diff --git a/crypto/dh.c b/crypto/dh.c
index 0fcad279e6fe..68d11d66c0b5 100644
--- a/crypto/dh.c
+++ b/crypto/dh.c
@@ -106,6 +106,12 @@ err_clear_ctx:
  */
 static int dh_is_pubkey_valid(struct dh_ctx *ctx, MPI y)
 {
+	MPI val, q;
+	int ret;
+
+	if (!fips_enabled)
+		return 0;
+
 	if (unlikely(!ctx->p))
 		return -EINVAL;
 
@@ -125,41 +131,36 @@ static int dh_is_pubkey_valid(struct dh_ctx *ctx, MPI y)
 	 *
 	 * For the safe-prime groups q = (p - 1)/2.
 	 */
-	if (fips_enabled) {
-		MPI val, q;
-		int ret;
-
-		val = mpi_alloc(0);
-		if (!val)
-			return -ENOMEM;
-
-		q = mpi_alloc(mpi_get_nlimbs(ctx->p));
-		if (!q) {
-			mpi_free(val);
-			return -ENOMEM;
-		}
-
-		/*
-		 * ->p is odd, so no need to explicitly subtract one
-		 * from it before shifting to the right.
-		 */
-		mpi_rshift(q, ctx->p, 1);
-
-		ret = mpi_powm(val, y, q, ctx->p);
-		mpi_free(q);
-		if (ret) {
-			mpi_free(val);
-			return ret;
-		}
-
-		ret = mpi_cmp_ui(val, 1);
+	val = mpi_alloc(0);
+	if (!val)
+		return -ENOMEM;
 
+	q = mpi_alloc(mpi_get_nlimbs(ctx->p));
+	if (!q) {
 		mpi_free(val);
-
-		if (ret != 0)
-			return -EINVAL;
+		return -ENOMEM;
 	}
 
+	/*
+	 * ->p is odd, so no need to explicitly subtract one
+	 * from it before shifting to the right.
+	 */
+	mpi_rshift(q, ctx->p, 1);
+
+	ret = mpi_powm(val, y, q, ctx->p);
+	mpi_free(q);
+	if (ret) {
+		mpi_free(val);
+		return ret;
+	}
+
+	ret = mpi_cmp_ui(val, 1);
+
+	mpi_free(val);
+
+	if (ret != 0)
+		return -EINVAL;
+
 	return 0;
 }