Actually do a private/public key check for FALCON.

wolfcrypt/src/asn.c

@@ -28158,8 +28158,7 @@ int wc_Falcon_PrivateKeyDecode(const byte* input, word32* inOutIdx,
                         pubKey, &pubKeyLen, keytype);
     if (ret == 0) {
         if (pubKeyLen == 0) {
-            ret = wc_falcon_import_private_only(privKey, privKeyLen,
+            ret = wc_falcon_import_private_only(input, inSz, key);
-                                                key);
         }
         else {
             ret = wc_falcon_import_private_key(privKey, privKeyLen,

wolfcrypt/src/falcon.c

@@ -588,9 +588,22 @@ int wc_falcon_export_key(falcon_key* key, byte* priv, word32 *privSz,
  */
 int wc_falcon_check_key(falcon_key* key)
 {
-    /* Might want to try to sign and verify a random message here. */
+    /* Sign and verify a message. */
     int ret = 0;
-    (void)key;
+    int res = 0;
+    byte msg[] = "The wolfSSL team is here to make you ready for quantum computers!!";
+    word32 msglen = sizeof(msg);
+    byte sig[FALCON_MAX_SIG_SIZE];
+    word32 siglen = sizeof(sig);
+
+    ret = wc_falcon_sign_msg(msg, msglen, sig, &siglen, key);
+
+    if (ret == 0) {
+        ret = wc_falcon_verify_msg(sig, siglen, msg, msglen, &res, key);
+        if ((ret != 0) || (res != 1)) {
+            ret = SIG_VERIFY_E;
+        }
+    }
     return ret;
 }
 

wolfssl/wolfcrypt/falcon.h

@@ -51,7 +51,7 @@
 #define FALCON_LEVEL5_PUB_KEY_SIZE OQS_SIG_falcon_1024_length_public_key
 #define FALCON_LEVEL5_PRV_KEY_SIZE (FALCON_LEVEL5_PUB_KEY_SIZE+FALCON_LEVEL5_KEY_SIZE)
 
-#define FALCON_MAX_KEY_SIZE     FALCON_LEVEL5_KEY_SIZE
+#define FALCON_MAX_KEY_SIZE     FALCON_LEVEL5_PRV_KEY_SIZE
 #define FALCON_MAX_SIG_SIZE     FALCON_LEVEL5_SIG_SIZE
 #define FALCON_MAX_PUB_KEY_SIZE FALCON_LEVEL5_PUB_KEY_SIZE
 #define FALCON_MAX_PRV_KEY_SIZE FALCON_LEVEL5_PRV_KEY_SIZE