Do not return shared secret in TKM Diffie-Hellman

Since the TKM handles all relevant key material, charon-tkm must not have access to it anymore. Thus the ike_dh_get_shared_secret operation is not available anymore.
author: Adrian-Ken Rueegsegger <ken@codelabs.ch> 2012-09-11 19:13:29 +0200
committer: Tobias Brunner <tobias@strongswan.org> 2013-03-19 15:23:48 +0100
commit: db97fd74d3185b02b25942972a181ee600d6b9b5 (patch)
tree: 9389cc34d054357939c95361f1a16541e041e285
parent: a61ae27d165edadd1e177e60441d11a636fa7d44 (diff)
download: strongswan-db97fd74d3185b02b25942972a181ee600d6b9b5.tar.bz2
strongswan-db97fd74d3185b02b25942972a181ee600d6b9b5.tar.xz
1 files changed, 1 insertions, 7 deletions
diff --git a/src/charon-tkm/src/tkm/tkm_diffie_hellman.c b/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
index cef53464c..19f57de01 100644
--- a/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
+++ b/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
@@ -61,13 +61,7 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
 METHOD(diffie_hellman_t, get_shared_secret, status_t,
 	private_tkm_diffie_hellman_t *this, chunk_t *secret)
 {
-	dh_key_type shared_secret;
-	if (ike_dh_get_shared_secret(this->context_id, &shared_secret) != TKM_OK)
-	{
-		return FAILED;
-	}
-
-	sequence_to_chunk(&shared_secret.data[0], shared_secret.size, secret);
+	*secret = chunk_empty;
 	return SUCCESS;
 }
author	Adrian-Ken Rueegsegger <ken@codelabs.ch>	2012-09-11 19:13:29 +0200
committer	Tobias Brunner <tobias@strongswan.org>	2013-03-19 15:23:48 +0100
commit	db97fd74d3185b02b25942972a181ee600d6b9b5 (patch)
tree	9389cc34d054357939c95361f1a16541e041e285
parent	a61ae27d165edadd1e177e60441d11a636fa7d44 (diff)
download	strongswan-db97fd74d3185b02b25942972a181ee600d6b9b5.tar.bz2 strongswan-db97fd74d3185b02b25942972a181ee600d6b9b5.tar.xz