From 9030c6c851432ba09a8b02b4e017567b86947174 Mon Sep 17 00:00:00 2001
From: Anthony Hu <anthony@wolfssl.com>
Date: Wed, 24 Sep 2025 11:27:51 -0400
Subject: [PATCH] Enable actual ecc key pair validation by default.

---
 wolfssl/wolfcrypt/settings.h | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h
index e57d48b85e9..142d8cb6d3e 100644
--- a/wolfssl/wolfcrypt/settings.h
+++ b/wolfssl/wolfcrypt/settings.h
@@ -3059,6 +3059,13 @@ extern void uITRON4_free(void *p) ;
         #undef HAVE_ECC_KEY_EXPORT
         #define HAVE_ECC_KEY_EXPORT
     #endif
+    #if !defined (WOLFSSL_NO_VALIDATE_ECC_IMPORT) && \
+        !defined (WOLFSSL_VALIDATE_ECC_IMPORT)
+        #define WOLFSSL_VALIDATE_ECC_IMPORT
+    #elif defined(WOLFSSL_NO_VALIDATE_ECC_IMPORT) && \
+        defined(WOLFSSL_VALIDATE_ECC_IMPORT)
+        #error Conflicting settings for WOLFSSL_VALIDATE_ECC_IMPORT.
+    #endif
 #endif /* HAVE_ECC */
 
 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && defined(HAVE_ECC) && \