Fix HMAC compat layer function for SHA-1.

This function would only accept the string "SHA" for SHA-1-based HMAC, but it should also accept "SHA1." This is similar to how wolfSSL_EVP_get_digestbyname allows both "SHA" and "SHA1." We didn't have a test for this in api.c. I added one, and it failed before my fix here.
2025-07-29 18:27:29 +02:00 · 2022-09-07 15:23:49 -07:00
parent d1ffe30f13
commit 18450eb94b
2 changed files with 6 additions and 2 deletions
--- a/src/ssl.c
+++ b/src/ssl.c
@ -18299,10 +18299,11 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
    #endif
 #endif
 #ifndef NO_SHA
-        if (XSTRCMP(evp_md, "SHA") == 0) {
+        if (XSTRCMP(evp_md, "SHA") == 0 || XSTRCMP(evp_md, "SHA1") == 0) {
            type = WC_SHA;
            mdlen = WC_SHA_DIGEST_SIZE;
-        } else
+        }
+        else
 #endif
        {
            return NULL;
--- a/tests/api.c
+++ b/tests/api.c
@ -39202,6 +39202,9 @@ static int test_wolfSSL_HMAC(void)
            test_openssl_hmac(EVP_sha3_512(), (int)WC_SHA3_512_DIGEST_SIZE);
        #endif
    #endif
+    #ifndef NO_SHA
+        test_openssl_hmac(EVP_sha1(), (int)WC_SHA_DIGEST_SIZE);
+    #endif

    printf(resultFmt, passed);
 #endif