ocsp: use SHA-256 for responder name if no-sha

wolfcrypt/src/asn.c

@@ -36950,7 +36950,7 @@ static int DecodeResponseData(byte* source, word32* ioIndex,
         /* compute the hash of the name */
         resp->responderIdType = OCSP_RESPONDER_ID_NAME;
         ret = CalcHashId_ex(source + idx, length,
-                resp->responderId.nameHash, WC_SHA);
+                resp->responderId.nameHash, OCSP_RESPONDER_ID_HASH_TYPE);
         if (ret != 0)
             return ret;
         idx += length;
@@ -37070,7 +37070,7 @@ static int DecodeResponseData(byte* source, word32* ioIndex,
             ret = CalcHashId_ex(
                 dataASN[OCSPRESPDATAASN_IDX_BYNAME].data.ref.data,
                 dataASN[OCSPRESPDATAASN_IDX_BYNAME].data.ref.length,
-                resp->responderId.nameHash, WC_SHA);
+                resp->responderId.nameHash, OCSP_RESPONDER_ID_HASH_TYPE);
         } else {
             resp->responderIdType = OCSP_RESPONDER_ID_KEY;
             if (dataASN[OCSPRESPDATAASN_IDX_BYKEY_OCT].length

wolfssl/wolfcrypt/asn.h

@@ -2733,6 +2733,11 @@ struct OcspEntry
 };
 
 #define OCSP_RESPONDER_ID_KEY_SZ 20
+#if !defined(NO_SHA)
+#define OCSP_RESPONDER_ID_HASH_TYPE WC_SHA
+#else
+#define OCSP_RESPONDER_ID_HASH_TYPE WC_SHA256
+#endif
 enum responderIdType {
     OCSP_RESPONDER_ID_INVALID = 0,
     OCSP_RESPONDER_ID_NAME = 1,