Merge pull request #10027 from embhorn/zd21394

dgarske · web-flow · commit cf6c1722ae51 · 2026-03-24T14:06:40.000-07:00
Remove FIPS guards in GetASN_BitString length check
diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
@@ -1245,16 +1245,13 @@ static int GetASN_Integer(const byte* input, word32 idx, int length,
  */
 int GetASN_BitString(const byte* input, word32 idx, int length)
 {
-#if (!defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)) || \
-    (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
     /* Check contents consist of one or more octets. */
     if (length == 0) {
     #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE
         WOLFSSL_MSG("Zero length BIT STRING not allowed");
     #endif
         return ASN_PARSE_E;
     }
-#endif
     /* Ensure unused bits value is valid range. */
     if (input[idx] > 7) {
     #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE
