New function mbedtls_dhm_get_value to copy a field of a DHM context
Reduce the need to break the DHM abstraction by accessing the context directly.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/library/dhm.c b/library/dhm.c
index 2543be1..cb9299f 100644
--- a/library/dhm.c
+++ b/library/dhm.c
@@ -134,6 +134,37 @@
return( mbedtls_mpi_size( &ctx->P ) );
}
+int mbedtls_dhm_get_value( mbedtls_mpi *dest,
+ const mbedtls_dhm_context *ctx,
+ mbedtls_dhm_parameter param )
+{
+ const mbedtls_mpi *src = NULL;
+ switch( param )
+ {
+ case MBEDTLS_DHM_PARAM_P:
+ src = &ctx->P;
+ break;
+ case MBEDTLS_DHM_PARAM_G:
+ src = &ctx->G;
+ break;
+ case MBEDTLS_DHM_PARAM_X:
+ src = &ctx->X;
+ break;
+ case MBEDTLS_DHM_PARAM_GX:
+ src = &ctx->GX;
+ break;
+ case MBEDTLS_DHM_PARAM_GY:
+ src = &ctx->GY;
+ break;
+ case MBEDTLS_DHM_PARAM_K:
+ src = &ctx->K;
+ break;
+ default:
+ return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
+ }
+ return( mbedtls_mpi_copy( dest, src ) );
+}
+
/*
* Parse the ServerKeyExchange parameters
*/
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 3bdc1cf..bef6864 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3871,8 +3871,10 @@
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- if( ( ret = mbedtls_mpi_copy( &conf->dhm_P, &dhm_ctx->P ) ) != 0 ||
- ( ret = mbedtls_mpi_copy( &conf->dhm_G, &dhm_ctx->G ) ) != 0 )
+ if( ( ret = mbedtls_dhm_get_value( &conf->dhm_P, dhm_ctx,
+ MBEDTLS_DHM_PARAM_P ) ) != 0 ||
+ ( ret = mbedtls_dhm_get_value( &conf->dhm_G, dhm_ctx,
+ MBEDTLS_DHM_PARAM_G ) ) != 0 )
{
mbedtls_mpi_free( &conf->dhm_P );
mbedtls_mpi_free( &conf->dhm_G );