diffie-hellman: Use bool instead of status_t as get_shared_secret() return value
authorMartin Willi <martin@revosec.ch>
Mon, 23 Mar 2015 09:54:24 +0000 (10:54 +0100)
committerMartin Willi <martin@revosec.ch>
Mon, 23 Mar 2015 16:54:02 +0000 (17:54 +0100)
While such a change is not unproblematic, keeping status_t makes the API
inconsistent once we introduce return values for the public value operations.

18 files changed:
src/charon-tkm/src/tkm/tkm_diffie_hellman.c
src/libcharon/plugins/ha/ha_child.c
src/libcharon/plugins/ha/ha_dispatcher.c
src/libcharon/plugins/ha/ha_ike.c
src/libcharon/plugins/load_tester/load_tester_diffie_hellman.c
src/libcharon/sa/ikev1/keymat_v1.c
src/libcharon/sa/ikev2/keymat_v2.c
src/libimcv/pts/pts.c
src/libstrongswan/crypto/diffie_hellman.h
src/libstrongswan/plugins/gcrypt/gcrypt_dh.c
src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
src/libstrongswan/plugins/ntru/ntru_ke.c
src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
src/libstrongswan/tests/suites/test_ntru.c
src/libtls/tls_peer.c
src/libtls/tls_server.c

index 836e0b7..02ae67f 100644 (file)
@@ -61,11 +61,11 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
        sequence_to_chunk(this->pubvalue.data, this->pubvalue.size, value);
 }
 
-METHOD(diffie_hellman_t, get_shared_secret, status_t,
+METHOD(diffie_hellman_t, get_shared_secret, bool,
        private_tkm_diffie_hellman_t *this, chunk_t *secret)
 {
        *secret = chunk_empty;
-       return SUCCESS;
+       return TRUE;
 }
 
 
index ed6ca71..17f2d50 100644 (file)
@@ -97,7 +97,7 @@ METHOD(listener_t, child_keys, bool,
        }
        m->add_attribute(m, HA_NONCE_I, nonce_i);
        m->add_attribute(m, HA_NONCE_R, nonce_r);
-       if (dh && dh->get_shared_secret(dh, &secret) == SUCCESS)
+       if (dh && dh->get_shared_secret(dh, &secret))
        {
                m->add_attribute(m, HA_SECRET, secret);
                chunk_clear(&secret);
index 88160fe..abd08e2 100644 (file)
@@ -81,11 +81,11 @@ struct ha_diffie_hellman_t {
        chunk_t pub;
 };
 
-METHOD(diffie_hellman_t, dh_get_shared_secret, status_t,
+METHOD(diffie_hellman_t, dh_get_shared_secret, bool,
        ha_diffie_hellman_t *this, chunk_t *secret)
 {
        *secret = chunk_clone(this->secret);
-       return SUCCESS;
+       return TRUE;
 }
 
 METHOD(diffie_hellman_t, dh_get_my_public_value, void,
index 442a3a2..815cb53 100644 (file)
@@ -84,7 +84,7 @@ METHOD(listener_t, ike_keys, bool,
        {       /* do not sync SA between nodes */
                return TRUE;
        }
-       if (dh->get_shared_secret(dh, &secret) != SUCCESS)
+       if (!dh->get_shared_secret(dh, &secret))
        {
                return TRUE;
        }
index 94e1acc..b248e78 100644 (file)
@@ -26,11 +26,11 @@ METHOD(diffie_hellman_t, set_other_public_value, void,
 {
 }
 
-METHOD(diffie_hellman_t, get_shared_secret, status_t,
+METHOD(diffie_hellman_t, get_shared_secret, bool,
        load_tester_diffie_hellman_t *this, chunk_t *secret)
 {
        *secret = chunk_empty;
-       return SUCCESS;
+       return TRUE;
 }
 
 METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,
index 619d197..b171adc 100644 (file)
@@ -425,7 +425,7 @@ METHOD(keymat_v1_t, derive_ike_keys, bool,
                return FALSE;
        }
 
-       if (dh->get_shared_secret(dh, &g_xy) != SUCCESS)
+       if (!dh->get_shared_secret(dh, &g_xy))
        {
                return FALSE;
        }
@@ -661,7 +661,7 @@ METHOD(keymat_v1_t, derive_child_keys, bool,
        protocol = proposal->get_protocol(proposal);
        if (dh)
        {
-               if (dh->get_shared_secret(dh, &secret) != SUCCESS)
+               if (!dh->get_shared_secret(dh, &secret))
                {
                        return FALSE;
                }
index f237f70..f70f5cf 100644 (file)
@@ -300,7 +300,7 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
        spi_i = chunk_alloca(sizeof(u_int64_t));
        spi_r = chunk_alloca(sizeof(u_int64_t));
 
