Add support for otherName:NAIRealm in output

This commit adds support for displaying RFC 7585 otherName:NAIRealm in the text output of openssl CLA: trivial Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/10594)
author: Jan-Frederik Rieckers <rieckers@uni-bremen.de> 2019-12-09 15:33:32 +0100
committer: Dmitry Belyavskiy <beldmit@gmail.com> 2019-12-11 22:29:19 +0300
commit: f5e77bb0fa25b2fd87c879eb5bfa3e7945731675 (patch)
tree: 041460f304ef32d27bbd9e5563924179c1b36ce9
parent: 77fedcdc8cf5446354a1e7ff9123d8ada5b79b06 (diff)
download: openssl-new-f5e77bb0fa25b2fd87c879eb5bfa3e7945731675.tar.gz
6 files changed, 29 insertions, 5 deletions
diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index a719df8e3d..3319ff0c02 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -10,7 +10,7 @@
  */
 
 /* Serialized OID's */
-static const unsigned char so[7837] = {
+static const unsigned char so[7845] = {
     0x2A,0x86,0x48,0x86,0xF7,0x0D,                 /* [    0] OBJ_rsadsi */
     0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,            /* [    6] OBJ_pkcs */
     0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02,       /* [   13] OBJ_md2 */
@@ -1085,9 +1085,10 @@ static const unsigned char so[7837] = {
     0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x09,       /* [ 7812] OBJ_id_on_SmtpUTF8Mailbox */
     0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x05,       /* [ 7820] OBJ_XmppAddr */
     0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x07,       /* [ 7828] OBJ_SRVName */
+    0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x08,       /* [ 7836] OBJ_NAIRealm */
 };
 
-#define NUM_NID 1211
+#define NUM_NID 1212
 static const ASN1_OBJECT nid_objs[NUM_NID] = {
     {"UNDEF", "undefined", NID_undef},
     {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]},
@@ -2300,9 +2301,10 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = {
     {"id-on-SmtpUTF8Mailbox", "Smtp UTF8 Mailbox", NID_id_on_SmtpUTF8Mailbox, 8, &so[7812]},
     {"id-on-xmppAddr", "XmppAddr", NID_XmppAddr, 8, &so[7820]},
     {"id-on-dnsSRV", "SRVName", NID_SRVName, 8, &so[7828]},
+    {"id-on-NAIRealm", "NAIRealm", NID_NAIRealm, 8, &so[7836]},
 };
 
-#define NUM_SN 1202
+#define NUM_SN 1203
 static const unsigned int sn_objs[NUM_SN] = {
      364,    /* "AD_DVCS" */
      419,    /* "AES-128-CBC" */
@@ -2957,6 +2959,7 @@ static const unsigned int sn_objs[NUM_SN] = {
      279,    /* "id-mod-qualified-cert-93" */
      281,    /* "id-mod-timestamp-protocol" */
      264,    /* "id-on" */
+    1211,    /* "id-on-NAIRealm" */
     1208,    /* "id-on-SmtpUTF8Mailbox" */
     1210,    /* "id-on-dnsSRV" */
      858,    /* "id-on-permanentIdentifier" */
@@ -3508,7 +3511,7 @@ static const unsigned int sn_objs[NUM_SN] = {
     1093,    /* "x509ExtAdmission" */
 };
 
-#define NUM_LN 1202
+#define NUM_LN 1203
 static const unsigned int ln_objs[NUM_LN] = {
      363,    /* "AD Time Stamping" */
      405,    /* "ANSI X9.62" */
@@ -3622,6 +3625,7 @@ static const unsigned int ln_objs[NUM_LN] = {
      648,    /* "Microsoft Smartcard Login" */
      136,    /* "Microsoft Trust List Signing" */
      649,    /* "Microsoft User Principal Name" */
+    1211,    /* "NAIRealm" */
      393,    /* "NULL" */
      404,    /* "NULL" */
       72,    /* "Netscape Base Url" */
@@ -4714,7 +4718,7 @@ static const unsigned int ln_objs[NUM_LN] = {
      125,    /* "zlib compression" */
 };
 
