nts: check TLS session in NKSN_GetKeys()

Make sure the TLS session is not NULL in NKSN_GetKeys() before trying to
export the keys in case some future code tried to call the function
outside of the NTS-KE message handler.

nts_ke_session.c

@@ -888,6 +888,9 @@ NKSN_GetKeys(NKSN_Instance inst, SIV_Algorithm algorithm, SIV_Algorithm exporter
     uint8_t _pad;
   } context;
 
+  if (!inst->tls_session)
+    return 0;
+
   if (length <= 0 || length > sizeof (c2s->key) || length > sizeof (s2c->key)) {
     DEBUG_LOG("Invalid algorithm");
     return 0;

test/unit/nts_ke_session.c

@@ -176,6 +176,7 @@ test_unit(void)
   const char *cert, *key;
   int sock_fds[2], i;
   uint32_t cert_id;
+  NKE_Key c2s, s2c;
 
   LCL_Initialise();
   TST_RegisterDummyDrivers();
@@ -200,6 +201,9 @@ test_unit(void)
     TEST_CHECK(NKSN_StartSession(server, sock_fds[0], "client", server_cred, 4.0));
     TEST_CHECK(NKSN_StartSession(client, sock_fds[1], "server", client_cred, 4.0));
 
+    TEST_CHECK(!NKSN_GetKeys(server, AEAD_AES_SIV_CMAC_256, 0, 0, &c2s, &s2c));
+    TEST_CHECK(!NKSN_GetKeys(client, AEAD_AES_SIV_CMAC_256, 0, 0, &c2s, &s2c));
+
     send_message(client);
 
     request_received = response_received = 0;
@@ -211,6 +215,9 @@ test_unit(void)
     TEST_CHECK(NKSN_IsStopped(server));
     TEST_CHECK(NKSN_IsStopped(client));
 
+    TEST_CHECK(!NKSN_GetKeys(server, AEAD_AES_SIV_CMAC_256, 0, 0, &c2s, &s2c));
+    TEST_CHECK(!NKSN_GetKeys(client, AEAD_AES_SIV_CMAC_256, 0, 0, &c2s, &s2c));
+
     TEST_CHECK(request_received);
     TEST_CHECK(response_received);