tests
-```
-# License
-
+python -m pytest tests
+```
+## Ubirch Internal Documentation
+About the repository automation refer [here](https://ubirch.atlassian.net/wiki/spaces/UBD/pages/2342092819/Template+repository+for+better+documentation).
+- If the deployment fails make sure the Personal access token is up-to-date
diff --git a/examples/EXAMPLES.md b/docs/DevTools.md
similarity index 82%
rename from examples/EXAMPLES.md
rename to docs/DevTools.md
index b979c6d..b0e0452 100644
--- a/examples/EXAMPLES.md
+++ b/docs/DevTools.md
@@ -1,66 +1,16 @@
-# uBirch-Protocol-Python Examples
-This file documents how to use the examples provided alongside the [uBirch-Protocol-Python](https://github.com/ubirch/ubirch-protocol-python). Those examples aim to provide an insight of how to use the [ubirch-protocol](https://pypi.org/project/ubirch-protocol/) python library, which is implemented in the `/ubirch/` directory in this repository.
-
-## Table of contents
-- [Table of contents](#table-of-contents)
-- [From measurement to blockchain-anchored UPP](#from-measurement-to-blockchain-anchored-upp)
- - [Setup](#setup)
- - [Generating and managing a keypair](#generating-and-managing-a-keypair)
- - [Registering a public key](#registering-a-public-key)
- - [Gathering Data](#gathering-data)
- - [Creating a UPP](#creating-a-upp)
- - [Sending a UPP](#sending-a-upp)
- - [Verifying a UPP](#verifying-a-upp)
- - [Verifying a UPP chain](#verifying-a-upp-chain)
- - [Examining a UPP](#examining-a-upp)
- - [Checking the anchoring status of a UPP](#checking-the-anchoring-status-of-a-upp)
- - [Verifying data](#verifying-data)
-- [Sending data to the Simple Data Service](#sending-data-to-the-simple-data-service)
-- [Example uBirch client implementation](#example-ubirch-client-implementation)
-- [Create a hash from an JSON object](#create-a-hash-from-an-json-object)
-- [Test identity of the device](#test-identity-of-the-device)
-- [Test the complete protocol](#test-the-complete-protocol)
-- [Test the web of trust](#test-the-web-of-trust)
-- [Verify ECDSA signed UPP](#verify-ecdsa-signed-upp)
-- [Verify ED25519 signed UPP](#verify-ed25519-signed-upp)
-- [Managing Keys](#managing-keys)
- - [Managing the local KeyStore](#managing-the-local-keystore)
- - [Managing keys inside the uBirch Identity Service](#managing-keys-inside-the-ubirch-identity-service)
- - [Registering ECDSA Keys](#registering-ecdsa-keys)
-
-## From measurement to blockchain-anchored UPP
-The process needed to get a UPP to be anchored in the blockchain can be cut down into multiple steps. For each of those steps there is an example in this directory, demonstrating how to handle them. There are also examples showing a full example-client implementation.
-
-1. [Setup](#setup)
-
-2. [Generating and managing a keypair](#generating-and-managing-a-keypair)
-
-3. [Registering a public key](#registering-a-public-key)
+# Developer Tools
-4. [Gathering Data](#gathering-data)
-
-5. [Creating a UPP](#creating-an-upp)
+This file documents how to use the tools that can be found in [`tools/`](../tools).
-6. [Sending a UPP](#sending-an-upp)
+Intented users are people who want to deep-dive into ubirch technologies or developers at ubirch itself.
-7. [Verifying a UPP](#verifying-an-upp)
+These are commandline tools that can be used to quickly accomplish certain tasks without writing code.
-8. [Examining a UPP](#examining-an-upp)
-9. [Checking the anchoring status of a UPP](#checking-the-anchoring-status-of-a-upp)
+## Setup - API Credentials
+Make sure to follow the steps in [GettingStarted](GettingStarted.md) first.
-10. [Verifying data](#verifying-data)
-### Setup
-Before anything, you will need to do/get a couple of things:
-- Choose a stage to work on
-- Get a account for the uBirch-Console
- - https://console.prod.ubirch.com for the `prod` stage
- - https://console.demo.ubirch.com for the `demo` stage
- - https://console.dev.ubirch.com for the `dev` stage
-- Get a UUID (can be generated randomly, for example [here](https://www.uuidgenerator.net/), or on the basis of certain device properties like MAC-Addresses)
-- Create a "Thing" at the uBirch-Console; remember/note down the used UUID and the generated Auth-Token. For details on how to create a Thing, check the[Ubirch console documentation](https://developer.ubirch.com/console.html).
-
-You should now have the following information at hand:
+You should have the following information at hand:
- The stage you want to work on (later referred to as `env`)
- The UUID of your device or "fake" device in this instance
- The authentication token (`auth token`) for the named UUID
@@ -68,12 +18,50 @@ You should now have the following information at hand:
The values used below are `f5ded8a3-d462-41c4-a8dc-af3fd072a217` for the UUID, `demo` for the env and
`xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx` for the auth token.
+### Tools
+- [A UPP's Lifecycle](#a-upps-lifecycle)
+ - [Generating and managing a keypair](#generating-and-managing-a-keypair)
+ - [Registering a public key](#registering-a-public-key)
+ - [Gathering Data](#gathering-data)
+ - [Creating a UPP](#creating-a-upp)
+ - [Sending a UPP](#sending-a-upp)
+ - [Verifying a UPP](#verifying-a-upp)
+ - [Verifying a UPP chain](#verifying-a-upp-chain)
+ - [Examining a UPP](#examining-a-upp)
+ - [Checking the anchoring status of a UPP](#checking-the-anchoring-status-of-a-upp)
+ - [Verifying data](#verifying-data)
+- [Miscellaneous](#miscellaneous)
+ - [Create a hash from an JSON object](#create-a-hash-from-an-json-object)
+ - [Verify ECDSA signed UPP](#verify-ecdsa-signed-upp)
+ - [Verify ED25519 signed UPP](#verify-ed25519-signed-upp)
+- [Managing Keys](#managing-keys)
+ - [Managing the local KeyStore](#managing-the-local-keystore)
+ - [Managing keys inside the uBirch Identity Service](#managing-keys-inside-the-ubirch-identity-service)
+ - [Registering ECDSA Keys](#registering-ecdsa-keys)
+
+### Example implementations
+- [Simple data service](#simple-data-service)
+- [Test the complete protocol](#test-the-complete-protocol)
+- [Test identity of the device](#test-identity-of-the-device)
+
+# A UPP's Lifecycle
+*From measurement to blockchain-anchored UPP*
+
+The process needed to get a UPP to be anchored in the blockchain can be cut down into multiple steps.
+For each of those steps there is an example in this directory, demonstrating how to handle them.
+
### Generating and managing a keypair
-To create, or more precisely, to _sign_ a UPP, a device will need a keypair. This keypair consist of a private key (_signing key_) and public key (_verifying key_). The signing key is used to sign UPPs and the verifying key can be used by the uBirch backend to check, if the signature is valid and belongs to the correct sender/signer. So, logically it doesn't matter who knows to verifying key, but the signing key must be kept secret all the time. In a real use case a device might store it in a TPM ([Trusted platform module](https://en.wikipedia.org/wiki/Trusted_Platform_Module)) or use other counter measures against attackers reading the key from the device. For this demo, keypairs will be stored in a [JKS Keystore](https://en.wikipedia.org/wiki/Java_KeyStore) using the [`pyjks`](https://pypi.org/project/pyjks/) library. Therefore, you will have to choose and remember a file path for that keystore and a password used to encrypt it. The process of actually generating the keypair is handled by the [upp-creator.py](upp-creator.py) script and explained [below](#registering-a-public-key).
+To create, or more precisely, to _sign_ a UPP, a device will need a keypair. This keypair consist of a private key (_signing key_) and public key (_verifying key_).
+
+The signing key is used to sign UPPs and the verifying key can be used by the uBirch backend to check, if the signature is valid and belongs to the correct sender/signer. So, logically it doesn't matter who knows the verifying key, but the signing key must be kept secret all the time.
+
+In a real use case a device might store it in a TPM ([Trusted platform module](https://en.wikipedia.org/wiki/Trusted_Platform_Module)) or use other counter measures against attackers reading the key from the device. For this demo, keypairs will be stored in a [JKS Keystore](https://en.wikipedia.org/wiki/Java_KeyStore) using the [`pyjks`](https://pypi.org/project/pyjks/) library. Therefore, you will have to choose and remember a file path for that keystore and a password used to encrypt it. The process of actually generating the keypair is handled by the [upp-creator.py](upp-creator.py) script and explained [below](#registering-a-public-key).
To read generated keys from the KeyStore, see [below](#managing-the-local-keystore).
-**NOTE** that losing access to the signing key, especially if it is already registered at the uBirch backend, will take away the ability to create and send any new UPPs from that device/UUID, since there is no way of creating a valid signature that would be accepted by the backend.
+> **Warning:** Loosing access to the signing key, especially if it is already registered at the uBirch backend,
+will take away the ability to create and send any new UPPs from that device/UUID,
+since there is no way of creating a valid signature that would be accepted by the backend.
### Registering a public key
To enable the uBirch backend to verify a UPP, it needs to know the corresponding verifying key. Therefore, the device needs to send this key to the backend, before starting to send UPPs, which are supposed to be verified and anchored. Registering a verifying key is done by sending a special kind of UPP containing this key. This can be done by using two scripts:
@@ -107,24 +95,24 @@ After the command successfully completed there should be an entry in the `Public
### Gathering Data
UPPs are usually used to anchor the hash of some kind of data. This data, in theory, can be everything. All examples below will use a simple string representing a JSON object like this for simplicity:
-```json
-{
- "ts": 1625163338,
- "T": 11.2,
- "H": 35.8,
- "S": "OK"
+```python
+data = {
+ "timestamp": 1625163338,
+ "temperature": 11.2,
+ "humidity": 35.8,
+ "status": "OK"
}
```
-Translated to a hypothetical use case this could be a measurement taken at `1625163338` (Unix-Timestamp), stating that the sensor measured `11.2 C` in temperature (`T`) and `35.8 %H` in humidity (`H`). The status - `S` - is `'OK'`. There is no script for this step, since it can easily be done by hand.
-**Note: _If you use a JSON format for your data, the data has to be alphabetically sorted, all whitespace removed and
+### Data Format
+> **Note:** If you use a JSON format for your data, the data has to be alphabetically sorted, all whitespace removed and
serialized into a simple string, before the hash of the data is generated. This ensures, that you can always regenerate
-the same hash for your data. This is already implemented in the examples, like the following line of code shows:_**
+the same hash for your data. This is already implemented in the examples, like the following lines of code show:
```python
-serialized = json.dumps(message, separators=(',', ':'), sort_keys=True, ensure_ascii=False).encode()
+serialized = json.dumps(data, separators=(',', ':'), sort_keys=True, ensure_ascii=False).encode()
```
This will create a string from the above examplary JSON object:
-`{"H":35.8,"S":"OK","T":11.2,"ts":1625163338}`
+`b'{"humidity":35.8,"status":"OK","temperature":11.2,"timestamp":1656943520}'`
### Creating a UPP
After gathering some measurement data a UPP can be created. The UPP won't contain the actual measurement data, but a hash of it. The example script to create UPPs is [`upp-creator.py`](upp-creator.py).
@@ -136,13 +124,13 @@ usage: upp-creator.py [-h] [--version VERISON] [--type TYPE] [--ks KS] [--kspwd
Note that, when using chained UPPs (--version 0x23), this tool will try to load/save signatures from/to .sig, where UUID will be replaced with the actual UUID. Make sure that the UUID.sig file is in your current working directory if you try to continue a UPP chain using this tool. Also beware that you will only be able to access the contents of a keystore when you use the same password you used when creating it. Otherwise all contents are lost. When --hash off is set, contents of the DATA argument will be copied into the payload field of the UPP. Normally used for special messages (e.g. key registration). For more information on possible values for --type and --version see https://github.com/ubirch/ubirch-protocol.
```
The script allows multiple modes of operation, which can be set through different command line arguments. Some of those directly set fields in the resulting UPP. Please consult the [uBirch Protocol Readme](https://github.com/ubirch/ubirch-protocol#basic-message-format) for further information on those fields and their possible values.
-- `--version/-v` This flag sets the version field of the UPP. The version field actually consists of two sub-fields. The higher four bits set the actual version (`1` or `2`) and the "mode". The higher four bits will be set to two(`0010`) in almost all use cases. The mode can either be a simple UPP without a signature, a UPP with a signature and a UPP with a signature + the signature of the previous UPP embedded into it. The latter would be called a_Chained UPP_. Unsigned UPPs (`-v 0x21`) are not implemented. Signed UPPs have `-v 0x22` and chained ones `-v 0x23`.
+- `--version/-v` This flag sets the version field of the UPP. The version field actually consists of two sub-fields. The higher four bits set the actual version (`1` or `2`) and the "mode". The higher four bits will be set to two(`0010`) in almost all use cases. The mode can either be a simple UPP without a signature, a UPP with a signature and a UPP with a signature + the signature of the previous UPP embedded into it. The latter would be called a _Chained UPP_. Unsigned UPPs (`-v 0x21`) are not implemented. Signed UPPs have `-v 0x22` and chained ones `-v 0x23`.
- `--type/-t` This flag sets the type field of the UPP. It is used to indicate what the UPP contains/should be used for. It can be set to `0x00` in most cases. One of the cases where a specific value is required, is a Key Registration Messages, as described in [Registering a Public Key](#registering-a-public-key).
- `--k/-k` The path to the keystore that contains the keypair for the device or should be used to store a newly generated keypair. If the keystore, pointed to by this parameter, doesn't exist, the script will simply create it.
- `--kspwd/-p` The password to decrypt/encrypt the keystore. You must remember this, or you will lose access to the keystore and all its contents.
- `--keyreg/-k` Tells the script that the UPP that should be generated is a key registration UPP. The effect of that is that the script will ignore any custom input data and the `--hash` parameter (below). Instead, the UPP will contain the public key certificate. This parameter is a binary flag which can have two values: `true` or `false`.
- `--hash` Sets the hash algorithm to be used to generate the hash of the input data. The produced hash will then be inserted into the payload field of the UPP. This parameter can have three values: `sha512`, `sha256` and `off`. When set to off, the input data will be directly put into the UPP without hashing it. This is only useful in some special cases like when manually assembling key registration messages (normally the `--keyreg` option should be used for that).
-- `--isjson/-j` A binary flag that indicates that the input data is in JSON format. The script will serialize the JSON object before calculating the hash. This has the advantage one doesn't have to remember the order in which fields are listed in a JSON object to still be able to reconstruct the hash later on. Serializing the JSON is done like this: `json.dumps(self.data, separators=(',', ':'), sort_keys=True, ensure_ascii=False)` where `self.data` contains the JSON object which was loaded like this: `self.data = json.loads(self.dataStr)` where `dataStr` contains the input string, which should represent a JSON object. This flag can have two values: `true` or `false`.
+- `--isjson/-j` A binary flag that indicates that the input data is in JSON format. The script will serialize the JSON object before calculating the hash. This has the advantage one doesn't have to remember the order in which fields are listed in a JSON object to still be able to reconstruct the hash later on. Serializing the JSON is done like explained above in [Data Format](#data-format). This flag can have two values: `true` or `false`.
- `--output/-o` Tells the script where to write the generated UPP to.
- `--nostdout/-n` Binary flag to disable printing of any log messages to standard output. This can be used for piping a created UPP to another program. For this `--output /dev/stdout` would have to be set.
- `UUID` The UUID of the device as a hex-string, like `f5ded8a3-d462-41c4-a8dc-af3fd072a217`.
