feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Add more comments for alternatives and security risk

Browse Source
This commit is contained in:
Lealem Amedie
2023-04-20 14:36:22 -06:00
parent b0c6a3ec75
commit a963adc33d
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
wolfcrypt/src/asn.c
View File

@ -43,7 +43,11 @@
/* /*
ASN Options: ASN Options:
* NO_ASN_TIME_CHECK: Disables ASN time checks (avoiding the ASN_BEFORE_DATE_E * NO_ASN_TIME_CHECK: Disables ASN time checks (avoiding the ASN_BEFORE_DATE_E
* and ASN_AFTER_DATE_E errors). * and ASN_AFTER_DATE_E errors). Safer ways to avoid date errors would be to
* set the WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY flag when calling the _ex versions of
* cert loading functions or to define the WOLFSSL_NO_OCSP_DATE_CHECK macro to
* skip OCSP date errors. Defining NO_ASN_TIME_CHECK will skip ALL date checks
* and could pose a security risk.
* NO_ASN_TIME: Disables time parts of the ASN code for systems without an RTC * NO_ASN_TIME: Disables time parts of the ASN code for systems without an RTC
or wishing to save space. or wishing to save space.
* IGNORE_NAME_CONSTRAINTS: Skip ASN name checks. * IGNORE_NAME_CONSTRAINTS: Skip ASN name checks.