Fix EVP_get_digestbyobj for NID-less ASN1_OBJECTs. The recent rewrite didn't account for the OID being missing but the NID present. Change-Id: I335e52324c62ee3ba849c0c385aaf86123a8ffbb Reviewed-on: https://boringssl-review.googlesource.com/13660 Commit-Queue: David Benjamin <davidben@google.com> Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/crypto/digest/digest_test.cc b/crypto/digest/digest_test.cc
index 8b29236..36a62ab 100644
--- a/crypto/digest/digest_test.cc
+++ b/crypto/digest/digest_test.cc

@@ -18,12 +18,14 @@
 
 #include <memory>
 
+#include <openssl/asn1.h>
 #include <openssl/crypto.h>
 #include <openssl/digest.h>
 #include <openssl/err.h>
 #include <openssl/md4.h>
 #include <openssl/md5.h>
 #include <openssl/nid.h>
+#include <openssl/obj.h>
 #include <openssl/sha.h>
 
 #include "../internal.h"
@@ -250,6 +252,14 @@
     return false;
   }
 
+  bssl::UniquePtr<ASN1_OBJECT> obj(OBJ_txt2obj("1.3.14.3.2.26", 0));
+  if (!obj ||
+      EVP_get_digestbyobj(obj.get()) != EVP_sha1() ||
+      EVP_get_digestbyobj(OBJ_nid2obj(NID_md5_sha1)) != EVP_md5_sha1() ||
+      EVP_get_digestbyobj(OBJ_nid2obj(NID_sha1)) != EVP_sha1()) {
+    return false;
+  }
+
   return true;
 }
 

diff --git a/crypto/digest/digests.c b/crypto/digest/digests.c
index 9656027..fd2a939 100644
--- a/crypto/digest/digests.c
+++ b/crypto/digest/digests.c

@@ -329,6 +329,11 @@
 };
 
 const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *obj) {
+  /* Handle objects with no corresponding OID. */
+  if (obj->nid != NID_undef) {
+    return EVP_get_digestbynid(obj->nid);
+  }
+
   for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kMDOIDs); i++) {
     if (obj->length == kMDOIDs[i].oid_len &&
         memcmp(obj->data, kMDOIDs[i].oid, obj->length) == 0) {