TLS 1.3: fail immediately if server sends empty certificate message

2022-02-21 08:51:15 +10:00
parent ffb4ae07df
commit 9263e6ead3
1 changed files with 15 additions and 5 deletions
--- a/src/internal.c
+++ b/src/internal.c
@ -12116,11 +12116,21 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
            args->count = args->totalCerts;
            args->certIdx = 0; /* select peer cert (first one) */

-            if (args->count == 0 && (ssl->options.mutualAuth ||
-                 (ssl->options.failNoCert && IsAtLeastTLSv1_3(ssl->version))) &&
-                                      ssl->options.side == WOLFSSL_SERVER_END) {
-                ret = NO_PEER_CERT;
-                DoCertFatalAlert(ssl, ret);
+            if (args->count == 0) {
+                /* Empty certificate message. */
+                if ((ssl->options.side == WOLFSSL_SERVER_END) &&
+                    (ssl->options.mutualAuth || (ssl->options.failNoCert &&
+                                             IsAtLeastTLSv1_3(ssl->version)))) {
+                    WOLFSSL_MSG("No peer cert from Client");
+                    ret = NO_PEER_CERT;
+                    DoCertFatalAlert(ssl, ret);
+                }
+                else if ((ssl->options.side == WOLFSSL_CLIENT_END) &&
+                         IsAtLeastTLSv1_3(ssl->version)) {
+                    WOLFSSL_MSG("No peer cert from Server");
+                    ret = NO_PEER_CERT;
+                    SendAlert(ssl, alert_fatal, decode_error);
+                }
            }

            args->dCertInit = 0;