tls: pake: fix description for mbedtls_ssl_set_hs_ecjpake_password_opaque

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-01 16:52:57 +01:00 · 2022-12-01 16:52:57 +01:00 · e98db0b866
commit e98db0b866
parent b287ddff7e
1 changed files with 2 additions and 4 deletions
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -3864,14 +3864,12 @@ int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl,
 /**
 * \brief          Set the EC J-PAKE opaque password for current handshake.
 *
- * \note           An internal copy is made, and destroyed as soon as the
- *                 handshake is completed, or when the SSL context is reset or
- *                 freed.
+ * \note           The input key in not copied, so the caller must not destroy
+ *                 it before the handshake is over.
 *
 * \note           The SSL context needs to be already set up. The right place
 *                 to call this function is between \c mbedtls_ssl_setup() or
 *                 \c mbedtls_ssl_reset() and \c mbedtls_ssl_handshake().
- *                 Password cannot be empty (see RFC 8236).
 *
 * \param ssl      SSL context
 * \param pwd      EC J-PAKE opaque password