feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

added FIPS warning for Apple native cert validation

Browse Source
This commit is contained in:
Brett
2023-10-20 11:48:50 -06:00
parent dd12e5a39e
commit 2387579880
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/ssl.c
View File

@@ -8576,6 +8576,12 @@ int wolfSSL_CTX_load_system_CA_certs(WOLFSSL_CTX* ctx)
ctx->doAppleNativeCertValidationFlag = 1; ctx->doAppleNativeCertValidationFlag = 1;
ret = WOLFSSL_SUCCESS; ret = WOLFSSL_SUCCESS;
loaded = 1; loaded = 1;
#if FIPS_VERSION_GE(2,0) /* Gate back to cert 3389 FIPS modules */
#warning "Cryptographic operations may occur outside the FIPS module boundary" \
"Please review FIPS claims for cryptography on this Apple device"
#endif /* FIPS_VERSION_GE(2,0) */
#else #else
/* HAVE_SECURITY_SECXXX_H macros are set by autotools or CMake when searching /* HAVE_SECURITY_SECXXX_H macros are set by autotools or CMake when searching
* system for the required SDK headers. If building with user_settings.h, you * system for the required SDK headers. If building with user_settings.h, you