From 18450eb94b9522b24c3b38a76fb8bef8c3ca0901 Mon Sep 17 00:00:00 2001
From: Hayden Roche <hayden@wolfssl.com>
Date: Wed, 7 Sep 2022 15:23:49 -0700
Subject: [PATCH] Fix HMAC compat layer function for SHA-1.

This function would only accept the string "SHA" for SHA-1-based HMAC, but it
should also accept "SHA1." This is similar to how wolfSSL_EVP_get_digestbyname
allows both "SHA" and "SHA1." We didn't have a test for this in api.c. I added
one, and it failed before my fix here.
---
 src/ssl.c   | 5 +++--
 tests/api.c | 3 +++
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index 2bcd1788d..27aed82a7 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -18299,10 +18299,11 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
     #endif
 #endif
 #ifndef NO_SHA
-        if (XSTRCMP(evp_md, "SHA") == 0) {
+        if (XSTRCMP(evp_md, "SHA") == 0 || XSTRCMP(evp_md, "SHA1") == 0) {
             type = WC_SHA;
             mdlen = WC_SHA_DIGEST_SIZE;
-        } else
+        }
+        else
 #endif
         {
             return NULL;
diff --git a/tests/api.c b/tests/api.c
index dd40f5d84..894cd6dc6 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -39202,6 +39202,9 @@ static int test_wolfSSL_HMAC(void)
             test_openssl_hmac(EVP_sha3_512(), (int)WC_SHA3_512_DIGEST_SIZE);
         #endif
     #endif
+    #ifndef NO_SHA
+        test_openssl_hmac(EVP_sha1(), (int)WC_SHA_DIGEST_SIZE);
+    #endif
 
     printf(resultFmt, passed);
 #endif