From 0604e7d208c1cab09aedf9b0f5a8d8d45f084b8b Mon Sep 17 00:00:00 2001
From: kaleb-himes <kaleb@wolfssl.com>
Date: Mon, 1 Jun 2020 17:36:27 -0600
Subject: [PATCH] no priv or pub in dhKey struct in FIPS

---
 wolfcrypt/src/asn.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index 71a1290e4..c32d88c10 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -4411,7 +4411,10 @@ int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32 inSz)
         return ASN_PARSE_E;
 
     #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)
+    #if !defined(HAVE_FIPS) || \
+        ( defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2) )
     temp = *inOutIdx;
+    #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
     #endif
 
     /* Assume input started after 1.2.840.113549.1.3.1 dhKeyAgreement */
@@ -4421,6 +4424,8 @@ int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32 inSz)
     }
 
     #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)
+    #if !defined(HAVE_FIPS) || \
+        ( defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2) )
     /* If ASN_DH_KEY_E: Check if input started at beginning of key */
     if (ret == ASN_DH_KEY_E) {
         /* rewind back to after the first sequence */
@@ -4465,6 +4470,7 @@ int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32 inSz)
             ret = 0;
         }
     }
+    #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
     #endif /* WOLFSSL_QT || OPENSSL_ALL */
 
     WOLFSSL_MSG("wc_DhKeyDecode Success");