[openssl] master update
beldmit at gmail.com
beldmit at gmail.com
Tue Sep 24 07:52:16 UTC 2019
The branch master has been updated
via 4baee2d72e0c82bfd6de085df23a1bdc6af887ba (commit)
from 6922740facabcc1d1509cd9e72dd837a60a91d2c (commit)
- Log -----------------------------------------------------------------
commit 4baee2d72e0c82bfd6de085df23a1bdc6af887ba
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date: Wed Aug 21 18:28:48 2019 +0300
Support printing out some otherName variants
The supported variants are
- SmtpUTF8Name
- xmppAddr
- MS UPN
- SRVName
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9965)
-----------------------------------------------------------------------
Summary of changes:
crypto/objects/obj_dat.h | 25 ++++++++++++++++++++-----
crypto/objects/obj_mac.num | 3 +++
crypto/objects/objects.txt | 3 +++
crypto/x509/v3_alt.c | 42 +++++++++++++++++++++++++++++++++++++++---
fuzz/oids.txt | 3 +++
include/openssl/obj_mac.h | 15 +++++++++++++++
6 files changed, 83 insertions(+), 8 deletions(-)
diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index 0beeacfa40..86e307d74d 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -10,7 +10,7 @@
*/
/* Serialized OID's */
-static const unsigned char so[7813] = {
+static const unsigned char so[7837] = {
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */
@@ -1082,9 +1082,12 @@ static const unsigned char so[7813] = {
0x2B,0x06,0x01,0x04,0x01,0x8D,0x3A,0x0C,0x02,0x01, /* [ 7784] OBJ_blake2bmac */
0x2B,0x06,0x01,0x04,0x01,0x8D,0x3A,0x0C,0x02,0x02, /* [ 7794] OBJ_blake2smac */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x83,0x75, /* [ 7804] OBJ_SM2_with_SM3 */
+ 0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x09, /* [ 7812] OBJ_id_on_SmtpUTF8Mailbox */
+ 0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x05, /* [ 7820] OBJ_XmppAddr */
+ 0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x07, /* [ 7828] OBJ_SRVName */
};
-#define NUM_NID 1208
+#define NUM_NID 1211
static const ASN1_OBJECT nid_objs[NUM_NID] = {
{"UNDEF", "undefined", NID_undef},
{"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]},
@@ -2294,9 +2297,12 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = {
{"SSKDF", "sskdf", NID_sskdf},
{"X963KDF", "x963kdf", NID_x963kdf},
{"X942KDF", "x942kdf", NID_x942kdf},
+ {"id-on-SmtpUTF8Mailbox", "Smtp UTF8 Mailbox", NID_id_on_SmtpUTF8Mailbox, 8, &so[7812]},
+ {"id-on-xmppAddr", "XmppAddr", NID_XmppAddr, 8, &so[7820]},
+ {"id-on-dnsSRV", "SRVName", NID_SRVName, 8, &so[7828]},
};
-#define NUM_SN 1199
+#define NUM_SN 1202
static const unsigned int sn_objs[NUM_SN] = {
364, /* "AD_DVCS" */
419, /* "AES-128-CBC" */
@@ -2951,8 +2957,11 @@ static const unsigned int sn_objs[NUM_SN] = {
279, /* "id-mod-qualified-cert-93" */
281, /* "id-mod-timestamp-protocol" */
264, /* "id-on" */
+ 1208, /* "id-on-SmtpUTF8Mailbox" */
+ 1210, /* "id-on-dnsSRV" */
858, /* "id-on-permanentIdentifier" */
347, /* "id-on-personalData" */
+ 1209, /* "id-on-xmppAddr" */
265, /* "id-pda" */
352, /* "id-pda-countryOfCitizenship" */
