From e98db0b866996da2fbf71bec92d8cf7e365e4fa8 Mon Sep 17 00:00:00 2001
From: Valerio Setti <vsetti@baylibre.com>
Date: Thu, 1 Dec 2022 16:52:57 +0100
Subject: [PATCH] tls: pake: fix description for
 mbedtls_ssl_set_hs_ecjpake_password_opaque

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
---
 include/mbedtls/ssl.h | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 575520825..97caad881 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -3864,14 +3864,12 @@ int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl,
 /**
  * \brief          Set the EC J-PAKE opaque password for current handshake.
  *
- * \note           An internal copy is made, and destroyed as soon as the
- *                 handshake is completed, or when the SSL context is reset or
- *                 freed.
+ * \note           The input key in not copied, so the caller must not destroy
+ *                 it before the handshake is over.
  *
  * \note           The SSL context needs to be already set up. The right place
  *                 to call this function is between \c mbedtls_ssl_setup() or
  *                 \c mbedtls_ssl_reset() and \c mbedtls_ssl_handshake().
- *                 Password cannot be empty (see RFC 8236).
  *
  * \param ssl      SSL context
  * \param pwd      EC J-PAKE opaque password