wolfSSL · JacobBarthelmeh · