CMS 3D CMS Logo
List of all members | Public Member Functions | Static Public Member Functions | Static Public Attributes | Private Attributes
cond::auth::DecodingKey Class Reference

#include <DecodingKey.h>

Public Member Functions

void addDefaultService (const std::string &connectionString)
 
void addService (const std::string &serviceName, const std::string &connectionString, const std::string &userName, const std::string &password)
 
size_t createFromInputFile (const std::string &inputFileName, size_t generatedKeySize=0)
 
 DecodingKey ()
 
void flush ()
 
size_t init (const std::string &keyFileName, const std::string &password, bool readMode=true)
 
bool isNominal () const
 
void list (std::ostream &out)
 
const std::string & ownerName () const
 
const std::string & principalKey () const
 
const std::string & principalName () const
 
const std::map< std::string, ServiceCredentials > & services () const
 
virtual ~DecodingKey ()
 

Static Public Member Functions

static std::string templateFile ()
 

Static Public Attributes

static constexpr size_t DEFAULT_KEY_SIZE = 100
 
static constexpr const char *const FILE_NAME = "db.key"
 
static constexpr const char *const FILE_PATH = ".cms_cond/db.key"
 

Private Attributes

std::string m_fileName
 
bool m_mode
 
std::string m_owner
 
std::string m_principalKey
 
std::string m_principalName
 
std::string m_pwd
 
std::map< std::string, ServiceCredentialsm_services
 

Detailed Description

Definition at line 31 of file DecodingKey.h.

Constructor & Destructor Documentation

cond::auth::DecodingKey::DecodingKey ( )
inline

Definition at line 91 of file DecodingKey.h.

92  : m_fileName(""), m_mode(true), m_pwd(""), m_principalName(""), m_principalKey(""), m_owner(""), m_services() {}
cond::auth::DecodingKey::m_fileName
std::string m_fileName
Definition: DecodingKey.h:70
cond::auth::DecodingKey::m_principalName
std::string m_principalName
Definition: DecodingKey.h:76
cond::auth::DecodingKey::m_principalKey
std::string m_principalKey
Definition: DecodingKey.h:78
cond::auth::DecodingKey::m_services
std::map< std::string, ServiceCredentials > m_services
Definition: DecodingKey.h:82
virtual cond::auth::DecodingKey::~DecodingKey ( )
inlinevirtual

Definition at line 42 of file DecodingKey.h.

References cond::auth::ServiceCredentials::connectionString, init, InefficientDoubleROC::inputFileName, list(), MillePedeFileConverter_cfg::out, cond::auth::ServiceCredentials::password, serviceName, AlCaHLTBitMon_QueryRunRegistry::string, and cond::auth::ServiceCredentials::userName.

42 {}

Member Function Documentation

void cond::auth::DecodingKey::addDefaultService ( const std::string &  connectionString)

Definition at line 287 of file DecodingKey.cc.

References DEFAULT_SERVICE().

287  {
288  addService(DEFAULT_SERVICE, connectionString, "", "");
289 }
cond::auth::DecodingKey::addService
void addService(const std::string &serviceName, const std::string &connectionString, const std::string &userName, const std::string &password)
Definition: DecodingKey.cc:291
DEFAULT_SERVICE
static const std::string DEFAULT_SERVICE("Cond_Default_Service")
l1RCTOmdsFedVectorProducer_cfi.connectionString
connectionString
Definition: l1RCTOmdsFedVectorProducer_cfi.py:4
void cond::auth::DecodingKey::addService ( const std::string &  serviceName,
const std::string &  connectionString,
const std::string &  userName,
const std::string &  password 
)

Definition at line 291 of file DecodingKey.cc.

References l1RCTOmdsFedVectorProducer_cfi::connectionString, EcalCondDBWriter_cfi::password, and EcalCondDBWriter_cfi::userName.

294  {
295  std::map<std::string, ServiceCredentials>::iterator iK = m_services.find(serviceName);
296  if (iK == m_services.end()) {
297  iK = m_services.insert(std::make_pair(serviceName, ServiceCredentials())).first;
298  }
299  iK->second.connectionString = connectionString;
300  iK->second.userName = userName;
301  iK->second.password = password;
302 }
EcalCondDBWriter_cfi.password
password
Definition: EcalCondDBWriter_cfi.py:62
serviceName
static const std::string serviceName
Definition: CredentialStore.cc:31
EcalCondDBWriter_cfi.userName
userName
Definition: EcalCondDBWriter_cfi.py:61
l1RCTOmdsFedVectorProducer_cfi.connectionString
connectionString
Definition: l1RCTOmdsFedVectorProducer_cfi.py:4
cond::auth::DecodingKey::m_services
std::map< std::string, ServiceCredentials > m_services
Definition: DecodingKey.h:82
size_t cond::auth::DecodingKey::createFromInputFile ( const std::string &  inputFileName,
size_t  generatedKeySize = 0 
)

Definition at line 190 of file DecodingKey.cc.

References CONNECTIONPREFIX(), cond::auth::ServiceCredentials::connectionString, relval_steps::gen(), dtResolutionTest_cfi::inputFile, KEYPREFIX(), mps_splice::line, cond::auth::KeyGenerator::make(), mps_check::msg, NAMEPREFIX(), OWNERPREFIX(), CalibrationSummaryClient_cfi::params, cond::parseLineForNamedParams(), cond::auth::ServiceCredentials::password, PASSWORDPREFIX(), serviceName, SERVICEPREFIX(), AlCaHLTBitMon_QueryRunRegistry::string, cond::throwException(), cond::auth::ServiceCredentials::userName, and USERPREFIX().

190  {
191  size_t nelem = 0;
192  if (inputFileName.empty()) {
193  std::string msg("Provided input file name is empty.");
194  throwException(msg, "DecodingKey::readFromInputFile");
195  }
196  m_principalName.clear();
197  m_principalKey.clear();
198  m_owner.clear();
199  m_services.clear();
200  std::ifstream inputFile(inputFileName.c_str());
201  if (inputFile.is_open()) {
202  std::map<std::string, std::string> params;
203  while (inputFile.good()) {
204  std::string line;
205  getline(inputFile, line);
206  params.clear();
207  if (line.size() > 3) {
208  if (line.substr(0, 2) == NAMEPREFIX) {
209  m_principalName = line.substr(2);
210  } else if (line.substr(0, 2) == KEYPREFIX) {
211  m_principalKey = line.substr(2);
212  } else if (line.substr(0, 2) == OWNERPREFIX) {
213  m_owner = line.substr(2);
214  } else if (line.substr(0, 2) == SERVICEPREFIX) {
215  parseLineForNamedParams(line, params);
216  std::string& serviceName = params[SERVICEPREFIX];
217  ServiceCredentials creds;
218  creds.connectionString = params[CONNECTIONPREFIX];
219  creds.userName = params[USERPREFIX];
220  creds.password = params[PASSWORDPREFIX];
221  m_services.insert(std::make_pair(serviceName, creds));
222  nelem++;
223  }
224  }
225  }
226  inputFile.close();
227  if (m_principalKey.empty() && generatedKeySize) {
228  KeyGenerator gen;
229  m_principalKey = gen.make(generatedKeySize);
230  }
231 
232  } else {
233  std::string msg = "Provided Input File \"" + inputFileName + "\n is invalid.";
234  throwException(msg, "DecodingKey::readFromInputFile");
235  }
236  return nelem;
237 }
KEYPREFIX
static const std::string KEYPREFIX("K=")
AlCaHLTBitMon_QueryRunRegistry.string
string
Definition: AlCaHLTBitMon_QueryRunRegistry.py:256
cond::parseLineForNamedParams
void parseLineForNamedParams(const std::string &line, std::map< std::string, std::string > &params)
Definition: DecodingKey.cc:57
USERPREFIX
static const std::string USERPREFIX("U=")
serviceName
static const std::string serviceName
Definition: CredentialStore.cc:31
cond::throwException
void throwException(const std::string &message, const std::string &methodName)
Definition: Exception.cc:18
SERVICEPREFIX
static const std::string SERVICEPREFIX("S=")
CalibrationSummaryClient_cfi.params
params
Definition: CalibrationSummaryClient_cfi.py:14
dtResolutionTest_cfi.inputFile
inputFile
Definition: dtResolutionTest_cfi.py:14
mps_splice.line
line
Definition: mps_splice.py:76
relval_steps.gen
def gen(fragment, howMuch)
Production test section ####.
Definition: relval_steps.py:493
cond::auth::DecodingKey::m_principalName
std::string m_principalName
Definition: DecodingKey.h:76
PASSWORDPREFIX
static const std::string PASSWORDPREFIX("P=")
OWNERPREFIX
static const std::string OWNERPREFIX("O=")
mps_check.msg
tuple msg
Definition: mps_check.py:285
cond::auth::DecodingKey::m_principalKey
std::string m_principalKey
Definition: DecodingKey.h:78
CONNECTIONPREFIX
static const std::string CONNECTIONPREFIX("C=")
NAMEPREFIX
static const std::string NAMEPREFIX("N=")
cond::auth::DecodingKey::m_services
std::map< std::string, ServiceCredentials > m_services
Definition: DecodingKey.h:82
void cond::auth::DecodingKey::flush ( )

Definition at line 252 of file DecodingKey.cc.

References Skims_PA_cff::content, cond::auth::Cipher::encrypt(), ItemSeparator, KEY_HEADER(), KEYPREFIX(), LineSeparator, mps_check::msg, NAMEPREFIX(), MillePedeFileConverter_cfg::out, L1TdeCSCTF_cfi::outFile, OWNERPREFIX(), SERVICEPREFIX(), AlCaHLTBitMon_QueryRunRegistry::string, and cond::throwException().

252  {
253  std::ofstream outFile(m_fileName.c_str(), std::ios::binary);
254  if (outFile.is_open()) {
255  std::stringstream content;
256  content << KEY_HEADER << LineSeparator;
257  if (!m_principalName.empty()) {
258  content << NAMEPREFIX << m_principalName << LineSeparator;
259  }
260  if (!m_principalKey.empty()) {
261  content << KEYPREFIX << m_principalKey << LineSeparator;
262  }
263  if (!m_owner.empty()) {
264  content << OWNERPREFIX << m_owner << LineSeparator;
265  }
266  for (std::map<std::string, ServiceCredentials>::const_iterator iD = m_services.begin(); iD != m_services.end();
267  ++iD) {
268  content << SERVICEPREFIX << iD->first << ItemSeparator;
269  content << iD->second.connectionString << ItemSeparator;
270  content << iD->second.userName << ItemSeparator;
271  content << iD->second.password << ItemSeparator;
272  content << LineSeparator;
273  }
274  Cipher cipher(m_pwd);
275  unsigned char* out;
276  size_t outSize = cipher.encrypt(content.str(), out);
277  outFile.write(reinterpret_cast<char*>(out), outSize);
278  free(out);
279  } else {
280  std::string msg("");
281  msg += "Provided Key File \"" + m_fileName + "\n is invalid.";
282  throwException(msg, "DecodingKey::flush");
283  }
284  outFile.close();
285 }
KEYPREFIX
static const std::string KEYPREFIX("K=")
L1TdeCSCTF_cfi.outFile
outFile
Definition: L1TdeCSCTF_cfi.py:5
AlCaHLTBitMon_QueryRunRegistry.string
string
Definition: AlCaHLTBitMon_QueryRunRegistry.py:256
cond::throwException
void throwException(const std::string &message, const std::string &methodName)
Definition: Exception.cc:18
SERVICEPREFIX
static const std::string SERVICEPREFIX("S=")
KEY_HEADER
static const std::string KEY_HEADER("Cond_Authentication_Key")
LineSeparator
char LineSeparator
Definition: DecodingKey.cc:15
cond::auth::DecodingKey::m_fileName
std::string m_fileName
Definition: DecodingKey.h:70
cond::auth::DecodingKey::m_principalName
std::string m_principalName
Definition: DecodingKey.h:76
MillePedeFileConverter_cfg.out
out
Definition: MillePedeFileConverter_cfg.py:31
ItemSeparator
char ItemSeparator
Definition: DecodingKey.cc:14
OWNERPREFIX
static const std::string OWNERPREFIX("O=")
Skims_PA_cff.content
content
Definition: Skims_PA_cff.py:19
mps_check.msg
tuple msg
Definition: mps_check.py:285
cond::auth::DecodingKey::m_principalKey
std::string m_principalKey
Definition: DecodingKey.h:78
NAMEPREFIX
static const std::string NAMEPREFIX("N=")
cond::auth::DecodingKey::m_services
std::map< std::string, ServiceCredentials > m_services
Definition: DecodingKey.h:82
size_t cond::auth::DecodingKey::init ( const std::string &  keyFileName,
const std::string &  password,
bool  readMode = true 
)

Definition at line 111 of file DecodingKey.cc.