@@ -151,13 +139,13 @@ The script allows multiple modes of operation, which can be set through differen
One common examples of using this script might look like this:
```
$ python3 upp-creator.py --version 0x23 --isjson true --output upp.bin --hash sha256 f5ded8a3-d462-41c4-a8dc-af3fd072a217 '{
- "ts": 1625163338,
- "T": 11.2,
- "H": 35.8,
- "S": "OK"
+ "timestamp": 1625163338,
+ "temperature": 11.2,
+ "humidity": 35.8,
+ "status": "OK"
}'
2021-07-02 15:07:53,040 root init_keystore() INFO Public/Verifying key for "f5ded8a3-d462-41c4-a8dc-af3fd072a217" [base64]: "dsbKkw9HpsTvlLGgmiaYAM4M/ytFcySoF5UbfScffxg="
-2021-07-02 15:07:53,041 root prepare_payload() INFO Serialized data JSON: "{"H":35.8,"S":"OK","T":11.2,"ts":1625163338}"
+2021-07-02 15:07:53,041 root prepare_payload() INFO Serialized data JSON: '{"humidity":35.8,"status":"OK","temperature":11.2,"timestamp":1656943520}'
2021-07-02 15:07:53,041 root prepare_payload() INFO UPP payload (sha256 hash of the data) [base64]: "dfQu7wBCL2aCuAqWLkyHEXCzTlKHdfMr7PMrxEcwY6A="
2021-07-02 15:07:53,041 root create_upp() INFO Generating a chained signed UPP for UUID "f5ded8a3-d462-41c4-a8dc-af3fd072a217"
2021-07-02 15:07:53,041 root show_store_upp() INFO UPP [hex]: "9623c410f5ded8a3d46241c4a8dcaf3fd072a217c440cbe84f33c1d80a9a2a68f10c61c843567035d19179a703bb5e0aff4e920d9b8535acb171f1fd55271371d199fc985f33cf0b31f3c6ecfa7be684b561ac6d900f00c42075f42eef00422f6682b80a962e4c871170b34e528775f32becf32bc4473063a0c440ccc7e39d9a1acbf39d307d08d5b5f74218016e0b9e74d1efc7640c540c4cda1bf182b389a7ed9fd3fefb047ce6cf513dd1a047193ed0a13110f727fef4421102"
@@ -198,6 +186,9 @@ Note that, when trying to verify a UPP, sent by the uBirch backend (Niomon), a v
- `--verifying-key/-k` If not trying to verify a UPP coming from uBirch Niomon but from another source, the verifying key for that source needs to be provided. This parameter expects the key as a hex-string like `b12a906051f102881bbb487ee8264aa05d8d0fcc51218f2a47f562ceb9b0d068`.
- `--verifying-key-uuid/-u` The UUID for the verifying key from `--verifying-key`. This parameter will be ignored when `--verifying-key` is not set. Not setting this parameter when `--verifying-key` is set will cause an error.
- `--input/-i` The file path to read the UPP from.
+- `--ishex/-x` Sets whether the UPP input data is a hex string (true) or binary (false) (default: false)
+- `--isecd/-c` Sets whether the key provided with `--verifying-key` is a ECDSA NIST256p SHA256 key (true) or a ED25519 key (false) (default: false)
+
```
$ python3 upp-verifier.py --input response_upp.bin
@@ -305,7 +296,9 @@ Prev. UPP: "liPEEPXe2KPUYkHEqNyvP9ByohfEQMvoTzPB2AqaKmjxDGHIQ1ZwNdGReacDu14K/06S
2021-07-02 16:09:34,727 root get_status() INFO The UPP has been fully anchored!
[{'label': 'PUBLIC_CHAIN', 'properties': {'timestamp': '2021-07-02T14:03:22.093Z', 'hash': '0xd1fe1f27a315089e5522eb7c8124962774b335c24d1ed7281091b447a8d3bca2', 'public_chain': 'ETHEREUM_TESTNET_RINKEBY_TESTNET_NETWORK', 'prev_hash': '06700cdb7b196292eceac71520fad2e46890e2d8f74510f1bc4296c6a0e16a631cff533989c9b83363f72051105b8f0bfaf59706a5258d8d275abc93d67d5b4d'}}]
```
-The UPP has been anchored. **Note** that when running on `prod` the output regarding the anchoring status will be significantly longer:
+The UPP has been anchored.
+
+> **Note:** When running on `prod` the output regarding the anchoring status will be significantly more detailed:
```
$ python3 upp-anchoring-status.py --env prod --ishash true "dfQu7wBCL2aCuAqWLkyHEXCzTlKHdfMr7PMrxEcwY6A="
2021-07-02 16:13:47,509 root get_hash_from_input() INFO Extracted hash from input: "dfQu7wBCL2aCuAqWLkyHEXCzTlKHdfMr7PMrxEcwY6A="
@@ -325,19 +318,19 @@ usage: data-verifier.py [-h] [--ispath ISPATH] [--env ENV] [--isjson ISJSON] [--
```
- `--ispath/-i` Specifies wether the input is to be treated as a data-file path or direct input data. `true` or `false`.
- `--env-e` The stage to check on. Should be the one the UPP corresponding to the data was sent to. `prod`, `demo` or `dev`.
-- `--isjson/-j` A binary flag that indicates that the input data is in JSON format. The script will serialize the JSON object before calculating the hash. This has the advantage one doesn't have to remember the order in which fields are listed in a JSON object to still be able to reconstruct the hash later on. Serializing the JSON is done like this: `json.dumps(self.data, separators=(',', ':'), sort_keys=True, ensure_ascii=False)` where `self.data` contains the JSON object which was loaded like this: `self.data = json.loads(self.dataStr)` where `dataStr` contains the input string which should represent a JSON object. This flag can have two values: `true` or `false`. It should only be set to `true` if the data represents a JSON object and if it also was serialized when creating the UPP.
+- `--isjson/-j` A binary flag that indicates that the input data is in JSON format. The script will serialize the JSON object before calculating the hash. This has the advantage one doesn't have to remember the order in which fields are listed in a JSON object to still be able to reconstruct the hash later on. Serializing the JSON is done like explained above in [Data Format](#data-format). This flag can have two values: `true` or `false`. It should only be set to `true` if the data represents a JSON object and if it also was serialized when creating the UPP.
- `--hash/-a` Sets the hashing algorithm to use. `sha256`, `sha512` or `off`. It should match the algorithm used when creating the corresponding UPP. Setting it to `off` means that the input data actually already is the hash of the data. In this case this script will simply look up the hash.
- `--ishl/-l` enables Hashlink functionality. This means that the script will expect the input data to be a valid JSON object and to contain a list called `hashLink` at root-level. This list contains the names of all fields that should be taken into account when calculating the hash. Different JSON-levels can are represented like this: `[..., "a.b", ...]`.
Example for CLI-Input data:
```txt
python data-verifier.py --env demo --isjson true --hash sha256 '{
- "ts": 1625163338,
- "T": 11.2,
- "H": 35.8,
- "S": "OK"
+ "timestamp": 1625163338,
+ "temperature": 11.2,
+ "humidity": 35.8,
+ "status": "OK"
}'
-2021-07-02 16:21:41,178 root serialize_json() INFO Serialized JSON: "{"H":35.8,"S":"OK","T":11.2,"ts":1625163338}"
+2021-07-02 16:21:41,178 root serialize_json() INFO Serialized JSON: '{"humidity":35.8,"status":"OK","temperature":11.2,"timestamp":1656943520}'
2021-07-02 16:21:41,178 root get_hash_from_data() INFO Calculated hash: "dfQu7wBCL2aCuAqWLkyHEXCzTlKHdfMr7PMrxEcwY6A="
2021-07-02 16:21:41,178 root get_status() INFO Requesting anchoring information from: "https://verify.demo.ubirch.com/api/upp/verify/anchor"
2021-07-02 16:21:41,599 root get_status() INFO The hash is known to the uBirch backend! (code: 200)
@@ -363,76 +356,16 @@ Prev. UPP: "liPEEAcQQjUYkkAgkEIAADyUtgvEQJViO08kxDSmJWebjNDFAVFwqxGUANe9XkNqi549
Just like with [`upp-anchoring-status.py`](upp-anchoring-status.py), it might take a short while after sending the corresponding UPP to the backend before it will be anchored.
-## Sending data to the Simple Data Service
-The [`data-sender.py`](data-sender.py) example-script allows sending of data to the simple data service. This should only be used for demo purposes. Ubirch will not guarantee, to keep all data, which is sent to this endpoint.
-```
-$ python3 data-sender.py --help
-usage: data-sender.py [-h] [--env ENV] UUID AUTH INPUT
-
-Send some data to the uBirch Simple Data Service
-
-positional arguments:
- UUID UUID to work with; e.g.: 56bd9b85-6c6e-4a24-bf71-f2ac2de10183
- AUTH uBirch device authentication token
- INPUT data to be sent to the simple data service
-
-optional arguments:
- -h, --help show this help message and exit
- --env ENV, -e ENV environment to operate in; dev, demo or prod (default: dev)
-
-Note that the input data should follow this pattern: {"timestamp": TIMESTAMP, "uuid": "UUID", "msg_type": 0, "data": DATA, "hash": "UPP_HASH"}. For more information take a look at the EXAMPLES.md file.
-```
-
-## Example uBirch client implementation
-[`example-client.py`](example-client.py) implements a full example uBirch client. It generates a keypair if needed, registers it at the uBirch backend if it doesn't know it yet, creates and sends a UPP and handles/verfies the response from the uBirch backend. The used message format looks like this:
-```
-{
- "id": "UUID",
- "ts": TIMESTAMP,
- "data": "DATA"
-}
-```
-It has two positional and one optional command line parameters.
-```
-usage: python3 example-client.py [ubirch-env]
-```
-- `UUID` is the UUID as hex-string like `f5ded8a3-d462-41c4-a8dc-af3fd072a217`
-- `ubirch-auth-token` is the uBirch authentication token for the specified UUID, e.g.: `xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx`
-- `ubirch-env` (optional) specifies the environment/stage to operator on. `dev`, `demo` or `prod` (default).
-Keys are loaded from/stored to `demo-device.jks`. The keystore-password can be read from the [script](example-client.py) itself.
-
-
-## Create a hash from an JSON object
+## Miscellaneous
+### Create a hash from an JSON object
[`create-hash.py`](create-hash.py) takes a string representing a JSON object as input, serializes it, and calculates the corresponding SHA256 hash.
```
-$ python3 create-hash.py '{"ts": 1625163338, "T": 11.2, "H": 35.8, "S": "OK"}'
- input: {"ts": 1625163338, "T": 11.2, "H": 35.8, "S": "OK"}
-rendered: {"H":35.8,"S":"OK","T":11.2,"ts":1625163338}
+$ python3 create-hash.py '{"timestamp": 1625163338,"temperature": 11.2,"humidity": 35.8,"status": "OK"}'
+ input: '{"timestamp": 1625163338,"temperature": 11.2,"humidity": 35.8,"status": "OK"}'
+rendered: '{"humidity":35.8,"status":"OK","temperature":11.2,"timestamp":1656943520}'
hash: dfQu7wBCL2aCuAqWLkyHEXCzTlKHdfMr7PMrxEcwY6A=
```
-## Test identity of the device
-The [`test-identity.py`](test-identity.py) script tests registering and de-registering a public key of a device at the uBirch backend. To function it needs the following variables to be set using the environment:
-```sh
-export UBIRCH_UUID=
-export UBIRCH_AUTH=
-export UBIRCH_ENV=[dev|demo|prod]
-```
-It uses `test-identity.jks` as a place to store/look for keypairs. The keystore-password can be read from the [script](test-identity.py) itself.
-
-## Test the complete protocol
-The [`test-protocol.py`](test-protocol.py) script sends a couple of UPPs to uBirch Niomon and verifies the backend response. It reads all information it needs interactively from the terminal. Once entered, all device information (UUID, ENV, AUTH TOKEN) are stored in a file called `demo-device.ini`. Devices keys are stored in `demo-device.jks` and the keystore-password can be read from the [script](test-protocol.py) itself. If no keys for the given UUID are found, the script will generated a keypair and stores it in the keystore file.
-
-## Test the web of trust
-[`test-web-of-trust.py`](test-web-of-trust.py)
-**TODO**
-
-## Verify ECDSA signed UPP
-The [`verify-ecdsa.py`](verify-ecdsa.py) script verifies a hard-coded UPP which was signed with an ECDSA signing key using a ECDSA verifying key. All the information are contained in the script.
-
-## Verify ED25519 signed UPP
-The [`verify-25519.py`](verify-25519.py) script verifies a hard-coded UPP which was signed with an ED25519 signing key using a ED25519 verifying key. All the information are contained in the script. This mode is normally used (in all other examples).
-
## Managing Keys
### Managing the local KeyStore
`keystore-tool.py` is a script to manipulate contents of JavaKeyStores (JKS) as they are used by other example scripts. It supports displaying Keypair, adding new ones and also deleting entries.
@@ -446,7 +379,7 @@ $ python keystore-tool.py devices.jks keystore get -u 55425678-1234-bf80-30b4-dc
```
It will search for an entry matching the given UUID (specified by `-u`) and print the corresponding KeyPair if found. The PrivateKey will also be shown (`-s true`).
-**Note that once an entry is deleted, it is gone. It is recommended to keep backups of KeyStores containing important keys.**
+> **Note:** Once an entry is deleted, it is gone. It is recommended to keep backups of KeyStores containing important keys.
### Managing keys inside the uBirch Identity Service
The `pubkey-util.py` script can be used to manually add, delete, revoke or update device keys at the uBirch Identity Service. In most cases this won't be necessary since the other scripts documented above are capable of registering a key, which is enough most of the time. In total, this script supports five operations:
@@ -478,13 +411,17 @@ $ TZ=UTC date "+%Y-%m-%dT%H:%M:%S.000Z"
### Registering ECDSA Keys
Currently the only way to register ECDSA Keys is by using X.509 certificates. This can be done by usign the `x509-registrator.py` script. It's able to generate an ECDSA keypair for a UUID + store it in a keystore, or read it from said keystore and generate a X.509 certificate for it. Additionally it will send the certificate the the uBirch backend to register they keypair.
-**Warning**: Only ECDSA keys using the `NIST256p` curve and `Sha256` as hash function are supported! Others **won't** be accepted by the backend!
+> **Warning:** Only ECDSA keys using the `NIST256p` curve and `Sha256` as hash function are supported! Others **won't** be accepted by the backend!
Below is a simple example call to register an ECDSA KeyPair to the backend. Note, that the keypair doesn't have to exist yet. If it doesn't it will be generated in the keystore (`devices.jks`). The first four arguments are positional. They are:
``
-`ENV` is the uBirch environment and must be one of `dev`, `demo` or `prod`. The `KEYSTORE_FILE` must be a pfad to a valid JavaKeyStore file (normal extension: `.jks`). `KEYSTORE_PASS` must be the password needed to unlock the given keystore. `UUID` is the uuid of the identity to work with.
+- `ENV` is the uBirch environment and must be one of `dev`, `demo` or `prod`.
+- `KEYSTORE_FILE` must be a path to a valid JavaKeyStore file (normal extension: `.jks`).
+- `KEYSTORE_PASS` must be the password needed to unlock the given keystore.
+- `UUID` is the uuid of the identity to work with.
+
```
python x509-registrator.py dev devices.jks secret_password 11a8ca3c-76a4-433d-bc5c-372a1a2292f6
2022-04-08 17:11:35,033 root create_x509_cert() INFO Creating a X.509 certificate for '11a8ca3c-76a4-433d-bc5c-372a1a2292f6' with a validity time of 31536000 seconds
@@ -509,4 +446,55 @@ b'{"algorithm":"ecdsa-p256v1","created":"2022-04-08T15:11:37.383Z","hwDeviceId":
2022-04-08 17:11:38,432 root send_x509_cert() INFO Certificate accepted by the backend!
```
-If the certificate was already registered beforehand, generating a new one can be disabled by passing `-r true`. This will cause the script to read a certificate from the output file which can be specified with `-o [FILE]`, otherwise the default will be used. Sending the certificate to the backend can also be disabled by passing `-n true`.
\ No newline at end of file
+If the certificate was already registered beforehand, generating a new one can be disabled by passing `-r true`. This will cause the script to read a certificate from the output file which can be specified with `-o [FILE]`, otherwise the default will be used. Sending the certificate to the backend can also be disabled by passing `-n true`.
+
+## Commandline Examples
+
+### Simple Data Service
+The [`data-sender.py`](data-sender.py) example-script allows sending of data to the simple data service. This should only be used for demo purposes. Ubirch will not guarantee, to keep all data, which is sent to this endpoint.
+```
+$ python3 data-sender.py --help
+usage: data-sender.py [-h] [--env ENV] UUID AUTH INPUT
+
+Send some data to the uBirch Simple Data Service
+
+positional arguments:
+ UUID UUID to work with; e.g.: 56bd9b85-6c6e-4a24-bf71-f2ac2de10183
+ AUTH uBirch device authentication token
+ INPUT data to be sent to the simple data service
+
+optional arguments:
+ -h, --help show this help message and exit
+ --env ENV, -e ENV environment to operate in; dev, demo or prod (default: dev)
+
+Note that the input data should follow this pattern: {"timestamp": TIMESTAMP, "uuid": "UUID", "msg_type": 0, "data": DATA, "hash": "UPP_HASH"}. For more information take a look at the EXAMPLES.md file.
+```
+
+### Test the complete protocol
+The [`test-protocol.py`](test-protocol.py) script sends a couple of UPPs to uBirch Niomon and verifies the backend response.
+It reads all information it needs interactively from the terminal. Once entered, all device information (UUID, ENV, AUTH TOKEN)
+are stored in a file called `demo-device.ini`. If
+you need to change anything edit that file.
+
+Devices keys are stored in `demo-device.jks` and the keystore-password can be read from the [script](tools/test-protocol.py) itself. If no keys for the given UUID are found,
+the script will generated a keypair and stores it in the keystore file.
+
+At the first launch the script generates a random UUID for your device and you will be asked
+about the authentication token and the device group. You can safely ignore the device group, just press Enter.
+
+The script goes through a number of steps:
+
+1. checks the existence of the device and deletes the device if it exists
+2. registers the device with the backend
+3. generates a new identity for that device and stores it in the key store
+4. registers the new identity with the backend
+5. sends two consecutive chained messages to the backend
+
+### Test identity of the device
+The [`test-identity.py`](test-identity.py) script tests registering and de-registering a public key of a device at the uBirch backend. To function it needs the following variables to be set using the environment:
+```sh
+export UBIRCH_UUID=
+export UBIRCH_AUTH=
+export UBIRCH_ENV=[dev|demo|prod]
+```
+It uses `test-identity.jks` as a place to store/look for keypairs. The keystore-password can be read from the [script](test-identity.py) itself.
diff --git a/docs/Gemfile b/docs/Gemfile
new file mode 100644
index 0000000..177355f
--- /dev/null
+++ b/docs/Gemfile
@@ -0,0 +1,50 @@
+
+source "https://rubygems.org"
+# Hello! This is where you manage which Jekyll version is used to run.
+# When you want to use a different version, change it below, save the
+# file and run `bundle install`. Run Jekyll with `bundle exec`, like so:
+#
+# bundle exec jekyll serve
+#
+# This will help ensure the proper Jekyll version is running.
+# Happy Jekylling!
+
+# This is the default theme for new Jekyll sites. You may change this to anything you like.
+# If you want to use GitHub Pages, remove the "gem "jekyll"" above and
+# uncomment the line below. To upgrade, run `bundle update github-pages`.
+# gem "github-pages", group: :jekyll_plugins
+# If you have any plugins, put them here!
+group :jekyll_plugins do
+ gem "jekyll-feed", "~> 0.12"
+end
+
+# Windows and JRuby does not include zoneinfo files, so bundle the tzinfo-data gem
+# and associated library.
+platforms :mingw, :x64_mingw, :mswin, :jruby do
+ gem "tzinfo", "~> 1.2"
+ gem "tzinfo-data"
+end
+
+# Performance-booster for watching directories on Windows
+gem "wdm", "~> 0.1.1", :platforms => [:mingw, :x64_mingw, :mswin]
+
+# Lock `http_parser.rb` gem to `v0.6.x` on JRuby builds since newer versions of the gem
+# do not have a Java counterpart.
+gem "http_parser.rb", "~> 0.6.0", :platforms => [:jruby]
+
+# ==================================
+
+# gem "jekyll", "~> 4.2.2"
+# => Correct version is installed by dependent gems
+
+
+group :jekyll_plugins do
+ gem "jekyll-optional-front-matter", "~> 0.3.2"
+ gem "github-pages", "~> 226"
+end
+
+gem "jekyll-theme-minimal", "~> 0.2.0"
+
+gem "webrick", "~> 1.7"
+
+
diff --git a/docs/GettingStarted.md b/docs/GettingStarted.md
new file mode 100644
index 0000000..8d99e86
--- /dev/null
+++ b/docs/GettingStarted.md
@@ -0,0 +1,117 @@
+
+
+# Getting Started
+
+- [Installation](#installation)
+- [Setup](#setup)
+- [A minimal application](#a-minimal-application)
+
+## Installation
+Optionally create environment to install to:
+
+`$ python -m venv venv`
+
+`$ . venv/bin/activate`
+
+Install the requirements and ubirch library using pip:
+
+`$ pip install -r requirements.txt`
+
+`$ pip install ubirch-protocol`
+
+> The required version of the `ubirch-protocol` package to run the provided scripts is `3.1.0`.
+> Currently this version can only be installed through a [local install](NotPip.md).
+
+
+If you want to install from another source than pip, follow along [here](NotPip.md).
+
+## Setup
+Before anything, you will need to do/get a couple of things:
+- Open up the [Ubirch Console](https://console.demo.ubirch.com) (`'demo'` stage)
+ - For guidance, check out the [uBirch console documentation](https://developer.ubirch.com/console.html)
+ - First register to get an account
+ - Then Create a "Thing":
+ - Using a UUID generated with a [UUID-Generator](https://www.uuidgenerator.net/)
+ - You will be using the shown UUID (ID) and the generated Auth-Token (password) from now on
+- Come up or [generate](https://www.random.org/passwords/) a password for the KeyStore, which is where public and private Keys will be stored locally
+
+### Now you should have the following at hand:
+
+Our [Ubirch API](http://developer.ubirch.com/function_documentation/ubirch-protocol-python/)
+authentication with an uuid and a password:
+```python
+from uuid import UUID
+
+uuid = UUID(hex = "f5ded8a3-d462-41c4-a8dc-af3fd072a217")
+auth = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+```
+
+And credentials for a [KeyStore](http://developer.ubirch.com/function_documentation/ubirch-protocol-python/)
+to store your public and private key:
+```python
+keystore_name = "devices.jks"
+keystore_password = "XXXXXXXXXXX"
+```
+
+## A minimal application
+The smallest uBirch application looks something like this.
+
+*The code can be found in [`examples/GettingStarted.py`](../examples/GettingStarted.py) as well.*
+
+*Run it from your command prompt using `$ python examples/GettingStarted.py` or copy-paste the codeblocks.*
+
+Let's say we have got some environment-sensor data like:
+
+```python
+import time
+
+data = {
+ "timestamp": int(time.time()),
+ "temperature": 11.2,
+ "humidity": 35.8,
+ "status": "OK"
+}
+```
+
+To send a hash of the data to the Ubirch backend run these few lines inside of `examples/`:
+```python
+import ubirch
+from UbirchWrapper import UbirchWrapper
+
+# (1) Initialize an UbirchWrapper instance and pass the credentials for a `KeyStore`
+client = UbirchWrapper(uuid, auth, keystore_name, keystore_password)
+
+# (2) Check if the public key is registered at the Ubirch key service and register it if necessary
+client.checkRegisterPubkey()
+
+# (3) Create a chained Ubirch protocol packet (UPP) that contains a hash of the data
+currentUPP = client.createUPP(data)
+
+# (4) Send the UPP to the Ubirch backend using the API and handle the response
+response = client.api.send(uuid, currentUPP)
+client.handleMessageResponse(response)
+
+# (5) Verify that the response came from the backend
+client.verifyResponseSender(response)
+
+# (6) Unpack the received UPP to get its previous signature
+previousSignatureInUPP = client.extractPreviousSignature(response)
+
+# (7) Make sure it is the same as the UPP signature sent
+client.assertSignatureCorrect(previousSignatureInUPP)
+
+# (9) Persist signature: Save last signatures to a `.sig` file
+client.protocol.persist(uuid)
+
+print("Successfully sent the UPP and verified the response!")
+```
+
+*This example uses the example [UbirchWrapper](../examples/UbirchWrapper.py) that helps to implement general repetitive tasks.*
+
+**Next: Take a look at the [Step-by-step-example](StepByStep.md).**
+
+
diff --git a/docs/NotPip.md b/docs/NotPip.md
new file mode 100644
index 0000000..bff3186
--- /dev/null
+++ b/docs/NotPip.md
@@ -0,0 +1,30 @@
+
+# Install from other source than pip
+
+If you don't want to install from pip you can clone the git repository and install from there.
+If you want to install a specific branch of the repository, refer below.
+
+## Install ubirch library locally from folder
+
+Inside of the repository folder run:
+`$ pip install .`
+
+## Install another branch than master
+
+You can either clone new and specify the branch
+
+`$ git clone https://github.com/ubirch/ubirch-protocol-python.git --branch `
+
+Or if git branch doesn't return the branch you want to install,
+change it using `git checkout`
+```
+$ git branch
+ ecdsa-examples
+* master
+
+$ git checkout
+Switched to a new branch 'ecdsa-examples'
+```
+
+Make sure correct branch is selected by running `$ git branch` again.
+
diff --git a/docs/StepByStep.md b/docs/StepByStep.md
new file mode 100644
index 0000000..34d3fa6
--- /dev/null
+++ b/docs/StepByStep.md
@@ -0,0 +1,334 @@
+
+# Step By Step Example
+
+
+Make sure to follow the setup steps in the [GettingStarted](GettingStarted.md) first.
+
+1. [Basic protocol](#basic-protocol)
+2. [Key checks and key generation](#key-checks-and-key-generation)
+3. [Using real data](#using-real-data)
+4. [Verifying](#verifying)
+ - [Verify that the response really came from the backend](#verify-that-the-response-really-came-from-the-backend)
+ - [Verify that the UPP is correctly chained](#verify-that-the-upp-is-correctly-chained)
+5. [UPP chaining](#upp-chaining)
+6. [Message Types](#message-types)
+
+*The code can be found in [`StepByStepExample.py`](../examples/StepByStepExample.py) as well.*
+
+*Run it from your command prompt using `$ python examples/StepByStepExample.py` or copy-paste one codeblock after another to build the implementation **step by step**.*
+
+### Basic protocol
+Please follow the steps until the end to build a complete protocol.
+
+As before we have to set the API and keystore credentials. Additionally the key type and environment variable is set.
+```python
+from uuid import UUID
+
+uuid = UUID(hex = "f5ded8a3-d462-41c4-a8dc-af3fd072a217" )
+auth = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+
+keystore_name = "devices.jks"
+keystore_password = "XXXXXXXXXXX"
+
+key_type = "ed25519"
+env = "demo"
+```
+- `keytype` defines the encryption algorithm, set to one of
+ - `ed25519` (default) using the [Ed25519 curve](https://en.wikipedia.org/wiki/Curve25519)
+ - `ecdsa` using the [ECDSA](https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm) Algorithm
+
+
+- `environment` is the Ubirch backend environment (stage), set to the environment where you registered the UUID
+ - `prod` - production (default and recommended)
+ - `demo` - demonstration stage (for testing only)
+ - `dev` - Ubirch internal development stage (not reliable)
+
+> Instead of using the example [`UbirchWrapper.py`](../examples/UbirchWrapper.py) as in [Getting Started](GettingStarted.md), this guide weaves `ubirch.KeyStore` together with the `ubirch.Protocol`.
+>
+> But you can also use your own key management tool instead!
+
+The best-practice to do this is to extend the `ubirch.Protocol` with a `_sign()` function that uses the signing key found in the keystore.
+
+```python
+import ubirch
+from ubirch.ubirch_protocol import UBIRCH_PROTOCOL_TYPE_REG, UBIRCH_PROTOCOL_TYPE_BIN, UNPACKED_UPP_FIELD_PREV_SIG
+
+from ubirch_keys_and_uuids import UBIRCH_UUIDS, UBIRCH_PUBKEYS_EC, UBIRCH_PUBKEYS_ED
+
+import time, json, pickle, hashlib, binascii, ecdsa, ed25519
+from requests import codes, Response
+
+
+class Proto(ubirch.Protocol):
+ def __init__(self, keystore, key_type):
+ super().__init__()
+ self.__ks = keystore
+
+ def _sign(self, uuid, message):
+ signing_key = self.__ks.find_signing_key(uuid)
+
+ if isinstance(signing_key, ecdsa.SigningKey):
+ # no hashing required here
+ return signing_key.sign(message)
+
+ elif isinstance(signing_key, ed25519.SigningKey):
+ hashed_message = hashlib.sha512(message).digest()
+ return signing_key.sign(hashed_message)
+
+ else:
+ raise (ValueError("Signing Key is neither ed25519, nor ecdsa! It's: " + str(type(signing_key))))
+
+
+keystore = ubirch.KeyStore(keystore_name, keystore_password)
+
+protocol = Proto(keystore, key_type)
+
+api = ubirch.API(env=env)
+api.set_authentication(uuid, auth)
+```
+
+1. Initialize a KeyStore and pass it to a `Proto` instance.
+2. Initialize the API and make it remember your auth code
+
+Then lets say we 'receive' some data in an object / JSON format.
+The data should be sent to your own backend here as well, as Ubirch only handles hashes of data.
+
+```python
+import time
+
+data = {
+"timestamp": int(time.time()),
+"temperature": 11.2,
+"humidity": 35.8,
+"status": "OK"
+}
+```
+
+A timestamp is included in the data to ensure a unique hash.
+
+Finally packing data into a UPP and sending it:
+```python
+serialized = json.dumps(data, separators=(',', ':'), sort_keys=True, ensure_ascii=False).encode()
+
+hashed_data = hashlib.sha512(serialized).digest()
+print("Message hash: {}".format(binascii.b2a_base64(hashed_data).decode().rstrip("\n")))
+
+message_UPP = protocol.message_chained(uuid, ubirch.ubirch_protocol.UBIRCH_PROTOCOL_TYPE_BIN, hashed_data)
+response = api.send(uuid, message_UPP)
+print("Response: ({}) {}".format(response.status_code, binascii.hexlify(response.content).decode()))
+```
+1. Serialize the JSON data object to bytes
+ - Sorts the keys alphabetically and doesn't convert special characters to ascii
+ - This ensures determinism when creating the hash. For example:
+ - `b'{"humidity":35.8,"status":"OK","temperature":11.2,"timestamp":1655286793}'`
+2. Hash the message using SHA512 into 512 bits
+3. Create a new chained protocol message with the message hash
+ - `protocol.message_chained()` calls the `_sign()` function implemented earlier
+4. `UBIRCH_PROTOCOL_TYPE_BIN` is the type-code of a standard binary message. Here is resolves to `x00`
+5. Send the created UPP to the Ubirch backend
+
+The codeblocks above will be executed successfully if you have run the Getting Started instructions for this device before.
+Otherwise you will be prompted with the Error
+
+`ValueError: Signing Key is neither ed25519, nor ecdsa! It's: `
+
+That's because there still are missing functionalities in the basic protocol. The following will fix that.
+
+### Key checks and key generation
+Add a check to the `__init__()` function depending on the key type.
+It creates a keypair in case no keys are found and removes invalid key entries.
+
+
+```python
+class Proto(ubirch.Protocol):
+ def __init__(self, keystore: ubirch.KeyStore, key_type: str):
+ super().__init__()
+ self.__ks = keystore
+
+ if key_type == "ed25519":
+ # check if the device already has keys or generate a new pair
+ if not self.__ks.exists_signing_key(uuid):
+ print("Generating new keypair with ed25519 algorithm")
+ self.__ks.create_ed25519_keypair(uuid)
+
+ if self.__ks._ks.entries.get(UBIRCH_UUIDS[env].hex + '_ecd', None) != None:
+ # suffix-less pubkey found, delete it
+ self.__ks._ks.entries.pop(UBIRCH_UUIDS[env].hex + '_ecd')
+
+ self.__ks.insert_ed25519_verifying_key(UBIRCH_UUIDS[env], UBIRCH_PUBKEYS_ED[env])
+
+ elif key_type == "ecdsa":
+ # check if the device already has keys or generate a new pair
+ if not self.__ks.exists_signing_key(uuid):
+ print("Generating new keypair with ecdsa algorithm")
+ self.__ks.create_ecdsa_keypair(uuid)
+
+ if self.__ks._ks.entries.get(UBIRCH_UUIDS[env].hex, None) != None:
+ # suffix-less pubkey found, delete it
+ self.__ks._ks.entries.pop(UBIRCH_UUIDS[env].hex)
+
+ self.__ks.insert_ecdsa_verifying_key(UBIRCH_UUIDS[env], UBIRCH_PUBKEYS_EC[env])
+```
+
+Add a check for key registration directly after the `api.set_authentication()` line:
+```python
+...
