1 files changed, 13 insertions, 21 deletions

diff --git a/src/libstrongswan/crypto/prf_plus.h b/src/libstrongswan/crypto/prf_plus.h
index 4179f2695..f994dce16 100644
--- a/src/libstrongswan/crypto/prf_plus.h
+++ b/src/libstrongswan/crypto/prf_plus.h
@@ -27,52 +27,44 @@ typedef struct prf_plus_t prf_plus_t;
 #include <crypto/prfs/prf.h>
 
 /**
- * Implementation of the prf+ function described in IKEv2 RFC.
- *
- * This class implements the prf+ algorithm. Internally it uses a pseudo random
- * function, which implements the prf_t interface.
- * See IKEv2 RFC 2.13.
+ * Implementation of the prf+ function used in IKEv1/IKEv2 keymat extension.
  */
 struct prf_plus_t {
+
 	/**
 	 * Get pseudo random bytes.
 	 *
-	 * Get the next few bytes of the prf+ output. Space
-	 * must be allocated by the caller.
-	 *
 	 * @param length	number of bytes to get
 	 * @param buffer	pointer where the generated bytes will be written
+	 * @return			TRUE if bytes generated successfully
 	 */
-	void (*get_bytes) (prf_plus_t *this, size_t length, u_int8_t *buffer);
+	bool (*get_bytes)(prf_plus_t *this, size_t length,
+					  u_int8_t *buffer) __attribute__((warn_unused_result));
 
 	/**
 	 * Allocate pseudo random bytes.
 	 *
-	 * Get the next few bytes of the prf+ output. This function
-	 * will allocate the required space.
-	 *
 	 * @param length	number of bytes to get
 	 * @param chunk		chunk which will hold generated bytes
+	 * @return			TRUE if bytes allocated successfully
 	 */
-	void (*allocate_bytes) (prf_plus_t *this, size_t length, chunk_t *chunk);
+	bool (*allocate_bytes)(prf_plus_t *this, size_t length,
+						   chunk_t *chunk) __attribute__((warn_unused_result));
 
 	/**
 	 * Destroys a prf_plus_t object.
 	 */
-	void (*destroy) (prf_plus_t *this);
+	void (*destroy)(prf_plus_t *this);
 };
 
 /**
  * Creates a new prf_plus_t object.
  *
- * Seed will be cloned. prf will
- * not be cloned, must be destroyed outside after
- * prf_plus_t usage.
- *
- * @param prf				prf object to use
+ * @param prf				prf object to use, must be destroyd after prf+.
+ * @param counter			use an appending counter byte (for IKEv2 variant)
  * @param seed				input seed for prf
- * @return					prf_plus_t object
+ * @return					prf_plus_t object, NULL on failure
  */
-prf_plus_t *prf_plus_create(prf_t *prf, chunk_t seed);
+prf_plus_t *prf_plus_create(prf_t *prf, bool counter, chunk_t seed);
 
 #endif /** PRF_PLUS_H_ @}*/