353, /* "id-pda-countryOfResidence" */
@@ -3499,7 +3508,7 @@ static const unsigned int sn_objs[NUM_SN] = {
1093, /* "x509ExtAdmission" */
};
-#define NUM_LN 1199
+#define NUM_LN 1202
static const unsigned int ln_objs[NUM_LN] = {
363, /* "AD Time Stamping" */
405, /* "ANSI X9.62" */
@@ -3658,6 +3667,7 @@ static const unsigned int ln_objs[NUM_LN] = {
1204, /* "SM2-with-SM3" */
1006, /* "SNILS" */
387, /* "SNMPv2" */
+ 1210, /* "SRVName" */
1025, /* "SSH Client" */
1026, /* "SSH Server" */
512, /* "Secure Electronic Transactions" */
@@ -3670,6 +3680,7 @@ static const unsigned int ln_objs[NUM_LN] = {
1033, /* "Signing KDC Response" */
1008, /* "Signing Tool of Issuer" */
1007, /* "Signing Tool of Subject" */
+ 1208, /* "Smtp UTF8 Mailbox" */
143, /* "Strong Extranet ID" */
398, /* "Subject Information Access" */
1020, /* "TLS Feature" */
@@ -3707,6 +3718,7 @@ static const unsigned int ln_objs[NUM_LN] = {
920, /* "X9.42 DH" */
184, /* "X9.57" */
185, /* "X9.57 CM ?" */
+ 1209, /* "XmppAddr" */
478, /* "aRecord" */
289, /* "aaControls" */
287, /* "ac-auditEntity" */
@@ -4702,7 +4714,7 @@ static const unsigned int ln_objs[NUM_LN] = {
125, /* "zlib compression" */
};
-#define NUM_OBJ 1077
+#define NUM_OBJ 1080
static const unsigned int obj_objs[NUM_OBJ] = {
0, /* OBJ_undef 0 */
181, /* OBJ_iso 1 */
@@ -5352,6 +5364,9 @@ static const unsigned int obj_objs[NUM_OBJ] = {
346, /* OBJ_id_cmc_confirmCertAcceptance 1 3 6 1 5 5 7 7 24 */
347, /* OBJ_id_on_personalData 1 3 6 1 5 5 7 8 1 */
858, /* OBJ_id_on_permanentIdentifier 1 3 6 1 5 5 7 8 3 */
+ 1209, /* OBJ_XmppAddr 1 3 6 1 5 5 7 8 5 */
+ 1210, /* OBJ_SRVName 1 3 6 1 5 5 7 8 7 */
+ 1208, /* OBJ_id_on_SmtpUTF8Mailbox 1 3 6 1 5 5 7 8 9 */
348, /* OBJ_id_pda_dateOfBirth 1 3 6 1 5 5 7 9 1 */
349, /* OBJ_id_pda_placeOfBirth 1 3 6 1 5 5 7 9 2 */
351, /* OBJ_id_pda_gender 1 3 6 1 5 5 7 9 3 */
diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num
index 022e64277c..3ab2524244 100644
--- a/crypto/objects/obj_mac.num
+++ b/crypto/objects/obj_mac.num
@@ -1205,3 +1205,6 @@ SM2_with_SM3 1204
sskdf 1205
x963kdf 1206
x942kdf 1207
+id_on_SmtpUTF8Mailbox 1208
+XmppAddr 1209
+SRVName 1210
diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
index 47cf2f183d..bff6714fd6 100644
--- a/crypto/objects/objects.txt
+++ b/crypto/objects/objects.txt
@@ -609,6 +609,9 @@ id-cmc 24 : id-cmc-confirmCertAcceptance
# other names
id-on 1 : id-on-personalData
id-on 3 : id-on-permanentIdentifier : Permanent Identifier
+id-on 5 : id-on-xmppAddr : XmppAddr
+id-on 7 : id-on-dnsSRV : SRVName
+id-on 9 : id-on-SmtpUTF8Mailbox : Smtp UTF8 Mailbox
# personal data attributes
id-pda 1 : id-pda-dateOfBirth
diff --git a/crypto/x509/v3_alt.c b/crypto/x509/v3_alt.c
index 307994042c..af1cd61aee 100644
--- a/crypto/x509/v3_alt.c
+++ b/crypto/x509/v3_alt.c
@@ -71,8 +71,28 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
switch (gen->type) {
case GEN_OTHERNAME:
- if (!X509V3_add_value("othername", "<unsupported>", &ret))
- return NULL;
+ switch (OBJ_obj2nid(gen->d.otherName->type_id)) {
+ case NID_id_on_SmtpUTF8Mailbox:
+ if (!X509V3_add_value_uchar("othername: SmtpUTF8Mailbox:", gen->d.otherName->value->value.utf8string->data, &ret))
+ return NULL;
+ break;
+ case NID_XmppAddr:
+ if (!X509V3_add_value_uchar("othername: XmppAddr:", gen->d.otherName->value->value.utf8string->data, &ret))
+ return NULL;
+ break;
+ case NID_SRVName:
+ if (!X509V3_add_value_uchar("othername: SRVName:", gen->d.otherName->value->value.ia5string->data, &ret))
+ return NULL;
+ break;
+ case NID_ms_upn:
+ if (!X509V3_add_value_uchar("othername: UPN:", gen->d.otherName->value->value.utf8string->data, &ret))
+ return NULL;
+ break;
+ default:
+ if (!X509V3_add_value("othername", "<unsupported>", &ret))
+ return NULL;
+ break;
+ }
break;
case GEN_X400:
@@ -144,7 +164,23 @@ int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen)
int i;
switch (gen->type) {
case GEN_OTHERNAME:
- BIO_printf(out, "othername:<unsupported>");
+ switch (OBJ_obj2nid(gen->d.otherName->type_id)) {
+ case NID_id_on_SmtpUTF8Mailbox:
+ BIO_printf(out, "othername:SmtpUTF8Mailbox:%s", gen->d.otherName->value->value.utf8string->data);
+ break;
+ case NID_XmppAddr:
+ BIO_printf(out, "othername:XmppAddr:%s", gen->d.otherName->value->value.utf8string->data);
+ break;
+ case NID_SRVName:
+ BIO_printf(out, "othername:SRVName:%s", gen->d.otherName->value->value.ia5string->data);
+ break;
+ case NID_ms_upn:
+ BIO_printf(out, "othername:UPN:%s", gen->d.otherName->value->value.utf8string->data);
+ break;
+ default:
+ BIO_printf(out, "othername:<unsupported>");
+ break;
+ }
break;
case GEN_X400:
diff --git a/fuzz/oids.txt b/fuzz/oids.txt
index f0ff67766d..6cba5af9b1 100644
--- a/fuzz/oids.txt
+++ b/fuzz/oids.txt
@@ -1069,3 +1069,6 @@ OBJ_kmac256="\x60\x86\x48\x01\x65\x03\x04\x02\x14"
OBJ_blake2bmac="\x2B\x06\x01\x04\x01\x8D\x3A\x0C\x02\x01"
OBJ_blake2smac="\x2B\x06\x01\x04\x01\x8D\x3A\x0C\x02\x02"
OBJ_SM2_with_SM3="\x2A\x81\x1C\xCF\x55\x01\x83\x75"
+OBJ_id_on_SmtpUTF8Mailbox="\x2B\x06\x01\x05\x05\x07\x08\x09"
+OBJ_XmppAddr="\x2B\x06\x01\x05\x05\x07\x08\x05"
+OBJ_SRVName="\x2B\x06\x01\x05\x05\x07\x08\x07"
diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h
index 930a7a919e..df461e50cf 100644
--- a/include/openssl/obj_mac.h
+++ b/include/openssl/obj_mac.h
@@ -1856,6 +1856,21 @@
#define NID_id_on_permanentIdentifier 858
#define OBJ_id_on_permanentIdentifier OBJ_id_on,3L
+#define SN_XmppAddr "id-on-xmppAddr"
+#define LN_XmppAddr "XmppAddr"
+#define NID_XmppAddr 1209
+#define OBJ_XmppAddr OBJ_id_on,5L
+
+#define SN_SRVName "id-on-dnsSRV"
+#define LN_SRVName "SRVName"
+#define NID_SRVName 1210
+#define OBJ_SRVName OBJ_id_on,7L
+
+#define SN_id_on_SmtpUTF8Mailbox "id-on-SmtpUTF8Mailbox"
+#define LN_id_on_SmtpUTF8Mailbox "Smtp UTF8 Mailbox"
+#define NID_id_on_SmtpUTF8Mailbox 1208
+#define OBJ_id_on_SmtpUTF8Mailbox OBJ_id_on,9L
+
#define SN_id_pda_dateOfBirth "id-pda-dateOfBirth"
#define NID_id_pda_dateOfBirth 348
#define OBJ_id_pda_dateOfBirth OBJ_id_pda,1L
More information about the openssl-commits
mailing list