diff --git a/src/crypto/crypto_common.cc b/src/crypto/crypto_common.cc index 53d9d949457c8f..b7f0dbcf8b676a 100644 --- a/src/crypto/crypto_common.cc +++ b/src/crypto/crypto_common.cc @@ -773,11 +773,10 @@ static bool PrintGeneralName(const BIOPointer& out, const GENERAL_NAME* gen) { #endif } } else if (gen->type == GEN_RID) { - // TODO(tniessen): unlike OpenSSL's default implementation, never print the - // OID as text and instead always print its numeric representation, which is - // backward compatible in practice and more future proof (see OBJ_obj2txt). + // Unlike OpenSSL's default implementation, never print the OID as text and + // instead always print its numeric representation. char oline[256]; - i2t_ASN1_OBJECT(oline, sizeof(oline), gen->d.rid); + OBJ_obj2txt(oline, sizeof(oline), gen->d.rid, true); BIO_printf(out.get(), "Registered ID:%s", oline); } else if (gen->type == GEN_OTHERNAME) { // TODO(tniessen): the format that is used here is based on OpenSSL's diff --git a/test/parallel/test-x509-escaping.js b/test/parallel/test-x509-escaping.js index ba11dde79b0821..4c05e2bdb7337c 100644 --- a/test/parallel/test-x509-escaping.js +++ b/test/parallel/test-x509-escaping.js @@ -81,9 +81,9 @@ const { hasOpenSSL3 } = common; hasOpenSSL3 ? 'DirName:"/C=DE/L=Berlin\\\\/CN=good.example.com"' : 'DirName:/C=DE/L=Berlin/CN=good.example.com', - // TODO(tniessen): even OIDs that are well-known (such as the following, - // which is sha256WithRSAEncryption) should be represented numerically only. - 'Registered ID:sha256WithRSAEncryption', + // Even OIDs that are well-known (such as the following, which is + // sha256WithRSAEncryption) should be represented numerically only. + 'Registered ID:1.2.840.113549.1.1.11', // This is an OID that will likely never be assigned to anything, thus // OpenSSL should not know it. 'Registered ID:1.3.9999.12.34',