diffie-hellman: Use bool instead of status_t as get_shared_secret() return value
While such a change is not unproblematic, keeping status_t makes the API inconsistent once we introduce return values for the public value operations.
This commit is contained in:
parent
4909612c3b
commit
bace1d6479
|
@ -61,11 +61,11 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
|
|||
sequence_to_chunk(this->pubvalue.data, this->pubvalue.size, value);
|
||||
}
|
||||
|
||||
METHOD(diffie_hellman_t, get_shared_secret, status_t,
|
||||
METHOD(diffie_hellman_t, get_shared_secret, bool,
|
||||
private_tkm_diffie_hellman_t *this, chunk_t *secret)
|
||||
{
|
||||
*secret = chunk_empty;
|
||||
return SUCCESS;
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -97,7 +97,7 @@ METHOD(listener_t, child_keys, bool,
|
|||
}
|
||||
m->add_attribute(m, HA_NONCE_I, nonce_i);
|
||||
m->add_attribute(m, HA_NONCE_R, nonce_r);
|
||||
if (dh && dh->get_shared_secret(dh, &secret) == SUCCESS)
|
||||
if (dh && dh->get_shared_secret(dh, &secret))
|
||||
{
|
||||
m->add_attribute(m, HA_SECRET, secret);
|
||||
chunk_clear(&secret);
|
||||
|
|
|
@ -81,11 +81,11 @@ struct ha_diffie_hellman_t {
|
|||
chunk_t pub;
|
||||
};
|
||||
|
||||
METHOD(diffie_hellman_t, dh_get_shared_secret, status_t,
|
||||
METHOD(diffie_hellman_t, dh_get_shared_secret, bool,
|
||||
ha_diffie_hellman_t *this, chunk_t *secret)
|
||||
{
|
||||
*secret = chunk_clone(this->secret);
|
||||
return SUCCESS;
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(diffie_hellman_t, dh_get_my_public_value, void,
|
||||
|
|
|
@ -84,7 +84,7 @@ METHOD(listener_t, ike_keys, bool,
|
|||
{ /* do not sync SA between nodes */
|
||||
return TRUE;
|
||||
}
|
||||
if (dh->get_shared_secret(dh, &secret) != SUCCESS)
|
||||
if (!dh->get_shared_secret(dh, &secret))
|
||||
{
|
||||
return TRUE;
|
||||
}
|
||||
|
|
|
@ -26,11 +26,11 @@ METHOD(diffie_hellman_t, set_other_public_value, void,
|
|||
{
|
||||
}
|
||||
|
||||
METHOD(diffie_hellman_t, get_shared_secret, status_t,
|
||||
METHOD(diffie_hellman_t, get_shared_secret, bool,
|
||||
load_tester_diffie_hellman_t *this, chunk_t *secret)
|
||||
{
|
||||
*secret = chunk_empty;
|
||||
return SUCCESS;
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,
|
||||
|
|
|
@ -425,7 +425,7 @@ METHOD(keymat_v1_t, derive_ike_keys, bool,
|
|||
return FALSE;
|
||||
}
|
||||
|
||||
if (dh->get_shared_secret(dh, &g_xy) != SUCCESS)
|
||||
if (!dh->get_shared_secret(dh, &g_xy))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
|
@ -661,7 +661,7 @@ METHOD(keymat_v1_t, derive_child_keys, bool,
|
|||
protocol = proposal->get_protocol(proposal);
|
||||
if (dh)
|
||||
{
|
||||
if (dh->get_shared_secret(dh, &secret) != SUCCESS)
|
||||
if (!dh->get_shared_secret(dh, &secret))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
|
|
|
@ -300,7 +300,7 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
|
|||
spi_i = chunk_alloca(sizeof(u_int64_t));
|
||||
spi_r = chunk_alloca(sizeof(u_int64_t));
|
||||
|
||||
if (dh->get_shared_secret(dh, &secret) != SUCCESS)
|
||||
if (!dh->get_shared_secret(dh, &secret))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
|
@ -554,7 +554,7 @@ METHOD(keymat_v2_t, derive_child_keys, bool,
|
|||
|
||||
if (dh)
|
||||
{
|
||||
if (dh->get_shared_secret(dh, &secret) != SUCCESS)
|
||||
if (!dh->get_shared_secret(dh, &secret))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
|
|
|
@ -264,7 +264,7 @@ METHOD(pts_t, calculate_secret, bool,
|
|||
DBG3(DBG_PTS, "responder nonce: %B", &this->responder_nonce);
|
||||
|
||||
/* Calculate the DH secret */
|
||||
if (this->dh->get_shared_secret(this->dh, &shared_secret) != SUCCESS)
|
||||
if (!this->dh->get_shared_secret(this->dh, &shared_secret))
|
||||
{
|
||||
DBG1(DBG_PTS, "shared DH secret computation failed");
|
||||
return FALSE;
|
||||
|
|
|
@ -89,9 +89,10 @@ struct diffie_hellman_t {
|
|||
* Space for returned secret is allocated and must be freed by the caller.
|
||||
*
|
||||
* @param secret shared secret will be written into this chunk
|
||||
* @return SUCCESS, FAILED if not both DH values are set
|
||||
* @return TRUE if shared secret computed successfully
|
||||
*/
|
||||
status_t (*get_shared_secret) (diffie_hellman_t *this, chunk_t *secret);
|
||||
bool (*get_shared_secret)(diffie_hellman_t *this, chunk_t *secret)
|
||||
__attribute__((warn_unused_result));
|
||||
|
||||
/**
|
||||
* Sets the public value of partner.
|
||||
|
|
|
@ -138,15 +138,15 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
|
|||
*value = export_mpi(this->ya, this->p_len);
|
||||
}
|
||||
|
||||
METHOD(diffie_hellman_t, get_shared_secret, status_t,
|
||||
METHOD(diffie_hellman_t, get_shared_secret, bool,
|
||||
private_gcrypt_dh_t *this, chunk_t *secret)
|
||||
{
|
||||
if (!this->zz)
|
||||
{
|
||||
return FAILED;
|
||||
return FALSE;
|
||||
}
|
||||
*secret = export_mpi(this->zz, this->p_len);
|
||||
return SUCCESS;
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,
|
||||
|
|
|
@ -155,20 +155,20 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
|
|||
}
|
||||
}
|
||||
|
||||
METHOD(diffie_hellman_t, get_shared_secret, status_t,
|
||||
METHOD(diffie_hellman_t, get_shared_secret, bool,
|
||||
private_gmp_diffie_hellman_t *this, chunk_t *secret)
|
||||
{
|
||||
if (!this->computed)
|
||||
{
|
||||
return FAILED;
|
||||
return FALSE;
|
||||
}
|
||||
secret->len = this->p_len;
|
||||
secret->ptr = mpz_export(NULL, NULL, 1, secret->len, 1, 0, this->zz);
|
||||
if (secret->ptr == NULL)
|
||||
{
|
||||
return FAILED;
|
||||
return FALSE;
|
||||
}
|
||||
return SUCCESS;
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,
|
||||
|
|
|
@ -139,17 +139,17 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
|
|||
}
|
||||
}
|
||||
|
||||
METHOD(diffie_hellman_t, get_shared_secret, status_t,
|
||||
METHOD(diffie_hellman_t, get_shared_secret, bool,
|
||||
private_ntru_ke_t *this, chunk_t *secret)
|
||||
{
|
||||
if (!this->computed || !this->shared_secret.len)
|
||||
{
|
||||
*secret = chunk_empty;
|
||||
return FAILED;
|
||||
return FALSE;
|
||||
}
|
||||
*secret = chunk_clone(this->shared_secret);
|
||||
|
||||
return SUCCESS;
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -70,19 +70,19 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
|
|||
value->ptr + value->len - BN_num_bytes(this->dh->pub_key));
|
||||
}
|
||||
|
||||
METHOD(diffie_hellman_t, get_shared_secret, status_t,
|
||||
METHOD(diffie_hellman_t, get_shared_secret, bool,
|
||||
private_openssl_diffie_hellman_t *this, chunk_t *secret)
|
||||
{
|
||||
if (!this->computed)
|
||||
{
|
||||
return FAILED;
|
||||
return FALSE;
|
||||
}
|
||||
/* shared secret should requires a len according the DH group */
|
||||
*secret = chunk_alloc(DH_size(this->dh));
|
||||
memset(secret->ptr, 0, secret->len);
|
||||
memcpy(secret->ptr + secret->len - this->shared_secret.len,
|
||||
this->shared_secret.ptr, this->shared_secret.len);
|
||||
return SUCCESS;
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -241,15 +241,15 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
|
|||
ecp2chunk(this->ec_group, EC_KEY_get0_public_key(this->key), value, FALSE);
|
||||
}
|
||||
|
||||
METHOD(diffie_hellman_t, get_shared_secret, status_t,
|
||||
METHOD(diffie_hellman_t, get_shared_secret, bool,
|
||||
private_openssl_ec_diffie_hellman_t *this, chunk_t *secret)
|
||||
{
|
||||
if (!this->computed)
|
||||
{
|
||||
return FAILED;
|
||||
return FALSE;
|
||||
}
|
||||
*secret = chunk_clone(this->shared_secret);
|
||||
return SUCCESS;
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,
|
||||
|
|
|
@ -154,15 +154,15 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
|
|||
*value = chunk_clone(this->pub_key);
|
||||
}
|
||||
|
||||
METHOD(diffie_hellman_t, get_shared_secret, status_t,
|
||||
METHOD(diffie_hellman_t, get_shared_secret, bool,
|
||||
private_pkcs11_dh_t *this, chunk_t *secret)
|
||||
{
|
||||
if (!this->secret.ptr)
|
||||
{
|
||||
return FAILED;
|
||||
return FALSE;
|
||||
}
|
||||
*secret = chunk_clone(this->secret);
|
||||
return SUCCESS;
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,
|
||||
|
|
|
@ -1061,7 +1061,6 @@ START_TEST(test_ntru_ke)
|
|||
diffie_hellman_t *i_ntru, *r_ntru;
|
||||
char buf[10];
|
||||
int k, n, len;
|
||||
status_t status;
|
||||
|
||||
k = (_i) / countof(parameter_sets);
|
||||
n = (_i) % countof(parameter_sets);
|
||||
|
@ -1088,13 +1087,11 @@ START_TEST(test_ntru_ke)
|
|||
r_ntru->get_my_public_value(r_ntru, &cipher_text);
|
||||
ck_assert(cipher_text.len > 0);
|
||||
|
||||
status = r_ntru->get_shared_secret(r_ntru, &r_shared_secret);
|
||||
ck_assert(status == SUCCESS);
|
||||
ck_assert(r_ntru->get_shared_secret(r_ntru, &r_shared_secret));
|
||||
ck_assert(r_shared_secret.len > 0);
|
||||
|
||||
i_ntru->set_other_public_value(i_ntru, cipher_text);
|
||||
status = i_ntru->get_shared_secret(i_ntru, &i_shared_secret);
|
||||
ck_assert(status == SUCCESS);
|
||||
ck_assert(i_ntru->get_shared_secret(i_ntru, &i_shared_secret));
|
||||
ck_assert(chunk_equals(i_shared_secret, r_shared_secret));
|
||||
|
||||
chunk_clear(&i_shared_secret);
|
||||
|
@ -1195,7 +1192,7 @@ START_TEST(test_ntru_ciphertext)
|
|||
i_ntru = lib->crypto->create_dh(lib->crypto, NTRU_128_BIT);
|
||||
i_ntru->get_my_public_value(i_ntru, &pub_key);
|
||||
i_ntru->set_other_public_value(i_ntru, test[i]);
|
||||
ck_assert(i_ntru->get_shared_secret(i_ntru, &shared_secret) != SUCCESS);
|
||||
ck_assert(!i_ntru->get_shared_secret(i_ntru, &shared_secret));
|
||||
ck_assert(shared_secret.len == 0);
|
||||
|
||||
chunk_free(&pub_key);
|
||||
|
@ -1218,7 +1215,7 @@ START_TEST(test_ntru_wrong_ciphertext)
|
|||
r_ntru->set_other_public_value(r_ntru, pub_key_m);
|
||||
r_ntru->get_my_public_value(r_ntru, &cipher_text);
|
||||
i_ntru->set_other_public_value(i_ntru, cipher_text);
|
||||
ck_assert(i_ntru->get_shared_secret(i_ntru, &shared_secret) != SUCCESS);
|
||||
ck_assert(!i_ntru->get_shared_secret(i_ntru, &shared_secret));
|
||||
ck_assert(shared_secret.len == 0);
|
||||
|
||||
chunk_free(&pub_key_i);
|
||||
|
|
|
@ -973,7 +973,7 @@ static status_t send_key_exchange_dhe(private_tls_peer_t *this,
|
|||
{
|
||||
chunk_t premaster, pub;
|
||||
|
||||
if (this->dh->get_shared_secret(this->dh, &premaster) != SUCCESS)
|
||||
if (!this->dh->get_shared_secret(this->dh, &premaster))
|
||||
{
|
||||
DBG1(DBG_TLS, "calculating premaster from DH failed");
|
||||
this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);
|
||||
|
|
|
@ -495,7 +495,7 @@ static status_t process_key_exchange_dhe(private_tls_server_t *this,
|
|||
pub = chunk_skip(pub, 1);
|
||||
}
|
||||
this->dh->set_other_public_value(this->dh, pub);
|
||||
if (this->dh->get_shared_secret(this->dh, &premaster) != SUCCESS)
|
||||
if (!this->dh->get_shared_secret(this->dh, &premaster))
|
||||
{
|
||||
DBG1(DBG_TLS, "calculating premaster from DH failed");
|
||||
this->alert->add(this->alert, TLS_FATAL, TLS_INTERNAL_ERROR);
|
||||
|
|
Loading…
Reference in New Issue