From c31ed64eb5960ceb5bc6115b6456ea86c3043ad7 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 7 May 2021 11:48:21 -0700 Subject: [PATCH] Add guard around the public key check for DH to skip it when we have the condition to perform the small key test. The small key is mathematically valid, but does not necessarily pass the SP 800-56Ar3 test for DH keys. The most recent FIPS build will add the tested file. This change is only used in the older FIPS releases and in some rare configurations that include the small key test. --- wolfcrypt/src/dh.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/wolfcrypt/src/dh.c b/wolfcrypt/src/dh.c index 4cb0dbc37..cd7a67f09 100644 --- a/wolfcrypt/src/dh.c +++ b/wolfcrypt/src/dh.c @@ -1362,8 +1362,10 @@ static int wc_DhGenerateKeyPair_Sync(DhKey* key, WC_RNG* rng, if (ret == 0) ret = GeneratePublicDh(key, priv, *privSz, pub, pubSz); +#if defined(WOLFSSL_SP_MATH) || defined(HAVE_FFDHE) if (ret == 0) ret = _ffc_validate_public_key(key, pub, *pubSz, NULL, 0, 0); +#endif if (ret == 0) ret = _ffc_pairwise_consistency_test(key, pub, *pubSz, priv, *privSz);