From 81c1fc41327bae26fe494a6d9c25df090c41e593 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Fri, 8 Nov 2019 11:25:16 +0100
Subject: [PATCH] Add double check on bad signature flagging

---
 library/x509_crt.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/library/x509_crt.c b/library/x509_crt.c
index d75e304ae..c0914fa20 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -3385,6 +3385,7 @@ static int x509_crt_verify_chain(
     int parent_is_trusted;
     int child_is_trusted;
     int signature_is_good;
+    volatile int signature_is_good_fi;
     unsigned self_cnt;
 
 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
@@ -3527,9 +3528,16 @@ find_parent:
         }
 
         /* signature was checked while searching parent */
-        if( signature_is_good != X509_SIGNATURE_IS_GOOD )
+        signature_is_good_fi = signature_is_good;
+        if( signature_is_good_fi != X509_SIGNATURE_IS_GOOD )
+        {
             *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED;
 
+            mbedtls_platform_enforce_volatile_reads();
+            if( signature_is_good_fi != X509_SIGNATURE_IS_GOOD )
+                *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED;
+        }
+
         {
             mbedtls_pk_context *parent_pk;
             ret = mbedtls_x509_crt_pk_acquire( parent_crt, &parent_pk );