diff --git a/configure.ac b/configure.ac index 01c0470a3..0c096fd7d 100644 --- a/configure.ac +++ b/configure.ac @@ -2043,7 +2043,7 @@ then AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS" # Add the FIPS flag. AS_IF([test "x$FIPS_VERSION" = "xv2"], - [AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS_VERSION=2 -DWOLFSSL_KEY_GEN -DWOLFSSL_SHA224 -DWOLFSSL_AES_DIRECT -DHAVE_AES_ECB -DHAVE_ECC_CDH -DWC_RSA_NO_PADDING" + [AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS_VERSION=2 -DWOLFSSL_KEY_GEN -DWOLFSSL_SHA224 -DWOLFSSL_AES_DIRECT -DHAVE_AES_ECB -DHAVE_ECC_CDH -DWC_RSA_NO_PADDING -DFP_MAX_BITS=6144" ENABLED_KEYGEN="yes" ENABLED_SHA224="yes" AS_IF([test "x$ENABLED_AESCCM" != "xyes"], diff --git a/wolfcrypt/src/hmac.c b/wolfcrypt/src/hmac.c index a9e659420..6bc5a660f 100644 --- a/wolfcrypt/src/hmac.c +++ b/wolfcrypt/src/hmac.c @@ -462,7 +462,7 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length) #ifdef WOLFSSL_SHA3 case WC_SHA3_224: hmac_block_size = WC_SHA3_224_BLOCK_SIZE; - if (length <= WC_SHA3_224_DIGEST_SIZE) { + if (length <= WC_SHA3_224_BLOCK_SIZE) { if (key != NULL) { XMEMCPY(ip, key, length); } @@ -480,7 +480,7 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length) break; case WC_SHA3_256: hmac_block_size = WC_SHA3_256_BLOCK_SIZE; - if (length <= WC_SHA3_256_DIGEST_SIZE) { + if (length <= WC_SHA3_256_BLOCK_SIZE) { if (key != NULL) { XMEMCPY(ip, key, length); } @@ -498,7 +498,7 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length) break; case WC_SHA3_384: hmac_block_size = WC_SHA3_384_BLOCK_SIZE; - if (length <= WC_SHA3_384_DIGEST_SIZE) { + if (length <= WC_SHA3_384_BLOCK_SIZE) { if (key != NULL) { XMEMCPY(ip, key, length); } @@ -516,7 +516,7 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length) break; case WC_SHA3_512: hmac_block_size = WC_SHA3_512_BLOCK_SIZE; - if (length <= WC_SHA3_512_DIGEST_SIZE) { + if (length <= WC_SHA3_512_BLOCK_SIZE) { if (key != NULL) { XMEMCPY(ip, key, length); }