From f6a8a2f5bd4cc7bbf4a2d4f6a672304cecc86331 Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Fri, 3 Aug 2018 10:43:10 -0700
Subject: [PATCH] NULL Check When using the async option, the RSA key is
 checked on the first call to DoTls13CertificateVerify() when the async state
 machine is set up. On the subsequent call, the pointer to the key isn't
 checked again. Added a check. (This was from a static analysis report.)

---
 src/tls13.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/tls13.c b/src/tls13.c
index eae7eda27..179a932a9 100644
--- a/src/tls13.c
+++ b/src/tls13.c
@@ -5699,8 +5699,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
         case TLS_ASYNC_DO:
         {
         #ifndef NO_RSA
-            if (args->sigAlgo == rsa_sa_algo ||
-                                             args->sigAlgo == rsa_pss_sa_algo) {
+            if (ssl->peerRsaKey != NULL && ssl->peerRsaKeyPresent != 0) {
                 WOLFSSL_MSG("Doing RSA peer cert verify");
 
                 ret = RsaVerify(ssl, sig->buffer, sig->length, &args->output,