tls: pake: add check for empty passwords in mbedtls_ssl_set_hs_ecjpake_password() Signed-off-by: Valerio Setti <vsetti@baylibre.com>

commit: 094432903603a19e23419652127c34475212a7d0 [log] [tgz]
author: Valerio Setti <vsetti@baylibre.com> Thu Dec 01 15:06:09 2022 +0100
committer: Valerio Setti <vsetti@baylibre.com> Thu Dec 01 15:06:09 2022 +0100
tree: cde55c0812ab530c08bd8d6dd91015b63f6ccad0
parent: a6b69dabc5edc13b3c7bb42233237652964c8ecd [diff]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index f1d286c..47c02a6 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -1991,6 +1991,10 @@
     else
         role = MBEDTLS_ECJPAKE_CLIENT;
 
+    /* Empty password is not valid  */
+    if( ( pw == NULL) || ( pw_len == 0 ) )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
     return( mbedtls_ecjpake_setup( &ssl->handshake->ecjpake_ctx,
                                    role,
                                    MBEDTLS_MD_SHA256,
commit	094432903603a19e23419652127c34475212a7d0	[log] [tgz]
author	Valerio Setti <vsetti@baylibre.com>	Thu Dec 01 15:06:09 2022 +0100
committer	Valerio Setti <vsetti@baylibre.com>	Thu Dec 01 15:06:09 2022 +0100
tree	cde55c0812ab530c08bd8d6dd91015b63f6ccad0
parent	a6b69dabc5edc13b3c7bb42233237652964c8ecd [diff]