Permit no/empty digest in core_obj_add_sigid

Also add digest parameter documentation for add_sigid and
permit NULL as digest name in the provider upcall.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16770)

1 files changed, 6 insertions, 3 deletions

diff --git a/crypto/provider_core.c b/crypto/provider_core.c
index e4069eb4f7..b39fb3bb1d 100644
--- a/crypto/provider_core.c
+++ b/crypto/provider_core.c
@@ -1933,9 +1933,13 @@ static int core_obj_add_sigid(const OSSL_CORE_HANDLE *prov,
                               const char *pkey_name)
 {
     int sign_nid = OBJ_txt2nid(sign_name);
-    int digest_nid = OBJ_txt2nid(digest_name);
+    int digest_nid = NID_undef;
     int pkey_nid = OBJ_txt2nid(pkey_name);
 
+    if (digest_name != NULL && digest_name[0] != '\0'
+        && (digest_nid = OBJ_txt2nid(digest_name)) == NID_undef)
+            return 0;
+
     if (sign_nid == NID_undef)
         return 0;
 
@@ -1946,8 +1950,7 @@ static int core_obj_add_sigid(const OSSL_CORE_HANDLE *prov,
     if (OBJ_find_sigid_algs(sign_nid, NULL, NULL))
         return 1;
 
-    if (digest_nid == NID_undef
-            || pkey_nid == NID_undef)
+    if (pkey_nid == NID_undef)
         return 0;
 
     return OBJ_add_sigid(sign_nid, digest_nid, pkey_nid);