ml-dsa: avoid pairwise test when doing key generation CAST

Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/26838)
2025-02-20 10:48:25 +11:00 · 2025-02-20 10:48:25 +11:00 · 50f995ff8c
commit 50f995ff8c
parent e36d00e53b
1 changed files with 3 additions and 1 deletions
--- a/providers/implementations/keymgmt/ml_dsa_kmgmt.c
+++ b/providers/implementations/keymgmt/ml_dsa_kmgmt.c
@ -14,6 +14,7 @@
 #include <openssl/proverr.h>
 #include <openssl/self_test.h>
 #include "crypto/ml_dsa.h"
+#include "internal/fips.h"
 #include "internal/param_build_set.h"
 #include "prov/implementations.h"
 #include "prov/providercommon.h"
@ -59,7 +60,8 @@ static int ml_dsa_pairwise_test(const ML_DSA_KEY *key)
    size_t sig_len = 0;
    int ret = 0;

-    if (!ml_dsa_has(key, OSSL_KEYMGMT_SELECT_KEYPAIR))
+    if (!ml_dsa_has(key, OSSL_KEYMGMT_SELECT_KEYPAIR)
+            || ossl_fips_self_testing())
        return 1;

    /*