From 9263e6ead343b33fb57c875daab75dc61d8948c5 Mon Sep 17 00:00:00 2001
From: Sean Parkinson <sean@wolfssl.com>
Date: Mon, 21 Feb 2022 08:51:15 +1000
Subject: [PATCH] TLS 1.3: fail immediately if server sends empty certificate
 message

---
 src/internal.c | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index 651f4f72d..5cfe428d6 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -12116,11 +12116,21 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
             args->count = args->totalCerts;
             args->certIdx = 0; /* select peer cert (first one) */
 
-            if (args->count == 0 && (ssl->options.mutualAuth ||
-                 (ssl->options.failNoCert && IsAtLeastTLSv1_3(ssl->version))) &&
-                                      ssl->options.side == WOLFSSL_SERVER_END) {
-                ret = NO_PEER_CERT;
-                DoCertFatalAlert(ssl, ret);
+            if (args->count == 0) {
+                /* Empty certificate message. */
+                if ((ssl->options.side == WOLFSSL_SERVER_END) &&
+                    (ssl->options.mutualAuth || (ssl->options.failNoCert &&
+                                             IsAtLeastTLSv1_3(ssl->version)))) {
+                    WOLFSSL_MSG("No peer cert from Client");
+                    ret = NO_PEER_CERT;
+                    DoCertFatalAlert(ssl, ret);
+                }
+                else if ((ssl->options.side == WOLFSSL_CLIENT_END) &&
+                         IsAtLeastTLSv1_3(ssl->version)) {
+                    WOLFSSL_MSG("No peer cert from Server");
+                    ret = NO_PEER_CERT;
+                    SendAlert(ssl, alert_fatal, decode_error);
+                }
             }
 
             args->dCertInit = 0;