Add HMAC-SHA2-512 to the TLSv1.2 PRF.

2025-07-30 02:37:28 +02:00 · 2021-01-13 17:54:19 -08:00
parent c7ea896759
commit 38064bb396
1 changed files with 11 additions and 2 deletions
--- a/wolfcrypt/src/hmac.c
+++ b/wolfcrypt/src/hmac.c
@ -1198,13 +1198,15 @@ int wolfSSL_GetHmacMaxSize(void)
 #if defined(WOLFSSL_HAVE_PRF) && defined(HAVE_FIPS) && \
    defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 4)

-#ifdef WOLFSSL_SHA384
+#ifdef WOLFSSL_SHA512
+    #define P_HASH_MAX_SIZE WC_SHA512_DIGEST_SIZE
+#elif defined(WOLFSSL_SHA384)
    #define P_HASH_MAX_SIZE WC_SHA384_DIGEST_SIZE
 #else
    #define P_HASH_MAX_SIZE WC_SHA256_DIGEST_SIZE
 #endif

-/* Pseudo Random Function for MD5, SHA-1, SHA-256, or SHA-384 */
+/* Pseudo Random Function for MD5, SHA-1, SHA-256, SHA-384, or SHA-512 */
 int wc_PRF(byte* result, word32 resLen, const byte* secret,
                  word32 secLen, const byte* seed, word32 seedLen, int hash,
                  void* heap, int devId)
@ -1262,6 +1264,13 @@ int wc_PRF(byte* result, word32 resLen, const byte* secret,
        break;
    #endif

+    #ifdef WOLFSSL_SHA512
+        case sha512_mac:
+            hash = WC_SHA512;
+            len  = WC_SHA512_DIGEST_SIZE;
+        break;
+    #endif
+
    #ifndef NO_SHA
        case sha_mac:
        default: