From 10a05ad839482ea3ba5af75d15ba67c6c218fb21 Mon Sep 17 00:00:00 2001
From: Daniel Pouzzner <douzzer@wolfssl.com>
Date: Fri, 15 Aug 2025 09:48:55 -0500
Subject: [PATCH] wolfcrypt/src/dilithium.c: fix dilithium_expand_s() to fall
 through to dilithium_expand_s_c() for s1Len not implemented for
 USE_INTEL_SPEEDUP.

---
 wolfcrypt/src/dilithium.c | 47 ++++++++++++++++++++++-----------------
 1 file changed, 27 insertions(+), 20 deletions(-)

diff --git a/wolfcrypt/src/dilithium.c b/wolfcrypt/src/dilithium.c
index 0e2b32b9d..d8bf4481e 100644
--- a/wolfcrypt/src/dilithium.c
+++ b/wolfcrypt/src/dilithium.c
@@ -4020,30 +4020,37 @@ static int dilithium_expand_s(wc_Shake* shake256, byte* priv_seed, byte eta,
     int ret = 0;
 
 #if defined(USE_INTEL_SPEEDUP) && !defined(WC_SHA3_NO_ASM)
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-
     #ifndef WOLFSSL_NO_ML_DSA_44
-        if (s1Len == 4) {
-            sword32* s[2] = { s1, s2 };
-            ret = wc_mldsa_gen_s_4_4_avx2(s, priv_seed);
-        }
-    #endif
-    #ifndef WOLFSSL_NO_ML_DSA_65
-        if (s1Len == 5) {
-            sword32* s[2] = { s1, s2 };
-            ret = wc_mldsa_gen_s_5_6_avx2(s, priv_seed);
-        }
-    #endif
-    #ifndef WOLFSSL_NO_ML_DSA_87
-        if (s1Len == 7) {
-            sword32* s[2] = { s1, s2 };
-            ret = wc_mldsa_gen_s_7_8_avx2(s, priv_seed);
-        }
-    #endif
+    if ((s1Len == 4) && IS_INTEL_AVX2(cpuid_flags) &&
+        (SAVE_VECTOR_REGISTERS2() == 0))
+    {
+        sword32* s[2] = { s1, s2 };
+        ret = wc_mldsa_gen_s_4_4_avx2(s, priv_seed);
         RESTORE_VECTOR_REGISTERS();
     }
     else
-#endif
+    #endif
+    #ifndef WOLFSSL_NO_ML_DSA_65
+    if ((s1Len == 5) && IS_INTEL_AVX2(cpuid_flags) &&
+        (SAVE_VECTOR_REGISTERS2() == 0))
+    {
+        sword32* s[2] = { s1, s2 };
+        ret = wc_mldsa_gen_s_5_6_avx2(s, priv_seed);
+        RESTORE_VECTOR_REGISTERS();
+    }
+    else
+    #endif
+    #ifndef WOLFSSL_NO_ML_DSA_87
+    if ((s1Len == 7) && IS_INTEL_AVX2(cpuid_flags) &&
+        (SAVE_VECTOR_REGISTERS2() == 0))
+    {
+        sword32* s[2] = { s1, s2 };
+        ret = wc_mldsa_gen_s_7_8_avx2(s, priv_seed);
+        RESTORE_VECTOR_REGISTERS();
+    }
+    else
+    #endif
+#endif /* USE_INTEL_SPEEDUP && !WC_SHA3_NO_ASM */
     {
         ret = dilithium_expand_s_c(shake256, priv_seed, eta, s1, s1Len, s2,
             s2Len);