diff --git a/sw/device/lib/crypto/impl/hash.c b/sw/device/lib/crypto/impl/hash.c
index 8e14870756d03..d0f0277d7b6cb 100644
--- a/sw/device/lib/crypto/impl/hash.c
+++ b/sw/device/lib/crypto/impl/hash.c
@@ -188,19 +188,18 @@ static status_t check_digest_len(otcrypto_hash_digest_t digest) {
 OT_WARN_UNUSED_RESULT
 static status_t hmac_sha256(otcrypto_const_byte_buf_t message,
                             otcrypto_hash_digest_t digest) {
-  HARDENED_CHECK_EQ(digest.len, kHmacDigestNumWords);
+  HARDENED_CHECK_EQ(digest.len, kHmacSha256DigestWords);
   HARDENED_CHECK_EQ(digest.mode, kOtcryptoHashModeSha256);
 
-  // Initialize the hardware.
-  hmac_sha_init();
+  hmac_ctx_t hwip_ctx;
+  hmac_digest_t hmac_digest = {
+      .len = kHmacSha256DigestBytes,
+  };
+  HARDENED_TRY(hmac_init(&hwip_ctx, kHmacModeSha256, /*key=*/NULL));
+  HARDENED_TRY(hmac_update(&hwip_ctx, message.data, message.len));
+  HARDENED_TRY(hmac_final(&hwip_ctx, &hmac_digest));
 
-  // Pass the message and check the length.
-  hmac_update(message.data, message.len);
-
-  // Retrieve the digest and copy it to the destination buffer.
-  hmac_digest_t hmac_digest;
-  hmac_final(&hmac_digest);
-  hardened_memcpy(digest.data, hmac_digest.digest, kHmacDigestNumWords);
+  hardened_memcpy(digest.data, hmac_digest.digest, kHmacSha256DigestWords);
 
   return OTCRYPTO_OK;
 }
diff --git a/sw/device/tests/crypto/sha256_functest.c b/sw/device/tests/crypto/sha256_functest.c
index 4d8fc9a5ea4e5..1428c2b58bf6e 100644
--- a/sw/device/tests/crypto/sha256_functest.c
+++ b/sw/device/tests/crypto/sha256_functest.c
@@ -56,14 +56,14 @@ static const uint8_t kExactBlockExpDigest[] = {
  */
 static status_t run_test(otcrypto_const_byte_buf_t msg,
                          const uint32_t *exp_digest) {
-  uint32_t act_digest[kHmacDigestNumWords];
+  uint32_t act_digest[kHmacSha256DigestWords];
   otcrypto_hash_digest_t digest_buf = {
       .data = act_digest,
-      .len = kHmacDigestNumWords,
+      .len = kHmacSha256DigestWords,
       .mode = kOtcryptoHashModeSha256,
   };
   TRY(otcrypto_hash(msg, digest_buf));
-  TRY_CHECK_ARRAYS_EQ(act_digest, exp_digest, kHmacDigestNumWords);
+  TRY_CHECK_ARRAYS_EQ(act_digest, exp_digest, kHmacSha256DigestWords);
   return OK_STATUS();
 }