fix: check key type in C_SignInit/C_VerifyInit to prevent crash

Passing a wrong asymmetric key type (e.g. EC key) to a mismatched
mechanism (e.g. CKM_RSA_PKCS) caused a crash (segfault or abort)
because the code tried to read RSA attributes from an EC key object,
then passed invalid data to OpenSSL.

Add key type validation after the mechanism switch in both functions,
returning CKR_KEY_TYPE_INCONSISTENT on mismatch. Also convert the
GOST catch-all else branch to an explicit else-if(isGOST) check.
Move MLDSA check also - to be consistent with other checks.

Regression tests use cross-matched asymmetric keys (EC key with RSA
mechanisms, RSA key with ECDSA/EdDSA mechanisms) to verify the fix.
Without the fix, C_SignInit accepts the wrong key type and the
subsequent C_Sign crashes.

Author: mingulov

src/lib/SoftHSM.cpp

@@ -4190,6 +4190,9 @@ CK_RV SoftHSM::AsymSignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechan
 	if (!isMechanismPermitted(key, pMechanism->mechanism))
 		return CKR_MECHANISM_INVALID;
 
+	// Get key info
+	CK_KEY_TYPE keyType = key->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED);
+
 	// Get the asymmetric algorithm matching the mechanism
 	AsymMech::Type mechanism = AsymMech::Unknown;
 	void* param = NULL;
@@ -4202,13 +4205,15 @@ CK_RV SoftHSM::AsymSignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechan
 #ifdef WITH_ECC
 	bool isECDSA = false;
 #endif
+#ifdef WITH_GOST
+	bool isGOST = false;
+#endif
 #ifdef WITH_EDDSA
 	bool isEDDSA = false;
 #endif
 #ifdef WITH_ML_DSA
 	bool isMLDSA = false;
 	MLDSAMechanismParam mldsaParam;
-	CK_KEY_TYPE keyType;
 #endif
 	switch(pMechanism->mechanism) {
 		case CKM_RSA_PKCS:
@@ -4463,10 +4468,12 @@ CK_RV SoftHSM::AsymSignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechan
 		case CKM_GOSTR3410:
 			mechanism = AsymMech::GOST;
 			bAllowMultiPartOp = false;
+			isGOST = true;
 			break;
 		case CKM_GOSTR3410_WITH_GOSTR3411:
 			mechanism = AsymMech::GOST_GOST;
 			bAllowMultiPartOp = true;
+			isGOST = true;
 			break;
 #endif
 #ifdef WITH_EDDSA
@@ -4478,12 +4485,6 @@ CK_RV SoftHSM::AsymSignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechan
 #endif
 #ifdef WITH_ML_DSA
 		case CKM_ML_DSA:
-			// Get key info
-			keyType = key->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED);
-			if (keyType != CKK_ML_DSA)
-			{
-				return CKR_KEY_TYPE_INCONSISTENT;
-			}
 			mechanism = AsymMech::MLDSA;
 			bAllowMultiPartOp = false;
 			isMLDSA = true;
@@ -4531,6 +4532,9 @@ CK_RV SoftHSM::AsymSignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechan
 	PrivateKey* privateKey = NULL;
 	if (isRSA)
 	{
+		if (keyType != CKK_RSA)
+			return CKR_KEY_TYPE_INCONSISTENT;
+
 		asymCrypto = CryptoFactory::i()->getAsymmetricAlgorithm(AsymAlgo::RSA);
 		if (asymCrypto == NULL) return CKR_MECHANISM_INVALID;
 
@@ -4550,6 +4554,9 @@ CK_RV SoftHSM::AsymSignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechan
 	}
 	else if (isDSA)
 	{
+		if (keyType != CKK_DSA)
+			return CKR_KEY_TYPE_INCONSISTENT;
+
 		asymCrypto = CryptoFactory::i()->getAsymmetricAlgorithm(AsymAlgo::DSA);
 		if (asymCrypto == NULL) return CKR_MECHANISM_INVALID;
 
@@ -4570,6 +4577,9 @@ CK_RV SoftHSM::AsymSignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechan
 #ifdef WITH_ECC
 	else if (isECDSA)
 	{
+		if (keyType != CKK_EC)
+			return CKR_KEY_TYPE_INCONSISTENT;
+
 		asymCrypto = CryptoFactory::i()->getAsymmetricAlgorithm(AsymAlgo::ECDSA);
 		if (asymCrypto == NULL) return CKR_MECHANISM_INVALID;
 
@@ -4591,6 +4601,9 @@ CK_RV SoftHSM::AsymSignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechan
 #ifdef WITH_EDDSA
 	else if (isEDDSA)
 	{
+		if (keyType != CKK_EC_EDWARDS)
+			return CKR_KEY_TYPE_INCONSISTENT;
+
 		asymCrypto = CryptoFactory::i()->getAsymmetricAlgorithm(AsymAlgo::EDDSA);
 		if (asymCrypto == NULL) return CKR_MECHANISM_INVALID;
 
@@ -4612,6 +4625,9 @@ CK_RV SoftHSM::AsymSignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechan
 #ifdef WITH_ML_DSA
 	else if (isMLDSA)
 	{
+		if (keyType != CKK_ML_DSA)
+			return CKR_KEY_TYPE_INCONSISTENT;
+
 		asymCrypto = CryptoFactory::i()->getAsymmetricAlgorithm(AsymAlgo::MLDSA);
 		if (asymCrypto == NULL) return CKR_MECHANISM_INVALID;
 
@@ -4630,9 +4646,12 @@ CK_RV SoftHSM::AsymSignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechan
 		}
 	}
 #endif
-	else
-	{
 #ifdef WITH_GOST
+	else if (isGOST)
+	{
+		if (keyType != CKK_GOSTR3410)
+			return CKR_KEY_TYPE_INCONSISTENT;
+
 		asymCrypto = CryptoFactory::i()->getAsymmetricAlgorithm(AsymAlgo::GOST);
 		if (asymCrypto == NULL) return CKR_MECHANISM_INVALID;
 
@@ -4649,10 +4668,12 @@ CK_RV SoftHSM::AsymSignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechan
 			CryptoFactory::i()->recycleAsymmetricAlgorithm(asymCrypto);
 			return CKR_GENERAL_ERROR;
 		}
-#else
-		return CKR_MECHANISM_INVALID;
+	}
 #endif
-        }
+	else
+	{
+		return CKR_MECHANISM_INVALID;
+	}
 
 	// Initialize signing
 	if (bAllowMultiPartOp && !asymCrypto->signInit(privateKey,mechanism,param,paramLen))
@@ -5269,6 +5290,9 @@ CK_RV SoftHSM::AsymVerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMech
 	if (!isMechanismPermitted(key, pMechanism->mechanism))
 		return CKR_MECHANISM_INVALID;
 
+	// Get key info
+	CK_KEY_TYPE keyType = key->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED);
+
 	// Get the asymmetric algorithm matching the mechanism
 	AsymMech::Type mechanism = AsymMech::Unknown;
 	void* param = NULL;
@@ -5281,13 +5305,15 @@ CK_RV SoftHSM::AsymVerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMech
 #ifdef WITH_ECC
 	bool isECDSA = false;
 #endif
+#ifdef WITH_GOST
+	bool isGOST = false;
+#endif
 #ifdef WITH_EDDSA
 	bool isEDDSA = false;
 #endif
 #ifdef WITH_ML_DSA
 	bool isMLDSA = false;
 	MLDSAMechanismParam mldsaParam;
-	CK_KEY_TYPE keyType;
 #endif
 	switch(pMechanism->mechanism) {
 		case CKM_RSA_PKCS:
@@ -5540,10 +5566,12 @@ CK_RV SoftHSM::AsymVerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMech
 		case CKM_GOSTR3410:
 			mechanism = AsymMech::GOST;
 			bAllowMultiPartOp = false;
+			isGOST = true;
 			break;
 		case CKM_GOSTR3410_WITH_GOSTR3411:
 			mechanism = AsymMech::GOST_GOST;
 			bAllowMultiPartOp = true;
+			isGOST = true;
 			break;
 #endif
 #ifdef WITH_EDDSA
@@ -5555,12 +5583,6 @@ CK_RV SoftHSM::AsymVerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMech
 #endif
 #ifdef WITH_ML_DSA
 		case CKM_ML_DSA:
-			// Get key info
-			keyType = key->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED);
-			if (keyType != CKK_ML_DSA)
-			{
-				return CKR_KEY_TYPE_INCONSISTENT;
-			}
 			mechanism = AsymMech::MLDSA;
 			bAllowMultiPartOp = false;
 			isMLDSA = true;
@@ -5608,6 +5630,9 @@ CK_RV SoftHSM::AsymVerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMech
 	PublicKey* publicKey = NULL;
 	if (isRSA)
 	{
+		if (keyType != CKK_RSA)
+			return CKR_KEY_TYPE_INCONSISTENT;
+
 		asymCrypto = CryptoFactory::i()->getAsymmetricAlgorithm(AsymAlgo::RSA);
 		if (asymCrypto == NULL) return CKR_MECHANISM_INVALID;
 
