From d3316b72d3f9c94dff968b83f6268acb59fab26b Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Wed, 3 Jul 2024 09:31:06 -0700
Subject: [PATCH 1/2] Fix to not allow Shake128/256 with Xilinx AFALG. Cleanup
 the Shake disable logic to allow forcing off with `WOLFSSL_NO_SHAKE128` and
 `WOLFSSL_NO_SHAKE256`.

---
 wolfssl/wolfcrypt/settings.h | 27 +++++++++++++++++----------
 1 file changed, 17 insertions(+), 10 deletions(-)

diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h
index a4302c700..4eec4878c 100644
--- a/wolfssl/wolfcrypt/settings.h
+++ b/wolfssl/wolfcrypt/settings.h
@@ -2032,6 +2032,8 @@ extern void uITRON4_free(void *p) ;
         #define WOLFSSL_NOSHA3_224
         #define WOLFSSL_NOSHA3_256
         #define WOLFSSL_NOSHA3_512
+        #define WOLFSSL_NO_SHAKE128
+        #define WOLFSSL_NO_SHAKE256
     #endif
     #ifdef WOLFSSL_AFALG_XILINX_AES
         #undef  WOLFSSL_AES_DIRECT
@@ -3475,22 +3477,27 @@ extern void uITRON4_free(void *p) ;
     #define WOLFSSL_RSA_KEY_CHECK
 #endif
 
+/* ED448 Requires Shake256 */
+#if defined(HAVE_ED448) && defined(WOLFSSL_SHA3)
+    #undef  WOLFSSL_SHAKE256
+    #define WOLFSSL_SHAKE256
+#endif
+
 /* SHAKE - Not allowed in FIPS */
-#if defined(WOLFSSL_SHA3) && !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
-    #ifndef WOLFSSL_NO_SHAKE128
-        #undef  WOLFSSL_SHAKE128
-        #define WOLFSSL_SHAKE128
-    #endif
-    #ifndef WOLFSSL_NO_SHAKE256
-        #undef  WOLFSSL_SHAKE256
-        #define WOLFSSL_SHAKE256
-    #endif
-#else
+#if defined(WOLFSSL_SHA3) && (defined(HAVE_SELFTEST) || defined(HAVE_FIPS))
     #undef  WOLFSSL_NO_SHAKE128
     #define WOLFSSL_NO_SHAKE128
     #undef  WOLFSSL_NO_SHAKE256
     #define WOLFSSL_NO_SHAKE256
 #endif
+/* SHAKE Disable */
+#ifdef WOLFSSL_NO_SHAKE128
+    #undef WOLFSSL_SHAKE128
+#endif
+#ifdef WOLFSSL_NO_SHAKE256
+    #undef WOLFSSL_SHAKE256
+#endif
+
 
 /* Encrypted Client Hello - requires HPKE */
 #if defined(HAVE_ECH) && !defined(HAVE_HPKE)

From 4004e6886fd8beb1bfc33bb53216e3fa569ec208 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Wed, 3 Jul 2024 10:39:51 -0700
Subject: [PATCH 2/2] Fix the FIPS Shake logic.

---
 wolfssl/wolfcrypt/settings.h | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h
index 4eec4878c..e3f14951b 100644
--- a/wolfssl/wolfcrypt/settings.h
+++ b/wolfssl/wolfcrypt/settings.h
@@ -3483,8 +3483,9 @@ extern void uITRON4_free(void *p) ;
     #define WOLFSSL_SHAKE256
 #endif
 
-/* SHAKE - Not allowed in FIPS */
-#if defined(WOLFSSL_SHA3) && (defined(HAVE_SELFTEST) || defined(HAVE_FIPS))
+/* SHAKE - Not allowed in FIPS v5.2 or older */
+#if defined(WOLFSSL_SHA3) && (defined(HAVE_SELFTEST) || \
+    (defined(HAVE_FIPS) && FIPS_VERSION_LE(5,2)))
     #undef  WOLFSSL_NO_SHAKE128
     #define WOLFSSL_NO_SHAKE128
     #undef  WOLFSSL_NO_SHAKE256