diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 58ae0c41a..0b62e066c 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -4572,9 +4572,14 @@ extern void uITRON4_free(void *p) ; #define WOLFSSL_SHAKE256 #endif -/* SHAKE - Not allowed in FIPS v5.2 or older */ -#if defined(WOLFSSL_SHA3) && (defined(HAVE_SELFTEST) || \ - (defined(HAVE_FIPS) && FIPS_VERSION_LE(5,2))) +/* SHAKE - Not allowed in FIPS v5.2 or older, or selftest without PQC. + * Exception: Allow SHAKE in selftest when MLKEM (Kyber) or Dilithium + * is enabled. + */ +#if defined(WOLFSSL_SHA3) && \ + ((defined(HAVE_FIPS) && FIPS_VERSION_LE(5,2)) || \ + (defined(HAVE_SELFTEST) && \ + !defined(WOLFSSL_HAVE_MLKEM) && !defined(WOLFSSL_WC_DILITHIUM))) #undef WOLFSSL_NO_SHAKE128 #define WOLFSSL_NO_SHAKE128 #undef WOLFSSL_NO_SHAKE256 diff --git a/wolfssl/wolfcrypt/sha3.h b/wolfssl/wolfcrypt/sha3.h index 73f8345b4..47cf6f7c8 100644 --- a/wolfssl/wolfcrypt/sha3.h +++ b/wolfssl/wolfcrypt/sha3.h @@ -86,8 +86,11 @@ enum { WC_SHA3_256_BLOCK_SIZE = 136, WC_SHA3_384_BLOCK_SIZE = 104, WC_SHA3_512_BLOCK_SIZE = 72, +#else + /* For SELFTEST version < 2, define WC_SHA3_128_BLOCK_SIZE + * for Kyber/Dilithium */ + WC_SHA3_128_BLOCK_SIZE = 168, #endif - WOLF_ENUM_DUMMY_LAST_ELEMENT(WC_SHA3) }; diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index 2c048d44b..df1f82d2a 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -1439,7 +1439,19 @@ enum wc_HashType { WC_HASH_TYPE_SHA3_512 = 13, WC_HASH_TYPE_BLAKE2B = 14, WC_HASH_TYPE_BLAKE2S = 19, +#ifdef WOLFSSL_SHAKE128 + WC_HASH_TYPE_SHAKE128 = 20, +#endif +#ifdef WOLFSSL_SHAKE256 + WC_HASH_TYPE_SHAKE256 = 21, +#endif +#if defined(WOLFSSL_SHAKE256) + WC_HASH_TYPE_MAX = WC_HASH_TYPE_SHAKE256, +#elif defined(WOLFSSL_SHAKE128) + WC_HASH_TYPE_MAX = WC_HASH_TYPE_SHAKE128, +#else WC_HASH_TYPE_MAX = WC_HASH_TYPE_BLAKE2S, +#endif #ifndef WOLFSSL_NOSHA512_224 #define WOLFSSL_NOSHA512_224 #endif