Pairwise check for DH keys import as part of FIPS

For DH key import, it appears the PCT and assurances are implemented in
the source but are not be performed by default.

Signed-off-by: Nikola Pajkovsky <nikolap@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28058)

(cherry picked from commit e08b83cbb3b853ae9dc364c32d927405172918ac)

diff --git a/crypto/dh/dh_backend.c b/crypto/dh/dh_backend.c
index 1aaa88dacae111e1d37db702a560e597282dc6a7..7cffc60a05946e5d57ee35e09b4a18b685aa88c8 100644 (file)
--- a/crypto/dh/dh_backend.c
+++ b/crypto/dh/dh_backend.c
@@ -80,6 +80,12 @@ int ossl_dh_key_fromdata(DH *dh, const OSSL_PARAM params[], int include_private)
     if (!DH_set0_key(dh, pub_key, priv_key))
         goto err;
 
+#ifdef FIPS_MODULE
+    if (pub_key != NULL && priv_key != NULL)
+        if (ossl_dh_check_pairwise(dh) == 0)
+            return 0;
+#endif
+
     return 1;
 
  err: