Improve subjectAltName extension parsing and printing

configure.ac

@@ -7815,6 +7815,9 @@ then
 
     # Uses alt name
     ENABLED_ALTNAMES="yes"
+
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_OID_ENCODING -DWOLFSSL_NO_ASN_STRICT"
+
 fi
 
 if test "$ENABLED_STRONGSWAN" = "yes"; then

src/ssl.c

@@ -29369,6 +29369,28 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl)
     }
 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
 
+#if defined(OPENSSL_ALL)
+/* Returns the oid buffer from the short name or long name of an ASN1_object
+ * and NULL on failure */
+const byte* wolfSSL_OBJ_txt2oidBuf(char* buf, word32* inOutSz, word32 oidType)
+    {
+        word32 oid;
+        int    nid;
+
+        if (buf == NULL)
+            return NULL;
+
+        nid = wolfSSL_OBJ_txt2nid(buf);
+
+        if (nid != NID_undef) {
+            oid    = nid2oid(nid, oidType);
+            return OidFromId(oid, oidType,inOutSz);
+        }
+
+        return NULL;
+    }
+#endif /* OPENSSL_ALL */
+
 #if defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) || \
     defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(HAVE_STUNNEL) || \
     defined(WOLFSSL_NGINX) || defined(HAVE_POCO_LIB) || \
@@ -34269,6 +34291,24 @@ word32 nid2oid(int nid, int grp)
             }
             break;
 
+        /* oidCmsKeyAgreeType */
+    #ifdef WOLFSSL_CERT_REQ
+        case oidCsrAttrType:
+            switch (nid) {
+                case NID_pkcs9_contentType:
+                    return PKCS9_CONTENT_TYPE_OID;
+                case NID_pkcs9_challengePassword:
+                    return CHALLENGE_PASSWORD_OID;
+                case NID_serialNumber:
+                    return SERIAL_NUMBER_OID;
+                case NID_userId:
+                    return USER_ID_OID;
+                case NID_surname:
+                    return SURNAME_OID;
+            }
+            break;
+    #endif
+
         default:
             WOLFSSL_MSG("NID not in table");
             /* MSVC warns without the cast */
@@ -34647,7 +34687,7 @@ int oid2nid(word32 oid, int grp)
 #endif
 
         default:
-            WOLFSSL_MSG("NID not in table");
+            WOLFSSL_MSG("OID not in table");
     }
     /* If not found in above switch then try the table */
     for (i = 0; i < WOLFSSL_OBJECT_INFO_SZ; i++) {

src/x509.c

@@ -5790,11 +5790,21 @@ static int X509PrintSubjAltName(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
                 else if (entry->type == ASN_URI_TYPE) {
                     len = XSNPRINTF(scratch, MAX_WIDTH, "URI:%s",
                         entry->name);
+                     if (len >= MAX_WIDTH) {
+                        ret = WOLFSSL_FAILURE;
+                        break;
+                    }
+                }
+            #if defined(OPENSSL_ALL)
+                else if (entry->type == ASN_RID_TYPE) {
+                    len = XSNPRINTF(scratch, MAX_WIDTH, "Registered ID:%s",
+                        entry->ridString);
                     if (len >= MAX_WIDTH) {
                         ret = WOLFSSL_FAILURE;
                         break;
                     }
                 }
+            #endif
                 else if (entry->type == ASN_OTHER_TYPE) {
                     len = XSNPRINTF(scratch, MAX_WIDTH,
                         "othername <unsupported>");