diff --git a/wolfcrypt/src/dilithium.c b/wolfcrypt/src/dilithium.c
index e459683a33c..dfd90a25a5d 100644
--- a/wolfcrypt/src/dilithium.c
+++ b/wolfcrypt/src/dilithium.c
@@ -11456,39 +11456,58 @@ int wc_dilithium_check_key(dilithium_key* key)
         /* Get s1, s2 and t0 from private key. */
         dilithium_vec_decode_eta_bits(s1p, params->eta, s1, params->l);
         dilithium_vec_decode_eta_bits(s2p, params->eta, s2, params->k);
-        dilithium_vec_decode_t0(t0p, params->k, t0);
-
-        /* Get t1 from public key. */
-        dilithium_vec_decode_t1(t1p, params->k, t1);
+        /* Validate s1 and s2 coefficients are within [-eta, eta]. */
+        {
+            sword32 eta = (sword32)params->eta;
+            word32 c;
+            for (c = 0; c < (word32)(params->l * DILITHIUM_N); c++) {
+                if (s1[c] < -eta || s1[c] > eta) {
+                    ret = PUBLIC_KEY_E;
+                    break;
+                }
+            }
+            for (c = 0; (ret == 0) && (c < (word32)(params->k * DILITHIUM_N)); c++) {
+                if (s2[c] < -eta || s2[c] > eta) {
+                    ret = PUBLIC_KEY_E;
+                    break;
+                }
+            }
+        }
+        if (ret == 0) {
+            dilithium_vec_decode_t0(t0p, params->k, t0);
 
-        /* Calcaluate t = NTT-1(A o NTT(s1)) + s2 */
-        dilithium_vec_ntt_small_full(s1, params->l);
-        dilithium_matrix_mul(t, a, s1, params->k, params->l);
-    #ifdef WOLFSSL_DILITHIUM_SMALL
-        dilithium_vec_red(t, params->k);
-    #endif
-        dilithium_vec_invntt_full(t, params->k);
-        dilithium_vec_add(t, s2, params->k);
-        /* Subtract t0 from t. */
-        dilithium_vec_sub(t, t0, params->k);
-        /* Make t positive to match t1. */
-        dilithium_vec_make_pos(t, params->k);
+            /* Get t1 from public key. */
+            dilithium_vec_decode_t1(t1p, params->k, t1);
 
-        /* Check t - t0 and t1 are the same. */
-        for (i = 0; i < params->k; i++) {
-            for (j = 0; j < DILITHIUM_N; j++) {
-                x |= tt[j] ^ t1[j];
+            /* Calcaluate t = NTT-1(A o NTT(s1)) + s2 */
+            dilithium_vec_ntt_small_full(s1, params->l);
+            dilithium_matrix_mul(t, a, s1, params->k, params->l);
+        #ifdef WOLFSSL_DILITHIUM_SMALL
+            dilithium_vec_red(t, params->k);
+        #endif
+            dilithium_vec_invntt_full(t, params->k);
+            dilithium_vec_add(t, s2, params->k);
+            /* Subtract t0 from t. */
+            dilithium_vec_sub(t, t0, params->k);
+            /* Make t positive to match t1. */
+            dilithium_vec_make_pos(t, params->k);
+
+            /* Check t - t0 and t1 are the same. */
+            for (i = 0; i < params->k; i++) {
+                for (j = 0; j < DILITHIUM_N; j++) {
+                    x |= tt[j] ^ t1[j];
+                }
+                tt += DILITHIUM_N;
+                t1 += DILITHIUM_N;
+            }
+            /* Check the public seed is the same in private and public key. */
+            for (i = 0; i < DILITHIUM_PUB_SEED_SZ; i++) {
+                x |= key->p[i] ^ key->k[i];
             }
-            tt += DILITHIUM_N;
-            t1 += DILITHIUM_N;
-        }
-        /* Check the public seed is the same in private and public key. */
-        for (i = 0; i < DILITHIUM_PUB_SEED_SZ; i++) {
-            x |= key->p[i] ^ key->k[i];
-        }
 
-        if ((ret == 0) && (x != 0)) {
-            ret = PUBLIC_KEY_E;
+            if (x != 0) {
+                ret = PUBLIC_KEY_E;
+            }
         }
     }