[openssl] master update

beldmit at gmail.com beldmit at gmail.com
Tue Sep 24 07:52:16 UTC 2019


The branch master has been updated
       via  4baee2d72e0c82bfd6de085df23a1bdc6af887ba (commit)
      from  6922740facabcc1d1509cd9e72dd837a60a91d2c (commit)


- Log -----------------------------------------------------------------
commit 4baee2d72e0c82bfd6de085df23a1bdc6af887ba
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date:   Wed Aug 21 18:28:48 2019 +0300

    Support printing out some otherName variants
    
    The supported variants are
    - SmtpUTF8Name
    - xmppAddr
    - MS UPN
    - SRVName
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/9965)

-----------------------------------------------------------------------

Summary of changes:
 crypto/objects/obj_dat.h   | 25 ++++++++++++++++++++-----
 crypto/objects/obj_mac.num |  3 +++
 crypto/objects/objects.txt |  3 +++
 crypto/x509/v3_alt.c       | 42 +++++++++++++++++++++++++++++++++++++++---
 fuzz/oids.txt              |  3 +++
 include/openssl/obj_mac.h  | 15 +++++++++++++++
 6 files changed, 83 insertions(+), 8 deletions(-)

diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index 0beeacfa40..86e307d74d 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -10,7 +10,7 @@
  */
 
 /* Serialized OID's */
-static const unsigned char so[7813] = {
+static const unsigned char so[7837] = {
     0x2A,0x86,0x48,0x86,0xF7,0x0D,                 /* [    0] OBJ_rsadsi */
     0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,            /* [    6] OBJ_pkcs */
     0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02,       /* [   13] OBJ_md2 */
@@ -1082,9 +1082,12 @@ static const unsigned char so[7813] = {
     0x2B,0x06,0x01,0x04,0x01,0x8D,0x3A,0x0C,0x02,0x01,  /* [ 7784] OBJ_blake2bmac */
     0x2B,0x06,0x01,0x04,0x01,0x8D,0x3A,0x0C,0x02,0x02,  /* [ 7794] OBJ_blake2smac */
     0x2A,0x81,0x1C,0xCF,0x55,0x01,0x83,0x75,       /* [ 7804] OBJ_SM2_with_SM3 */
+    0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x09,       /* [ 7812] OBJ_id_on_SmtpUTF8Mailbox */
+    0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x05,       /* [ 7820] OBJ_XmppAddr */
+    0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x07,       /* [ 7828] OBJ_SRVName */
 };
 
-#define NUM_NID 1208
+#define NUM_NID 1211
 static const ASN1_OBJECT nid_objs[NUM_NID] = {
     {"UNDEF", "undefined", NID_undef},
     {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]},
@@ -2294,9 +2297,12 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = {
     {"SSKDF", "sskdf", NID_sskdf},
     {"X963KDF", "x963kdf", NID_x963kdf},
     {"X942KDF", "x942kdf", NID_x942kdf},
+    {"id-on-SmtpUTF8Mailbox", "Smtp UTF8 Mailbox", NID_id_on_SmtpUTF8Mailbox, 8, &so[7812]},
+    {"id-on-xmppAddr", "XmppAddr", NID_XmppAddr, 8, &so[7820]},
+    {"id-on-dnsSRV", "SRVName", NID_SRVName, 8, &so[7828]},
 };
 
-#define NUM_SN 1199
+#define NUM_SN 1202
 static const unsigned int sn_objs[NUM_SN] = {
      364,    /* "AD_DVCS" */
      419,    /* "AES-128-CBC" */
@@ -2951,8 +2957,11 @@ static const unsigned int sn_objs[NUM_SN] = {
      279,    /* "id-mod-qualified-cert-93" */
      281,    /* "id-mod-timestamp-protocol" */
      264,    /* "id-on" */
+    1208,    /* "id-on-SmtpUTF8Mailbox" */
+    1210,    /* "id-on-dnsSRV" */
      858,    /* "id-on-permanentIdentifier" */
      347,    /* "id-on-personalData" */
+    1209,    /* "id-on-xmppAddr" */
      265,    /* "id-pda" */
      352,    /* "id-pda-countryOfCitizenship" */
      353,    /* "id-pda-countryOfResidence" */
@@ -3499,7 +3508,7 @@ static const unsigned int sn_objs[NUM_SN] = {
     1093,    /* "x509ExtAdmission" */
 };
 
