Do not return shared secret in TKM Diffie-Hellman

Since the TKM handles all relevant key material, charon-tkm must not
have access to it anymore. Thus the ike_dh_get_shared_secret operation
is not available anymore.

diff --git a/src/charon-tkm/src/tkm/tkm_diffie_hellman.c b/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
index cef53464c74f4d156403cf82d5f72bdb1b55102b..19f57de016665223cbc1c2d5cc10e516adab52c8 100644 (file)
--- a/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
+++ b/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
@@ -61,13 +61,7 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
 METHOD(diffie_hellman_t, get_shared_secret, status_t,
        private_tkm_diffie_hellman_t *this, chunk_t *secret)
 {
-       dh_key_type shared_secret;
-       if (ike_dh_get_shared_secret(this->context_id, &shared_secret) != TKM_OK)
-       {
-               return FAILED;
-       }
-
-       sequence_to_chunk(&shared_secret.data[0], shared_secret.size, secret);
+       *secret = chunk_empty;
        return SUCCESS;
 }