From: Matt Caswell <matt@openssl.foundation>
Date: Fri, 1 May 2026 11:29:44 +0000 (+0100)
Subject: Validate that a PSK identity is at least one byte long
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=399ac55fc7c3fda8cedda2bb47945d6d826b34e7;p=thirdparty%2Fopenssl.git

Validate that a PSK identity is at least one byte long

RFC8446 requires that a PSK identity is at least one byte in length. We
should validate this.

Fixes #31007

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
MergeDate: Sun May  3 13:46:21 2026
(Merged from https://github.com/openssl/openssl/pull/31058)
---

diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 8e66fd7230c..033c0140dca 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -1354,6 +1354,10 @@ int tls_parse_ctos_psk(SSL_CONNECTION *s, PACKET *pkt, unsigned int context,
         }
 
         idlen = PACKET_remaining(&identity);
+        if (idlen == 0) {
+            SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_EXTENSION);
+            return 0;
+        }
         if (s->psk_find_session_cb != NULL
             && !s->psk_find_session_cb(ussl, PACKET_data(&identity), idlen,
                 &sess)) {