diff --git a/src/wh_client_cryptocb.c b/src/wh_client_cryptocb.c
index 9c31bd1a..fe128ef8 100644
--- a/src/wh_client_cryptocb.c
+++ b/src/wh_client_cryptocb.c
@@ -948,9 +948,6 @@ static int _xferSha256BlockAndUpdateDigest(whClientContext* ctx,
     uint16_t                   dataSz = 0;
     wh_Packet_hash_sha256_req* req    = &packet->hashSha256Req;
 
-    /* Unused wolfCrypt hash flag value. TODO: use devCtx? */
-    const uint32_t RESUME_HASH_BIT_FLAG = 0x80000000;
-
     /* Ensure we always set the packet type, as if this function is called after
      * a response, it will be overwritten*/
     req->type = WC_HASH_TYPE_SHA256;
@@ -969,13 +966,11 @@ static int _xferSha256BlockAndUpdateDigest(whClientContext* ctx,
     XMEMCPY(req->inBlock, sha256->buffer,
             (isLastBlock) ? sha256->buffLen : WC_SHA256_BLOCK_SIZE);
 
-    /* If we are resuming, send the hash state */
-    if ((sha256->flags & RESUME_HASH_BIT_FLAG) != 0) {
-        req->resumeState.resumeHashFlag = 1;
-        XMEMCPY(req->resumeState.hash, sha256->digest, WC_SHA256_DIGEST_SIZE);
-        packet->hashSha256Req.resumeState.hiLen = sha256->hiLen;
-        packet->hashSha256Req.resumeState.loLen = sha256->loLen;
-    }
+    /* Send the hash state - this will be 0 on the first block on a properly
+     * initialized sha256 struct */
+    XMEMCPY(req->resumeState.hash, sha256->digest, WC_SHA256_DIGEST_SIZE);
+    packet->hashSha256Req.resumeState.hiLen = sha256->hiLen;
+    packet->hashSha256Req.resumeState.loLen = sha256->loLen;
 
     ret = wh_Client_SendRequest(
         ctx, group, WC_ALGO_TYPE_HASH,
@@ -984,7 +979,7 @@ static int _xferSha256BlockAndUpdateDigest(whClientContext* ctx,
 #ifdef DEBUG_CRYPTOCB_VERBOSE
     printf("[client] send SHA256 Req:\n");
     _hexdump("[client] inBlock: ", req->inBlock, WC_SHA256_BLOCK_SIZE);
-    if (req->resumeState.resumeHashFlag) {
+    if (req->resumeState.hiLen != 0 || req->resumeState.loLen != 0) {
         _hexdump("  [client] resumeHash: ", req->resumeState.hash,
                  (isLastBlock) ? req->lastBlockLen : WC_SHA256_BLOCK_SIZE);
         printf("  [client] hiLen: %u, loLen: %u\n", req->resumeState.hiLen,
@@ -1014,7 +1009,6 @@ static int _xferSha256BlockAndUpdateDigest(whClientContext* ctx,
                     WC_SHA256_DIGEST_SIZE);
             sha256->hiLen = packet->hashSha256Res.hiLen;
             sha256->loLen = packet->hashSha256Res.loLen;
-            sha256->flags |= RESUME_HASH_BIT_FLAG;
 #ifdef DEBUG_CRYPTOCB_VERBOSE
             printf("[client] Client SHA256 Res recv:\n");
             _hexdump("[client] hash: ", (uint8_t*)sha256->digest,
diff --git a/src/wh_server_crypto.c b/src/wh_server_crypto.c
index 77b541c1..29f2b7f1 100644
--- a/src/wh_server_crypto.c
+++ b/src/wh_server_crypto.c
@@ -864,7 +864,7 @@ static int hsmCryptoSha256(whServerContext* server, whPacket* packet,
 
     /* Init the SHA256 context if this is the first time, otherwise restore the
      * hash state from the client */
-    if (req->resumeState.resumeHashFlag == 0) {
+    if (req->resumeState.hiLen == 0 && req->resumeState.loLen == 0) {
         ret = wc_InitSha256_ex(sha256, NULL, server->crypto->devId);
     }
     else {
diff --git a/wolfhsm/wh_packet.h b/wolfhsm/wh_packet.h
index c8b21f18..7a19b2f3 100644
--- a/wolfhsm/wh_packet.h
+++ b/wolfhsm/wh_packet.h
@@ -271,8 +271,6 @@ typedef struct wh_Packet_hash_sha256_req {
     /* TODO change to "wh_Packet_hash_any_req header" */
     uint32_t type; /* enum wc_HashType */
     struct {
-        /* Flag indicating whether to use the intermediate hash */
-        uint32_t resumeHashFlag;
         uint32_t hiLen;
         uint32_t loLen;
         /* intermediate hash value */