Merged PR 11412419: Additional FIPS 140-3 fixes: run ECDSA CAST before key usage/export, as with...

In !11324214, we added Known-Answer Tests (KATs) for RSA, DSA, and ECDSA, to satisfy FIPS 140-3 requirement for Cryptographic Algorithm Self-Tests (CASTs). Prior to that change, we were using Pairwise Consistency Tests (PCTs) to satisfy that requirement, but we received feedback from evaluators that PCTs do not satisfy the CAST requirement.

Unfortunately, there was an oversight in the previous change and the CAST was only added for key import, not key generation. To fix this, we execute the CAST in `SymCryptEckeySetRandom` as well.

Related work items: #53481333

Author: mlindgren

CHANGELOG.md

@@ -3,6 +3,8 @@
 New changes will be listed here as they are developed. The version number is determined
 prior to the creation of a new release, based on the changes contained in that release.
 
+- Additional internal self-test changes to support FIPS 140-3 certification
+
 # Version 103.5.0
 
 - Internal self-test changes to support FIPS 140-3 certification

lib/eckey.c

@@ -905,8 +905,13 @@ SymCryptEckeySetRandom(
 
     if ( (flags & SYMCRYPT_FLAG_KEY_NO_FIPS) == 0 )
     {
-        // We defer the ECDSA PCT to before first use of the Eckey in EcDsaSign, or first time
-        // private key is exported - whichever comes first.
+        if( ( flags & SYMCRYPT_FLAG_ECKEY_ECDSA ) != 0 )
+        {
+            // Ensure ECDSA algorithm selftest is run before first use of ECDSA algorithm
+            SYMCRYPT_RUN_SELFTEST_ONCE(
+                SymCryptEcDsaSelftest,
+                SYMCRYPT_SELFTEST_ALGORITHM_ECDSA );
+        }
 
         if( ( flags & SYMCRYPT_FLAG_ECKEY_ECDH ) != 0 )
         {