tls: pake: add check for empty passwords in mbedtls_ssl_set_hs_ecjpake_password()

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2025-08-05 19:35:48 +03:00 · 2022-12-01 15:06:09 +01:00
parent a6b69dabc5
commit 0944329036
1 changed files with 4 additions and 0 deletions
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1991,6 +1991,10 @@ int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl,
    else
        role = MBEDTLS_ECJPAKE_CLIENT;
    /* Empty password is not valid  */
    if( ( pw == NULL) || ( pw_len == 0 ) )
        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
    return( mbedtls_ecjpake_setup( &ssl->handshake->ecjpake_ctx,
                                   role,
                                   MBEDTLS_MD_SHA256,