Fix EVP_get_digestbyobj for NID-less ASN1_OBJECTs.

The recent rewrite didn't account for the OID being missing but the NID present. Change-Id: I335e52324c62ee3ba849c0c385aaf86123a8ffbb Reviewed-on: https://boringssl-review.googlesource.com/13660 Commit-Queue: David Benjamin <davidben@google.com> Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-02-06 15:12:59 -05:00 · 2017-02-06 15:12:59 -05:00 · e0ca4879ec
commit e0ca4879ec
parent 3f2611a98f
2 changed files with 15 additions and 0 deletions
--- a/crypto/digest/digest_test.cc
+++ b/crypto/digest/digest_test.cc
@ -18,12 +18,14 @@

 #include <memory>

+#include <openssl/asn1.h>
 #include <openssl/crypto.h>
 #include <openssl/digest.h>
 #include <openssl/err.h>
 #include <openssl/md4.h>
 #include <openssl/md5.h>
 #include <openssl/nid.h>
+#include <openssl/obj.h>
 #include <openssl/sha.h>

 #include "../internal.h"
@ -250,6 +252,14 @@ static int TestGetters() {
    return false;
  }

+  bssl::UniquePtr<ASN1_OBJECT> obj(OBJ_txt2obj("1.3.14.3.2.26", 0));
+  if (!obj ||
+      EVP_get_digestbyobj(obj.get()) != EVP_sha1() ||
+      EVP_get_digestbyobj(OBJ_nid2obj(NID_md5_sha1)) != EVP_md5_sha1() ||
+      EVP_get_digestbyobj(OBJ_nid2obj(NID_sha1)) != EVP_sha1()) {
+    return false;
+  }
+
  return true;
 }

--- a/crypto/digest/digests.c
+++ b/crypto/digest/digests.c
@ -329,6 +329,11 @@ static const struct {
 };

 const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *obj) {
+  /* Handle objects with no corresponding OID. */
+  if (obj->nid != NID_undef) {
+    return EVP_get_digestbynid(obj->nid);
+  }
+
  for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kMDOIDs); i++) {
    if (obj->length == kMDOIDs[i].oid_len &&
        memcmp(obj->data, kMDOIDs[i].oid, obj->length) == 0) {