Merge branch 'pkcs11-pubattr-check-v9_11' into 'v9_11'

Make sure null atributes are never used

See merge request isc-projects/bind9!1355

lib/dns/pkcs11ecdsa_link.c

@@ -838,6 +838,7 @@ pkcs11ecdsa_fetch(dst_key_t *key, const char *engine, const char *label,
 
 	attr->type = CKA_EC_PARAMS;
 	pubattr = pk11_attribute_bytype(pubec, CKA_EC_PARAMS);
+	INSIST(pubattr != NULL);
 	attr->pValue = isc_mem_get(key->mctx, pubattr->ulValueLen);
 	if (attr->pValue == NULL)
 		DST_RET(ISC_R_NOMEMORY);
@@ -847,6 +848,7 @@ pkcs11ecdsa_fetch(dst_key_t *key, const char *engine, const char *label,
 
 	attr->type = CKA_EC_POINT;
 	pubattr = pk11_attribute_bytype(pubec, CKA_EC_POINT);
+	INSIST(pubattr != NULL);
 	attr->pValue = isc_mem_get(key->mctx, pubattr->ulValueLen);
 	if (attr->pValue == NULL)
 		DST_RET(ISC_R_NOMEMORY);

lib/dns/pkcs11rsa_link.c

@@ -1748,6 +1748,7 @@ pkcs11rsa_fetch(dst_key_t *key, const char *engine, const char *label,
 
 	attr->type = CKA_MODULUS;
 	pubattr = pk11_attribute_bytype(pubrsa, CKA_MODULUS);
+	INSIST(pubattr != NULL);
 	attr->pValue = isc_mem_get(key->mctx, pubattr->ulValueLen);
 	if (attr->pValue == NULL)
 		DST_RET(ISC_R_NOMEMORY);
@@ -1757,6 +1758,7 @@ pkcs11rsa_fetch(dst_key_t *key, const char *engine, const char *label,
 
 	attr->type = CKA_PUBLIC_EXPONENT;
 	pubattr = pk11_attribute_bytype(pubrsa, CKA_PUBLIC_EXPONENT);
+	INSIST(pubattr != NULL);
 	attr->pValue = isc_mem_get(key->mctx, pubattr->ulValueLen);
 	if (attr->pValue == NULL)
 		DST_RET(ISC_R_NOMEMORY);