diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2017-03-03 08:27:23 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2017-03-03 08:45:23 +0100 |
commit | 6054e79688f4fe9d31f371208a0e5d65d5ac8d6e (patch) | |
tree | 1d1e0609e784ada001ef13d5d20274fd94d13c82 /lib/x509 | |
parent | ed8810c4bbfec66f4ae7f144e291ce54c66e6a4d (diff) | |
download | gnutls-6054e79688f4fe9d31f371208a0e5d65d5ac8d6e.tar.gz |
gnutls_x509_crt_set_serial: document the 20-byte limit for serial sizes
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Diffstat (limited to 'lib/x509')
-rw-r--r-- | lib/x509/x509_write.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/x509/x509_write.c b/lib/x509/x509_write.c index 5a4c4de327..713a7e73cf 100644 --- a/lib/x509/x509_write.c +++ b/lib/x509/x509_write.c @@ -1204,6 +1204,10 @@ gnutls_x509_crt_set_expiration_time(gnutls_x509_crt_t cert, * with the X.509/PKIX specifications the provided @serial should be * a big-endian positive number (i.e. it's leftmost bit should be zero). * + * The size of the serial is restricted to 20 bytes maximum by RFC5280. + * This function allows writing more than 20 bytes but the generated + * certificates in that case may be rejected by other implementations. + * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. **/ |