From 81d32f4fe62d069e5828f608285bff24dd7dafb6 Mon Sep 17 00:00:00 2001
From: Kareem <kareem@wolfssl.com>
Date: Thu, 18 Dec 2025 14:37:59 -0700
Subject: [PATCH 1/2] Move Curve25519 public key check to
 make_pub/make_pub_blind to cover the case where they are called directly by
 an application.

---
 wolfcrypt/src/curve25519.c | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/wolfcrypt/src/curve25519.c b/wolfcrypt/src/curve25519.c
index 21b43e699..040be8388 100644
--- a/wolfcrypt/src/curve25519.c
+++ b/wolfcrypt/src/curve25519.c
@@ -202,6 +202,15 @@ int wc_curve25519_make_pub(int public_size, byte* pub, int private_size,
 #endif /* !WOLFSSL_CURVE25519_BLINDING */
 #endif /* FREESCALE_LTC_ECC */
 
+/* If WOLFSSL_CURVE25519_BLINDING is defined, this check is run in
+ * wc_curve25519_make_pub_blind since it could be called directly. */
+#if !defined(WOLFSSL_CURVE25519_BLINDING) || defined(FREESCALE_LTC_ECC)
+    if (ret == 0) {
+        ret = wc_curve25519_check_public(pub, public_size,
+                                    EC25519_LITTLE_ENDIAN);
+    }
+#endif
+
     return ret;
 }
 
@@ -297,6 +306,11 @@ int wc_curve25519_make_pub_blind(int public_size, byte* pub, int private_size,
     ret = curve25519_smul_blind(pub, priv, (byte*)kCurve25519BasePoint, rng);
 #endif
 
+    if (ret == 0) {
+        ret = wc_curve25519_check_public(pub, public_size,
+                                    EC25519_LITTLE_ENDIAN);
+    }
+
     return ret;
 }
 #endif
@@ -463,11 +477,6 @@ int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key)
         ret = wc_curve25519_make_pub((int)sizeof(key->p.point), key->p.point,
                                      (int)sizeof(key->k), key->k);
 #endif
-        if (ret == 0) {
-            ret = wc_curve25519_check_public(key->p.point,
-                                       (word32)sizeof(key->p.point),
-                                      EC25519_LITTLE_ENDIAN);
-        }
         key->pubSet = (ret == 0);
     }
 #endif

From c238defe23cdd5be2b5ea26fc8533740b56ab9a8 Mon Sep 17 00:00:00 2001
From: Kareem <kareem@wolfssl.com>
Date: Thu, 18 Dec 2025 15:32:59 -0700
Subject: [PATCH 2/2] Add cast for public_size

---
 wolfcrypt/src/curve25519.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/wolfcrypt/src/curve25519.c b/wolfcrypt/src/curve25519.c
index 040be8388..d0db86b25 100644
--- a/wolfcrypt/src/curve25519.c
+++ b/wolfcrypt/src/curve25519.c
@@ -206,7 +206,7 @@ int wc_curve25519_make_pub(int public_size, byte* pub, int private_size,
  * wc_curve25519_make_pub_blind since it could be called directly. */
 #if !defined(WOLFSSL_CURVE25519_BLINDING) || defined(FREESCALE_LTC_ECC)
     if (ret == 0) {
-        ret = wc_curve25519_check_public(pub, public_size,
+        ret = wc_curve25519_check_public(pub, (word32)public_size,
                                     EC25519_LITTLE_ENDIAN);
     }
 #endif
@@ -307,7 +307,7 @@ int wc_curve25519_make_pub_blind(int public_size, byte* pub, int private_size,
 #endif
 
     if (ret == 0) {
-        ret = wc_curve25519_check_public(pub, public_size,
+        ret = wc_curve25519_check_public(pub, (word32)public_size,
                                     EC25519_LITTLE_ENDIAN);
     }