References Skims_PA_cff::content, cond::auth::Cipher::decrypt(), cond::getLoginName(), recoMuon::in, ItemSeparator, KEY_HEADER(), keyFile(), KEYPREFIX(), mps_splice::line, LineSeparator, mps_check::msg, NAMEPREFIX(), OWNERPREFIX(), EcalCondDBWriter_cfi::password, SERVICEPREFIX(), str, AlCaHLTBitMon_QueryRunRegistry::string, and cond::throwException().

Referenced by cond::CredentialStore::setUpForService().

111  {
112  if (keyFileName.empty()) {
113  std::string msg("Provided key file name is empty.");
114  throwException(msg, "DecodingKey::init");
115  }
116  m_fileName = keyFileName;
117  m_pwd = password;
118  m_mode = readMode;
119  m_principalName.clear();
120  m_principalKey.clear();
121  m_owner.clear();
122  m_services.clear();
123  size_t nelem = 0;
124  if (m_mode) {
125  std::ifstream keyFile(m_fileName.c_str(), std::ios::in | std::ios::binary | std::ios::ate);
126  if (keyFile.is_open()) {
127  size_t fsize = keyFile.tellg();
128  unsigned char* buff = (unsigned char*)malloc(fsize);
129  keyFile.seekg(0, std::ios::beg);
130  keyFile.read(reinterpret_cast<char*>(buff), fsize);
131  Cipher cipher(m_pwd);
132  std::string content = cipher.decrypt(buff, fsize);
133  free(buff);
134  // skip the header + line separator
135  if (content.substr(0, KEY_HEADER.size()) != KEY_HEADER) {
136  std::string msg("Provided key content is invalid.");
137  throwException(msg, "DecodingKey::init");
138  }
139  std::stringstream str(content.substr(KEY_HEADER.size() + 1));
140  while (str.good()) {
141  std::string line;
142  getline(str, line, LineSeparator);
143  if (line.size() > 3) {
144  if (line.substr(0, 2) == NAMEPREFIX) {
145  m_principalName = line.substr(2);
146  } else if (line.substr(0, 2) == KEYPREFIX) {
147  m_principalKey = line.substr(2);
148  } else if (line.substr(0, 2) == OWNERPREFIX) {
149  m_owner = line.substr(2);
150  } else if (line.substr(0, 2) == SERVICEPREFIX) {
151  std::stringstream serviceStr(line.substr(2));
152  std::vector<std::string> sdata;
153  while (serviceStr.good()) {
154  sdata.push_back(std::string(""));
155  getline(serviceStr, sdata.back(), ItemSeparator);
156  }
157  std::map<std::string, ServiceCredentials>::iterator iS =
158  m_services.insert(std::make_pair(sdata[0], ServiceCredentials())).first;
159  iS->second.connectionString = sdata[1];
160  iS->second.userName = sdata[2];
161  iS->second.password = sdata[3];
162  nelem++;
163  }
164  }
165  }
166  keyFile.close();
167  if (m_principalName.empty() || m_principalKey.empty()) {
168  std::string msg = "Provided key is invalid.";
169  throwException(msg, "DecodingKey::init");
170  }
171  if (!m_owner.empty()) {
172  std::string currentUser = getLoginName();
173  if (m_owner != currentUser) {
174  m_principalName.clear();
175  m_principalKey.clear();
176  m_owner.clear();
177  m_services.clear();
178  std::string msg = "Provided key is invalid for user=" + currentUser;
179  throwException(msg, "DecodingKey::init");
180  }
181  }
182  } else {
183  std::string msg = "Required Key File \"" + m_fileName + "\" is missing or unreadable.";
184  throwException(msg, "DecodingKey::init");
185  }
186  }
187  return nelem;
188 }
KEYPREFIX
static const std::string KEYPREFIX("K=")
AlCaHLTBitMon_QueryRunRegistry.string
string
Definition: AlCaHLTBitMon_QueryRunRegistry.py:256
cond::getLoginName
std::string getLoginName()
Definition: DecodingKey.cc:41
EcalCondDBWriter_cfi.password
password
Definition: EcalCondDBWriter_cfi.py:62
cond::throwException
void throwException(const std::string &message, const std::string &methodName)
Definition: Exception.cc:18
SERVICEPREFIX
static const std::string SERVICEPREFIX("S=")
KEY_HEADER
static const std::string KEY_HEADER("Cond_Authentication_Key")
LineSeparator
char LineSeparator
Definition: DecodingKey.cc:15
cond::auth::DecodingKey::m_fileName
std::string m_fileName
Definition: DecodingKey.h:70
mps_splice.line
line
Definition: mps_splice.py:76
cond::auth::DecodingKey::m_principalName
std::string m_principalName
Definition: DecodingKey.h:76
ItemSeparator
char ItemSeparator
Definition: DecodingKey.cc:14
OWNERPREFIX
static const std::string OWNERPREFIX("O=")
Skims_PA_cff.content
content
Definition: Skims_PA_cff.py:19
mps_check.msg
tuple msg
Definition: mps_check.py:285
cond::auth::DecodingKey::m_principalKey
std::string m_principalKey
Definition: DecodingKey.h:78
NAMEPREFIX
static const std::string NAMEPREFIX("N=")
keyFile
static const std::string keyFile("/nfshome0/hcalsw/.ReadOMDSKey")
str
#define str(s)
Definition: TestProcessor.cc:48
cond::auth::DecodingKey::m_services
std::map< std::string, ServiceCredentials > m_services
Definition: DecodingKey.h:82
bool cond::auth::DecodingKey::isNominal ( ) const
inline

Definition at line 98 of file DecodingKey.h.

References m_owner.

98 { return !m_owner.empty(); }
void cond::auth::DecodingKey::list ( std::ostream &  out)

Definition at line 239 of file DecodingKey.cc.

References CONNECTIONPREFIX(), KEYPREFIX(), NAMEPREFIX(), OWNERPREFIX(), PASSWORDPREFIX(), SERVICEPREFIX(), and USERPREFIX().

239  {
240  out << NAMEPREFIX << m_principalName << std::endl;
241  out << KEYPREFIX << m_principalKey << std::endl;
242  out << OWNERPREFIX << m_owner << std::endl;
243  for (std::map<std::string, ServiceCredentials>::const_iterator iS = m_services.begin(); iS != m_services.end();
244  iS++) {
245  out << SERVICEPREFIX << iS->first << ";";
246  out << CONNECTIONPREFIX << iS->second.connectionString << ";";
247  out << USERPREFIX << iS->second.userName << ";";
248  out << PASSWORDPREFIX << iS->second.password << ";" << std::endl;
249  }
250 }
KEYPREFIX
static const std::string KEYPREFIX("K=")
USERPREFIX
static const std::string USERPREFIX("U=")
SERVICEPREFIX
static const std::string SERVICEPREFIX("S=")
cond::auth::DecodingKey::m_principalName
std::string m_principalName
Definition: DecodingKey.h:76
PASSWORDPREFIX
static const std::string PASSWORDPREFIX("P=")
MillePedeFileConverter_cfg.out
out
Definition: MillePedeFileConverter_cfg.py:31
OWNERPREFIX
static const std::string OWNERPREFIX("O=")
cond::auth::DecodingKey::m_principalKey
std::string m_principalKey
Definition: DecodingKey.h:78
CONNECTIONPREFIX
static const std::string CONNECTIONPREFIX("C=")
NAMEPREFIX
static const std::string NAMEPREFIX("N=")
cond::auth::DecodingKey::m_services
std::map< std::string, ServiceCredentials > m_services
Definition: DecodingKey.h:82
const std::string & cond::auth::DecodingKey::ownerName ( ) const
inline

Definition at line 100 of file DecodingKey.h.

References m_owner.

100 { return m_owner; }
const std::string & cond::auth::DecodingKey::principalKey ( ) const
inline

Definition at line 96 of file DecodingKey.h.

References m_principalKey.

Referenced by cond::CredentialStore::createSchema(), and cond::CredentialStore::resetAdmin().

96 { return m_principalKey; }
cond::auth::DecodingKey::m_principalKey
std::string m_principalKey
Definition: DecodingKey.h:78
const std::string & cond::auth::DecodingKey::principalName ( ) const
inline

Definition at line 94 of file DecodingKey.h.