+
+api.set_authentication(uuid, auth)
+
+if not api.is_identity_registered(uuid):
+
+ certificate = keystore.get_certificate(uuid)
+ key_registration = protocol.message_signed(uuid, UBIRCH_PROTOCOL_TYPE_REG, certificate)
+
+ response = api.register_identity(key_registration)
+ print("Response: ({}) {}".format(response.status_code, response.content))
+```
+1. `api.is_identity_registered(uuid)` returns true if the public key is registered at the Ubirch key service
+2. Get the certificate containing the keys from the Keystore
+3. Create the registration message
+4. `UBIRCH_PROTOCOL_TYPE_REG` is another constant in the [structure of UPP's](https://github.com/ubirch/ubirch-protocol/#basic-message-format). This type resolves to `0x01`.
+5. Send the registration message with `api.register_identity()`
+
+Now running the script will add a public key to the thing in the Ubirch console.
+
+### Verifying
+
+#### Verify that the response really came from the backend
+
+Add a `_verify()` function that verifies a signature against contents of a message.
+
+```python
+class Proto(ubirch.Protocol):
+
+...
+
+ def _verify(self, uuid: UUID, message: bytes, signature: bytes):
+ verifying_key = self.__ks.find_verifying_key(uuid)
+
+ if isinstance(verifying_key, ecdsa.VerifyingKey):
+ # no hashing required here
+ return verifying_key.verify(signature, message)
+
+ elif isinstance(verifying_key, ed25519.VerifyingKey):
+ hashed_message = hashlib.sha512(message).digest()
+ return verifying_key.verify(signature, hashed_message)
+
+ else:
+ raise (ValueError("Verifying Key is neither ed25519, nor ecdsa! It's: " + type(verifying_key)))
+
+ return verifying_key.verify(signature, final_message)
+```
+
+And append this to the script's end
+
+```python
+if protocol.verfiy_signature(UBIRCH_UUIDS[env], response.content) == True:
+ print("Backend response signature successfully verified!")
+else:
+ raise Exception("Backend response signature verification FAILED!")
+```
+1. `UBIRCH_UUIDS[self.env]` returns the UUID of the selected backend stage
+2. `protocol.verify_signature()` parses the response-UPP and calls the `_verify()` function implemented earlier
+
+
+#### Verify that the UPP is correctly chained
+
+The field `SIGNATURE` ([structure of UPP's](https://github.com/ubirch/ubirch-protocol/#basic-message-format)) in the response-UPP from the server has to be the same as the sent UPPs signature.
+To assure that append this codeblock at the end:
+
+```python
+unpacked = protocol.unpack_upp(response.content)
+signature_index = protocol.get_unpacked_index(unpacked[0], UNPACKED_UPP_FIELD_PREV_SIG)
+
+previous_signature_in_UPP = unpacked[signature_index]
+
+_, signature_message_UPP = protocol.upp_msgpack_split_signature(message_UPP)
+
+if signature_message_UPP == previous_signature_in_UPP:
+ print("Sent UPP is correctly chained! The previous signature in the response UPP is the same as the sent UPPs Signature")
+else:
+ raise Exception("The previous signature in the response UPP doesn't match the signature of our UPP!")
+```
+1. Unpack the received upp to get its previous signature
+2. `_` is a throwaway variable for the message content in the UPP
+
+
+### UPP chaining
+
+To always include the last UPP's signature in a new UPP it is necessary to save that signature.
+
+Is best practice to just save it into a file, because normally there is only one chain that is being continued.
+
+Now implement signature loading and persisting (saving) by modifying `__init__()` and adding two new methods.
+
+```python
+class Proto(ubirch.Protocol):
+ def __init__(self, keystore: ubirch.KeyStore, key_type: str):
+ super().__init__()
+ self.__ks = keystore
+ self.load_saved_signatures(uuid)
+ ...
+
+ ...
+
+ def persist_signatures(self, uuid: UUID):
+ signatures = self.get_saved_signatures()
+ with open(uuid.hex + ".sig", "wb") as f:
+ pickle.dump(signatures, f)
+
+ def load_saved_signatures(self, uuid: UUID):
+ try:
+ with open(uuid.hex + ".sig", "rb") as f:
+ signatures = pickle.load(f)
+ print("Loaded {} known signatures".format(len(signatures)))
+ self.set_saved_signatures(signatures)
+ except FileNotFoundError:
+ print("No existing saved signatures")
+ pass
+
+```
+`load_saved_signatures()` is called at the end of `__init__(...)`
+
+`persist_sigatures()` needs to be called after sending an UPP. It will save the last signatures to a file similar to `80a80c6e4a7b46d4977b08efad0d1be2.sig`
+
+So append this somewhere after the call to `protocol.message_chained(...)`.
+
+```python
+protocol.persist_signatures(uuid)
+```
+
+### Message Types
+
+When creating a message you already used the binary message and key registration message types.
+
+`UBIRCH_PROTOCOL_TYPE_BIN` and `UBIRCH_PROTOCOL_TYPE_REG` earlier. These resolve to `0x00` and `0x01`.
+
+There are more types for messages depending on the payload you want to send.
+
+Refer to the [Payload Types](https://github.com/ubirch/ubirch-protocol#basic-message-format)
+to see the different hex labels.
+
+Here are two more types of messages. No verifying and persisting is done.
+
+`0x32` - Ubirch standard sensor message (msgpack):
+
+```python
+message_0x32 = protocol.message_chained(uuid, 0x32, [time.time(), "Hello World!", 1337])
+response_0x32 = api.send(uuid, message_0x32)
+
+print("Response 0x32: ({})\n {}".format(response_0x32.status_code, binascii.hexlify(response_0x32.content).decode()))
+```
+
+`0x53` - generic sensor message (json type key/value map):
+
+```python
+message_0x53 = protocol.message_chained(uuid, 0x53, {"timestamp": time.time(), "message": "Hello World!", "foo": 1337})
+response_0x53 = api.send(uuid, message_0x53)
+
+print("Response 0x53: ({})\n {}".format(response_0x53.status_code, binascii.hexlify(response_0x53.content).decode()))
+```
+
+>**Note:** If you hardcode the `timestamp` value to for example `10` instead of `time.time()` and send it twice you will get an `409` error.
+>
+> That is because Ubirch backend did not accept the UPP due to the hash being the same as in a already anchored UPP.
\ No newline at end of file
diff --git a/docs/_config.yml b/docs/_config.yml
new file mode 100644
index 0000000..a4841e8
--- /dev/null
+++ b/docs/_config.yml
@@ -0,0 +1,29 @@
+title: Ubirch Protocol Python
+
+exclude: ["doxygen", "jekyll"]
+
+theme: jekyll-theme-minimal
+logo: ubirch-logo.png
+subtitle: Documentation and Examples
+description: Official Documentation
+
+plugins:
+ - jekyll-optional-front-matter
+
+plugins_dir : jekyll/_plugins
+layouts_dir : jekyll/_layouts
+includes_dir : jekyll/_includes
+sass:
+ sass_dir: jekyll/_sass
+
+# Some configuration settings cannot be changed for GitHub Pages sites:
+lsi: false
+safe: true
+source: .
+incremental: false
+highlighter: rouge
+gist:
+ noscript: false
+kramdown:
+ math_engine: mathjax
+ syntax_highlighter: rouge
diff --git a/docs/doxygen/Doxyfile b/docs/doxygen/Doxyfile
new file mode 100644
index 0000000..a687e58
--- /dev/null
+++ b/docs/doxygen/Doxyfile
@@ -0,0 +1,2704 @@
+# Doxyfile 1.9.3
+
+# This file describes the settings to be used by the documentation system
+# doxygen (www.doxygen.org) for a project.
+#
+# All text after a double hash (##) is considered a comment and is placed in
+# front of the TAG it is preceding.
+#
+# All text after a single hash (#) is considered a comment and will be ignored.
+# The format is:
+# TAG = value [value, ...]
+# For lists, items can also be appended using:
+# TAG += value [value, ...]
+# Values that contain spaces should be placed between quotes (\" \").
+
+#===========================================================================
+# CHANGE ON A PER PROJECT BASIS:
+PROJECT_NAME = "Ubirch Protocol Python"
+INPUT = MainPage.md ../../ubirch ../../examples/GettingStarted.py ../../examples/StepByStepExample.py
+
+### CHANGE OPTIONALLY:
+OPTIMIZE_OUTPUT_JAVA = YES # Optimizing for Java optimizes for Python as well ¯\_(ツ)_/¯
+
+### WHAT SHOULD BE DOCUMENTED?
+EXTRACT_PRIVATE = YES # Private functions, except those without docstring or with an '@internal' tag
+HIDE_UNDOC_MEMBERS = YES # Functions without Docstring wont be documented
+BRIEF_MEMBER_DESC = NO # Only show the full description
+EXTRACT_ALL = NO # NO Only documents functions that have a docstring. No subpages for all files and packages
+#=========================
+
+# To understand what the flags mean, refer here
+# https://www.woolseyworkshop.com/2020/06/25/documenting-python-programs-with-doxygen/
+PROJECT_LOGO = ../ubirch-logo.png
+HIDE_SCOPE_NAMES = YES
+SORT_BRIEF_DOCS = YES
+GENERATE_LATEX = NO
+
+# MAIN PAGE
+# https://stackoverflow.com/questions/9502426/how-to-make-an-introduction-page-with-doxygen
+USE_MDFILE_AS_MAINPAGE = MainPage.md
+
+# LAYOUT
+# https://www.doxygen.nl/manual/customize.html#minor_tweaks_header_css
+LAYOUT_FILE = layout/DoxygenLayout.xml
+
+# CSS THEME AND EXTENSIONS USING:
+# https://jothepro.github.io/doxygen-awesome-css/
+GENERATE_TREEVIEW = NO
+HTML_HEADER = layout/header.html
+HTML_FOOTER = layout/footer.html
+HTML_EXTRA_STYLESHEET = static/doxygen-awesome.css
+HTML_EXTRA_FILES = static/doxygen-awesome-darkmode-toggle.js
+
+# => Class Diagrams with Graphviz
+HAVE_DOT = NO
+DOT_IMAGE_FORMAT = svg
+DOT_TRANSPARENT = YES
+#===========================================================================#
+# Note: What is configured above is commented out below. #
+#===========================================================================#
+
+#---------------------------------------------------------------------------
+# Project related configuration options
+#---------------------------------------------------------------------------
+
+# This tag specifies the encoding used for all characters in the configuration
+# file that follow. The default is UTF-8 which is also the encoding used for all
+# text before the first occurrence of this tag. Doxygen uses libiconv (or the
+# iconv built into libc) for the transcoding. See
+# https://www.gnu.org/software/libiconv/ for the list of possible encodings.
+# The default value is: UTF-8.
+
+DOXYFILE_ENCODING = UTF-8
+
+# The PROJECT_NAME tag is a single word (or a sequence of words surrounded by
+# double-quotes, unless you are using Doxywizard) that should identify the
+# project for which the documentation is generated. This name is used in the
+# title of most generated pages and in a few other places.
+# The default value is: My Project.
+
+#PROJECT_NAME = "My Project"
+
+# The PROJECT_NUMBER tag can be used to enter a project or revision number. This
+# could be handy for archiving the generated documentation or if some version
+# control system is used.
+
+PROJECT_NUMBER =
+
+# Using the PROJECT_BRIEF tag one can provide an optional one line description
+# for a project that appears at the top of each page and should give viewer a
+# quick idea about the purpose of the project. Keep the description short.
+
+PROJECT_BRIEF =
+
+# With the PROJECT_LOGO tag one can specify a logo or an icon that is included
+# in the documentation. The maximum height of the logo should not exceed 55
+# pixels and the maximum width should not exceed 200 pixels. Doxygen will copy
+# the logo to the output directory.
+
+#PROJECT_LOGO =
+
+# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) path
+# into which the generated documentation will be written. If a relative path is
+# entered, it will be relative to the location where doxygen was started. If
+# left blank the current directory will be used.
+
+OUTPUT_DIRECTORY =
+
+# If the CREATE_SUBDIRS tag is set to YES then doxygen will create 4096 sub-
+# directories (in 2 levels) under the output directory of each output format and
+# will distribute the generated files over these directories. Enabling this
+# option can be useful when feeding doxygen a huge amount of source files, where
+# putting all generated files in the same directory would otherwise causes
+# performance problems for the file system.
+# The default value is: NO.
+
+CREATE_SUBDIRS = NO
+
+# If the ALLOW_UNICODE_NAMES tag is set to YES, doxygen will allow non-ASCII
+# characters to appear in the names of generated files. If set to NO, non-ASCII
+# characters will be escaped, for example _xE3_x81_x84 will be used for Unicode
+# U+3044.
+# The default value is: NO.
+
+ALLOW_UNICODE_NAMES = NO
+
+# The OUTPUT_LANGUAGE tag is used to specify the language in which all
+# documentation generated by doxygen is written. Doxygen will use this
+# information to generate all constant output in the proper language.
+# Possible values are: Afrikaans, Arabic, Armenian, Brazilian, Catalan, Chinese,
+# Chinese-Traditional, Croatian, Czech, Danish, Dutch, English (United States),
+# Esperanto, Farsi (Persian), Finnish, French, German, Greek, Hungarian,
+# Indonesian, Italian, Japanese, Japanese-en (Japanese with English messages),
+# Korean, Korean-en (Korean with English messages), Latvian, Lithuanian,
+# Macedonian, Norwegian, Persian (Farsi), Polish, Portuguese, Romanian, Russian,
+# Serbian, Serbian-Cyrillic, Slovak, Slovene, Spanish, Swedish, Turkish,
+# Ukrainian and Vietnamese.
+# The default value is: English.
+
+OUTPUT_LANGUAGE = English
+
+# If the BRIEF_MEMBER_DESC tag is set to YES, doxygen will include brief member
+# descriptions after the members that are listed in the file and class
+# documentation (similar to Javadoc). Set to NO to disable this.
+# The default value is: YES.
+
+#BRIEF_MEMBER_DESC = YES
+
+# If the REPEAT_BRIEF tag is set to YES, doxygen will prepend the brief
+# description of a member or function before the detailed description
+#
+# Note: If both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the
+# brief descriptions will be completely suppressed.
+# The default value is: YES.
+
+REPEAT_BRIEF = YES
+
+# This tag implements a quasi-intelligent brief description abbreviator that is
+# used to form the text in various listings. Each string in this list, if found
+# as the leading text of the brief description, will be stripped from the text
+# and the result, after processing the whole list, is used as the annotated
+# text. Otherwise, the brief description is used as-is. If left blank, the
+# following values are used ($name is automatically replaced with the name of
+# the entity):The $name class, The $name widget, The $name file, is, provides,
+# specifies, contains, represents, a, an and the.
+
+ABBREVIATE_BRIEF = "The $name class" \
+ "The $name widget" \
+ "The $name file" \
+ is \
+ provides \
+ specifies \
+ contains \
+ represents \
+ a \
+ an \
+ the
+
+# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then
+# doxygen will generate a detailed section even if there is only a brief
+# description.
+# The default value is: NO.
+
+ALWAYS_DETAILED_SEC = NO
+
+# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all
+# inherited members of a class in the documentation of that class as if those
+# members were ordinary class members. Constructors, destructors and assignment
+# operators of the base classes will not be shown.
+# The default value is: NO.
+
+INLINE_INHERITED_MEMB = NO
+
+# If the FULL_PATH_NAMES tag is set to YES, doxygen will prepend the full path
+# before files name in the file list and in the header files. If set to NO the
+# shortest path that makes the file name unique will be used
+# The default value is: YES.
