Change base on review

Fix comments Add test cases for client authentication with empty certificate Change-Id: Id8a741ddd997ca92e36832f26088eb0e67830ad8 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2025-07-29 11:41:15 +03:00 · 2022-05-19 07:19:31 +00:00
parent 989f06d52d
commit aca9048b5f
3 changed files with 41 additions and 5 deletions
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@ -594,8 +594,8 @@ static int ssl_tls13_validate_certificate( mbedtls_ssl_context *ssl )
            else
            {
                MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_NO_CERT,
-                                              MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE );
-                return( MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE );
+                                              MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE  );
+                return( MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE );
            }
        }
 #endif /* MBEDTLS_SSL_SRV_C */
@ -741,9 +741,9 @@ int mbedtls_ssl_tls13_process_certificate( mbedtls_ssl_context *ssl )

    mbedtls_ssl_add_hs_msg_to_checksum( ssl, MBEDTLS_SSL_HS_CERTIFICATE,
                                        buf, buf_len );
-#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */

 cleanup:
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */

    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) );
    return( ret );