From dbdbddc7f14b9c4f3ccf4e7079e844c876f2af68 Mon Sep 17 00:00:00 2001
From: Yosuke Shimizu <yosuke@wolfssl.com>
Date: Fri, 26 Jun 2026 11:28:05 +0900
Subject: [PATCH] Validate peer ECDH public key before shared-secret in key
 agreement

---
 src/internal.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/internal.c b/src/internal.c
index 96650a4f4..420b3b660 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -12522,6 +12522,9 @@ static int KeyAgreeEcdh_server(WOLFSSH* ssh, byte hashId, byte* f, word32* fSz)
                                     ssh->handshake->eSz,
                                     pubKey, primeId);
 
+    if (ret == 0)
+        ret = wc_ecc_check_key(pubKey);
+
     if (ret == 0)
         ret = wc_ecc_make_key_ex(ssh->rng,
                              wc_ecc_get_curve_size_from_id(primeId),
@@ -12845,6 +12848,9 @@ static int KeyAgreeEcdhMlKem_server(WOLFSSH* ssh, byte hashId,
                 ssh->handshake->eSz - length_publickey,
                 pubKey, primeId);
         }
+        if (ret == 0) {
+            ret = wc_ecc_check_key(pubKey);
+        }
         if (ret == 0) {
             ret = wc_ecc_make_key_ex(ssh->rng,
                       wc_ecc_get_curve_size_from_id(primeId),