+
+FULL_PATH_NAMES = YES
+
+# The STRIP_FROM_PATH tag can be used to strip a user-defined part of the path.
+# Stripping is only done if one of the specified strings matches the left-hand
+# part of the path. The tag can be used to show relative paths in the file list.
+# If left blank the directory from which doxygen is run is used as the path to
+# strip.
+#
+# Note that you can specify absolute paths here, but also relative paths, which
+# will be relative from the directory where doxygen is started.
+# This tag requires that the tag FULL_PATH_NAMES is set to YES.
+
+STRIP_FROM_PATH =
+
+# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of the
+# path mentioned in the documentation of a class, which tells the reader which
+# header file to include in order to use a class. If left blank only the name of
+# the header file containing the class definition is used. Otherwise one should
+# specify the list of include paths that are normally passed to the compiler
+# using the -I flag.
+
+STRIP_FROM_INC_PATH =
+
+# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter (but
+# less readable) file names. This can be useful is your file systems doesn't
+# support long names like on DOS, Mac, or CD-ROM.
+# The default value is: NO.
+
+SHORT_NAMES = NO
+
+# If the JAVADOC_AUTOBRIEF tag is set to YES then doxygen will interpret the
+# first line (until the first dot) of a Javadoc-style comment as the brief
+# description. If set to NO, the Javadoc-style will behave just like regular Qt-
+# style comments (thus requiring an explicit @brief command for a brief
+# description.)
+# The default value is: NO.
+
+JAVADOC_AUTOBRIEF = NO
+
+# If the JAVADOC_BANNER tag is set to YES then doxygen will interpret a line
+# such as
+# /***************
+# as being the beginning of a Javadoc-style comment "banner". If set to NO, the
+# Javadoc-style will behave just like regular comments and it will not be
+# interpreted by doxygen.
+# The default value is: NO.
+
+JAVADOC_BANNER = NO
+
+# If the QT_AUTOBRIEF tag is set to YES then doxygen will interpret the first
+# line (until the first dot) of a Qt-style comment as the brief description. If
+# set to NO, the Qt-style will behave just like regular Qt-style comments (thus
+# requiring an explicit \brief command for a brief description.)
+# The default value is: NO.
+
+QT_AUTOBRIEF = NO
+
+# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make doxygen treat a
+# multi-line C++ special comment block (i.e. a block of //! or /// comments) as
+# a brief description. This used to be the default behavior. The new default is
+# to treat a multi-line C++ comment block as a detailed description. Set this
+# tag to YES if you prefer the old behavior instead.
+#
+# Note that setting this tag to YES also means that rational rose comments are
+# not recognized any more.
+# The default value is: NO.
+
+MULTILINE_CPP_IS_BRIEF = NO
+
+# By default Python docstrings are displayed as preformatted text and doxygen's
+# special commands cannot be used. By setting PYTHON_DOCSTRING to NO the
+# doxygen's special commands can be used and the contents of the docstring
+# documentation blocks is shown as doxygen documentation.
+# The default value is: YES.
+
+PYTHON_DOCSTRING = YES
+
+# If the INHERIT_DOCS tag is set to YES then an undocumented member inherits the
+# documentation from any documented member that it re-implements.
+# The default value is: YES.
+
+INHERIT_DOCS = YES
+
+# If the SEPARATE_MEMBER_PAGES tag is set to YES then doxygen will produce a new
+# page for each member. If set to NO, the documentation of a member will be part
+# of the file/class/namespace that contains it.
+# The default value is: NO.
+
+SEPARATE_MEMBER_PAGES = NO
+
+# The TAB_SIZE tag can be used to set the number of spaces in a tab. Doxygen
+# uses this value to replace tabs by spaces in code fragments.
+# Minimum value: 1, maximum value: 16, default value: 4.
+
+TAB_SIZE = 4
+
+# This tag can be used to specify a number of aliases that act as commands in
+# the documentation. An alias has the form:
+# name=value
+# For example adding
+# "sideeffect=@par Side Effects:^^"
+# will allow you to put the command \sideeffect (or @sideeffect) in the
+# documentation, which will result in a user-defined paragraph with heading
+# "Side Effects:". Note that you cannot put \n's in the value part of an alias
+# to insert newlines (in the resulting output). You can put ^^ in the value part
+# of an alias to insert a newline as if a physical newline was in the original
+# file. When you need a literal { or } or , in the value part of an alias you
+# have to escape them by means of a backslash (\), this can lead to conflicts
+# with the commands \{ and \} for these it is advised to use the version @{ and
+# @} or use a double escape (\\{ and \\})
+
+ALIASES =
+
+# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C sources
+# only. Doxygen will then generate output that is more tailored for C. For
+# instance, some of the names that are used will be different. The list of all
+# members will be omitted, etc.
+# The default value is: NO.
+
+OPTIMIZE_OUTPUT_FOR_C = NO
+
+# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java or
+# Python sources only. Doxygen will then generate output that is more tailored
+# for that language. For instance, namespaces will be presented as packages,
+# qualified scopes will look different, etc.
+# The default value is: NO.
+
+#OPTIMIZE_OUTPUT_JAVA = NO
+
+# Set the OPTIMIZE_FOR_FORTRAN tag to YES if your project consists of Fortran
+# sources. Doxygen will then generate output that is tailored for Fortran.
+# The default value is: NO.
+
+OPTIMIZE_FOR_FORTRAN = NO
+
+# Set the OPTIMIZE_OUTPUT_VHDL tag to YES if your project consists of VHDL
+# sources. Doxygen will then generate output that is tailored for VHDL.
+# The default value is: NO.
+
+OPTIMIZE_OUTPUT_VHDL = NO
+
+# Set the OPTIMIZE_OUTPUT_SLICE tag to YES if your project consists of Slice
+# sources only. Doxygen will then generate output that is more tailored for that
+# language. For instance, namespaces will be presented as modules, types will be
+# separated into more groups, etc.
+# The default value is: NO.
+
+OPTIMIZE_OUTPUT_SLICE = NO
+
+# Doxygen selects the parser to use depending on the extension of the files it
+# parses. With this tag you can assign which parser to use for a given
+# extension. Doxygen has a built-in mapping, but you can override or extend it
+# using this tag. The format is ext=language, where ext is a file extension, and
+# language is one of the parsers supported by doxygen: IDL, Java, JavaScript,
+# Csharp (C#), C, C++, Lex, D, PHP, md (Markdown), Objective-C, Python, Slice,
+# VHDL, Fortran (fixed format Fortran: FortranFixed, free formatted Fortran:
+# FortranFree, unknown formatted Fortran: Fortran. In the later case the parser
+# tries to guess whether the code is fixed or free formatted code, this is the
+# default for Fortran type files). For instance to make doxygen treat .inc files
+# as Fortran files (default is PHP), and .f files as C (default is Fortran),
+# use: inc=Fortran f=C.
+#
+# Note: For files without extension you can use no_extension as a placeholder.
+#
+# Note that for custom extensions you also need to set FILE_PATTERNS otherwise
+# the files are not read by doxygen. When specifying no_extension you should add
+# * to the FILE_PATTERNS.
+#
+# Note see also the list of default file extension mappings.
+
+EXTENSION_MAPPING =
+
+# If the MARKDOWN_SUPPORT tag is enabled then doxygen pre-processes all comments
+# according to the Markdown format, which allows for more readable
+# documentation. See https://daringfireball.net/projects/markdown/ for details.
+# The output of markdown processing is further processed by doxygen, so you can
+# mix doxygen, HTML, and XML commands with Markdown formatting. Disable only in
+# case of backward compatibilities issues.
+# The default value is: YES.
+
+MARKDOWN_SUPPORT = YES
+
+# When the TOC_INCLUDE_HEADINGS tag is set to a non-zero value, all headings up
+# to that level are automatically included in the table of contents, even if
+# they do not have an id attribute.
+# Note: This feature currently applies only to Markdown headings.
+# Minimum value: 0, maximum value: 99, default value: 5.
+# This tag requires that the tag MARKDOWN_SUPPORT is set to YES.
+
+TOC_INCLUDE_HEADINGS = 5
+
+# When enabled doxygen tries to link words that correspond to documented
+# classes, or namespaces to their corresponding documentation. Such a link can
+# be prevented in individual cases by putting a % sign in front of the word or
+# globally by setting AUTOLINK_SUPPORT to NO.
+# The default value is: YES.
+
+AUTOLINK_SUPPORT = YES
+
+# If you use STL classes (i.e. std::string, std::vector, etc.) but do not want
+# to include (a tag file for) the STL sources as input, then you should set this
+# tag to YES in order to let doxygen match functions declarations and
+# definitions whose arguments contain STL classes (e.g. func(std::string);
+# versus func(std::string) {}). This also make the inheritance and collaboration
+# diagrams that involve STL classes more complete and accurate.
+# The default value is: NO.
+
+BUILTIN_STL_SUPPORT = NO
+
+# If you use Microsoft's C++/CLI language, you should set this option to YES to
+# enable parsing support.
+# The default value is: NO.
+
+CPP_CLI_SUPPORT = NO
+
+# Set the SIP_SUPPORT tag to YES if your project consists of sip (see:
+# https://www.riverbankcomputing.com/software/sip/intro) sources only. Doxygen
+# will parse them like normal C++ but will assume all classes use public instead
+# of private inheritance when no explicit protection keyword is present.
+# The default value is: NO.
+
+SIP_SUPPORT = NO
+
+# For Microsoft's IDL there are propget and propput attributes to indicate
+# getter and setter methods for a property. Setting this option to YES will make
+# doxygen to replace the get and set methods by a property in the documentation.
+# This will only work if the methods are indeed getting or setting a simple
+# type. If this is not the case, or you want to show the methods anyway, you
+# should set this option to NO.
+# The default value is: YES.
+
+IDL_PROPERTY_SUPPORT = YES
+
+# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC
+# tag is set to YES then doxygen will reuse the documentation of the first
+# member in the group (if any) for the other members of the group. By default
+# all members of a group must be documented explicitly.
+# The default value is: NO.
+
+DISTRIBUTE_GROUP_DOC = NO
+
+# If one adds a struct or class to a group and this option is enabled, then also
+# any nested class or struct is added to the same group. By default this option
+# is disabled and one has to add nested compounds explicitly via \ingroup.
+# The default value is: NO.
+
+GROUP_NESTED_COMPOUNDS = NO
+
+# Set the SUBGROUPING tag to YES to allow class member groups of the same type
+# (for instance a group of public functions) to be put as a subgroup of that
+# type (e.g. under the Public Functions section). Set it to NO to prevent
+# subgrouping. Alternatively, this can be done per class using the
+# \nosubgrouping command.
+# The default value is: YES.
+
+SUBGROUPING = YES
+
+# When the INLINE_GROUPED_CLASSES tag is set to YES, classes, structs and unions
+# are shown inside the group in which they are included (e.g. using \ingroup)
+# instead of on a separate page (for HTML and Man pages) or section (for LaTeX
+# and RTF).
+#
+# Note that this feature does not work in combination with
+# SEPARATE_MEMBER_PAGES.
+# The default value is: NO.
+
+INLINE_GROUPED_CLASSES = NO
+
+# When the INLINE_SIMPLE_STRUCTS tag is set to YES, structs, classes, and unions
+# with only public data fields or simple typedef fields will be shown inline in
+# the documentation of the scope in which they are defined (i.e. file,
+# namespace, or group documentation), provided this scope is documented. If set
+# to NO, structs, classes, and unions are shown on a separate page (for HTML and
+# Man pages) or section (for LaTeX and RTF).
+# The default value is: NO.
+
+INLINE_SIMPLE_STRUCTS = NO
+
+# When TYPEDEF_HIDES_STRUCT tag is enabled, a typedef of a struct, union, or
+# enum is documented as struct, union, or enum with the name of the typedef. So
+# typedef struct TypeS {} TypeT, will appear in the documentation as a struct
+# with name TypeT. When disabled the typedef will appear as a member of a file,
+# namespace, or class. And the struct will be named TypeS. This can typically be
+# useful for C code in case the coding convention dictates that all compound
+# types are typedef'ed and only the typedef is referenced, never the tag name.
+# The default value is: NO.
+
+TYPEDEF_HIDES_STRUCT = NO
+
+# The size of the symbol lookup cache can be set using LOOKUP_CACHE_SIZE. This
+# cache is used to resolve symbols given their name and scope. Since this can be
+# an expensive process and often the same symbol appears multiple times in the
+# code, doxygen keeps a cache of pre-resolved symbols. If the cache is too small
+# doxygen will become slower. If the cache is too large, memory is wasted. The
+# cache size is given by this formula: 2^(16+LOOKUP_CACHE_SIZE). The valid range
+# is 0..9, the default is 0, corresponding to a cache size of 2^16=65536
+# symbols. At the end of a run doxygen will report the cache usage and suggest
+# the optimal cache size from a speed point of view.
+# Minimum value: 0, maximum value: 9, default value: 0.
+
+LOOKUP_CACHE_SIZE = 0
+
+# The NUM_PROC_THREADS specifies the number threads doxygen is allowed to use
+# during processing. When set to 0 doxygen will based this on the number of
+# cores available in the system. You can set it explicitly to a value larger
+# than 0 to get more control over the balance between CPU load and processing
+# speed. At this moment only the input processing can be done using multiple
+# threads. Since this is still an experimental feature the default is set to 1,
+# which effectively disables parallel processing. Please report any issues you
+# encounter. Generating dot graphs in parallel is controlled by the
+# DOT_NUM_THREADS setting.
+# Minimum value: 0, maximum value: 32, default value: 1.
+
+NUM_PROC_THREADS = 1
+
+#---------------------------------------------------------------------------
+# Build related configuration options
+#---------------------------------------------------------------------------
+
+# If the EXTRACT_ALL tag is set to YES, doxygen will assume all entities in
+# documentation are documented, even if no documentation was available. Private
+# class members and static file members will be hidden unless the
+# EXTRACT_PRIVATE respectively EXTRACT_STATIC tags are set to YES.
+# Note: This will also disable the warnings about undocumented members that are
+# normally produced when WARNINGS is set to YES.
+# The default value is: NO.
+
+#EXTRACT_ALL = NO
+
+# If the EXTRACT_PRIVATE tag is set to YES, all private members of a class will
+# be included in the documentation.
+# The default value is: NO.
+
+#EXTRACT_PRIVATE = NO
+
+# If the EXTRACT_PRIV_VIRTUAL tag is set to YES, documented private virtual
+# methods of a class will be included in the documentation.
+# The default value is: NO.
+
+EXTRACT_PRIV_VIRTUAL = NO
+
+# If the EXTRACT_PACKAGE tag is set to YES, all members with package or internal
+# scope will be included in the documentation.
+# The default value is: NO.
+
+EXTRACT_PACKAGE = NO
+
+# If the EXTRACT_STATIC tag is set to YES, all static members of a file will be
+# included in the documentation.
+# The default value is: NO.
+
+EXTRACT_STATIC = NO
+
+# If the EXTRACT_LOCAL_CLASSES tag is set to YES, classes (and structs) defined
+# locally in source files will be included in the documentation. If set to NO,
+# only classes defined in header files are included. Does not have any effect
+# for Java sources.
+# The default value is: YES.
+
+EXTRACT_LOCAL_CLASSES = YES
+
+# This flag is only useful for Objective-C code. If set to YES, local methods,
+# which are defined in the implementation section but not in the interface are
+# included in the documentation. If set to NO, only methods in the interface are
+# included.
+# The default value is: NO.
+
+EXTRACT_LOCAL_METHODS = NO
+
+# If this flag is set to YES, the members of anonymous namespaces will be
+# extracted and appear in the documentation as a namespace called
+# 'anonymous_namespace{file}', where file will be replaced with the base name of
+# the file that contains the anonymous namespace. By default anonymous namespace
+# are hidden.
+# The default value is: NO.
+
+EXTRACT_ANON_NSPACES = NO
+
+# If this flag is set to YES, the name of an unnamed parameter in a declaration
+# will be determined by the corresponding definition. By default unnamed
+# parameters remain unnamed in the output.
+# The default value is: YES.
+
+RESOLVE_UNNAMED_PARAMS = YES
+
+# If the HIDE_UNDOC_MEMBERS tag is set to YES, doxygen will hide all
+# undocumented members inside documented classes or files. If set to NO these
+# members will be included in the various overviews, but no documentation
+# section is generated. This option has no effect if EXTRACT_ALL is enabled.
+# The default value is: NO.
+
+#HIDE_UNDOC_MEMBERS = NO
+
+# If the HIDE_UNDOC_CLASSES tag is set to YES, doxygen will hide all
+# undocumented classes that are normally visible in the class hierarchy. If set
+# to NO, these classes will be included in the various overviews. This option
+# has no effect if EXTRACT_ALL is enabled.
+# The default value is: NO.
+
+HIDE_UNDOC_CLASSES = NO
+
+# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, doxygen will hide all friend
+# declarations. If set to NO, these declarations will be included in the
+# documentation.
+# The default value is: NO.
+
+HIDE_FRIEND_COMPOUNDS = NO
+
+# If the HIDE_IN_BODY_DOCS tag is set to YES, doxygen will hide any
+# documentation blocks found inside the body of a function. If set to NO, these
+# blocks will be appended to the function's detailed documentation block.
+# The default value is: NO.
+
+HIDE_IN_BODY_DOCS = NO
+
+# The INTERNAL_DOCS tag determines if documentation that is typed after a
+# \internal command is included. If the tag is set to NO then the documentation
+# will be excluded. Set it to YES to include the internal documentation.
+# The default value is: NO.
+
+INTERNAL_DOCS = NO
+
+# With the correct setting of option CASE_SENSE_NAMES doxygen will better be
+# able to match the capabilities of the underlying filesystem. In case the
+# filesystem is case sensitive (i.e. it supports files in the same directory
+# whose names only differ in casing), the option must be set to YES to properly
+# deal with such files in case they appear in the input. For filesystems that
+# are not case sensitive the option should be be set to NO to properly deal with
+# output files written for symbols that only differ in casing, such as for two
+# classes, one named CLASS and the other named Class, and to also support
+# references to files without having to specify the exact matching casing. On
+# Windows (including Cygwin) and MacOS, users should typically set this option
+# to NO, whereas on Linux or other Unix flavors it should typically be set to
+# YES.
+# The default value is: system dependent.
+
+CASE_SENSE_NAMES = NO
+
+# If the HIDE_SCOPE_NAMES tag is set to NO then doxygen will show members with
+# their full class and namespace scopes in the documentation. If set to YES, the
+# scope will be hidden.
+# The default value is: NO.
+
+#HIDE_SCOPE_NAMES = NO
+
+# If the HIDE_COMPOUND_REFERENCE tag is set to NO (default) then doxygen will
+# append additional text to a page's title, such as Class Reference. If set to
+# YES the compound reference will be hidden.
+# The default value is: NO.
+
+HIDE_COMPOUND_REFERENCE= NO
+
+# If the SHOW_HEADERFILE tag is set to YES then the documentation for a class
+# will show which file needs to be included to use the class.
+# The default value is: YES.
+
+SHOW_HEADERFILE = YES
+
+# If the SHOW_INCLUDE_FILES tag is set to YES then doxygen will put a list of
+# the files that are included by a file in the documentation of that file.
+# The default value is: YES.
+
+SHOW_INCLUDE_FILES = YES
+
+# If the SHOW_GROUPED_MEMB_INC tag is set to YES then Doxygen will add for each
+# grouped member an include statement to the documentation, telling the reader
+# which file to include in order to use the member.
+# The default value is: NO.
+
+SHOW_GROUPED_MEMB_INC = NO
+
+# If the FORCE_LOCAL_INCLUDES tag is set to YES then doxygen will list include
+# files with double quotes in the documentation rather than with sharp brackets.
+# The default value is: NO.
+
+FORCE_LOCAL_INCLUDES = NO
+
+# If the INLINE_INFO tag is set to YES then a tag [inline] is inserted in the
+# documentation for inline members.
+# The default value is: YES.
+
+INLINE_INFO = YES
+
+# If the SORT_MEMBER_DOCS tag is set to YES then doxygen will sort the
+# (detailed) documentation of file and class members alphabetically by member
+# name. If set to NO, the members will appear in declaration order.
+# The default value is: YES.
+
+SORT_MEMBER_DOCS = YES
+
+# If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the brief
+# descriptions of file, namespace and class members alphabetically by member
+# name. If set to NO, the members will appear in declaration order. Note that
+# this will also influence the order of the classes in the class list.
+# The default value is: NO.
+
+#SORT_BRIEF_DOCS = NO
+
+# If the SORT_MEMBERS_CTORS_1ST tag is set to YES then doxygen will sort the
+# (brief and detailed) documentation of class members so that constructors and
+# destructors are listed first. If set to NO the constructors will appear in the
+# respective orders defined by SORT_BRIEF_DOCS and SORT_MEMBER_DOCS.
+# Note: If SORT_BRIEF_DOCS is set to NO this option is ignored for sorting brief
+# member documentation.
+# Note: If SORT_MEMBER_DOCS is set to NO this option is ignored for sorting
+# detailed member documentation.
+# The default value is: NO.
+
+SORT_MEMBERS_CTORS_1ST = NO
+
+# If the SORT_GROUP_NAMES tag is set to YES then doxygen will sort the hierarchy
+# of group names into alphabetical order. If set to NO the group names will
+# appear in their defined order.
+# The default value is: NO.
+
+SORT_GROUP_NAMES = NO
+
+# If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be sorted by
+# fully-qualified names, including namespaces. If set to NO, the class list will
+# be sorted only by class name, not including the namespace part.
+# Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES.
+# Note: This option applies only to the class list, not to the alphabetical
+# list.
+# The default value is: NO.
+
+SORT_BY_SCOPE_NAME = NO
+
+# If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to do proper
+# type resolution of all parameters of a function it will reject a match between
+# the prototype and the implementation of a member function even if there is
+# only one candidate or it is obvious which candidate to choose by doing a
+# simple string match. By disabling STRICT_PROTO_MATCHING doxygen will still
+# accept a match between prototype and implementation in such cases.
+# The default value is: NO.
+
+STRICT_PROTO_MATCHING = NO
+
+# The GENERATE_TODOLIST tag can be used to enable (YES) or disable (NO) the todo
+# list. This list is created by putting \todo commands in the documentation.
+# The default value is: YES.
+
+GENERATE_TODOLIST = YES
+
+# The GENERATE_TESTLIST tag can be used to enable (YES) or disable (NO) the test
+# list. This list is created by putting \test commands in the documentation.
+# The default value is: YES.
+
+GENERATE_TESTLIST = YES
+
+# The GENERATE_BUGLIST tag can be used to enable (YES) or disable (NO) the bug
+# list. This list is created by putting \bug commands in the documentation.
+# The default value is: YES.
+
+GENERATE_BUGLIST = YES
+
+# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or disable (NO)
+# the deprecated list. This list is created by putting \deprecated commands in
+# the documentation.
+# The default value is: YES.
+
+GENERATE_DEPRECATEDLIST= YES
+
+# The ENABLED_SECTIONS tag can be used to enable conditional documentation
+# sections, marked by \if ... \endif and \cond
+# ... \endcond blocks.
+
+ENABLED_SECTIONS =
+
+# The MAX_INITIALIZER_LINES tag determines the maximum number of lines that the
+# initial value of a variable or macro / define can have for it to appear in the
+# documentation. If the initializer consists of more lines than specified here
+# it will be hidden. Use a value of 0 to hide initializers completely. The
+# appearance of the value of individual variables and macros / defines can be
+# controlled using \showinitializer or \hideinitializer command in the
+# documentation regardless of this setting.
+# Minimum value: 0, maximum value: 10000, default value: 30.
+
+MAX_INITIALIZER_LINES = 30
+
+# Set the SHOW_USED_FILES tag to NO to disable the list of files generated at
+# the bottom of the documentation of classes and structs. If set to YES, the
+# list will mention the files that were used to generate the documentation.
+# The default value is: YES.
+
+SHOW_USED_FILES = YES
+
+# Set the SHOW_FILES tag to NO to disable the generation of the Files page. This
+# will remove the Files entry from the Quick Index and from the Folder Tree View
+# (if specified).
+# The default value is: YES.
+
+SHOW_FILES = YES
+
+# Set the SHOW_NAMESPACES tag to NO to disable the generation of the Namespaces
+# page. This will remove the Namespaces entry from the Quick Index and from the
+# Folder Tree View (if specified).
+# The default value is: YES.
+
+SHOW_NAMESPACES = YES
+
+# The FILE_VERSION_FILTER tag can be used to specify a program or script that
+# doxygen should invoke to get the current version for each file (typically from
+# the version control system). Doxygen will invoke the program by executing (via
+# popen()) the command command input-file, where command is the value of the
+# FILE_VERSION_FILTER tag, and input-file is the name of an input file provided
+# by doxygen. Whatever the program writes to standard output is used as the file
+# version. For an example see the documentation.
+
+FILE_VERSION_FILTER =
+
+# The LAYOUT_FILE tag can be used to specify a layout file which will be parsed
+# by doxygen. The layout file controls the global structure of the generated
+# output files in an output format independent way. To create the layout file
+# that represents doxygen's defaults, run doxygen with the -l option. You can
+# optionally specify a file name after the option, if omitted DoxygenLayout.xml
+# will be used as the name of the layout file. See also section "Changing the
+# layout of pages" for information.
+#
+# Note that if you run doxygen from a directory containing a file called
+# DoxygenLayout.xml, doxygen will parse it automatically even if the LAYOUT_FILE
+# tag is left empty.
+
+#LAYOUT_FILE =
+
+# The CITE_BIB_FILES tag can be used to specify one or more bib files containing
+# the reference definitions. This must be a list of .bib files. The .bib
+# extension is automatically appended if omitted. This requires the bibtex tool
+# to be installed. See also https://en.wikipedia.org/wiki/BibTeX for more info.
+# For LaTeX the style of the bibliography can be controlled using
+# LATEX_BIB_STYLE. To use this feature you need bibtex and perl available in the
+# search path. See also \cite for info how to create references.
+
+CITE_BIB_FILES =
+
+#---------------------------------------------------------------------------
+# Configuration options related to warning and progress messages
+#---------------------------------------------------------------------------
+
+# The QUIET tag can be used to turn on/off the messages that are generated to
+# standard output by doxygen. If QUIET is set to YES this implies that the
+# messages are off.
+# The default value is: NO.
+
+QUIET = NO
+
+# The WARNINGS tag can be used to turn on/off the warning messages that are
+# generated to standard error (stderr) by doxygen. If WARNINGS is set to YES
+# this implies that the warnings are on.
+#
+# Tip: Turn warnings on while writing the documentation.
+# The default value is: YES.
+
+WARNINGS = YES
+
+# If the WARN_IF_UNDOCUMENTED tag is set to YES then doxygen will generate
+# warnings for undocumented members. If EXTRACT_ALL is set to YES then this flag
+# will automatically be disabled.
+# The default value is: YES.
+
+WARN_IF_UNDOCUMENTED = YES
+
+# If the WARN_IF_DOC_ERROR tag is set to YES, doxygen will generate warnings for
+# potential errors in the documentation, such as documenting some parameters in
+# a documented function twice, or documenting parameters that don't exist or
+# using markup commands wrongly.
+# The default value is: YES.
+
+WARN_IF_DOC_ERROR = YES
+
+# If WARN_IF_INCOMPLETE_DOC is set to YES, doxygen will warn about incomplete
+# function parameter documentation. If set to NO, doxygen will accept that some
+# parameters have no documentation without warning.
+# The default value is: YES.
+
+WARN_IF_INCOMPLETE_DOC = YES
+
+# This WARN_NO_PARAMDOC option can be enabled to get warnings for functions that
+# are documented, but have no documentation for their parameters or return
+# value. If set to NO, doxygen will only warn about wrong parameter
+# documentation, but not about the absence of documentation. If EXTRACT_ALL is
+# set to YES then this flag will automatically be disabled. See also
+# WARN_IF_INCOMPLETE_DOC
+# The default value is: NO.
+
+WARN_NO_PARAMDOC = NO
+
+# If the WARN_AS_ERROR tag is set to YES then doxygen will immediately stop when
+# a warning is encountered. If the WARN_AS_ERROR tag is set to FAIL_ON_WARNINGS
+# then doxygen will continue running as if WARN_AS_ERROR tag is set to NO, but
+# at the end of the doxygen process doxygen will return with a non-zero status.
+# Possible values are: NO, YES and FAIL_ON_WARNINGS.
+# The default value is: NO.
+
+WARN_AS_ERROR = NO
+
+# The WARN_FORMAT tag determines the format of the warning messages that doxygen
+# can produce. The string should contain the $file, $line, and $text tags, which
+# will be replaced by the file and line number from which the warning originated
+# and the warning text. Optionally the format may contain $version, which will
+# be replaced by the version of the file (if it could be obtained via
+# FILE_VERSION_FILTER)
+# The default value is: $file:$line: $text.
+
+WARN_FORMAT = "$file:$line: $text"
+
+# The WARN_LOGFILE tag can be used to specify a file to which warning and error
+# messages should be written. If left blank the output is written to standard
+# error (stderr). In case the file specified cannot be opened for writing the
+# warning and error messages are written to standard error. When as file - is
+# specified the warning and error messages are written to standard output
+# (stdout).
+
+WARN_LOGFILE =
+
+#---------------------------------------------------------------------------
+# Configuration options related to the input files
+#---------------------------------------------------------------------------
+
+# The INPUT tag is used to specify the files and/or directories that contain
+# documented source files. You may enter file names like myfile.cpp or
+# directories like /usr/src/myproject. Separate the files or directories with
+# spaces. See also FILE_PATTERNS and EXTENSION_MAPPING
+# Note: If this tag is empty the current directory is searched.
+
+#INPUT =
+
+# This tag can be used to specify the character encoding of the source files
+# that doxygen parses. Internally doxygen uses the UTF-8 encoding. Doxygen uses
+# libiconv (or the iconv built into libc) for the transcoding. See the libiconv
+# documentation (see:
+# https://www.gnu.org/software/libiconv/) for the list of possible encodings.
+# The default value is: UTF-8.
+
+INPUT_ENCODING = UTF-8
+
+# If the value of the INPUT tag contains directories, you can use the
+# FILE_PATTERNS tag to specify one or more wildcard patterns (like *.cpp and
+# *.h) to filter out the source-files in the directories.
+#
+# Note that for custom extensions or not directly supported extensions you also
+# need to set EXTENSION_MAPPING for the extension otherwise the files are not
+# read by doxygen.
+#
+# Note the list of default checked file patterns might differ from the list of
+# default file extension mappings.
+#
+# If left blank the following patterns are tested:*.c, *.cc, *.cxx, *.cpp,
+# *.c++, *.java, *.ii, *.ixx, *.ipp, *.i++, *.inl, *.idl, *.ddl, *.odl, *.h,
+# *.hh, *.hxx, *.hpp, *.h++, *.l, *.cs, *.d, *.php, *.php4, *.php5, *.phtml,
+# *.inc, *.m, *.markdown, *.md, *.mm, *.dox (to be provided as doxygen C
+# comment), *.py, *.pyw, *.f90, *.f95, *.f03, *.f08, *.f18, *.f, *.for, *.vhd,
+# *.vhdl, *.ucf, *.qsf and *.ice.
+
+FILE_PATTERNS = *.c \
+ *.cc \
+ *.cxx \
+ *.cpp \
+ *.c++ \
+ *.java \
+ *.ii \
+ *.ixx \
+ *.ipp \
+ *.i++ \
+ *.inl \
+ *.idl \
+ *.ddl \
+ *.odl \
+ *.h \
+ *.hh \
+ *.hxx \
+ *.hpp \
+ *.h++ \
+ *.l \
+ *.cs \
+ *.d \
+ *.php \
+ *.php4 \
+ *.php5 \
+ *.phtml \
+ *.inc \
+ *.m \
+ *.markdown \
+ *.md \
+ *.mm \
+ *.dox \
+ *.py \
+ *.pyw \
+ *.f90 \
+ *.f95 \
+ *.f03 \
+ *.f08 \
+ *.f18 \
+ *.f \
+ *.for \
+ *.vhd \
+ *.vhdl \
+ *.ucf \
+ *.qsf \
+ *.ice
+
+# The RECURSIVE tag can be used to specify whether or not subdirectories should
+# be searched for input files as well.
