From 958fa1af60157f25e02bb4a18c886cc424f27df7 Mon Sep 17 00:00:00 2001
From: Sean Parkinson <sean@wolfssl.com>
Date: Wed, 5 Nov 2025 09:28:08 +1000
Subject: [PATCH] TLS 1.2: client message order check

Error when client receives CertificateRequest out of order: not after
Certificate and not after ServerKeyExchange if being sent.
---
 src/internal.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/src/internal.c b/src/internal.c
index 2b32acd70..c0babbee9 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -17659,6 +17659,20 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
                 WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
                 return OUT_OF_ORDER_E;
             }
+            if (!ssl->options.resuming && ssl->specs.kea != rsa_kea &&
+                    (ssl->specs.kea != ecc_diffie_hellman_kea ||
+                     !ssl->specs.static_ecdh) &&
+                    ssl->specs.kea != ecc_static_diffie_hellman_kea &&
+                    !ssl->msgsReceived.got_server_key_exchange) {
+                WOLFSSL_MSG("No ServerKeyExchange before CertificateRequest");
+                WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+                return OUT_OF_ORDER_E;
+            }
+            if (!ssl->msgsReceived.got_certificate) {
+                WOLFSSL_MSG("No Certificate before CertificateRequest");
+                WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+                return OUT_OF_ORDER_E;
+            }
             if (ssl->msgsReceived.got_server_hello_done) {
                 WOLFSSL_MSG("CertificateRequest received in wrong order");
                 WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);