mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-11-20 01:02:18 +03:00
311f54d0ee
In TLS, the master secret is always a key. But EAP-TLS uses the TLS PRF to derive an IV with an empty string for the "secret" input. The code always stored the secret into a key slot before calling the TLS PRF, but this doesn't work when the secret is empty, since PSA Crypto no longer supports empty keys. Add a special case for an empty secret.
415 KiB
415 KiB