+# The default value is: NO.
+
+RECURSIVE = NO
+
+# The EXCLUDE tag can be used to specify files and/or directories that should be
+# excluded from the INPUT source files. This way you can easily exclude a
+# subdirectory from a directory tree whose root is specified with the INPUT tag.
+#
+# Note that relative paths are relative to the directory from which doxygen is
+# run.
+
+EXCLUDE =
+
+# The EXCLUDE_SYMLINKS tag can be used to select whether or not files or
+# directories that are symbolic links (a Unix file system feature) are excluded
+# from the input.
+# The default value is: NO.
+
+EXCLUDE_SYMLINKS = NO
+
+# If the value of the INPUT tag contains directories, you can use the
+# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude
+# certain files from those directories.
+#
+# Note that the wildcards are matched against the file with absolute path, so to
+# exclude all test directories for example use the pattern */test/*
+
+EXCLUDE_PATTERNS =
+
+# The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names
+# (namespaces, classes, functions, etc.) that should be excluded from the
+# output. The symbol name can be a fully qualified name, a word, or if the
+# wildcard * is used, a substring. Examples: ANamespace, AClass,
+# ANamespace::AClass, ANamespace::*Test
+#
+# Note that the wildcards are matched against the file with absolute path, so to
+# exclude all test directories use the pattern */test/*
+
+EXCLUDE_SYMBOLS =
+
+# The EXAMPLE_PATH tag can be used to specify one or more files or directories
+# that contain example code fragments that are included (see the \include
+# command).
+
+EXAMPLE_PATH =
+
+# If the value of the EXAMPLE_PATH tag contains directories, you can use the
+# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp and
+# *.h) to filter out the source-files in the directories. If left blank all
+# files are included.
+
+EXAMPLE_PATTERNS = *
+
+# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be
+# searched for input files to be used with the \include or \dontinclude commands
+# irrespective of the value of the RECURSIVE tag.
+# The default value is: NO.
+
+EXAMPLE_RECURSIVE = NO
+
+# The IMAGE_PATH tag can be used to specify one or more files or directories
+# that contain images that are to be included in the documentation (see the
+# \image command).
+
+IMAGE_PATH =
+
+# The INPUT_FILTER tag can be used to specify a program that doxygen should
+# invoke to filter for each input file. Doxygen will invoke the filter program
+# by executing (via popen()) the command:
+#
+#
+#
+# where is the value of the INPUT_FILTER tag, and is the
+# name of an input file. Doxygen will then use the output that the filter
+# program writes to standard output. If FILTER_PATTERNS is specified, this tag
+# will be ignored.
+#
+# Note that the filter must not add or remove lines; it is applied before the
+# code is scanned, but not when the output code is generated. If lines are added
+# or removed, the anchors will not be placed correctly.
+#
+# Note that for custom extensions or not directly supported extensions you also
+# need to set EXTENSION_MAPPING for the extension otherwise the files are not
+# properly processed by doxygen.
+
+INPUT_FILTER =
+
+# The FILTER_PATTERNS tag can be used to specify filters on a per file pattern
+# basis. Doxygen will compare the file name with each pattern and apply the
+# filter if there is a match. The filters are a list of the form: pattern=filter
+# (like *.cpp=my_cpp_filter). See INPUT_FILTER for further information on how
+# filters are used. If the FILTER_PATTERNS tag is empty or if none of the
+# patterns match the file name, INPUT_FILTER is applied.
+#
+# Note that for custom extensions or not directly supported extensions you also
+# need to set EXTENSION_MAPPING for the extension otherwise the files are not
+# properly processed by doxygen.
+
+FILTER_PATTERNS =
+
+# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using
+# INPUT_FILTER) will also be used to filter the input files that are used for
+# producing the source files to browse (i.e. when SOURCE_BROWSER is set to YES).
+# The default value is: NO.
+
+FILTER_SOURCE_FILES = NO
+
+# The FILTER_SOURCE_PATTERNS tag can be used to specify source filters per file
+# pattern. A pattern will override the setting for FILTER_PATTERN (if any) and
+# it is also possible to disable source filtering for a specific pattern using
+# *.ext= (so without naming a filter).
+# This tag requires that the tag FILTER_SOURCE_FILES is set to YES.
+
+FILTER_SOURCE_PATTERNS =
+
+# If the USE_MDFILE_AS_MAINPAGE tag refers to the name of a markdown file that
+# is part of the input, its contents will be placed on the main page
+# (index.html). This can be useful if you have a project on for instance GitHub
+# and want to reuse the introduction page also for the doxygen output.
+
+#USE_MDFILE_AS_MAINPAGE =
+
+#---------------------------------------------------------------------------
+# Configuration options related to source browsing
+#---------------------------------------------------------------------------
+
+# If the SOURCE_BROWSER tag is set to YES then a list of source files will be
+# generated. Documented entities will be cross-referenced with these sources.
+#
+# Note: To get rid of all source code in the generated output, make sure that
+# also VERBATIM_HEADERS is set to NO.
+# The default value is: NO.
+
+SOURCE_BROWSER = NO
+
+# Setting the INLINE_SOURCES tag to YES will include the body of functions,
+# classes and enums directly into the documentation.
+# The default value is: NO.
+
+INLINE_SOURCES = NO
+
+# Setting the STRIP_CODE_COMMENTS tag to YES will instruct doxygen to hide any
+# special comment blocks from generated source code fragments. Normal C, C++ and
+# Fortran comments will always remain visible.
+# The default value is: YES.
+
+STRIP_CODE_COMMENTS = YES
+
+# If the REFERENCED_BY_RELATION tag is set to YES then for each documented
+# entity all documented functions referencing it will be listed.
+# The default value is: NO.
+
+REFERENCED_BY_RELATION = NO
+
+# If the REFERENCES_RELATION tag is set to YES then for each documented function
+# all documented entities called/used by that function will be listed.
+# The default value is: NO.
+
+REFERENCES_RELATION = NO
+
+# If the REFERENCES_LINK_SOURCE tag is set to YES and SOURCE_BROWSER tag is set
+# to YES then the hyperlinks from functions in REFERENCES_RELATION and
+# REFERENCED_BY_RELATION lists will link to the source code. Otherwise they will
+# link to the documentation.
+# The default value is: YES.
+
+REFERENCES_LINK_SOURCE = YES
+
+# If SOURCE_TOOLTIPS is enabled (the default) then hovering a hyperlink in the
+# source code will show a tooltip with additional information such as prototype,
+# brief description and links to the definition and documentation. Since this
+# will make the HTML file larger and loading of large files a bit slower, you
+# can opt to disable this feature.
+# The default value is: YES.
+# This tag requires that the tag SOURCE_BROWSER is set to YES.
+
+SOURCE_TOOLTIPS = YES
+
+# If the USE_HTAGS tag is set to YES then the references to source code will
+# point to the HTML generated by the htags(1) tool instead of doxygen built-in
+# source browser. The htags tool is part of GNU's global source tagging system
+# (see https://www.gnu.org/software/global/global.html). You will need version
+# 4.8.6 or higher.
+#
+# To use it do the following:
+# - Install the latest version of global
+# - Enable SOURCE_BROWSER and USE_HTAGS in the configuration file
+# - Make sure the INPUT points to the root of the source tree
+# - Run doxygen as normal
+#
+# Doxygen will invoke htags (and that will in turn invoke gtags), so these
+# tools must be available from the command line (i.e. in the search path).
+#
+# The result: instead of the source browser generated by doxygen, the links to
+# source code will now point to the output of htags.
+# The default value is: NO.
+# This tag requires that the tag SOURCE_BROWSER is set to YES.
+
+USE_HTAGS = NO
+
+# If the VERBATIM_HEADERS tag is set the YES then doxygen will generate a
+# verbatim copy of the header file for each class for which an include is
+# specified. Set to NO to disable this.
+# See also: Section \class.
+# The default value is: YES.
+
+VERBATIM_HEADERS = YES
+
+#---------------------------------------------------------------------------
+# Configuration options related to the alphabetical class index
+#---------------------------------------------------------------------------
+
+# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index of all
+# compounds will be generated. Enable this if the project contains a lot of
+# classes, structs, unions or interfaces.
+# The default value is: YES.
+
+ALPHABETICAL_INDEX = YES
+
+# In case all classes in a project start with a common prefix, all classes will
+# be put under the same header in the alphabetical index. The IGNORE_PREFIX tag
+# can be used to specify a prefix (or a list of prefixes) that should be ignored
+# while generating the index headers.
+# This tag requires that the tag ALPHABETICAL_INDEX is set to YES.
+
+IGNORE_PREFIX =
+
+#---------------------------------------------------------------------------
+# Configuration options related to the HTML output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_HTML tag is set to YES, doxygen will generate HTML output
+# The default value is: YES.
+
+GENERATE_HTML = YES
+
+# The HTML_OUTPUT tag is used to specify where the HTML docs will be put. If a
+# relative path is entered the value of OUTPUT_DIRECTORY will be put in front of
+# it.
+# The default directory is: html.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_OUTPUT = html
+
+# The HTML_FILE_EXTENSION tag can be used to specify the file extension for each
+# generated HTML page (for example: .htm, .php, .asp).
+# The default value is: .html.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_FILE_EXTENSION = .html
+
+# The HTML_HEADER tag can be used to specify a user-defined HTML header file for
+# each generated HTML page. If the tag is left blank doxygen will generate a
+# standard header.
+#
+# To get valid HTML the header file that includes any scripts and style sheets
+# that doxygen needs, which is dependent on the configuration options used (e.g.
+# the setting GENERATE_TREEVIEW). It is highly recommended to start with a
+# default header using
+# doxygen -w html new_header.html new_footer.html new_stylesheet.css
+# YourConfigFile
+# and then modify the file new_header.html. See also section "Doxygen usage"
+# for information on how to generate the default header that doxygen normally
+# uses.
+# Note: The header is subject to change so you typically have to regenerate the
+# default header when upgrading to a newer version of doxygen. For a description
+# of the possible markers and block names see the documentation.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+#HTML_HEADER =
+
+# The HTML_FOOTER tag can be used to specify a user-defined HTML footer for each
+# generated HTML page. If the tag is left blank doxygen will generate a standard
+# footer. See HTML_HEADER for more information on how to generate a default
+# footer and what special commands can be used inside the footer. See also
+# section "Doxygen usage" for information on how to generate the default footer
+# that doxygen normally uses.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+#HTML_FOOTER =
+
+# The HTML_STYLESHEET tag can be used to specify a user-defined cascading style
+# sheet that is used by each HTML page. It can be used to fine-tune the look of
+# the HTML output. If left blank doxygen will generate a default style sheet.
+# See also section "Doxygen usage" for information on how to generate the style
+# sheet that doxygen normally uses.
+# Note: It is recommended to use HTML_EXTRA_STYLESHEET instead of this tag, as
+# it is more robust and this tag (HTML_STYLESHEET) will in the future become
+# obsolete.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_STYLESHEET =
+
+# The HTML_EXTRA_STYLESHEET tag can be used to specify additional user-defined
+# cascading style sheets that are included after the standard style sheets
+# created by doxygen. Using this option one can overrule certain style aspects.
+# This is preferred over using HTML_STYLESHEET since it does not replace the
+# standard style sheet and is therefore more robust against future updates.
+# Doxygen will copy the style sheet files to the output directory.
+# Note: The order of the extra style sheet files is of importance (e.g. the last
+# style sheet in the list overrules the setting of the previous ones in the
+# list). For an example see the documentation.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+#HTML_EXTRA_STYLESHEET =
+
+# The HTML_EXTRA_FILES tag can be used to specify one or more extra images or
+# other source files which should be copied to the HTML output directory. Note
+# that these files will be copied to the base HTML output directory. Use the
+# $relpath^ marker in the HTML_HEADER and/or HTML_FOOTER files to load these
+# files. In the HTML_STYLESHEET file, use the file name only. Also note that the
+# files will be copied as-is; there are no commands or markers available.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+#HTML_EXTRA_FILES =
+
+# The HTML_COLORSTYLE_HUE tag controls the color of the HTML output. Doxygen
+# will adjust the colors in the style sheet and background images according to
+# this color. Hue is specified as an angle on a color-wheel, see
+# https://en.wikipedia.org/wiki/Hue for more information. For instance the value
+# 0 represents red, 60 is yellow, 120 is green, 180 is cyan, 240 is blue, 300
+# purple, and 360 is red again.
+# Minimum value: 0, maximum value: 359, default value: 220.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_COLORSTYLE_HUE = 220
+
+# The HTML_COLORSTYLE_SAT tag controls the purity (or saturation) of the colors
+# in the HTML output. For a value of 0 the output will use gray-scales only. A
+# value of 255 will produce the most vivid colors.
+# Minimum value: 0, maximum value: 255, default value: 100.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_COLORSTYLE_SAT = 100
+
+# The HTML_COLORSTYLE_GAMMA tag controls the gamma correction applied to the
+# luminance component of the colors in the HTML output. Values below 100
+# gradually make the output lighter, whereas values above 100 make the output
+# darker. The value divided by 100 is the actual gamma applied, so 80 represents
+# a gamma of 0.8, The value 220 represents a gamma of 2.2, and 100 does not
+# change the gamma.
+# Minimum value: 40, maximum value: 240, default value: 80.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_COLORSTYLE_GAMMA = 80
+
+# If the HTML_TIMESTAMP tag is set to YES then the footer of each generated HTML
+# page will contain the date and time when the page was generated. Setting this
+# to YES can help to show when doxygen was last run and thus if the
+# documentation is up to date.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_TIMESTAMP = NO
+
+# If the HTML_DYNAMIC_MENUS tag is set to YES then the generated HTML
+# documentation will contain a main index with vertical navigation menus that
+# are dynamically created via JavaScript. If disabled, the navigation index will
+# consists of multiple levels of tabs that are statically embedded in every HTML
+# page. Disable this option to support browsers that do not have JavaScript,
+# like the Qt help browser.
+# The default value is: YES.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_DYNAMIC_MENUS = YES
+
+# If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML
+# documentation will contain sections that can be hidden and shown after the
+# page has loaded.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_DYNAMIC_SECTIONS = NO
+
+# With HTML_INDEX_NUM_ENTRIES one can control the preferred number of entries
+# shown in the various tree structured indices initially; the user can expand
+# and collapse entries dynamically later on. Doxygen will expand the tree to
+# such a level that at most the specified number of entries are visible (unless
+# a fully collapsed tree already exceeds this amount). So setting the number of
+# entries 1 will produce a full collapsed tree by default. 0 is a special value
+# representing an infinite number of entries and will result in a full expanded
+# tree by default.
+# Minimum value: 0, maximum value: 9999, default value: 100.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_INDEX_NUM_ENTRIES = 100
+
+# If the GENERATE_DOCSET tag is set to YES, additional index files will be
+# generated that can be used as input for Apple's Xcode 3 integrated development
+# environment (see:
+# https://developer.apple.com/xcode/), introduced with OSX 10.5 (Leopard). To
+# create a documentation set, doxygen will generate a Makefile in the HTML
+# output directory. Running make will produce the docset in that directory and
+# running make install will install the docset in
+# ~/Library/Developer/Shared/Documentation/DocSets so that Xcode will find it at
+# startup. See https://developer.apple.com/library/archive/featuredarticles/Doxy
+# genXcode/_index.html for more information.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+GENERATE_DOCSET = NO
+
+# This tag determines the name of the docset feed. A documentation feed provides
+# an umbrella under which multiple documentation sets from a single provider
+# (such as a company or product suite) can be grouped.
+# The default value is: Doxygen generated docs.
+# This tag requires that the tag GENERATE_DOCSET is set to YES.
+
+DOCSET_FEEDNAME = "Doxygen generated docs"
+
+# This tag determines the URL of the docset feed. A documentation feed provides
+# an umbrella under which multiple documentation sets from a single provider
+# (such as a company or product suite) can be grouped.
+# This tag requires that the tag GENERATE_DOCSET is set to YES.
+
+DOCSET_FEEDURL =
+
+# This tag specifies a string that should uniquely identify the documentation
+# set bundle. This should be a reverse domain-name style string, e.g.
+# com.mycompany.MyDocSet. Doxygen will append .docset to the name.
+# The default value is: org.doxygen.Project.
+# This tag requires that the tag GENERATE_DOCSET is set to YES.
+
+DOCSET_BUNDLE_ID = org.doxygen.Project
+
+# The DOCSET_PUBLISHER_ID tag specifies a string that should uniquely identify
+# the documentation publisher. This should be a reverse domain-name style
+# string, e.g. com.mycompany.MyDocSet.documentation.
+# The default value is: org.doxygen.Publisher.
+# This tag requires that the tag GENERATE_DOCSET is set to YES.
+
+DOCSET_PUBLISHER_ID = org.doxygen.Publisher
+
+# The DOCSET_PUBLISHER_NAME tag identifies the documentation publisher.
+# The default value is: Publisher.
+# This tag requires that the tag GENERATE_DOCSET is set to YES.
+
+DOCSET_PUBLISHER_NAME = Publisher
+
+# If the GENERATE_HTMLHELP tag is set to YES then doxygen generates three
+# additional HTML index files: index.hhp, index.hhc, and index.hhk. The
+# index.hhp is a project file that can be read by Microsoft's HTML Help Workshop
+# on Windows. In the beginning of 2021 Microsoft took the original page, with
+# a.o. the download links, offline the HTML help workshop was already many years
+# in maintenance mode). You can download the HTML help workshop from the web
+# archives at Installation executable (see:
+# http://web.archive.org/web/20160201063255/http://download.microsoft.com/downlo
+# ad/0/A/9/0A939EF6-E31C-430F-A3DF-DFAE7960D564/htmlhelp.exe).
+#
+# The HTML Help Workshop contains a compiler that can convert all HTML output
+# generated by doxygen into a single compiled HTML file (.chm). Compiled HTML
+# files are now used as the Windows 98 help format, and will replace the old
+# Windows help format (.hlp) on all Windows platforms in the future. Compressed
+# HTML files also contain an index, a table of contents, and you can search for
+# words in the documentation. The HTML workshop also contains a viewer for
+# compressed HTML files.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+GENERATE_HTMLHELP = NO
+
+# The CHM_FILE tag can be used to specify the file name of the resulting .chm
+# file. You can add a path in front of the file if the result should not be
+# written to the html output directory.
+# This tag requires that the tag GENERATE_HTMLHELP is set to YES.
+
+CHM_FILE =
+
+# The HHC_LOCATION tag can be used to specify the location (absolute path
+# including file name) of the HTML help compiler (hhc.exe). If non-empty,
+# doxygen will try to run the HTML help compiler on the generated index.hhp.
+# The file has to be specified with full path.
+# This tag requires that the tag GENERATE_HTMLHELP is set to YES.
+
+HHC_LOCATION =
+
+# The GENERATE_CHI flag controls if a separate .chi index file is generated
+# (YES) or that it should be included in the main .chm file (NO).
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTMLHELP is set to YES.
+
+GENERATE_CHI = NO
+
+# The CHM_INDEX_ENCODING is used to encode HtmlHelp index (hhk), content (hhc)
+# and project file content.
+# This tag requires that the tag GENERATE_HTMLHELP is set to YES.
+
+CHM_INDEX_ENCODING =
+
+# The BINARY_TOC flag controls whether a binary table of contents is generated
+# (YES) or a normal table of contents (NO) in the .chm file. Furthermore it
+# enables the Previous and Next buttons.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTMLHELP is set to YES.
+
+BINARY_TOC = NO
+
+# The TOC_EXPAND flag can be set to YES to add extra items for group members to
+# the table of contents of the HTML help documentation and to the tree view.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTMLHELP is set to YES.
+
+TOC_EXPAND = NO
+
+# If the GENERATE_QHP tag is set to YES and both QHP_NAMESPACE and
+# QHP_VIRTUAL_FOLDER are set, an additional index file will be generated that
+# can be used as input for Qt's qhelpgenerator to generate a Qt Compressed Help
+# (.qch) of the generated HTML documentation.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+GENERATE_QHP = NO
+
+# If the QHG_LOCATION tag is specified, the QCH_FILE tag can be used to specify
+# the file name of the resulting .qch file. The path specified is relative to
+# the HTML output folder.
+# This tag requires that the tag GENERATE_QHP is set to YES.
+
+QCH_FILE =
+
+# The QHP_NAMESPACE tag specifies the namespace to use when generating Qt Help
+# Project output. For more information please see Qt Help Project / Namespace
+# (see:
+# https://doc.qt.io/archives/qt-4.8/qthelpproject.html#namespace).
+# The default value is: org.doxygen.Project.
+# This tag requires that the tag GENERATE_QHP is set to YES.
+
+QHP_NAMESPACE = org.doxygen.Project
+
+# The QHP_VIRTUAL_FOLDER tag specifies the namespace to use when generating Qt
+# Help Project output. For more information please see Qt Help Project / Virtual
+# Folders (see:
+# https://doc.qt.io/archives/qt-4.8/qthelpproject.html#virtual-folders).
+# The default value is: doc.
+# This tag requires that the tag GENERATE_QHP is set to YES.
+
+QHP_VIRTUAL_FOLDER = doc
+
+# If the QHP_CUST_FILTER_NAME tag is set, it specifies the name of a custom
+# filter to add. For more information please see Qt Help Project / Custom
+# Filters (see:
+# https://doc.qt.io/archives/qt-4.8/qthelpproject.html#custom-filters).
+# This tag requires that the tag GENERATE_QHP is set to YES.
+
+QHP_CUST_FILTER_NAME =
+
+# The QHP_CUST_FILTER_ATTRS tag specifies the list of the attributes of the
+# custom filter to add. For more information please see Qt Help Project / Custom
+# Filters (see:
+# https://doc.qt.io/archives/qt-4.8/qthelpproject.html#custom-filters).
+# This tag requires that the tag GENERATE_QHP is set to YES.
+
+QHP_CUST_FILTER_ATTRS =
+
+# The QHP_SECT_FILTER_ATTRS tag specifies the list of the attributes this
+# project's filter section matches. Qt Help Project / Filter Attributes (see:
+# https://doc.qt.io/archives/qt-4.8/qthelpproject.html#filter-attributes).
+# This tag requires that the tag GENERATE_QHP is set to YES.
+
+QHP_SECT_FILTER_ATTRS =
+
+# The QHG_LOCATION tag can be used to specify the location (absolute path
+# including file name) of Qt's qhelpgenerator. If non-empty doxygen will try to
+# run qhelpgenerator on the generated .qhp file.
+# This tag requires that the tag GENERATE_QHP is set to YES.
+
+QHG_LOCATION =
+
+# If the GENERATE_ECLIPSEHELP tag is set to YES, additional index files will be
+# generated, together with the HTML files, they form an Eclipse help plugin. To
+# install this plugin and make it available under the help contents menu in
+# Eclipse, the contents of the directory containing the HTML and XML files needs
+# to be copied into the plugins directory of eclipse. The name of the directory
+# within the plugins directory should be the same as the ECLIPSE_DOC_ID value.
+# After copying Eclipse needs to be restarted before the help appears.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+GENERATE_ECLIPSEHELP = NO
+
+# A unique identifier for the Eclipse help plugin. When installing the plugin
+# the directory name containing the HTML and XML files should also have this
+# name. Each documentation set should have its own identifier.
+# The default value is: org.doxygen.Project.
+# This tag requires that the tag GENERATE_ECLIPSEHELP is set to YES.
+
+ECLIPSE_DOC_ID = org.doxygen.Project
+
+# If you want full control over the layout of the generated HTML pages it might
+# be necessary to disable the index and replace it with your own. The
+# DISABLE_INDEX tag can be used to turn on/off the condensed index (tabs) at top
+# of each HTML page. A value of NO enables the index and the value YES disables
+# it. Since the tabs in the index contain the same information as the navigation
+# tree, you can set this option to YES if you also set GENERATE_TREEVIEW to YES.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+DISABLE_INDEX = NO
+
+# The GENERATE_TREEVIEW tag is used to specify whether a tree-like index
+# structure should be generated to display hierarchical information. If the tag
+# value is set to YES, a side panel will be generated containing a tree-like
+# index structure (just like the one that is generated for HTML Help). For this
+# to work a browser that supports JavaScript, DHTML, CSS and frames is required
+# (i.e. any modern browser). Windows users are probably better off using the
+# HTML help feature. Via custom style sheets (see HTML_EXTRA_STYLESHEET) one can
+# further fine tune the look of the index (see "Fine-tuning the output"). As an
+# example, the default style sheet generated by doxygen has an example that
+# shows how to put an image at the root of the tree instead of the PROJECT_NAME.
+# Since the tree basically has the same information as the tab index, you could
+# consider setting DISABLE_INDEX to YES when enabling this option.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+#GENERATE_TREEVIEW = NO
+
+# When both GENERATE_TREEVIEW and DISABLE_INDEX are set to YES, then the
+# FULL_SIDEBAR option determines if the side bar is limited to only the treeview
+# area (value NO) or if it should extend to the full height of the window (value
+# YES). Setting this to YES gives a layout similar to
+# https://docs.readthedocs.io with more room for contents, but less room for the
+# project logo, title, and description. If either GENERATE_TREEVIEW or
+# DISABLE_INDEX is set to NO, this option has no effect.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+FULL_SIDEBAR = NO
+
+# The ENUM_VALUES_PER_LINE tag can be used to set the number of enum values that
+# doxygen will group on one line in the generated HTML documentation.
+#
+# Note that a value of 0 will completely suppress the enum values from appearing
+# in the overview section.
+# Minimum value: 0, maximum value: 20, default value: 4.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+ENUM_VALUES_PER_LINE = 4
+
+# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be used
+# to set the initial width (in pixels) of the frame in which the tree is shown.
+# Minimum value: 0, maximum value: 1500, default value: 250.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+TREEVIEW_WIDTH = 250
+
+# If the EXT_LINKS_IN_WINDOW option is set to YES, doxygen will open links to
+# external symbols imported via tag files in a separate window.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+EXT_LINKS_IN_WINDOW = NO
+
+# If the OBFUSCATE_EMAILS tag is set to YES, doxygen will obfuscate email
+# addresses.
+# The default value is: YES.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+OBFUSCATE_EMAILS = YES
+
+# If the HTML_FORMULA_FORMAT option is set to svg, doxygen will use the pdf2svg
+# tool (see https://github.com/dawbarton/pdf2svg) or inkscape (see
+# https://inkscape.org) to generate formulas as SVG images instead of PNGs for
+# the HTML output. These images will generally look nicer at scaled resolutions.
+# Possible values are: png (the default) and svg (looks nicer but requires the
+# pdf2svg or inkscape tool).
+# The default value is: png.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+HTML_FORMULA_FORMAT = png
+
+# Use this tag to change the font size of LaTeX formulas included as images in
+# the HTML documentation. When you change the font size after a successful
+# doxygen run you need to manually remove any form_*.png images from the HTML
+# output directory to force them to be regenerated.
+# Minimum value: 8, maximum value: 50, default value: 10.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+FORMULA_FONTSIZE = 10
+
+# Use the FORMULA_TRANSPARENT tag to determine whether or not the images
+# generated for formulas are transparent PNGs. Transparent PNGs are not
+# supported properly for IE 6.0, but are supported on all modern browsers.
+#
+# Note that when changing this option you need to delete any form_*.png files in
+# the HTML output directory before the changes have effect.
+# The default value is: YES.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+FORMULA_TRANSPARENT = YES
+
+# The FORMULA_MACROFILE can contain LaTeX \newcommand and \renewcommand commands
+# to create new LaTeX commands to be used in formulas as building blocks. See
+# the section "Including formulas" for details.
+
+FORMULA_MACROFILE =
+
+# Enable the USE_MATHJAX option to render LaTeX formulas using MathJax (see
+# https://www.mathjax.org) which uses client side JavaScript for the rendering
+# instead of using pre-rendered bitmaps. Use this if you do not have LaTeX
+# installed or if you want to formulas look prettier in the HTML output. When
+# enabled you may also need to install MathJax separately and configure the path
+# to it using the MATHJAX_RELPATH option.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+USE_MATHJAX = NO
+
+# With MATHJAX_VERSION it is possible to specify the MathJax version to be used.
+# Note that the different versions of MathJax have different requirements with
+# regards to the different settings, so it is possible that also other MathJax
+# settings have to be changed when switching between the different MathJax
+# versions.
+# Possible values are: MathJax_2 and MathJax_3.
+# The default value is: MathJax_2.
+# This tag requires that the tag USE_MATHJAX is set to YES.
+
+MATHJAX_VERSION = MathJax_2
+
+# When MathJax is enabled you can set the default output format to be used for
+# the MathJax output. For more details about the output format see MathJax
+# version 2 (see:
+# http://docs.mathjax.org/en/v2.7-latest/output.html) and MathJax version 3
+# (see:
+# http://docs.mathjax.org/en/latest/web/components/output.html).
+# Possible values are: HTML-CSS (which is slower, but has the best
+# compatibility. This is the name for Mathjax version 2, for MathJax version 3
+# this will be translated into chtml), NativeMML (i.e. MathML. Only supported
+# for NathJax 2. For MathJax version 3 chtml will be used instead.), chtml (This
+# is the name for Mathjax version 3, for MathJax version 2 this will be
+# translated into HTML-CSS) and SVG.
+# The default value is: HTML-CSS.
+# This tag requires that the tag USE_MATHJAX is set to YES.
+
+MATHJAX_FORMAT = HTML-CSS
+
+# When MathJax is enabled you need to specify the location relative to the HTML
+# output directory using the MATHJAX_RELPATH option. The destination directory
+# should contain the MathJax.js script. For instance, if the mathjax directory
+# is located at the same level as the HTML output directory, then
+# MATHJAX_RELPATH should be ../mathjax. The default value points to the MathJax
+# Content Delivery Network so you can quickly see the result without installing
+# MathJax. However, it is strongly recommended to install a local copy of
+# MathJax from https://www.mathjax.org before deployment. The default value is:
+# - in case of MathJax version 2: https://cdn.jsdelivr.net/npm/mathjax@2
+# - in case of MathJax version 3: https://cdn.jsdelivr.net/npm/mathjax@3
+# This tag requires that the tag USE_MATHJAX is set to YES.
+
+MATHJAX_RELPATH =
+
+# The MATHJAX_EXTENSIONS tag can be used to specify one or more MathJax
+# extension names that should be enabled during MathJax rendering. For example
+# for MathJax version 2 (see https://docs.mathjax.org/en/v2.7-latest/tex.html
+# #tex-and-latex-extensions):
+# MATHJAX_EXTENSIONS = TeX/AMSmath TeX/AMSsymbols
+# For example for MathJax version 3 (see
+# http://docs.mathjax.org/en/latest/input/tex/extensions/index.html):
+# MATHJAX_EXTENSIONS = ams
+# This tag requires that the tag USE_MATHJAX is set to YES.
+
+MATHJAX_EXTENSIONS =
+
+# The MATHJAX_CODEFILE tag can be used to specify a file with javascript pieces
+# of code that will be used on startup of the MathJax code. See the MathJax site
+# (see:
+# http://docs.mathjax.org/en/v2.7-latest/output.html) for more details. For an
+# example see the documentation.
+# This tag requires that the tag USE_MATHJAX is set to YES.
+
+MATHJAX_CODEFILE =
+
+# When the SEARCHENGINE tag is enabled doxygen will generate a search box for
+# the HTML output. The underlying search engine uses javascript and DHTML and
+# should work on any modern browser. Note that when using HTML help
+# (GENERATE_HTMLHELP), Qt help (GENERATE_QHP), or docsets (GENERATE_DOCSET)
+# there is already a search function so this one should typically be disabled.
+# For large projects the javascript based search engine can be slow, then
+# enabling SERVER_BASED_SEARCH may provide a better solution. It is possible to
+# search using the keyboard; to jump to the search box use + S
+# (what the is depends on the OS and browser, but it is typically
+# , /