Clarify comments on subjectAltName types

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2025-01-01 09:10:03 +00:00 · 2023-02-16 06:55:10 -05:00 · 2023-02-16 06:55:10 -05:00 · 81b0b89a34
commit 81b0b89a34
parent 570a0f808b
2 changed files with 6 additions and 4 deletions
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@ -385,8 +385,9 @@ int mbedtls_x509_time_is_future(const mbedtls_x509_time *from);
 * \param san      The target structure to populate with the parsed presentation
 *                 of the subject alternative name encoded in \p san_raw.
 *
- * \note           Only "dnsName", "uniformResourceIdentifier" and "otherName",
- *                 as defined in RFC 5280, is supported.
+ * \note           Supported GeneralName types, as defined in RFC 5280:
+ *                 "dnsName", "uniformResourceIdentifier" and "hardware_module_name"
+ *                 of type "otherName", as defined in RFC 4108.
 *
 * \note           This function should be called on a single raw data of
 *                 subject alternative name. For example, after successful
--- a/library/x509.c
+++ b/library/x509.c
@ -1227,8 +1227,9 @@ static int x509_get_other_name(const mbedtls_x509_buf *subject_alt_name,
 *      nameAssigner            [0]     DirectoryString OPTIONAL,
 *      partyName               [1]     DirectoryString }
 *
- * NOTE: we list all types, but only use "dnsName", "otherName" and
- * "uniformResourceIdentifier", as defined in RFC 5280, at this point.
+ * We list all types, but use the following GeneralName types from RFC 5280:
+ * "dnsName", "uniformResourceIdentifier" and "hardware_module_name"
+ * of type "otherName", as defined in RFC 4108.
 */
 int mbedtls_x509_get_subject_alt_name(unsigned char **p,
                                      const unsigned char *end,