commit e1621d47005f8aff6422678b0f003209168c5332
author Jarno Lamsa <jarno.lamsa@arm.com> Thu Dec 19 08:58:56 2019 +0200
committer Jarno Lamsa <jarno.lamsa@arm.com> Thu Dec 19 14:29:24 2019 +0200
tree 61412368a0af7bc42dcf2c058d0e60911b9ded43
parent ba4730fe4c80e98d462b0cbe2df790a09a6c587b

Check that the peer_authenticated flag

Check that the peer has been authenticated in the end
of the handshake.

library/ssl_cli.c

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 08c65d2..4871885 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -4296,7 +4296,7 @@
            break;
 
        case MBEDTLS_SSL_HANDSHAKE_WRAPUP:
-           mbedtls_ssl_handshake_wrapup( ssl );
+           ret = mbedtls_ssl_handshake_wrapup( ssl );
            break;
 
        case MBEDTLS_SSL_INVALID:

library/ssl_srv.c

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 3053818..7d00797 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -4450,6 +4450,7 @@
     if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
     {
         MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
+        ssl->handshake->peer_authenticated = MBEDTLS_SSL_FI_FLAG_SET;
         ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC;
         return( 0 );
     }
@@ -4478,6 +4479,7 @@
     if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
     {
         MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
+        ssl->handshake->peer_authenticated = MBEDTLS_SSL_FI_FLAG_SET;
         ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC;
         return( 0 );
     }
@@ -4506,6 +4508,7 @@
     if( peer_pk == NULL )
     {
         MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
+        ssl->handshake->peer_authenticated = MBEDTLS_SSL_FI_FLAG_SET;
         ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC;
         return( 0 );
     }
@@ -4851,7 +4854,7 @@
             break;
 
         case MBEDTLS_SSL_HANDSHAKE_WRAPUP:
-            mbedtls_ssl_handshake_wrapup( ssl );
+            ret = mbedtls_ssl_handshake_wrapup( ssl );
             break;
 
         case MBEDTLS_SSL_INVALID:

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 1b7d4f7..4fc6aa8 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -7309,10 +7309,13 @@
     mbedtls_x509_crt *ca_chain;
     mbedtls_x509_crl *ca_crl;
 
-    ssl->handshake->peer_authenticated = MBEDTLS_SSL_FI_FLAG_UNSET;
     if( authmode == MBEDTLS_SSL_VERIFY_NONE )
+    {
+        ssl->handshake->peer_authenticated = MBEDTLS_SSL_FI_FLAG_SET;
         return( 0 );
+    }
 
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) );
 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
     if( ssl->handshake->sni_ca_chain != NULL )
     {
@@ -7456,6 +7459,10 @@
         verify_ret = MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED;
         flow_counter++;
     }
+    else
+    {
+        flow_counter++;
+    }
 
     if( verify_ret != 0 )
     {
@@ -7504,12 +7511,15 @@
             flow_counter == 4 )
 #endif
         {
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> PEER AUTHENTICATED" ) );
             ssl->handshake->peer_authenticated = MBEDTLS_SSL_FI_FLAG_SET;
         }
         else
         {
             return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
         }
+    } else {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> PEER NOT AUTHENTICATED, %d", flow_counter));
     }
 
 #if defined(MBEDTLS_DEBUG_C)
@@ -7602,6 +7612,7 @@
     if( crt_expected == SSL_CERTIFICATE_SKIP )
     {
         MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
+        ssl->handshake->peer_authenticated = MBEDTLS_SSL_FI_FLAG_SET;
         goto exit;
     }
 
@@ -7917,8 +7928,9 @@
     MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= handshake wrapup: final free" ) );
 }
 
-void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl )
+int mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl )
 {
+    volatile int ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
     MBEDTLS_SSL_DEBUG_MSG( 3, ( "=> handshake wrapup" ) );
 
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
@@ -7959,6 +7971,39 @@
     }
 #endif /* MBEDTLS_SSL_SRV_C && !MBEDTLS_SSL_NO_SESSION_CACHE */
 
+#if !defined(MBEDTLS_SSL_NO_SESSION_RESUMPTION)
+    if( ssl->handshake->resume )
+    {
+        mbedtls_platform_enforce_volatile_reads();
+        if( ssl->handshake->resume )
+        {
+            ssl->handshake->peer_authenticated = MBEDTLS_SSL_FI_FLAG_SET;
+        }
+        else
+        {
+            ret = MBEDTLS_ERR_PLATFORM_FAULT_DETECTED;
+            return( ret );
+        }
+    }
+#endif
+
+    if( ssl->handshake->peer_authenticated == MBEDTLS_SSL_FI_FLAG_SET )
+    {
+        mbedtls_platform_enforce_volatile_reads();
+        if( ssl->handshake->peer_authenticated == MBEDTLS_SSL_FI_FLAG_SET )
+        {
+            ret = 0;
+        }
+        else
+        {
+            ret = MBEDTLS_ERR_PLATFORM_FAULT_DETECTED;
+        }
+    }
+    else
+    {
+        ret = MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED;
+    }
+
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
     if( MBEDTLS_SSL_TRANSPORT_IS_DTLS( ssl->conf->transport ) &&
         ssl->handshake->flight != NULL )
@@ -7977,6 +8022,7 @@
     ssl->state = MBEDTLS_SSL_HANDSHAKE_OVER;
 
     MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= handshake wrapup" ) );
+    return ret;
 }
 
 int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl )