From 4d621e5176e8025b3005f9af8aada9d0e581ec9d Mon Sep 17 00:00:00 2001
From: Nikola Pajkovsky <nikolap@openssl.org>
Date: Thu, 17 Jul 2025 12:45:49 +0200
Subject: [PATCH] Pairwise check for DH keys import as part of FIPS

For DH key import, it appears the PCT and assurances are implemented in
the source but are not be performed by default.

Signed-off-by: Nikola Pajkovsky <nikolap@openssl.org>

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28058)

(cherry picked from commit e08b83cbb3b853ae9dc364c32d927405172918ac)
---
 crypto/dh/dh_backend.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/crypto/dh/dh_backend.c b/crypto/dh/dh_backend.c
index 1aaa88dacae..7cffc60a059 100644
--- a/crypto/dh/dh_backend.c
+++ b/crypto/dh/dh_backend.c
@@ -80,6 +80,12 @@ int ossl_dh_key_fromdata(DH *dh, const OSSL_PARAM params[], int include_private)
     if (!DH_set0_key(dh, pub_key, priv_key))
         goto err;
 
+#ifdef FIPS_MODULE
+    if (pub_key != NULL && priv_key != NULL)
+        if (ossl_dh_check_pairwise(dh) == 0)
+            return 0;
+#endif
+
     return 1;
 
  err:
-- 
2.47.2