@@ -5627,6 +5652,9 @@ CK_RV SoftHSM::AsymVerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMech
 	}
 	else if (isDSA)
 	{
+		if (keyType != CKK_DSA)
+			return CKR_KEY_TYPE_INCONSISTENT;
+
 		asymCrypto = CryptoFactory::i()->getAsymmetricAlgorithm(AsymAlgo::DSA);
 		if (asymCrypto == NULL) return CKR_MECHANISM_INVALID;
 
@@ -5647,6 +5675,9 @@ CK_RV SoftHSM::AsymVerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMech
 #ifdef WITH_ECC
 	else if (isECDSA)
 	{
+		if (keyType != CKK_EC)
+			return CKR_KEY_TYPE_INCONSISTENT;
+
 		asymCrypto = CryptoFactory::i()->getAsymmetricAlgorithm(AsymAlgo::ECDSA);
 		if (asymCrypto == NULL) return CKR_MECHANISM_INVALID;
 
@@ -5668,6 +5699,9 @@ CK_RV SoftHSM::AsymVerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMech
 #ifdef WITH_EDDSA
 	else if (isEDDSA)
 	{
+		if (keyType != CKK_EC_EDWARDS)
+			return CKR_KEY_TYPE_INCONSISTENT;
+
 		asymCrypto = CryptoFactory::i()->getAsymmetricAlgorithm(AsymAlgo::EDDSA);
 		if (asymCrypto == NULL) return CKR_MECHANISM_INVALID;
 
@@ -5689,6 +5723,9 @@ CK_RV SoftHSM::AsymVerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMech
 #ifdef WITH_ML_DSA
 	else if (isMLDSA)
 	{
+		if (keyType != CKK_ML_DSA)
+			return CKR_KEY_TYPE_INCONSISTENT;
+
 		asymCrypto = CryptoFactory::i()->getAsymmetricAlgorithm(AsymAlgo::MLDSA);
 		if (asymCrypto == NULL) return CKR_MECHANISM_INVALID;
 
@@ -5707,9 +5744,12 @@ CK_RV SoftHSM::AsymVerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMech
 		}
 	}
 #endif
-	else
-	{
 #ifdef WITH_GOST
+	else if (isGOST)
+	{
+		if (keyType != CKK_GOSTR3410)
+			return CKR_KEY_TYPE_INCONSISTENT;
+
 		asymCrypto = CryptoFactory::i()->getAsymmetricAlgorithm(AsymAlgo::GOST);
 		if (asymCrypto == NULL) return CKR_MECHANISM_INVALID;
 
@@ -5726,10 +5766,12 @@ CK_RV SoftHSM::AsymVerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMech
 			CryptoFactory::i()->recycleAsymmetricAlgorithm(asymCrypto);
 			return CKR_GENERAL_ERROR;
 		}
-#else
-		return CKR_MECHANISM_INVALID;
+	}
 #endif
-        }
+	else
+	{
+		return CKR_MECHANISM_INVALID;
+	}
 
 	// Initialize verifying
 	if (bAllowMultiPartOp && !asymCrypto->verifyInit(publicKey,mechanism,param,paramLen))