aws · jouho · Jul 11, 2024 · Jun 25, 2024 · Jun 25, 2024 · Jun 25, 2024
diff --git a/crypto/s2n_aead_cipher_aes_gcm.c b/crypto/s2n_aead_cipher_aes_gcm.c
@@ -22,21 +22,21 @@
 #include "utils/s2n_blob.h"
 #include "utils/s2n_safety.h"
 
-static uint8_t s2n_aead_cipher_aes128_gcm_available()
+static bool s2n_aead_cipher_aes128_gcm_available(void)
 {
 #if defined(S2N_LIBCRYPTO_SUPPORTS_EVP_AEAD_TLS)
-    return (EVP_aead_aes_128_gcm() ? 1 : 0);
+    return (EVP_aead_aes_128_gcm() ? true : false);
 #else
-    return (EVP_aes_128_gcm() ? 1 : 0);
+    return (EVP_aes_128_gcm() ? true : false);
 #endif
 }
 
-static uint8_t s2n_aead_cipher_aes256_gcm_available()
+static bool s2n_aead_cipher_aes256_gcm_available(void)
 {
 #if defined(S2N_LIBCRYPTO_SUPPORTS_EVP_AEAD_TLS)
-    return (EVP_aead_aes_256_gcm() ? 1 : 0);
+    return (EVP_aead_aes_256_gcm() ? true : false);
 #else
-    return (EVP_aes_256_gcm() ? 1 : 0);
+    return (EVP_aes_256_gcm() ? true : false);
 #endif
 }
 

diff --git a/crypto/s2n_aead_cipher_chacha20_poly1305.c b/crypto/s2n_aead_cipher_chacha20_poly1305.c
@@ -34,12 +34,12 @@
     #define S2N_CHACHA20_POLY1305_AVAILABLE_OSSL
 #endif
 
-static uint8_t s2n_aead_chacha20_poly1305_available(void)
+static bool s2n_aead_chacha20_poly1305_available(void)
 {
 #if defined(S2N_CHACHA20_POLY1305_AVAILABLE_OSSL) || defined(S2N_CHACHA20_POLY1305_AVAILABLE_BSSL_AWSLC)
-    return 1;
+    return true;
 #else
-    return 0;
+    return false;
 #endif
 }
 

diff --git a/crypto/s2n_cbc_cipher_3des.c b/crypto/s2n_cbc_cipher_3des.c
@@ -21,9 +21,9 @@
 #include "utils/s2n_blob.h"
 #include "utils/s2n_safety.h"
 
-static uint8_t s2n_cbc_cipher_3des_available()
+static bool s2n_cbc_cipher_3des_available(void)
 {
-    return (EVP_des_ede3_cbc() ? 1 : 0);
+    return (EVP_des_ede3_cbc() ? true : false);
 }
 
 static int s2n_cbc_cipher_3des_encrypt(struct s2n_session_key *key, struct s2n_blob *iv, struct s2n_blob *in, struct s2n_blob *out)

diff --git a/crypto/s2n_cbc_cipher_aes.c b/crypto/s2n_cbc_cipher_aes.c
@@ -21,14 +21,14 @@
 #include "utils/s2n_blob.h"
 #include "utils/s2n_safety.h"
 
-static uint8_t s2n_cbc_cipher_aes128_available()
+static bool s2n_cbc_cipher_aes128_available(void)
 {
-    return (EVP_aes_128_cbc() ? 1 : 0);
+    return (EVP_aes_128_cbc() ? true : false);
 }
 
-static uint8_t s2n_cbc_cipher_aes256_available()
+static bool s2n_cbc_cipher_aes256_available(void)
 {
-    return (EVP_aes_256_cbc() ? 1 : 0);
+    return (EVP_aes_256_cbc() ? true : false);
 }
 
 static int s2n_cbc_cipher_aes_encrypt(struct s2n_session_key *key, struct s2n_blob *iv, struct s2n_blob *in, struct s2n_blob *out)

diff --git a/crypto/s2n_cipher.h b/crypto/s2n_cipher.h
@@ -82,7 +82,7 @@ struct s2n_cipher {
         struct s2n_composite_cipher comp;
     } io;
     uint8_t key_material_size;
-    uint8_t (*is_available)(void);
+    bool (*is_available)(void);
     S2N_RESULT (*init)(struct s2n_session_key *key);
     S2N_RESULT (*set_decryption_key)(struct s2n_session_key *key, struct s2n_blob *in);
     S2N_RESULT (*set_encryption_key)(struct s2n_session_key *key, struct s2n_blob *in);

diff --git a/crypto/s2n_composite_cipher_aes_sha.c b/crypto/s2n_composite_cipher_aes_sha.c
@@ -86,7 +86,7 @@ static const EVP_CIPHER *s2n_evp_aes_256_cbc_hmac_sha256(void)
 #endif
 }
 
-static uint8_t s2n_composite_cipher_aes128_sha_available(void)
+static bool s2n_composite_cipher_aes128_sha_available(void)
 {
     /* EVP_aes_128_cbc_hmac_sha1() returns NULL if the implementations aren't available.
      * See https://github.com/openssl/openssl/blob/master/crypto/evp/e_aes_cbc_hmac_sha1.c#L952
@@ -95,34 +95,34 @@ static uint8_t s2n_composite_cipher_aes128_sha_available(void)
      * EVP_CIPH_FLAG_FIPS OpenSSL flag to be set for use when in FIPS mode, and composite
      * ciphers cause OpenSSL errors due to the lack of the flag.
      */
-    return (!s2n_is_in_fips_mode() && s2n_evp_aes_128_cbc_hmac_sha1() ? 1 : 0);
+    return (!s2n_is_in_fips_mode() && s2n_evp_aes_128_cbc_hmac_sha1() ? true : false);
 }
 
-static uint8_t s2n_composite_cipher_aes256_sha_available(void)
+static bool s2n_composite_cipher_aes256_sha_available(void)
 {
     /* Composite ciphers cannot be used when FIPS mode is set. Ciphers require the
      * EVP_CIPH_FLAG_FIPS OpenSSL flag to be set for use when in FIPS mode, and composite
      * ciphers cause OpenSSL errors due to the lack of the flag.
      */
-    return (!s2n_is_in_fips_mode() && s2n_evp_aes_256_cbc_hmac_sha1() ? 1 : 0);
+    return (!s2n_is_in_fips_mode() && s2n_evp_aes_256_cbc_hmac_sha1() ? true : false);
 }
 
-static uint8_t s2n_composite_cipher_aes128_sha256_available(void)
+static bool s2n_composite_cipher_aes128_sha256_available(void)
 {
     /* Composite ciphers cannot be used when FIPS mode is set. Ciphers require the
      * EVP_CIPH_FLAG_FIPS OpenSSL flag to be set for use when in FIPS mode, and composite
      * ciphers cause OpenSSL errors due to the lack of the flag.
      */
-    return (!s2n_is_in_fips_mode() && s2n_evp_aes_128_cbc_hmac_sha256() ? 1 : 0);
+    return (!s2n_is_in_fips_mode() && s2n_evp_aes_128_cbc_hmac_sha256() ? true : false);
 }
 
-static uint8_t s2n_composite_cipher_aes256_sha256_available(void)
+static bool s2n_composite_cipher_aes256_sha256_available(void)
 {
     /* Composite ciphers cannot be used when FIPS mode is set. Ciphers require the
      * EVP_CIPH_FLAG_FIPS OpenSSL flag to be set for use when in FIPS mode, and composite
      * ciphers cause OpenSSL errors due to the lack of the flag.
      */
-    return (!s2n_is_in_fips_mode() && s2n_evp_aes_256_cbc_hmac_sha256() ? 1 : 0);
+    return (!s2n_is_in_fips_mode() && s2n_evp_aes_256_cbc_hmac_sha256() ? true : false);
 }
 
 static int s2n_composite_cipher_aes_sha_initial_hmac(struct s2n_session_key *key, uint8_t *sequence_number, uint8_t content_type,

diff --git a/crypto/s2n_stream_cipher_null.c b/crypto/s2n_stream_cipher_null.c
@@ -18,9 +18,9 @@
 #include "utils/s2n_blob.h"
 #include "utils/s2n_safety.h"
 
-static uint8_t s2n_stream_cipher_null_available()
+static bool s2n_stream_cipher_null_available(void)
 {
-    return 1;
+    return true;
 }
 
 static int s2n_stream_cipher_null_endecrypt(struct s2n_session_key *key, struct s2n_blob *in, struct s2n_blob *out)

diff --git a/crypto/s2n_stream_cipher_rc4.c b/crypto/s2n_stream_cipher_rc4.c
@@ -30,19 +30,19 @@ static const EVP_CIPHER *s2n_evp_rc4()
 #endif
 }
 
-static uint8_t s2n_stream_cipher_rc4_available()
+static bool s2n_stream_cipher_rc4_available(void)
 {
     if (s2n_is_in_fips_mode()) {
-        return 0;
+        return false;
     }
     /* RC4 MIGHT be available in Openssl-3.0, depending on whether or not the
      * "legacy" provider is loaded. However, for simplicity, assume that RC4
      * is unavailable.
      */
     if (S2N_OPENSSL_VERSION_AT_LEAST(3, 0, 0)) {
-        return 0;
+        return false;
     }
-    return (s2n_evp_rc4() ? 1 : 0);
+    return (s2n_evp_rc4() ? true : false);
 }
 
 static int s2n_stream_cipher_rc4_encrypt(struct s2n_session_key *key, struct s2n_blob *in, struct s2n_blob *out)