From: Richard Levitte <levitte@openssl.org>
Date: Thu, 31 May 2018 09:12:34 +0000 (+0200)
Subject: ENGINE_pkey_asn1_find_str(): don't assume an engine implements ASN1 method
X-Git-Tag: OpenSSL_1_0_2p~43
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=1ac3cd6277f880fac4df313702d5e3b3814e56e2;p=openssl

ENGINE_pkey_asn1_find_str(): don't assume an engine implements ASN1 method

Just because an engine implements algorithm methods, that doesn't mean
it also implements the ASN1 method.  Therefore, be careful when looking
for an ASN1 method among all engines, don't try to use one that doesn't
exist.

Fixes #6381

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6383)
---

diff --git a/crypto/engine/tb_asnmth.c b/crypto/engine/tb_asnmth.c
index a1a9b88c43..59e4ebf762 100644
--- a/crypto/engine/tb_asnmth.c
+++ b/crypto/engine/tb_asnmth.c
@@ -215,7 +215,7 @@ static void look_str_cb(int nid, STACK_OF(ENGINE) *sk, ENGINE *def, void *arg)
         ENGINE *e = sk_ENGINE_value(sk, i);
         EVP_PKEY_ASN1_METHOD *ameth;
         e->pkey_asn1_meths(e, &ameth, NULL, nid);
-        if (((int)strlen(ameth->pem_str) == lk->len) &&
+        if (ameth != NULL && ((int)strlen(ameth->pem_str) == lk->len) &&
             !strncasecmp(ameth->pem_str, lk->str, lk->len)) {
             lk->e = e;
             lk->ameth = ameth;