-#define NUM_OBJ 1080
+#define NUM_OBJ 1081
 static const unsigned int obj_objs[NUM_OBJ] = {
        0,    /* OBJ_undef                        0 */
      181,    /* OBJ_iso                          1 */
@@ -5366,6 +5370,7 @@ static const unsigned int obj_objs[NUM_OBJ] = {
      858,    /* OBJ_id_on_permanentIdentifier    1 3 6 1 5 5 7 8 3 */
     1209,    /* OBJ_XmppAddr                     1 3 6 1 5 5 7 8 5 */
     1210,    /* OBJ_SRVName                      1 3 6 1 5 5 7 8 7 */
+    1211,    /* OBJ_NAIRealm                     1 3 6 1 5 5 7 8 8 */
     1208,    /* OBJ_id_on_SmtpUTF8Mailbox        1 3 6 1 5 5 7 8 9 */
      348,    /* OBJ_id_pda_dateOfBirth           1 3 6 1 5 5 7 9 1 */
      349,    /* OBJ_id_pda_placeOfBirth          1 3 6 1 5 5 7 9 2 */
diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num
index 3ab2524244..541bb4eb3f 100644
--- a/crypto/objects/obj_mac.num
+++ b/crypto/objects/obj_mac.num
@@ -1208,3 +1208,4 @@ x942kdf		1207
 id_on_SmtpUTF8Mailbox		1208
 XmppAddr		1209
 SRVName		1210
+NAIRealm		1211
diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
index 8833acd500..693852aa3c 100644
--- a/crypto/objects/objects.txt
+++ b/crypto/objects/objects.txt
@@ -611,6 +611,7 @@ id-on 1			: id-on-personalData
 id-on 3			: id-on-permanentIdentifier : Permanent Identifier
 id-on 5			: id-on-xmppAddr : XmppAddr
 id-on 7			: id-on-dnsSRV : SRVName
+id-on 8			: id-on-NAIRealm : NAIRealm
 id-on 9			: id-on-SmtpUTF8Mailbox : Smtp UTF8 Mailbox
 
 # personal data attributes
diff --git a/crypto/x509/v3_alt.c b/crypto/x509/v3_alt.c
index f31b884db1..a910d5d718 100644
--- a/crypto/x509/v3_alt.c
+++ b/crypto/x509/v3_alt.c
@@ -113,6 +113,13 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
                             &ret))
                 return NULL;
             break;
+        case NID_NAIRealm:
+            if (gen->d.otherName->value->type != V_ASN1_UTF8STRING
+                    || !X509V3_add_value_uchar("othername: NAIRealm:",
+                            gen->d.otherName->value->value.utf8string->data,
+                            &ret))
+                return NULL;
+            break;
         default:
             if (!X509V3_add_value("othername", "<unsupported>", &ret))
                 return NULL;
@@ -217,6 +224,10 @@ int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen)
             BIO_printf(out, "othername:UPN:%s",
                        gen->d.otherName->value->value.utf8string->data);
             break;
+        case NID_NAIRealm:
+            BIO_printf(out, "othername:NAIRealm:%s",
+                       gen->d.otherName->value->value.utf8string->data);
+            break;
         default:
             BIO_printf(out, "othername:<unsupported>");
             break;
diff --git a/fuzz/oids.txt b/fuzz/oids.txt
index 6cba5af9b1..cfc3392677 100644
--- a/fuzz/oids.txt
+++ b/fuzz/oids.txt
@@ -1072,3 +1072,4 @@ OBJ_SM2_with_SM3="\x2A\x81\x1C\xCF\x55\x01\x83\x75"
 OBJ_id_on_SmtpUTF8Mailbox="\x2B\x06\x01\x05\x05\x07\x08\x09"
 OBJ_XmppAddr="\x2B\x06\x01\x05\x05\x07\x08\x05"
 OBJ_SRVName="\x2B\x06\x01\x05\x05\x07\x08\x07"
+OBJ_NAIRealm="\x2B\x06\x01\x05\x05\x07\x08\x08"
diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h
index 4fb8601bf1..2696a4b204 100644
--- a/include/openssl/obj_mac.h
+++ b/include/openssl/obj_mac.h
@@ -1866,6 +1866,11 @@
 #define NID_SRVName             1210
 #define OBJ_SRVName             OBJ_id_on,7L
 
+#define SN_NAIRealm             "id-on-NAIRealm"
+#define LN_NAIRealm             "NAIRealm"
+#define NID_NAIRealm            1211
+#define OBJ_NAIRealm            OBJ_id_on,8L
+
 #define SN_id_on_SmtpUTF8Mailbox                "id-on-SmtpUTF8Mailbox"
 #define LN_id_on_SmtpUTF8Mailbox                "Smtp UTF8 Mailbox"
 #define NID_id_on_SmtpUTF8Mailbox               1208
author	Jan-Frederik Rieckers <rieckers@uni-bremen.de>	2019-12-09 15:33:32 +0100
committer	Dmitry Belyavskiy <beldmit@gmail.com>	2019-12-11 22:29:19 +0300
commit	f5e77bb0fa25b2fd87c879eb5bfa3e7945731675 (patch)
tree	041460f304ef32d27bbd9e5563924179c1b36ce9
parent	77fedcdc8cf5446354a1e7ff9123d8ada5b79b06 (diff)
download	openssl-new-f5e77bb0fa25b2fd87c879eb5bfa3e7945731675.tar.gz