diff options
Diffstat (limited to 'lib/x509')
-rw-r--r-- | lib/x509/key_decode.c | 4 | ||||
-rw-r--r-- | lib/x509/mpi.c | 4 | ||||
-rw-r--r-- | lib/x509/verify-high.c | 8 |
3 files changed, 2 insertions, 14 deletions
diff --git a/lib/x509/key_decode.c b/lib/x509/key_decode.c index 1e07bbc441..00f1950acb 100644 --- a/lib/x509/key_decode.c +++ b/lib/x509/key_decode.c @@ -193,9 +193,9 @@ _gnutls_x509_read_dsa_params(uint8_t * der, int dersize, return _gnutls_asn2err(result); } - /* FIXME: If the parameters are not included in the certificate + /* If the parameters are not included in the certificate * then the issuer's parameters should be used. This is not - * done yet. + * implemented, and is not used in practice (along with DSA). */ /* Read p */ diff --git a/lib/x509/mpi.c b/lib/x509/mpi.c index 664b22c509..1be3da484e 100644 --- a/lib/x509/mpi.c +++ b/lib/x509/mpi.c @@ -134,10 +134,6 @@ _gnutls_get_asn_mpis(ASN1_TYPE asn, const char *root, _asnstr_append_name(name, sizeof(name), root, ".algorithm.parameters"); - /* FIXME: If the parameters are not included in the certificate - * then the issuer's parameters should be used. This is not - * needed in practice though. - */ if (pk_algorithm != GNUTLS_PK_RSA && pk_algorithm != GNUTLS_PK_EDDSA_ED25519 && pk_algorithm != GNUTLS_PK_ECDH_X25519) { /* RSA and EdDSA do not use parameters */ result = _gnutls_x509_read_value(asn, name, &tmp); diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c index bbb54a0f93..5515d54ff9 100644 --- a/lib/x509/verify-high.c +++ b/lib/x509/verify-high.c @@ -186,14 +186,6 @@ add_new_ca_to_rdn_seq(gnutls_x509_trust_list_t list, * This will be sent to clients when a certificate * request message is sent. */ - - /* FIXME: in case of a client it is not needed - * to do that. This would save time and memory. - * However we don't have that information available - * here. - * Further, this function is now much more efficient, - * so optimizing that is less important. - */ tmp.data = ca->raw_dn.data; tmp.size = ca->raw_dn.size; |