eden-emu/mbedtls
19
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Restore same PSK length enforcement

Browse source 
Restore same PSK length enforcement in
conf_psk and set_hs_psk, whether the
negotiated protocol is TLS 1.2 or TLS 1.3.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2023-02-23 09:46:54 +01:00
parent d89360b87b
commit 1aa6e8d6e9
4 changed files with 18 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

5
library/ssl_tls.c
View file

@ -2145,12 +2145,9 @@ int mbedtls_ssl_set_hs_psk(mbedtls_ssl_context *ssl,
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_2 &&
psk_len > MBEDTLS_PSK_MAX_LEN) {
if (psk_len > MBEDTLS_PSK_MAX_LEN) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
ssl_remove_psk(ssl);