lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-28 00:21:48 +03:00
Code Activity

Restore same PSK length enforcement

Browse Source 
Restore same PSK length enforcement in
conf_psk and set_hs_psk, whether the
negotiated protocol is TLS 1.2 or TLS 1.3.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron
2023-02-23 09:46:54 +01:00
parent d89360b87b
commit 1aa6e8d6e9
4 changed files with 18 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
library/ssl_tls.c
View File

@ -2145,12 +2145,9 @@ int mbedtls_ssl_set_hs_psk(mbedtls_ssl_context *ssl,
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_2 &&
psk_len > MBEDTLS_PSK_MAX_LEN) {
if (psk_len > MBEDTLS_PSK_MAX_LEN) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
ssl_remove_psk(ssl);