From 4baee2d72e0c82bfd6de085df23a1bdc6af887ba Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Wed, 21 Aug 2019 18:28:48 +0300 Subject: [PATCH] Support printing out some otherName variants The supported variants are - SmtpUTF8Name - xmppAddr - MS UPN - SRVName Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/9965) --- crypto/objects/obj_dat.h | 25 ++++++++++++++++++----- crypto/objects/obj_mac.num | 3 +++ crypto/objects/objects.txt | 3 +++ crypto/x509/v3_alt.c | 42 +++++++++++++++++++++++++++++++++++--- fuzz/oids.txt | 3 +++ include/openssl/obj_mac.h | 15 ++++++++++++++ 6 files changed, 83 insertions(+), 8 deletions(-) diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 0beeacfa40..86e307d74d 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -10,7 +10,7 @@ */ /* Serialized OID's */ -static const unsigned char so[7813] = { +static const unsigned char so[7837] = { 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ @@ -1082,9 +1082,12 @@ static const unsigned char so[7813] = { 0x2B,0x06,0x01,0x04,0x01,0x8D,0x3A,0x0C,0x02,0x01, /* [ 7784] OBJ_blake2bmac */ 0x2B,0x06,0x01,0x04,0x01,0x8D,0x3A,0x0C,0x02,0x02, /* [ 7794] OBJ_blake2smac */ 0x2A,0x81,0x1C,0xCF,0x55,0x01,0x83,0x75, /* [ 7804] OBJ_SM2_with_SM3 */ + 0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x09, /* [ 7812] OBJ_id_on_SmtpUTF8Mailbox */ + 0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x05, /* [ 7820] OBJ_XmppAddr */ + 0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x07, /* [ 7828] OBJ_SRVName */ }; -#define NUM_NID 1208 +#define NUM_NID 1211 static const ASN1_OBJECT nid_objs[NUM_NID] = { {"UNDEF", "undefined", NID_undef}, {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, @@ -2294,9 +2297,12 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = { {"SSKDF", "sskdf", NID_sskdf}, {"X963KDF", "x963kdf", NID_x963kdf}, {"X942KDF", "x942kdf", NID_x942kdf}, + {"id-on-SmtpUTF8Mailbox", "Smtp UTF8 Mailbox", NID_id_on_SmtpUTF8Mailbox, 8, &so[7812]}, + {"id-on-xmppAddr", "XmppAddr", NID_XmppAddr, 8, &so[7820]}, + {"id-on-dnsSRV", "SRVName", NID_SRVName, 8, &so[7828]}, }; -#define NUM_SN 1199 +#define NUM_SN 1202 static const unsigned int sn_objs[NUM_SN] = { 364, /* "AD_DVCS" */ 419, /* "AES-128-CBC" */ @@ -2951,8 +2957,11 @@ static const unsigned int sn_objs[NUM_SN] = { 279, /* "id-mod-qualified-cert-93" */ 281, /* "id-mod-timestamp-protocol" */ 264, /* "id-on" */ + 1208, /* "id-on-SmtpUTF8Mailbox" */ + 1210, /* "id-on-dnsSRV" */ 858, /* "id-on-permanentIdentifier" */ 347, /* "id-on-personalData" */ + 1209, /* "id-on-xmppAddr" */ 265, /* "id-pda" */ 352, /* "id-pda-countryOfCitizenship" */ 353, /* "id-pda-countryOfResidence" */ @@ -3499,7 +3508,7 @@ static const unsigned int sn_objs[NUM_SN] = { 1093, /* "x509ExtAdmission" */ }; -#define NUM_LN 1199 +#define NUM_LN 1202 static const unsigned int ln_objs[NUM_LN] = { 363, /* "AD Time Stamping" */ 405, /* "ANSI X9.62" */ @@ -3658,6 +3667,7 @@ static const unsigned int ln_objs[NUM_LN] = { 1204, /* "SM2-with-SM3" */ 1006, /* "SNILS" */ 387, /* "SNMPv2" */ + 1210, /* "SRVName" */ 1025, /* "SSH Client" */ 1026, /* "SSH Server" */ 512, /* "Secure Electronic Transactions" */ @@ -3670,6 +3680,7 @@ static const unsigned int ln_objs[NUM_LN] = { 1033, /* "Signing KDC Response" */ 1008, /* "Signing Tool of Issuer" */ 1007, /* "Signing Tool of Subject" */ + 1208, /* "Smtp UTF8 Mailbox" */ 143, /* "Strong Extranet ID" */ 398, /* "Subject Information Access" */ 1020, /* "TLS Feature" */ @@ -3707,6 +3718,7 @@ static const unsigned int ln_objs[NUM_LN] = { 920, /* "X9.42 DH" */ 184, /* "X9.57" */ 185, /* "X9.57 CM ?" */ + 1209, /* "XmppAddr" */ 478, /* "aRecord" */ 289, /* "aaControls" */ 287, /* "ac-auditEntity" */ @@ -4702,7 +4714,7 @@ static const unsigned int ln_objs[NUM_LN] = { 125, /* "zlib compression" */ }; -#define NUM_OBJ 1077 +#define NUM_OBJ 1080 static const unsigned int obj_objs[NUM_OBJ] = { 0, /* OBJ_undef 0 */ 181, /* OBJ_iso 1 */ @@ -5352,6 +5364,9 @@ static const unsigned int obj_objs[NUM_OBJ] = { 346, /* OBJ_id_cmc_confirmCertAcceptance 1 3 6 1 5 5 7 7 24 */ 347, /* OBJ_id_on_personalData 1 3 6 1 5 5 7 8 1 */ 858, /* OBJ_id_on_permanentIdentifier 1 3 6 1 5 5 7 8 3 */ + 1209, /* OBJ_XmppAddr 1 3 6 1 5 5 7 8 5 */ + 1210, /* OBJ_SRVName 1 3 6 1 5 5 7 8 7 */ + 1208, /* OBJ_id_on_SmtpUTF8Mailbox 1 3 6 1 5 5 7 8 9 */ 348, /* OBJ_id_pda_dateOfBirth 1 3 6 1 5 5 7 9 1 */ 349, /* OBJ_id_pda_placeOfBirth 1 3 6 1 5 5 7 9 2 */ 351, /* OBJ_id_pda_gender 1 3 6 1 5 5 7 9 3 */ diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 022e64277c..3ab2524244 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -1205,3 +1205,6 @@ SM2_with_SM3 1204 sskdf 1205 x963kdf 1206 x942kdf 1207 +id_on_SmtpUTF8Mailbox 1208 +XmppAddr 1209 +SRVName 1210 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index 47cf2f183d..bff6714fd6 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -609,6 +609,9 @@ id-cmc 24 : id-cmc-confirmCertAcceptance # other names id-on 1 : id-on-personalData id-on 3 : id-on-permanentIdentifier : Permanent Identifier +id-on 5 : id-on-xmppAddr : XmppAddr +id-on 7 : id-on-dnsSRV : SRVName +id-on 9 : id-on-SmtpUTF8Mailbox : Smtp UTF8 Mailbox # personal data attributes id-pda 1 : id-pda-dateOfBirth diff --git a/crypto/x509/v3_alt.c b/crypto/x509/v3_alt.c index 307994042c..af1cd61aee 100644 --- a/crypto/x509/v3_alt.c +++ b/crypto/x509/v3_alt.c @@ -71,8 +71,28 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, switch (gen->type) { case GEN_OTHERNAME: - if (!X509V3_add_value("othername", "", &ret)) - return NULL; + switch (OBJ_obj2nid(gen->d.otherName->type_id)) { + case NID_id_on_SmtpUTF8Mailbox: + if (!X509V3_add_value_uchar("othername: SmtpUTF8Mailbox:", gen->d.otherName->value->value.utf8string->data, &ret)) + return NULL; + break; + case NID_XmppAddr: + if (!X509V3_add_value_uchar("othername: XmppAddr:", gen->d.otherName->value->value.utf8string->data, &ret)) + return NULL; + break; + case NID_SRVName: + if (!X509V3_add_value_uchar("othername: SRVName:", gen->d.otherName->value->value.ia5string->data, &ret)) + return NULL; + break; + case NID_ms_upn: + if (!X509V3_add_value_uchar("othername: UPN:", gen->d.otherName->value->value.utf8string->data, &ret)) + return NULL; + break; + default: + if (!X509V3_add_value("othername", "", &ret)) + return NULL; + break; + } break; case GEN_X400: @@ -144,7 +164,23 @@ int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen) int i; switch (gen->type) { case GEN_OTHERNAME: - BIO_printf(out, "othername:"); + switch (OBJ_obj2nid(gen->d.otherName->type_id)) { + case NID_id_on_SmtpUTF8Mailbox: + BIO_printf(out, "othername:SmtpUTF8Mailbox:%s", gen->d.otherName->value->value.utf8string->data); + break; + case NID_XmppAddr: + BIO_printf(out, "othername:XmppAddr:%s", gen->d.otherName->value->value.utf8string->data); + break; + case NID_SRVName: + BIO_printf(out, "othername:SRVName:%s", gen->d.otherName->value->value.ia5string->data); + break; + case NID_ms_upn: + BIO_printf(out, "othername:UPN:%s", gen->d.otherName->value->value.utf8string->data); + break; + default: + BIO_printf(out, "othername:"); + break; + } break; case GEN_X400: diff --git a/fuzz/oids.txt b/fuzz/oids.txt index f0ff67766d..6cba5af9b1 100644 --- a/fuzz/oids.txt +++ b/fuzz/oids.txt @@ -1069,3 +1069,6 @@ OBJ_kmac256="\x60\x86\x48\x01\x65\x03\x04\x02\x14" OBJ_blake2bmac="\x2B\x06\x01\x04\x01\x8D\x3A\x0C\x02\x01" OBJ_blake2smac="\x2B\x06\x01\x04\x01\x8D\x3A\x0C\x02\x02" OBJ_SM2_with_SM3="\x2A\x81\x1C\xCF\x55\x01\x83\x75" +OBJ_id_on_SmtpUTF8Mailbox="\x2B\x06\x01\x05\x05\x07\x08\x09" +OBJ_XmppAddr="\x2B\x06\x01\x05\x05\x07\x08\x05" +OBJ_SRVName="\x2B\x06\x01\x05\x05\x07\x08\x07" diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h index 930a7a919e..df461e50cf 100644 --- a/include/openssl/obj_mac.h +++ b/include/openssl/obj_mac.h @@ -1856,6 +1856,21 @@ #define NID_id_on_permanentIdentifier 858 #define OBJ_id_on_permanentIdentifier OBJ_id_on,3L +#define SN_XmppAddr "id-on-xmppAddr" +#define LN_XmppAddr "XmppAddr" +#define NID_XmppAddr 1209 +#define OBJ_XmppAddr OBJ_id_on,5L + +#define SN_SRVName "id-on-dnsSRV" +#define LN_SRVName "SRVName" +#define NID_SRVName 1210 +#define OBJ_SRVName OBJ_id_on,7L + +#define SN_id_on_SmtpUTF8Mailbox "id-on-SmtpUTF8Mailbox" +#define LN_id_on_SmtpUTF8Mailbox "Smtp UTF8 Mailbox" +#define NID_id_on_SmtpUTF8Mailbox 1208 +#define OBJ_id_on_SmtpUTF8Mailbox OBJ_id_on,9L + #define SN_id_pda_dateOfBirth "id-pda-dateOfBirth" #define NID_id_pda_dateOfBirth 348 #define OBJ_id_pda_dateOfBirth OBJ_id_pda,1L -- 2.25.1