-#define NUM_LN 1199
+#define NUM_LN 1202
 static const unsigned int ln_objs[NUM_LN] = {
      363,    /* "AD Time Stamping" */
      405,    /* "ANSI X9.62" */
@@ -3658,6 +3667,7 @@ static const unsigned int ln_objs[NUM_LN] = {
     1204,    /* "SM2-with-SM3" */
     1006,    /* "SNILS" */
      387,    /* "SNMPv2" */
+    1210,    /* "SRVName" */
     1025,    /* "SSH Client" */
     1026,    /* "SSH Server" */
      512,    /* "Secure Electronic Transactions" */
@@ -3670,6 +3680,7 @@ static const unsigned int ln_objs[NUM_LN] = {
     1033,    /* "Signing KDC Response" */
     1008,    /* "Signing Tool of Issuer" */
     1007,    /* "Signing Tool of Subject" */
+    1208,    /* "Smtp UTF8 Mailbox" */
      143,    /* "Strong Extranet ID" */
      398,    /* "Subject Information Access" */
     1020,    /* "TLS Feature" */
@@ -3707,6 +3718,7 @@ static const unsigned int ln_objs[NUM_LN] = {
      920,    /* "X9.42 DH" */
      184,    /* "X9.57" */
      185,    /* "X9.57 CM ?" */
+    1209,    /* "XmppAddr" */
      478,    /* "aRecord" */
      289,    /* "aaControls" */
      287,    /* "ac-auditEntity" */
@@ -4702,7 +4714,7 @@ static const unsigned int ln_objs[NUM_LN] = {
      125,    /* "zlib compression" */
 };
 
-#define NUM_OBJ 1077
+#define NUM_OBJ 1080
 static const unsigned int obj_objs[NUM_OBJ] = {
        0,    /* OBJ_undef                        0 */
      181,    /* OBJ_iso                          1 */
@@ -5352,6 +5364,9 @@ static const unsigned int obj_objs[NUM_OBJ] = {
      346,    /* OBJ_id_cmc_confirmCertAcceptance 1 3 6 1 5 5 7 7 24 */
      347,    /* OBJ_id_on_personalData           1 3 6 1 5 5 7 8 1 */
      858,    /* OBJ_id_on_permanentIdentifier    1 3 6 1 5 5 7 8 3 */
+    1209,    /* OBJ_XmppAddr                     1 3 6 1 5 5 7 8 5 */
+    1210,    /* OBJ_SRVName                      1 3 6 1 5 5 7 8 7 */
+    1208,    /* OBJ_id_on_SmtpUTF8Mailbox        1 3 6 1 5 5 7 8 9 */
      348,    /* OBJ_id_pda_dateOfBirth           1 3 6 1 5 5 7 9 1 */
      349,    /* OBJ_id_pda_placeOfBirth          1 3 6 1 5 5 7 9 2 */
      351,    /* OBJ_id_pda_gender                1 3 6 1 5 5 7 9 3 */
diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num
index 022e64277c..3ab2524244 100644
--- a/crypto/objects/obj_mac.num
+++ b/crypto/objects/obj_mac.num
@@ -1205,3 +1205,6 @@ SM2_with_SM3		1204
 sskdf		1205
 x963kdf		1206
 x942kdf		1207
+id_on_SmtpUTF8Mailbox		1208
+XmppAddr		1209
+SRVName		1210
diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
index 47cf2f183d..bff6714fd6 100644
--- a/crypto/objects/objects.txt
+++ b/crypto/objects/objects.txt
@@ -609,6 +609,9 @@ id-cmc 24		: id-cmc-confirmCertAcceptance
 # other names
 id-on 1			: id-on-personalData
 id-on 3			: id-on-permanentIdentifier : Permanent Identifier
+id-on 5			: id-on-xmppAddr : XmppAddr
+id-on 7			: id-on-dnsSRV : SRVName
+id-on 9			: id-on-SmtpUTF8Mailbox : Smtp UTF8 Mailbox
 
