tls: psa_pake: enforce not empty passwords
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h
index e7ca1b2..3dd3361 100644
--- a/include/mbedtls/ecjpake.h
+++ b/include/mbedtls/ecjpake.h
@@ -113,7 +113,7 @@
* \param curve The identifier of the elliptic curve to use,
* for example #MBEDTLS_ECP_DP_SECP256R1.
* \param secret The pre-shared secret (passphrase). This must be
- * a readable buffer of length \p len Bytes. It need
+ * a readable not empty buffer of length \p len Bytes. It need
* only be valid for the duration of this call.
* \param len The length of the pre-shared secret \p secret.
*
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 01ede40..0852357 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -3824,9 +3824,10 @@
* \note The SSL context needs to be already set up. The right place
* to call this function is between \c mbedtls_ssl_setup() or
* \c mbedtls_ssl_reset() and \c mbedtls_ssl_handshake().
+ * Password cannot be empty (see RFC 8236).
*
* \param ssl SSL context
- * \param pw EC J-PAKE password (pre-shared secret)
+ * \param pw EC J-PAKE password (pre-shared secret). It cannot be empty
* \param pw_len length of pw in bytes
*
* \return 0 on success, or a negative error code.
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index fa415a8..062ff25 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1634,18 +1634,18 @@
else
psa_role = PSA_PAKE_ROLE_CLIENT;
+ /* Empty password is not valid */
+ if( ( pw == NULL) || ( pw_len == 0 ) )
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- if( pw_len > 0 )
- {
- psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE );
- psa_set_key_algorithm( &attributes, PSA_ALG_JPAKE );
- psa_set_key_type( &attributes, PSA_KEY_TYPE_PASSWORD );
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE );
+ psa_set_key_algorithm( &attributes, PSA_ALG_JPAKE );
+ psa_set_key_type( &attributes, PSA_KEY_TYPE_PASSWORD );
- status = psa_import_key( &attributes, pw, pw_len,
- &ssl->handshake->psa_pake_password );
- if( status != PSA_SUCCESS )
- return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
- }
+ status = psa_import_key( &attributes, pw, pw_len,
+ &ssl->handshake->psa_pake_password );
+ if( status != PSA_SUCCESS )
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
psa_pake_cs_set_algorithm( &cipher_suite, PSA_ALG_JPAKE );
psa_pake_cs_set_primitive( &cipher_suite,
@@ -1669,16 +1669,13 @@
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
}
- if( pw_len > 0 )
+ psa_pake_set_password_key( &ssl->handshake->psa_pake_ctx,
+ ssl->handshake->psa_pake_password );
+ if( status != PSA_SUCCESS )
{
- psa_pake_set_password_key( &ssl->handshake->psa_pake_ctx,
- ssl->handshake->psa_pake_password );
- if( status != PSA_SUCCESS )
- {
- psa_destroy_key( ssl->handshake->psa_pake_password );
- psa_pake_abort( &ssl->handshake->psa_pake_ctx );
- return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
- }
+ psa_destroy_key( ssl->handshake->psa_pake_password );
+ psa_pake_abort( &ssl->handshake->psa_pake_ctx );
+ return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
}
ssl->handshake->psa_pake_ctx_is_ok = 1;