Allow no authentication of the server in 1.3
See notes about optional two commits ago for why we're doing this.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 4b027de..2104567 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -684,6 +684,18 @@
#endif /* MBEDTLS_SSL_CLI_C */
}
+ /*
+ * NONE means we skip all checks
+ *
+ * Note: we still check above that the server did send a certificate,
+ * because only a non-compliant server would fail to do so. NONE means we
+ * don't care about the server certificate being valid, but we still care
+ * about the server otherwise following the TLS standard.
+ */
+ if (authmode == MBEDTLS_SSL_VERIFY_NONE) {
+ return 0;
+ }
+
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
if (ssl->handshake->sni_ca_chain != NULL) {
ca_chain = ssl->handshake->sni_ca_chain;
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 3f64ef6..84342d5 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -5863,6 +5863,17 @@
run_test "Authentication: server badcert, client none" \
"$P_SRV crt_file=$DATA_FILES_PATH/server5-badsign.crt \
key_file=$DATA_FILES_PATH/server5.key" \
+ "$P_CLI debug_level=3 auth_mode=none" \
+ 0 \
+ -C "x509_verify_cert() returned" \
+ -C "! The certificate is not correctly signed by the trusted CA" \
+ -C "! mbedtls_ssl_handshake returned" \
+ -C "send alert level=2 message=48" \
+ -C "X509 - Certificate verification failed"
+
+run_test "Authentication: server badcert, client none (1.2)" \
+ "$P_SRV crt_file=$DATA_FILES_PATH/server5-badsign.crt \
+ key_file=$DATA_FILES_PATH/server5.key" \
"$P_CLI force_version=tls12 debug_level=3 auth_mode=none" \
0 \
-C "x509_verify_cert() returned" \
@@ -5917,7 +5928,29 @@
-C "X509 - Certificate verification failed" \
-C "SSL - No CA Chain is set, but required to operate"
-# TODO: server goodcert, client none, no trusted CA
+requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
+run_test "Authentication: server goodcert, client none, no trusted CA" \
+ "$P_SRV" \
+ "$P_CLI debug_level=3 auth_mode=none ca_file=none ca_path=none" \
+ 0 \
+ -C "x509_verify_cert() returned" \
+ -C "! The certificate is not correctly signed by the trusted CA" \
+ -C "! Certificate verification flags"\
+ -C "! mbedtls_ssl_handshake returned" \
+ -C "X509 - Certificate verification failed" \
+ -C "SSL - No CA Chain is set, but required to operate"
+
+requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
+run_test "Authentication: server goodcert, client none, no trusted CA (1.2)" \
+ "$P_SRV" \
+ "$P_CLI force_version=tls12 debug_level=3 auth_mode=none ca_file=none ca_path=none" \
+ 0 \
+ -C "x509_verify_cert() returned" \
+ -C "! The certificate is not correctly signed by the trusted CA" \
+ -C "! Certificate verification flags"\
+ -C "! mbedtls_ssl_handshake returned" \
+ -C "X509 - Certificate verification failed" \
+ -C "SSL - No CA Chain is set, but required to operate"
# The purpose of the next two tests is to test the client's behaviour when receiving a server
# certificate with an unsupported elliptic curve. This should usually not happen because