-       if (dh->get_shared_secret(dh, &secret) != SUCCESS)
+       if (!dh->get_shared_secret(dh, &secret))
        {
                return FALSE;
        }
@@ -554,7 +554,7 @@ METHOD(keymat_v2_t, derive_child_keys, bool,
 
        if (dh)
        {
-               if (dh->get_shared_secret(dh, &secret) != SUCCESS)
+               if (!dh->get_shared_secret(dh, &secret))
                {
                        return FALSE;
                }
index 2fff4c9..a7def9b 100644 (file)
@@ -264,7 +264,7 @@ METHOD(pts_t, calculate_secret, bool,
        DBG3(DBG_PTS, "responder nonce: %B", &this->responder_nonce);
 
        /* Calculate the DH secret */
-       if (this->dh->get_shared_secret(this->dh, &shared_secret) != SUCCESS)
+       if (!this->dh->get_shared_secret(this->dh, &shared_secret))
        {
                DBG1(DBG_PTS, "shared DH secret computation failed");
                return FALSE;
index d5161d0..79977d7 100644 (file)
@@ -89,9 +89,10 @@ struct diffie_hellman_t {
         * Space for returned secret is allocated and must be freed by the caller.
         *
         * @param secret        shared secret will be written into this chunk
-        * @return                      SUCCESS, FAILED if not both DH values are set
+        * @return                      TRUE if shared secret computed successfully
         */
-       status_t (*get_shared_secret) (diffie_hellman_t *this, chunk_t *secret);
+       bool (*get_shared_secret)(diffie_hellman_t *this, chunk_t *secret)
+               __attribute__((warn_unused_result));
 
        /**
         * Sets the public value of partner.
index 299865d..44f33c9 100644 (file)
@@ -138,15 +138,15 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
        *value = export_mpi(this->ya, this->p_len);
 }
 
-METHOD(diffie_hellman_t, get_shared_secret, status_t,
+METHOD(diffie_hellman_t, get_shared_secret, bool,
        private_gcrypt_dh_t *this, chunk_t *secret)
 {
        if (!this->zz)
        {
-               return FAILED;
+               return FALSE;
        }
        *secret = export_mpi(this->zz, this->p_len);
-       return SUCCESS;
+       return TRUE;
 }
 
 METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,
index 9936f7e..d07999d 100644 (file)
@@ -155,20 +155,20 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
        }
 }
 
-METHOD(diffie_hellman_t, get_shared_secret, status_t,
+METHOD(diffie_hellman_t, get_shared_secret, bool,
        private_gmp_diffie_hellman_t *this, chunk_t *secret)
 {
        if (!this->computed)
        {
-               return FAILED;
+               return FALSE;
        }
        secret->len = this->p_len;
        secret->ptr = mpz_export(NULL, NULL, 1, secret->len, 1, 0, this->zz);
        if (secret->ptr == NULL)
        {
-               return FAILED;
+               return FALSE;
        }
-       return SUCCESS;
+       return TRUE;
 }
 
 METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,
index e64f32b..0aafd4c 100644 (file)
@@ -139,17 +139,17 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
        }
 }
 
-METHOD(diffie_hellman_t, get_shared_secret, status_t,
+METHOD(diffie_hellman_t, get_shared_secret, bool,
        private_ntru_ke_t *this, chunk_t *secret)
 {
        if (!this->computed || !this->shared_secret.len)
        {
                *secret = chunk_empty;
-               return FAILED;
+               return FALSE;
        }
        *secret = chunk_clone(this->shared_secret);
 
-       return SUCCESS;
+       return TRUE;
 }
 
 
index 1e68ac5..6035802 100644 (file)
@@ -70,19 +70,19 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
                          value->ptr + value->len - BN_num_bytes(this->dh->pub_key));
 }
 
-METHOD(diffie_hellman_t, get_shared_secret, status_t,
+METHOD(diffie_hellman_t, get_shared_secret, bool,
        private_openssl_diffie_hellman_t *this, chunk_t *secret)
 {
        if (!this->computed)
        {
-               return FAILED;
+               return FALSE;
        }
        /* shared secret should requires a len according the DH group */
        *secret = chunk_alloc(DH_size(this->dh));
        memset(secret->ptr, 0, secret->len);
        memcpy(secret->ptr + secret->len - this->shared_secret.len,
                   this->shared_secret.ptr, this->shared_secret.len);
-       return SUCCESS;
+       return TRUE;
 }
 
 
index 50853d6..625990b 100644 (file)
@@ -241,15 +241,15 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
        ecp2chunk(this->ec_group, EC_KEY_get0_public_key(this->key), value, FALSE);
 }
 
