From 94831eadf115a621c8256643f8ca8fd5df0b9e06 Mon Sep 17 00:00:00 2001
From: kaleb-himes <kaleb@wolfssl.com>
Date: Tue, 1 Jun 2021 11:38:17 -0600
Subject: [PATCH 1/3] Sync SHAKE256 default (disabled) with parent default
 edDSA448 (disabled) and remove WOLFSSL_NO_SHAKE256 flag

---
 IDE/VisualDSP/user_settings.h |  3 ---
 configure.ac                  | 15 ++++++++-------
 tests/api.c                   | 12 ++++++------
 wolfcrypt/src/hash.c          |  4 ++--
 wolfcrypt/test/test.c         |  4 ----
 5 files changed, 16 insertions(+), 22 deletions(-)

diff --git a/IDE/VisualDSP/user_settings.h b/IDE/VisualDSP/user_settings.h
index f0fa67553..d4fbdbfd1 100644
--- a/IDE/VisualDSP/user_settings.h
+++ b/IDE/VisualDSP/user_settings.h
@@ -350,9 +350,6 @@ extern "C" {
 #undef WOLFSSL_SHA3
 #if 1
     #define WOLFSSL_SHA3
-    #ifdef HAVE_FIPS
-        #define WOLFSSL_NO_SHAKE256
-    #endif
 #endif
 
 /* MD5 */
diff --git a/configure.ac b/configure.ac
index 45d6ea321..6a4558d8a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1556,7 +1556,7 @@ if test "$ENABLED_AFALG" = "xilinx"
 then
     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AFALG_XILINX -DWOLFSSL_AFALG_XILINX_AES"
     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AFALG_XILINX_SHA3 -DWOLFSSL_AFALG_XILINX_RSA"
-    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NOSHA3_224 -DWOLFSSL_NOSHA3_256 -DWOLFSSL_NOSHA3_512 -DWOLFSSL_NO_SHAKE256"
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NOSHA3_224 -DWOLFSSL_NOSHA3_256 -DWOLFSSL_NOSHA3_512"
     ENABLED_AFALG="yes"
     ENABLED_XILINX="yes"
 fi
@@ -1572,7 +1572,7 @@ if test "$ENABLED_AFALG" = "xilinx-sha3"
 then
     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AFALG_XILINX"
     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AFALG_XILINX_SHA3"
-    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NOSHA3_224 -DWOLFSSL_NOSHA3_256 -DWOLFSSL_NOSHA3_512 -DWOLFSSL_NO_SHAKE256"
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NOSHA3_224 -DWOLFSSL_NOSHA3_256 -DWOLFSSL_NOSHA3_512"
     ENABLED_AFALG="yes"
     ENABLED_XILINX="yes"
 fi
@@ -1776,9 +1776,8 @@ fi
 
 # SHAKE256
 AC_ARG_ENABLE([shake256],
-    [AS_HELP_STRING([--enable-shake256],[Enable wolfSSL SHAKE256 support (default: enabled on x86_64/aarch64)])],
-    [ ENABLED_SHAKE256=$enableval ],
-    [ ENABLED_SHAKE256=$ENABLED_SHA3 ]
+    [AS_HELP_STRING([--enable-shake256],[Enable wolfSSL SHAKE256 support (default: disabled)])],
+    [ ENABLED_SHAKE256=$enableval ]
     )
 
 # SHA512
@@ -2209,6 +2208,10 @@ then
     then
         AC_MSG_ERROR([cannot enable ed448 without enabling sha512.])
     fi
+    if test "$ENABLED_FIPS" = "yes" && "$FIPS_VERSION" = "v2"
+    then
+        AC_MSG_ERROR([cannot enabled ed448 w/ dependency shake256 in FIPSv2 mode])
+    fi
     ENABLED_FE448=yes
     ENABLED_GE448=yes
     AM_CFLAGS="$AM_CFLAGS -DHAVE_ED448"
@@ -3106,8 +3109,6 @@ AS_CASE([$FIPS_VERSION],
         AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS -DWOLFSSL_KEY_GEN -DWOLFSSL_SHA224 -DWOLFSSL_AES_DIRECT -DHAVE_AES_ECB -DHAVE_ECC_CDH -DWC_RSA_NO_PADDING -DWOLFSSL_VALIDATE_FFC_IMPORT -DHAVE_FFDHE_Q"
         ENABLED_KEYGEN="yes"
         ENABLED_SHA224="yes"
-        # Shake256 is a SHA-3 algorithm not in our FIPS algorithm list
-        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_SHAKE256"
         AS_IF([test "x$ENABLED_AESCCM" != "xyes"],
               [ENABLED_AESCCM="yes"
                AM_CFLAGS="$AM_CFLAGS -DHAVE_AESCCM"])
diff --git a/tests/api.c b/tests/api.c
index 7195540ed..976f2bd28 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -10099,7 +10099,7 @@ static int test_wc_Sha3_GetFlags (void)
 static int test_wc_InitShake256 (void)
 {
     int             ret = 0;
-#if defined(WOLFSSL_SHAKE256) && !defined(WOLFSSL_NO_SHAKE256)
+#ifdef WOLFSSL_SHAKE256
     wc_Shake        shake;
 
     printf(testingFmt, "wc_InitShake256()");
@@ -10126,7 +10126,7 @@ static int testing_wc_Shake256_Update (void)
 {
     int         ret = 0;
 