References m_principalName.

Referenced by cond::CredentialStore::createSchema(), cond::CredentialStore::keyPrincipalName(), cond::CredentialStore::resetAdmin(), and cond::CredentialStore::updatePrincipal().

94 { return m_principalName; }
cond::auth::DecodingKey::m_principalName
std::string m_principalName
Definition: DecodingKey.h:76
const std::map< std::string, cond::auth::ServiceCredentials > & cond::auth::DecodingKey::services ( ) const
inline

Definition at line 102 of file DecodingKey.h.

References m_services.

Referenced by cond::CredentialStore::setUpForService().

102  {
103  return m_services;
104 }
cond::auth::DecodingKey::m_services
std::map< std::string, ServiceCredentials > m_services
Definition: DecodingKey.h:82
std::string cond::auth::DecodingKey::templateFile ( )
static

Definition at line 96 of file DecodingKey.cc.

References CONNECTIONPREFIX(), KEYPREFIX(), NAMEPREFIX(), OWNERPREFIX(), PASSWORDPREFIX(), alignCSCRings::s, SERVICEPREFIX(), and USERPREFIX().

96  {
97  std::stringstream s;
98  s << NAMEPREFIX << "<principal_name>" << std::endl;
99  s << OWNERPREFIX << "<owner_name, optional>" << std::endl;
100  s << KEYPREFIX << "<key, leave empty if generated>" << std::endl;
101  //s<<DATEPREFIX<<"<expiring date, optional>"<<std::endl;
102  s << SERVICEPREFIX << "<service_name0>;" << CONNECTIONPREFIX << "<service0_connection_string>;" << USERPREFIX
103  << "<user0_name>;" << PASSWORDPREFIX << "<password0>;" << std::endl;
104  s << SERVICEPREFIX << "<service_name1>;" << CONNECTIONPREFIX << "<service1_connection_string>;" << USERPREFIX
105  << "<user1_name>;" << PASSWORDPREFIX << "<password1>;" << std::endl;
106  s << SERVICEPREFIX << "<service_name2>;" << CONNECTIONPREFIX << "<service2_connection_string>;" << USERPREFIX
107  << "<user2_name>;" << PASSWORDPREFIX << "<password2>;" << std::endl;
108  return s.str();
109 }
KEYPREFIX
static const std::string KEYPREFIX("K=")
USERPREFIX
static const std::string USERPREFIX("U=")
SERVICEPREFIX
static const std::string SERVICEPREFIX("S=")
PASSWORDPREFIX
static const std::string PASSWORDPREFIX("P=")
OWNERPREFIX
static const std::string OWNERPREFIX("O=")
CONNECTIONPREFIX
static const std::string CONNECTIONPREFIX("C=")
NAMEPREFIX
static const std::string NAMEPREFIX("N=")

Member Data Documentation

constexpr size_t cond::auth::DecodingKey::DEFAULT_KEY_SIZE = 100
static

Definition at line 35 of file DecodingKey.h.

constexpr const char* const cond::auth::DecodingKey::FILE_NAME = "db.key"
static

Definition at line 33 of file DecodingKey.h.

constexpr const char* const cond::auth::DecodingKey::FILE_PATH = ".cms_cond/db.key"
static

Definition at line 34 of file DecodingKey.h.

Referenced by cond::CredentialStore::setUpForService().

std::string cond::auth::DecodingKey::m_fileName
private

Definition at line 70 of file DecodingKey.h.

bool cond::auth::DecodingKey::m_mode
private

Definition at line 72 of file DecodingKey.h.

std::string cond::auth::DecodingKey::m_owner
private

Definition at line 80 of file DecodingKey.h.

Referenced by isNominal(), and ownerName().

std::string cond::auth::DecodingKey::m_principalKey
private

Definition at line 78 of file DecodingKey.h.

Referenced by principalKey().

std::string cond::auth::DecodingKey::m_principalName
private

Definition at line 76 of file DecodingKey.h.

Referenced by principalName().

std::string cond::auth::DecodingKey::m_pwd
private

Definition at line 74 of file DecodingKey.h.

std::map<std::string, ServiceCredentials> cond::auth::DecodingKey::m_services
private

Definition at line 82 of file DecodingKey.h.

Referenced by services().

Generated for CMSSW Reference Manual by doxygen 1.8.11