ec_kem.c: Fix ikmlen check

This makes `ikmlen` have a length of at least `Nsk`.

Closes #26213

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26254)

diff --git a/providers/implementations/kem/ec_kem.c b/providers/implementations/kem/ec_kem.c
index 9d8f94270eb4ef8137739406984e309b4389cd48..c58727c9e2f7bd2079357febcc93db6c5db3d03c 100644 (file)
--- a/providers/implementations/kem/ec_kem.c
+++ b/providers/implementations/kem/ec_kem.c
@@ -405,10 +405,10 @@ int ossl_ec_dhkem_derive_private(EC_KEY *ec, BIGNUM *priv,
         return 0;
 
     /* ikmlen should have a length of at least Nsk */
-    if (ikmlen < info->Nsecret) {
+    if (ikmlen < info->Nsk) {
         ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_INPUT_LENGTH,
                        "ikm length is :%zu, should be at least %zu",
-                       ikmlen, info->Nsecret);
+                       ikmlen, info->Nsk);
         goto err;
     }