From 65910c0d6cdbca6d8efa919378d72eff34016f35 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= <tniessen@tnie.de>
Date: Sun, 16 Jan 2022 18:02:19 +0000
Subject: [PATCH] tls: represent registeredID numerically always

Refs: https://github.com/nodejs/node/commit/466e5415a2b7b3574ab5403acb87e89a94a980d1

PR-URL: https://github.com/nodejs/node/pull/41561
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 src/crypto/crypto_common.cc         | 7 +++----
 test/parallel/test-x509-escaping.js | 6 +++---
 2 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/src/crypto/crypto_common.cc b/src/crypto/crypto_common.cc
index 53d9d949457c8f..b7f0dbcf8b676a 100644
--- a/src/crypto/crypto_common.cc
+++ b/src/crypto/crypto_common.cc
@@ -773,11 +773,10 @@ static bool PrintGeneralName(const BIOPointer& out, const GENERAL_NAME* gen) {
 #endif
     }
   } else if (gen->type == GEN_RID) {
-    // TODO(tniessen): unlike OpenSSL's default implementation, never print the
-    // OID as text and instead always print its numeric representation, which is
-    // backward compatible in practice and more future proof (see OBJ_obj2txt).
+    // Unlike OpenSSL's default implementation, never print the OID as text and
+    // instead always print its numeric representation.
     char oline[256];
-    i2t_ASN1_OBJECT(oline, sizeof(oline), gen->d.rid);
+    OBJ_obj2txt(oline, sizeof(oline), gen->d.rid, true);
     BIO_printf(out.get(), "Registered ID:%s", oline);
   } else if (gen->type == GEN_OTHERNAME) {
     // TODO(tniessen): the format that is used here is based on OpenSSL's
diff --git a/test/parallel/test-x509-escaping.js b/test/parallel/test-x509-escaping.js
index ba11dde79b0821..4c05e2bdb7337c 100644
--- a/test/parallel/test-x509-escaping.js
+++ b/test/parallel/test-x509-escaping.js
@@ -81,9 +81,9 @@ const { hasOpenSSL3 } = common;
     hasOpenSSL3 ?
       'DirName:"/C=DE/L=Berlin\\\\/CN=good.example.com"' :
       'DirName:/C=DE/L=Berlin/CN=good.example.com',
-    // TODO(tniessen): even OIDs that are well-known (such as the following,
-    // which is sha256WithRSAEncryption) should be represented numerically only.
-    'Registered ID:sha256WithRSAEncryption',
+    // Even OIDs that are well-known (such as the following, which is
+    // sha256WithRSAEncryption) should be represented numerically only.
+    'Registered ID:1.2.840.113549.1.1.11',
     // This is an OID that will likely never be assigned to anything, thus
     // OpenSSL should not know it.
     'Registered ID:1.3.9999.12.34',