From f52292be10cb42c25ae83be969d3ad469ea7cb4e Mon Sep 17 00:00:00 2001
From: Pauli <paul.dale@oracle.com>
Date: Wed, 1 Aug 2018 11:58:39 +1000
Subject: [PATCH] Add OIDs for HMAC SHA512/224 and HMAC SHA512/256.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6830)
---
 crypto/evp/evp_pbe.c       |  2 ++
 crypto/objects/obj_dat.h   | 20 +++++++++++++++-----
 crypto/objects/obj_mac.num |  2 ++
 crypto/objects/objects.txt |  4 ++++
 fuzz/oids.txt              |  2 ++
 include/openssl/obj_mac.h  |  8 ++++++++
 6 files changed, 33 insertions(+), 5 deletions(-)

diff --git a/crypto/evp/evp_pbe.c b/crypto/evp/evp_pbe.c
index 7a3c61d6a3..0cebd2df1d 100644
--- a/crypto/evp/evp_pbe.c
+++ b/crypto/evp/evp_pbe.c
@@ -73,6 +73,8 @@ static const EVP_PBE_CTL builtin_pbe[] = {
      NID_id_GostR3411_2012_256, 0},
     {EVP_PBE_TYPE_PRF, NID_id_tc26_hmac_gost_3411_2012_512, -1,
      NID_id_GostR3411_2012_512, 0},
+    {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512_224, -1, NID_sha512_224, 0},
+    {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512_256, -1, NID_sha512_256, 0},
     {EVP_PBE_TYPE_KDF, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen},
 #ifndef OPENSSL_NO_SCRYPT
     {EVP_PBE_TYPE_KDF, NID_id_scrypt, -1, -1, PKCS5_v2_scrypt_keyivgen}
diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index 6d66d07fc1..e931f7f516 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -10,7 +10,7 @@
  */
 
 /* Serialized OID's */
-static const unsigned char so[7746] = {
+static const unsigned char so[7762] = {
     0x2A,0x86,0x48,0x86,0xF7,0x0D,                 /* [    0] OBJ_rsadsi */
     0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,            /* [    6] OBJ_pkcs */
     0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02,       /* [   13] OBJ_md2 */
@@ -1074,9 +1074,11 @@ static const unsigned char so[7746] = {
     0x2A,0x85,0x03,0x07,0x01,0x02,0x01,0x01,0x02,  /* [ 7718] OBJ_id_tc26_gost_3410_2012_256_paramSetB */
     0x2A,0x85,0x03,0x07,0x01,0x02,0x01,0x01,0x03,  /* [ 7727] OBJ_id_tc26_gost_3410_2012_256_paramSetC */
     0x2A,0x85,0x03,0x07,0x01,0x02,0x01,0x01,0x04,  /* [ 7736] OBJ_id_tc26_gost_3410_2012_256_paramSetD */
+    0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0C,       /* [ 7745] OBJ_hmacWithSHA512_224 */
+    0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0D,       /* [ 7753] OBJ_hmacWithSHA512_256 */
 };
 
-#define NUM_NID 1193
+#define NUM_NID 1195
 static const ASN1_OBJECT nid_objs[NUM_NID] = {
     {"UNDEF", "undefined", NID_undef},
     {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]},
@@ -2271,9 +2273,11 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = {
     {"magma-cbc", "magma-cbc", NID_magma_cbc},
     {"magma-cfb", "magma-cfb", NID_magma_cfb},
     {"magma-mac", "magma-mac", NID_magma_mac},
+    {"hmacWithSHA512-224", "hmacWithSHA512-224", NID_hmacWithSHA512_224, 8, &so[7745]},
+    {"hmacWithSHA512-256", "hmacWithSHA512-256", NID_hmacWithSHA512_256, 8, &so[7753]},
 };
 
-#define NUM_SN 1184
+#define NUM_SN 1186
 static const unsigned int sn_objs[NUM_SN] = {
      364,    /* "AD_DVCS" */
      419,    /* "AES-128-CBC" */
@@ -2757,6 +2761,8 @@ static const unsigned int sn_objs[NUM_SN] = {
      799,    /* "hmacWithSHA256" */
      800,    /* "hmacWithSHA384" */
      801,    /* "hmacWithSHA512" */
+    1193,    /* "hmacWithSHA512-224" */
+    1194,    /* "hmacWithSHA512-256" */
      432,    /* "holdInstructionCallIssuer" */
      430,    /* "holdInstructionCode" */
      431,    /* "holdInstructionNone" */
@@ -3461,7 +3467,7 @@ static const unsigned int sn_objs[NUM_SN] = {
     1093,    /* "x509ExtAdmission" */
 };
 
-#define NUM_LN 1184
+#define NUM_LN 1186
 static const unsigned int ln_objs[NUM_LN] = {
      363,    /* "AD Time Stamping" */
      405,    /* "ANSI X9.62" */
@@ -3981,6 +3987,8 @@ static const unsigned int ln_objs[NUM_LN] = {
      799,    /* "hmacWithSHA256" */
      800,    /* "hmacWithSHA384" */
      801,    /* "hmacWithSHA512" */
+    1193,    /* "hmacWithSHA512-224" */
+    1194,    /* "hmacWithSHA512-256" */
      486,    /* "homePostalAddress" */
      473,    /* "homeTelephoneNumber" */
      466,    /* "host" */
@@ -4649,7 +4657,7 @@ static const unsigned int ln_objs[NUM_LN] = {
      125,    /* "zlib compression" */
 };
 
-#define NUM_OBJ 1069
+#define NUM_OBJ 1071
 static const unsigned int obj_objs[NUM_OBJ] = {
        0,    /* OBJ_undef                        0 */
      181,    /* OBJ_iso                          1 */
@@ -5161,6 +5169,8 @@ static const unsigned int obj_objs[NUM_OBJ] = {
      799,    /* OBJ_hmacWithSHA256               1 2 840 113549 2 9 */
      800,    /* OBJ_hmacWithSHA384               1 2 840 113549 2 10 */
      801,    /* OBJ_hmacWithSHA512               1 2 840 113549 2 11 */
+    1193,    /* OBJ_hmacWithSHA512_224           1 2 840 113549 2 12 */
+    1194,    /* OBJ_hmacWithSHA512_256           1 2 840 113549 2 13 */
       37,    /* OBJ_rc2_cbc                      1 2 840 113549 3 2 */
        5,    /* OBJ_rc4                          1 2 840 113549 3 4 */
       44,    /* OBJ_des_ede3_cbc                 1 2 840 113549 3 7 */
diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num
index 57caf3c06d..1b6a9c61a1 100644
--- a/crypto/objects/obj_mac.num
+++ b/crypto/objects/obj_mac.num
@@ -1190,3 +1190,5 @@ magma_ofb		1189
 magma_cbc		1190
 magma_cfb		1191
 magma_mac		1192
+hmacWithSHA512_224		1193
+hmacWithSHA512_256		1194
diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
index d4d1daa518..f6b5f33d8c 100644
--- a/crypto/objects/objects.txt
+++ b/crypto/objects/objects.txt
@@ -391,6 +391,10 @@ rsadsi 2 9		:			: hmacWithSHA256
 rsadsi 2 10		:			: hmacWithSHA384
 rsadsi 2 11		:			: hmacWithSHA512
 
+# From RFC8018
+rsadsi 2 12             :                       : hmacWithSHA512-224
+rsadsi 2 13             :                       : hmacWithSHA512-256
+
 rsadsi 3 2		: RC2-CBC		: rc2-cbc
 			: RC2-ECB		: rc2-ecb
 !Cname rc2-cfb64
diff --git a/fuzz/oids.txt b/fuzz/oids.txt
index 842bb15a86..fe363fd37e 100644
--- a/fuzz/oids.txt
+++ b/fuzz/oids.txt
@@ -1061,3 +1061,5 @@ OBJ_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15="\x2A\x85\x03\x07\x01\x01\x07\
 OBJ_id_tc26_gost_3410_2012_256_paramSetB="\x2A\x85\x03\x07\x01\x02\x01\x01\x02"
 OBJ_id_tc26_gost_3410_2012_256_paramSetC="\x2A\x85\x03\x07\x01\x02\x01\x01\x03"
 OBJ_id_tc26_gost_3410_2012_256_paramSetD="\x2A\x85\x03\x07\x01\x02\x01\x01\x04"
+OBJ_hmacWithSHA512_224="\x2A\x86\x48\x86\xF7\x0D\x02\x0C"
+OBJ_hmacWithSHA512_256="\x2A\x86\x48\x86\xF7\x0D\x02\x0D"
diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h
index e95e369a0c..80ff5a7c86 100644
--- a/include/openssl/obj_mac.h
+++ b/include/openssl/obj_mac.h
@@ -1195,6 +1195,14 @@
 #define NID_hmacWithSHA512              801
 #define OBJ_hmacWithSHA512              OBJ_rsadsi,2L,11L
 
+#define LN_hmacWithSHA512_224           "hmacWithSHA512-224"
+#define NID_hmacWithSHA512_224          1193
+#define OBJ_hmacWithSHA512_224          OBJ_rsadsi,2L,12L
+
+#define LN_hmacWithSHA512_256           "hmacWithSHA512-256"
+#define NID_hmacWithSHA512_256          1194
+#define OBJ_hmacWithSHA512_256          OBJ_rsadsi,2L,13L
+
 #define SN_rc2_cbc              "RC2-CBC"
 #define LN_rc2_cbc              "rc2-cbc"
 #define NID_rc2_cbc             37
-- 
2.25.1