-#if defined(WOLFSSL_SHAKE256) && !defined(WOLFSSL_NO_SHAKE256)
+#ifdef WOLFSSL_SHAKE256
     wc_Shake    shake;
     byte        msg[] = "Everybody's working for the weekend.";
     byte        msg2[] = "Everybody gets Friday off.";
@@ -10178,7 +10178,7 @@ static int testing_wc_Shake256_Update (void)
     wc_Shake256_Free(&shake);
 
     printf(resultFmt, ret == 0 ? passed : failed);
-#endif /* WOLFSSL_SHAKE256 && !WOLFSSL_NO_SHAKE256 */
+#endif /* WOLFSSL_SHAKE256 */
 
     return ret;
 
@@ -10188,7 +10188,7 @@ static int test_wc_Shake256_Final (void)
 {
     int         ret = 0;
 
-#if defined(WOLFSSL_SHAKE256) && !defined(WOLFSSL_NO_SHAKE256)
+#ifdef WOLFSSL_SHAKE256
     wc_Shake    shake;
     const char* msg    = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
                          "nopnopq";
@@ -10243,7 +10243,7 @@ static int test_wc_Shake256_Final (void)
 static int test_wc_Shake256_Copy (void)
 {
     int         ret = 0;
-#if defined(WOLFSSL_SHAKE256) && !defined(WOLFSSL_NO_SHAKE256)
+#ifdef WOLFSSL_SHAKE256
     wc_Shake    shake, shakeCpy;
     const char* msg = TEST_STRING;
     word32      msglen = (word32)TEST_STRING_SZ;
@@ -10306,7 +10306,7 @@ static int test_wc_Shake256_Copy (void)
 static int test_wc_Shake256Hash(void)
 {
     int ret = 0;
-#if defined(WOLFSSL_SHAKE256) && !defined(WOLFSSL_NO_SHAKE256)
+#ifdef WOLFSSL_SHAKE256
 
     const byte data[] = { /* Hello World */
         0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
diff --git a/wolfcrypt/src/hash.c b/wolfcrypt/src/hash.c
index 921210bce..b58a2c33a 100644
--- a/wolfcrypt/src/hash.c
+++ b/wolfcrypt/src/hash.c
@@ -1381,7 +1381,7 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags)
     }
 #endif /* !WOLFSSL_NOSHA3_512 */
 
-#if defined(WOLFSSL_SHAKE256) && !defined(WOLFSSL_NO_SHAKE256)
+#ifdef WOLFSSL_SHAKE256
     int wc_Shake256Hash(const byte* data, word32 len, byte* hash,
                         word32 hashLen)
     {
@@ -1418,7 +1418,7 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags)
 
         return ret;
     }
-#endif /* WOLFSSL_SHAKE_256 && !WOLFSSL_NO_SHAKE256 */
+#endif /* WOLFSSL_SHAKE_256 */
 #endif /* WOLFSSL_SHA3 */
 
 #endif /* !NO_HASH_WRAPPER */
diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c
index efa3c430f..0f630d20f 100644
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -3366,7 +3366,6 @@ WOLFSSL_TEST_SUBROUTINE int sha3_test(void)
 #ifdef WOLFSSL_SHAKE256
 WOLFSSL_TEST_SUBROUTINE int shake256_test(void)
 {
-#ifndef WOLFSSL_NO_SHAKE256
     wc_Shake  sha;
     byte  hash[250];
 
@@ -3507,9 +3506,6 @@ exit:
     wc_Shake256_Free(&sha);
 
     return ret;
-#else
-    return 0;
-#endif
 }
 #endif
 

From 3a9c6ea924a02d699b45c99189f521f91049033e Mon Sep 17 00:00:00 2001
From: Kaleb Himes <kaleb@wolfssl.com>
Date: Tue, 1 Jun 2021 13:29:39 -0600
Subject: [PATCH 2/3] fix FIPS v2 check ($ENABLED_FIPS not set for v2)

---
 configure.ac | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index 6a4558d8a..e18befe69 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2208,7 +2208,7 @@ then
     then
         AC_MSG_ERROR([cannot enable ed448 without enabling sha512.])
     fi
-    if test "$ENABLED_FIPS" = "yes" && "$FIPS_VERSION" = "v2"
+    if test "$FIPS_VERSION" = "v2"
     then
         AC_MSG_ERROR([cannot enabled ed448 w/ dependency shake256 in FIPSv2 mode])
     fi

From a27cdc538ae722e3701fca2e8ffd9d0334da4b2b Mon Sep 17 00:00:00 2001
From: Kaleb Himes <kaleb@wolfssl.com>
Date: Tue, 1 Jun 2021 13:30:32 -0600
Subject: [PATCH 3/3] Fix typo

---
 configure.ac | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index e18befe69..dbdb037a7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2210,7 +2210,7 @@ then
     fi
     if test "$FIPS_VERSION" = "v2"
     then
-        AC_MSG_ERROR([cannot enabled ed448 w/ dependency shake256 in FIPSv2 mode])
+        AC_MSG_ERROR([cannot enable ed448 w/ dependency shake256 in FIPSv2 mode])
     fi
     ENABLED_FE448=yes
     ENABLED_GE448=yes