diffie-hellman: Use bool instead of status_t as get_shared_secret() return value

While such a change is not unproblematic, keeping status_t makes the API
inconsistent once we introduce return values for the public value operations.

src/charon-tkm/src/tkm/tkm_diffie_hellman.c

@@ -61,11 +61,11 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
 	sequence_to_chunk(this->pubvalue.data, this->pubvalue.size, value);
 }
 
-METHOD(diffie_hellman_t, get_shared_secret, status_t,
+METHOD(diffie_hellman_t, get_shared_secret, bool,
 	private_tkm_diffie_hellman_t *this, chunk_t *secret)
 {
 	*secret = chunk_empty;
-	return SUCCESS;
+	return TRUE;
 }
 
 

src/libcharon/plugins/ha/ha_child.c

@@ -97,7 +97,7 @@ METHOD(listener_t, child_keys, bool,
 	}
 	m->add_attribute(m, HA_NONCE_I, nonce_i);
 	m->add_attribute(m, HA_NONCE_R, nonce_r);
-	if (dh && dh->get_shared_secret(dh, &secret) == SUCCESS)
+	if (dh && dh->get_shared_secret(dh, &secret))
 	{
 		m->add_attribute(m, HA_SECRET, secret);
 		chunk_clear(&secret);

src/libcharon/plugins/ha/ha_dispatcher.c

@@ -81,11 +81,11 @@ struct ha_diffie_hellman_t {
 	chunk_t pub;
 };
 
-METHOD(diffie_hellman_t, dh_get_shared_secret, status_t,
+METHOD(diffie_hellman_t, dh_get_shared_secret, bool,
 	ha_diffie_hellman_t *this, chunk_t *secret)
 {
 	*secret = chunk_clone(this->secret);
-	return SUCCESS;
+	return TRUE;
 }
 
 METHOD(diffie_hellman_t, dh_get_my_public_value, void,

src/libcharon/plugins/ha/ha_ike.c

@@ -84,7 +84,7 @@ METHOD(listener_t, ike_keys, bool,
 	{	/* do not sync SA between nodes */
 		return TRUE;
 	}
-	if (dh->get_shared_secret(dh, &secret) != SUCCESS)
+	if (!dh->get_shared_secret(dh, &secret))
 	{
 		return TRUE;
 	}

src/libcharon/plugins/load_tester/load_tester_diffie_hellman.c

@@ -26,11 +26,11 @@ METHOD(diffie_hellman_t, set_other_public_value, void,
 {
 }
 
-METHOD(diffie_hellman_t, get_shared_secret, status_t,
+METHOD(diffie_hellman_t, get_shared_secret, bool,
 	load_tester_diffie_hellman_t *this, chunk_t *secret)
 {
 	*secret = chunk_empty;
-	return SUCCESS;
+	return TRUE;
 }
 
 METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,

src/libcharon/sa/ikev1/keymat_v1.c

@@ -425,7 +425,7 @@ METHOD(keymat_v1_t, derive_ike_keys, bool,
 		return FALSE;
 	}
 
-	if (dh->get_shared_secret(dh, &g_xy) != SUCCESS)
+	if (!dh->get_shared_secret(dh, &g_xy))
 	{
 		return FALSE;
 	}
@@ -661,7 +661,7 @@ METHOD(keymat_v1_t, derive_child_keys, bool,
 	protocol = proposal->get_protocol(proposal);
 	if (dh)
 	{
-		if (dh->get_shared_secret(dh, &secret) != SUCCESS)
+		if (!dh->get_shared_secret(dh, &secret))
 		{
 			return FALSE;
 		}

src/libcharon/sa/ikev2/keymat_v2.c

@@ -300,7 +300,7 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
 	spi_i = chunk_alloca(sizeof(u_int64_t));
 	spi_r = chunk_alloca(sizeof(u_int64_t));
 
-	if (dh->get_shared_secret(dh, &secret) != SUCCESS)
+	if (!dh->get_shared_secret(dh, &secret))
 	{
 		return FALSE;
 	}
@@ -554,7 +554,7 @@ METHOD(keymat_v2_t, derive_child_keys, bool,
 
 	if (dh)
 	{
-		if (dh->get_shared_secret(dh, &secret) != SUCCESS)
+		if (!dh->get_shared_secret(dh, &secret))
 		{
 			return FALSE;
 		}

src/libimcv/pts/pts.c

@@ -264,7 +264,7 @@ METHOD(pts_t, calculate_secret, bool,
 	DBG3(DBG_PTS, "responder nonce: %B", &this->responder_nonce);
 
 	/* Calculate the DH secret */
-	if (this->dh->get_shared_secret(this->dh, &shared_secret) != SUCCESS)
+	if (!this->dh->get_shared_secret(this->dh, &shared_secret))
 	{
 		DBG1(DBG_PTS, "shared DH secret computation failed");
 		return FALSE;

src/libstrongswan/crypto/diffie_hellman.h

@@ -89,9 +89,10 @@ struct diffie_hellman_t {
 	 * Space for returned secret is allocated and must be freed by the caller.
 	 *
 	 * @param secret	shared secret will be written into this chunk
-	 * @return			SUCCESS, FAILED if not both DH values are set
+	 * @return			TRUE if shared secret computed successfully
 	 */
-	status_t (*get_shared_secret) (diffie_hellman_t *this, chunk_t *secret);
+	bool (*get_shared_secret)(diffie_hellman_t *this, chunk_t *secret)
+		__attribute__((warn_unused_result));
 
 	/**
 	 * Sets the public value of partner.

src/libstrongswan/plugins/gcrypt/gcrypt_dh.c

@@ -138,15 +138,15 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
 	*value = export_mpi(this->ya, this->p_len);
 }
 
-METHOD(diffie_hellman_t, get_shared_secret, status_t,
+METHOD(diffie_hellman_t, get_shared_secret, bool,
 	private_gcrypt_dh_t *this, chunk_t *secret)
 {
 	if (!this->zz)
 	{
-		return FAILED;
+		return FALSE;
 	}
 	*secret = export_mpi(this->zz, this->p_len);
-	return SUCCESS;
+	return TRUE;
 }
 
 METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,

src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c

@@ -155,20 +155,20 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
 	}
 }
 
-METHOD(diffie_hellman_t, get_shared_secret, status_t,
+METHOD(diffie_hellman_t, get_shared_secret, bool,
 	private_gmp_diffie_hellman_t *this, chunk_t *secret)
 {
 	if (!this->computed)
 	{
-		return FAILED;
+		return FALSE;
 	}
 	secret->len = this->p_len;
 	secret->ptr = mpz_export(NULL, NULL, 1, secret->len, 1, 0, this->zz);
 	if (secret->ptr == NULL)
 	{
-		return FAILED;
+		return FALSE;
 	}
-	return SUCCESS;
+	return TRUE;
 }
 
 METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,

src/libstrongswan/plugins/ntru/ntru_ke.c

@@ -139,17 +139,17 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
 	}
 }
 
-METHOD(diffie_hellman_t, get_shared_secret, status_t,
+METHOD(diffie_hellman_t, get_shared_secret, bool,
 	private_ntru_ke_t *this, chunk_t *secret)
 {
 	if (!this->computed || !this->shared_secret.len)
 	{
 		*secret = chunk_empty;
-		return FAILED;
+		return FALSE;
 	}
 	*secret = chunk_clone(this->shared_secret);
 
-	return SUCCESS;
+	return TRUE;
 }
 
 

src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c

@@ -70,19 +70,19 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
 			  value->ptr + value->len - BN_num_bytes(this->dh->pub_key));
 }
 
-METHOD(diffie_hellman_t, get_shared_secret, status_t,
+METHOD(diffie_hellman_t, get_shared_secret, bool,
 	private_openssl_diffie_hellman_t *this, chunk_t *secret)
 {
 	if (!this->computed)
 	{
-		return FAILED;
+		return FALSE;
 	}
 	/* shared secret should requires a len according the DH group */
 	*secret = chunk_alloc(DH_size(this->dh));
 	memset(secret->ptr, 0, secret->len);
 	memcpy(secret->ptr + secret->len - this->shared_secret.len,
 		   this->shared_secret.ptr, this->shared_secret.len);
-	return SUCCESS;
+	return TRUE;
 }
 
 

src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c

@@ -241,15 +241,15 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
 	ecp2chunk(this->ec_group, EC_KEY_get0_public_key(this->key), value, FALSE);
 }
 
-METHOD(diffie_hellman_t, get_shared_secret, status_t,
+METHOD(diffie_hellman_t, get_shared_secret, bool,
 	private_openssl_ec_diffie_hellman_t *this, chunk_t *secret)
 {
 	if (!this->computed)
 	{
-		return FAILED;
+		return FALSE;
 	}
 	*secret = chunk_clone(this->shared_secret);
-	return SUCCESS;
+	return TRUE;
 }
 
 METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,

src/libstrongswan/plugins/pkcs11/pkcs11_dh.c

@@ -154,15 +154,15 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
 	*value = chunk_clone(this->pub_key);
 }
 
-METHOD(diffie_hellman_t, get_shared_secret, status_t,
+METHOD(diffie_hellman_t, get_shared_secret, bool,
 	private_pkcs11_dh_t *this, chunk_t *secret)
 {
 	if (!this->secret.ptr)
 	{
-		return FAILED;
+		return FALSE;
 	}
 	*secret = chunk_clone(this->secret);
-	return SUCCESS;
+	return TRUE;
 }
 
 METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,

src/libstrongswan/tests/suites/test_ntru.c

@@ -1061,7 +1061,6 @@ START_TEST(test_ntru_ke)
 	diffie_hellman_t *i_ntru, *r_ntru;
 	char buf[10];
 	int k, n, len;
-	status_t status;
 
 	k = (_i) / countof(parameter_sets);
 	n = (_i) % countof(parameter_sets);
@@ -1088,13 +1087,11 @@ START_TEST(test_ntru_ke)
 	r_ntru->get_my_public_value(r_ntru, &cipher_text);
 	ck_assert(cipher_text.len > 0);
 
-	status = r_ntru->get_shared_secret(r_ntru, &r_shared_secret);
-	ck_assert(status == SUCCESS);
+	ck_assert(r_ntru->get_shared_secret(r_ntru, &r_shared_secret));
 	ck_assert(r_shared_secret.len > 0);
 
 	i_ntru->set_other_public_value(i_ntru, cipher_text);
-	status = i_ntru->get_shared_secret(i_ntru, &i_shared_secret);
-	ck_assert(status == SUCCESS);
+	ck_assert(i_ntru->get_shared_secret(i_ntru, &i_shared_secret));
 	ck_assert(chunk_equals(i_shared_secret, r_shared_secret));
 
 	chunk_clear(&i_shared_secret);
@@ -1195,7 +1192,7 @@ START_TEST(test_ntru_ciphertext)
 		i_ntru = lib->crypto->create_dh(lib->crypto, NTRU_128_BIT);
 		i_ntru->get_my_public_value(i_ntru, &pub_key);
 		i_ntru->set_other_public_value(i_ntru, test[i]);
-		ck_assert(i_ntru->get_shared_secret(i_ntru, &shared_secret) != SUCCESS);
+		ck_assert(!i_ntru->get_shared_secret(i_ntru, &shared_secret));
 		ck_assert(shared_secret.len == 0);
 
 		chunk_free(&pub_key);
@@ -1218,7 +1215,7 @@ START_TEST(test_ntru_wrong_ciphertext)
 	r_ntru->set_other_public_value(r_ntru, pub_key_m);
 	r_ntru->get_my_public_value(r_ntru, &cipher_text);
 	i_ntru->set_other_public_value(i_ntru, cipher_text);
-	ck_assert(i_ntru->get_shared_secret(i_ntru, &shared_secret) != SUCCESS);
+	ck_assert(!i_ntru->get_shared_secret(i_ntru, &shared_secret));
 	ck_assert(shared_secret.len == 0);
 
 	chunk_free(&pub_key_i);

src/libtls/tls_peer.c

@@ -973,7 +973,7 @@ static status_t send_key_exchange_dhe(private_tls_peer_t *this,
 {
 	chunk_t premaster, pub;
 
-	if (this->dh->get_shared_secret(this->dh, &premaster) != SUCCESS)
+	if (!this->dh->get_shared_secret(this->dh, &premaster))
 	{
 		DBG1(DBG_TLS, "calculating premaster from DH failed");
 		this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);

src/libtls/tls_server.c

@@ -495,7 +495,7 @@ static status_t process_key_exchange_dhe(private_tls_server_t *this,
 		pub = chunk_skip(pub, 1);
 	}
 	this->dh->set_other_public_value(this->dh, pub);
-	if (this->dh->get_shared_secret(this->dh, &premaster) != SUCCESS)
+	if (!this->dh->get_shared_secret(this->dh, &premaster))
 	{
 		DBG1(DBG_TLS, "calculating premaster from DH failed");
 		this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);