-METHOD(diffie_hellman_t, get_shared_secret, status_t,
+METHOD(diffie_hellman_t, get_shared_secret, bool,
        private_openssl_ec_diffie_hellman_t *this, chunk_t *secret)
 {
        if (!this->computed)
        {
-               return FAILED;
+               return FALSE;
        }
        *secret = chunk_clone(this->shared_secret);
-       return SUCCESS;
+       return TRUE;
 }
 
 METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,
index 23b63d2..99702f9 100644 (file)
@@ -154,15 +154,15 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
        *value = chunk_clone(this->pub_key);
 }
 
-METHOD(diffie_hellman_t, get_shared_secret, status_t,
+METHOD(diffie_hellman_t, get_shared_secret, bool,
        private_pkcs11_dh_t *this, chunk_t *secret)
 {
        if (!this->secret.ptr)
        {
-               return FAILED;
+               return FALSE;
        }
        *secret = chunk_clone(this->secret);
-       return SUCCESS;
+       return TRUE;
 }
 
 METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,
index a28b4bc..5d5448f 100644 (file)
@@ -1061,7 +1061,6 @@ START_TEST(test_ntru_ke)
        diffie_hellman_t *i_ntru, *r_ntru;
        char buf[10];
        int k, n, len;
-       status_t status;
 
        k = (_i) / countof(parameter_sets);
        n = (_i) % countof(parameter_sets);
@@ -1088,13 +1087,11 @@ START_TEST(test_ntru_ke)
        r_ntru->get_my_public_value(r_ntru, &cipher_text);
        ck_assert(cipher_text.len > 0);
 
-       status = r_ntru->get_shared_secret(r_ntru, &r_shared_secret);
-       ck_assert(status == SUCCESS);
+       ck_assert(r_ntru->get_shared_secret(r_ntru, &r_shared_secret));
        ck_assert(r_shared_secret.len > 0);
 
        i_ntru->set_other_public_value(i_ntru, cipher_text);
-       status = i_ntru->get_shared_secret(i_ntru, &i_shared_secret);
-       ck_assert(status == SUCCESS);
+       ck_assert(i_ntru->get_shared_secret(i_ntru, &i_shared_secret));
        ck_assert(chunk_equals(i_shared_secret, r_shared_secret));
 
        chunk_clear(&i_shared_secret);
@@ -1195,7 +1192,7 @@ START_TEST(test_ntru_ciphertext)
                i_ntru = lib->crypto->create_dh(lib->crypto, NTRU_128_BIT);
                i_ntru->get_my_public_value(i_ntru, &pub_key);
                i_ntru->set_other_public_value(i_ntru, test[i]);
-               ck_assert(i_ntru->get_shared_secret(i_ntru, &shared_secret) != SUCCESS);
+               ck_assert(!i_ntru->get_shared_secret(i_ntru, &shared_secret));
                ck_assert(shared_secret.len == 0);
 
                chunk_free(&pub_key);
@@ -1218,7 +1215,7 @@ START_TEST(test_ntru_wrong_ciphertext)
        r_ntru->set_other_public_value(r_ntru, pub_key_m);
        r_ntru->get_my_public_value(r_ntru, &cipher_text);
        i_ntru->set_other_public_value(i_ntru, cipher_text);
-       ck_assert(i_ntru->get_shared_secret(i_ntru, &shared_secret) != SUCCESS);
+       ck_assert(!i_ntru->get_shared_secret(i_ntru, &shared_secret));
        ck_assert(shared_secret.len == 0);
 
        chunk_free(&pub_key_i);
index 99bc92a..82ec262 100644 (file)
@@ -973,7 +973,7 @@ static status_t send_key_exchange_dhe(private_tls_peer_t *this,
 {
        chunk_t premaster, pub;
 
-       if (this->dh->get_shared_secret(this->dh, &premaster) != SUCCESS)
+       if (!this->dh->get_shared_secret(this->dh, &premaster))
        {
                DBG1(DBG_TLS, "calculating premaster from DH failed");
                this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);
index b6e706d..df5d00a 100644 (file)
@@ -495,7 +495,7 @@ static status_t process_key_exchange_dhe(private_tls_server_t *this,
                pub = chunk_skip(pub, 1);
        }
        this->dh->set_other_public_value(this->dh, pub);
-       if (this->dh->get_shared_secret(this->dh, &premaster) != SUCCESS)
+       if (!this->dh->get_shared_secret(this->dh, &premaster))
        {
                DBG1(DBG_TLS, "calculating premaster from DH failed");
                this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);