slh-dsa: enter FIPS error state if pairwise test fails

author Pauli <ppzgs1@gmail.com>

Sun, 31 Aug 2025 07:21:42 +0000 (17:21 +1000)

committer Pauli <ppzgs1@gmail.com>

Tue, 2 Sep 2025 23:34:26 +0000 (09:34 +1000)
author Pauli <ppzgs1@gmail.com>
Sun, 31 Aug 2025 07:21:42 +0000 (17:21 +1000)
committer Pauli <ppzgs1@gmail.com>
Tue, 2 Sep 2025 23:34:26 +0000 (09:34 +1000)
diff --git a/providers/implementations/keymgmt/slh_dsa_kmgmt.c b/providers/implementations/keymgmt/slh_dsa_kmgmt.c

index ee6aba0883a1e5d59898a30365718b91e1209904..c403eba7add6b7c1b44199e628a3a50672f94e34 100644 (file)
--- a/providers/implementations/keymgmt/slh_dsa_kmgmt.c
+++ b/providers/implementations/keymgmt/slh_dsa_kmgmt.c
@@ -128,9 +128,7 @@ static int slh_dsa_import(void *keydata, int selection, const OSSL_PARAM params[
       */
      if (res > 0 && ossl_slh_dsa_key_has(key, OSSL_KEYMGMT_SELECT_KEYPAIR) > 0)
          if (!slh_dsa_fips140_pairwise_test(key, NULL)) {
-            ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_KEY,
-                           "explicit %s public key does not match private",
-                           ossl_slh_dsa_key_get_name(key));
+            ossl_set_error_state(OSSL_SELF_TEST_TYPE_PCT_IMPORT);
              ossl_slh_dsa_key_reset(key);
              res = 0;
          }
author	Pauli <ppzgs1@gmail.com>
	Sun, 31 Aug 2025 07:21:42 +0000 (17:21 +1000)
committer	Pauli <ppzgs1@gmail.com>
	Tue, 2 Sep 2025 23:34:26 +0000 (09:34 +1000)