From 7eaba4dae64a2e2eb351965866839e43a2d561be Mon Sep 17 00:00:00 2001
From: Eugene K <eugene.kobyakov@netfoundry.io>
Date: Fri, 4 Aug 2023 10:24:56 -0400
Subject: [PATCH] avoid enrollment crash with TLS engine does not support
 pkcs11

---
 library/utils.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/library/utils.c b/library/utils.c
index 44f4effb..fd6b1550 100644
--- a/library/utils.c
+++ b/library/utils.c
@@ -573,6 +573,12 @@ int load_key_internal(tls_context *tls, tlsuv_private_key_t *key, const char *ke
 
 static int pkcs11_gen(tls_context *tls, tlsuv_private_key_t *key, const char *lib, const char *slot, const char *pin,
                       const char *id, const char *label) {
+
+    if (tls->api->generate_pkcs11_key == NULL) {
+        ZITI_LOG(WARN, "pkcs11 key generation is not supported by TLS driver[%s]", tls->api->version());
+        return ZITI_KEY_GENERATION_FAILED;
+    }
+
     if (tls->api->generate_pkcs11_key(key, lib, slot, pin, label)) {
         return ZITI_KEY_GENERATION_FAILED;
     }