From b20da2328018107414fe896e59e7d4d6c8af8174 Mon Sep 17 00:00:00 2001
From: Nikola Pajkovsky <nikolap@openssl.org>
Date: Wed, 30 Jul 2025 09:21:29 +0200
Subject: [PATCH] Revert "Pairwise check for DH keys import as part of FIPS"

Not needed anymore. It's handled in the 'ec (fips): add PCT for key import'

This reverts commit e08b83cbb3b853ae9dc364c32d927405172918ac.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28122)
---
 crypto/dh/dh_backend.c | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/crypto/dh/dh_backend.c b/crypto/dh/dh_backend.c
index d4f907723ae..1aaa88dacae 100644
--- a/crypto/dh/dh_backend.c
+++ b/crypto/dh/dh_backend.c
@@ -80,12 +80,6 @@ int ossl_dh_key_fromdata(DH *dh, const OSSL_PARAM params[], int include_private)
     if (!DH_set0_key(dh, pub_key, priv_key))
         goto err;
 
-#ifdef FIPS_MODULE
-    if (pub_key != NULL && priv_key != NULL)
-        if (ossl_dh_check_pairwise(dh, 0) == 0)
-            return 0;
-#endif
-
     return 1;
 
  err:
-- 
2.47.2