 # personal data attributes
 id-pda 1		: id-pda-dateOfBirth
diff --git a/crypto/x509/v3_alt.c b/crypto/x509/v3_alt.c
index 307994042c..af1cd61aee 100644
--- a/crypto/x509/v3_alt.c
+++ b/crypto/x509/v3_alt.c
@@ -71,8 +71,28 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
 
     switch (gen->type) {
     case GEN_OTHERNAME:
-        if (!X509V3_add_value("othername", "<unsupported>", &ret))
-            return NULL;
+        switch (OBJ_obj2nid(gen->d.otherName->type_id)) {
+        case NID_id_on_SmtpUTF8Mailbox:
+            if (!X509V3_add_value_uchar("othername: SmtpUTF8Mailbox:", gen->d.otherName->value->value.utf8string->data, &ret))
+                return NULL;
+            break;
+        case NID_XmppAddr:
+            if (!X509V3_add_value_uchar("othername: XmppAddr:", gen->d.otherName->value->value.utf8string->data, &ret))
+                return NULL;
+            break;
+        case NID_SRVName:
+            if (!X509V3_add_value_uchar("othername: SRVName:", gen->d.otherName->value->value.ia5string->data, &ret))
+                return NULL;
+            break;
+        case NID_ms_upn:
+            if (!X509V3_add_value_uchar("othername: UPN:", gen->d.otherName->value->value.utf8string->data, &ret))
+                return NULL;
+            break;
+        default:
+            if (!X509V3_add_value("othername", "<unsupported>", &ret))
+                return NULL;
+            break;
+        }
         break;
 
     case GEN_X400:
@@ -144,7 +164,23 @@ int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen)
     int i;
     switch (gen->type) {
     case GEN_OTHERNAME:
-        BIO_printf(out, "othername:<unsupported>");
+        switch (OBJ_obj2nid(gen->d.otherName->type_id)) {
+        case NID_id_on_SmtpUTF8Mailbox:
+            BIO_printf(out, "othername:SmtpUTF8Mailbox:%s", gen->d.otherName->value->value.utf8string->data);
+            break;
+        case NID_XmppAddr:
+            BIO_printf(out, "othername:XmppAddr:%s", gen->d.otherName->value->value.utf8string->data);
+            break;
+        case NID_SRVName:
+            BIO_printf(out, "othername:SRVName:%s", gen->d.otherName->value->value.ia5string->data);
+            break;
+        case NID_ms_upn:
+            BIO_printf(out, "othername:UPN:%s", gen->d.otherName->value->value.utf8string->data);
+            break;
+        default:
+            BIO_printf(out, "othername:<unsupported>");
+            break;
+        }
         break;
 
     case GEN_X400:
diff --git a/fuzz/oids.txt b/fuzz/oids.txt
index f0ff67766d..6cba5af9b1 100644
--- a/fuzz/oids.txt
+++ b/fuzz/oids.txt
@@ -1069,3 +1069,6 @@ OBJ_kmac256="\x60\x86\x48\x01\x65\x03\x04\x02\x14"
 OBJ_blake2bmac="\x2B\x06\x01\x04\x01\x8D\x3A\x0C\x02\x01"
 OBJ_blake2smac="\x2B\x06\x01\x04\x01\x8D\x3A\x0C\x02\x02"
 OBJ_SM2_with_SM3="\x2A\x81\x1C\xCF\x55\x01\x83\x75"
+OBJ_id_on_SmtpUTF8Mailbox="\x2B\x06\x01\x05\x05\x07\x08\x09"
+OBJ_XmppAddr="\x2B\x06\x01\x05\x05\x07\x08\x05"
+OBJ_SRVName="\x2B\x06\x01\x05\x05\x07\x08\x07"
diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h
index 930a7a919e..df461e50cf 100644
--- a/include/openssl/obj_mac.h
+++ b/include/openssl/obj_mac.h
@@ -1856,6 +1856,21 @@
 #define NID_id_on_permanentIdentifier           858
 #define OBJ_id_on_permanentIdentifier           OBJ_id_on,3L
 
+#define SN_XmppAddr             "id-on-xmppAddr"
+#define LN_XmppAddr             "XmppAddr"
+#define NID_XmppAddr            1209
+#define OBJ_XmppAddr            OBJ_id_on,5L
+
+#define SN_SRVName              "id-on-dnsSRV"
+#define LN_SRVName              "SRVName"
+#define NID_SRVName             1210
+#define OBJ_SRVName             OBJ_id_on,7L
+
+#define SN_id_on_SmtpUTF8Mailbox                "id-on-SmtpUTF8Mailbox"
+#define LN_id_on_SmtpUTF8Mailbox                "Smtp UTF8 Mailbox"
+#define NID_id_on_SmtpUTF8Mailbox               1208
+#define OBJ_id_on_SmtpUTF8Mailbox               OBJ_id_on,9L
+
 #define SN_id_pda_dateOfBirth           "id-pda-dateOfBirth"
 #define NID_id_pda_dateOfBirth          348
 #define OBJ_id_pda_dateOfBirth          OBJ_id_pda,1L


More information about the openssl-commits mailing list