From 52ff8e938719eaeb33d6bf552afab2ea67e3e1ce Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Tue, 26 Feb 2019 13:56:04 +0000
Subject: [PATCH] Fix ECDH secret export for Mongomery curves

We only switched to little endian for Curve25519, but all Montgomery
curves require little endian byte order.
---
 library/ecdh.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/ecdh.c b/library/ecdh.c
index 30c5f9f7f..eecae9131 100644
--- a/library/ecdh.c
+++ b/library/ecdh.c
@@ -638,7 +638,7 @@ static int ecdh_calc_secret_internal( mbedtls_ecdh_context_mbed *ctx,
 
     *olen = ctx->grp.pbits / 8 + ( ( ctx->grp.pbits % 8 ) != 0 );
 
-    if( ctx->grp.id == MBEDTLS_ECP_DP_CURVE25519 )
+    if( mbedtls_ecp_get_type( &ctx->grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY )
         return mbedtls_mpi_write_binary_le( &ctx->z, buf, *olen );
 
     return mbedtls_mpi_write_binary( &ctx->z, buf, *olen );