ikev2kdf.c: expand missing secret check in kdf_ikev2kdf_derive()

The seemingly impossible (and erroneous) case of (secret == NULL &&
secret_len != 0) is not accounted for in sanity checks, which provoked
Coverity to report potential NULL dereference in ikev2_check_secret_and_pad()
afterwards.  Placate it by expanding the check to cover that improbable
situation and echo the seedkey check from the previous case.

Resolves: https://scan5.scan.coverity.com/#/project-view/65248/10222?selectedIssue=1690439
Complements: 0dd1c50fc070 "Add IKEV2KDF implementation"
Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
MergeDate: Tue Mar 31 00:33:22 2026
(Merged from https://github.com/openssl/openssl/pull/30566)

diff --git a/providers/implementations/kdfs/ikev2kdf.c b/providers/implementations/kdfs/ikev2kdf.c
index 377a70fb186775df1bec0bb86c75a7d09636a98a..538704f20418c0f1543ecdc13786ea44eb01f666 100644 (file)
--- a/providers/implementations/kdfs/ikev2kdf.c
+++ b/providers/implementations/kdfs/ikev2kdf.c
@@ -357,7 +357,8 @@ static int kdf_ikev2kdf_derive(void *vctx, unsigned char *key, size_t keylen,
                 return 0;
             }
             /* If Child_DH is intended, require secret_len > 0 */
-            if (ctx->secret != NULL && ctx->secret_len == 0) {
+            if ((ctx->secret != NULL && ctx->secret_len == 0)
+                || (ctx->secret == NULL && ctx->secret_len != 0)) {
                 ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_SECRET);
                 return 0;
             }