From 613d490bf14220b19ac06c068bf18c0faab1918f Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 5 Feb 2019 13:11:17 +0000
Subject: [PATCH] Unify state machine update in mbedtls_ssl_parse_certificate()

The handler `mbedtls_ssl_parse_certificate()` for incoming `Certificate`
messages contains many branches updating the handshake state. For easier
reasoning about state evolution, this commit introduces a single code-path
updating the state machine at the end of `mbedtls_ssl_parse_certificate()`.
---
 library/ssl_tls.c | 29 ++++++++++++-----------------
 1 file changed, 12 insertions(+), 17 deletions(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index a5d9ca5de..767010902 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -6376,7 +6376,7 @@ static int ssl_srv_check_client_no_crt_notification( mbedtls_ssl_context *ssl )
 
 int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
 {
-    int ret;
+    int ret = 0;
     const mbedtls_ssl_ciphersuite_t * const ciphersuite_info =
           ssl->handshake->ciphersuite_info;
 #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
@@ -6396,8 +6396,7 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
         ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
     {
         MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
-        ssl->state++;
-        return( 0 );
+        goto exit;
     }
 
 #if defined(MBEDTLS_SSL_SRV_C)
@@ -6405,8 +6404,7 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
         ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
     {
         MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
-        ssl->state++;
-        return( 0 );
+        goto exit;
     }
 
     if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
@@ -6414,9 +6412,7 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
     {
         ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_SKIP_VERIFY;
         MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
-
-        ssl->state++;
-        return( 0 );
+        goto exit;
     }
 #endif
 
@@ -6440,12 +6436,13 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
     if( ssl_srv_check_client_no_crt_notification( ssl ) == 0 )
     {
         ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING;
-        ssl->state++;
 
         if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL )
-            return( 0 );
+            ret = 0;
+        else
+            ret = MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE;
 
-        return( MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE );
+        goto exit;
     }
 #endif /* MBEDTLS_SSL_SRV_C */
 
@@ -6453,10 +6450,7 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
     ssl_clear_peer_cert( ssl->session_negotiate );
 
     if( ( ret = ssl_parse_certificate_chain( ssl ) ) != 0 )
-    {
-        ssl->state++;
-        return( ret );
-    }
+        goto exit;
 
 #if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
     if( ssl->handshake->ecrs_enabled)
@@ -6602,10 +6596,11 @@ crt_verify:
 #endif /* MBEDTLS_DEBUG_C */
     }
 
-    ssl->state++;
-
     MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) );
 
+exit:
+
+    ssl->state++;
     return( ret );
 }
 #endif /* !MBEDTLS_KEY_EXCHANGE_RSA_ENABLED