tls: psa_pake: enforce not empty passwords Signed-off-by: Valerio Setti <vsetti@baylibre.com>

commit: aca21b717c26407f146f2bcf7ee7241854209639 [log] [tgz]
author: Valerio Setti <vsetti@baylibre.com> Thu Nov 17 18:17:01 2022 +0100
committer: Valerio Setti <vsetti@baylibre.com> Thu Nov 17 18:20:50 2022 +0100
tree: 1dfc5919f0bfcc142895a2ac822722a40dcbb9ae
parent: 819de86895383292f26ae83619f20eb853a00a75 [diff] [blame]
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 01ede40..0852357 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h

@@ -3824,9 +3824,10 @@
  * \note           The SSL context needs to be already set up. The right place
  *                 to call this function is between \c mbedtls_ssl_setup() or
  *                 \c mbedtls_ssl_reset() and \c mbedtls_ssl_handshake().
+ *                 Password cannot be empty (see RFC 8236).
  *
  * \param ssl      SSL context
- * \param pw       EC J-PAKE password (pre-shared secret)
+ * \param pw       EC J-PAKE password (pre-shared secret). It cannot be empty
  * \param pw_len   length of pw in bytes
  *
  * \return         0 on success, or a negative error code.
commit	aca21b717c26407f146f2bcf7ee7241854209639	[log] [tgz]
author	Valerio Setti <vsetti@baylibre.com>	Thu Nov 17 18:17:01 2022 +0100
committer	Valerio Setti <vsetti@baylibre.com>	Thu Nov 17 18:20:50 2022 +0100
tree	1dfc5919f0bfcc142895a2ac822722a40dcbb9ae
parent	819de86895383292f26ae83619f20eb853a00a75 [diff] [blame]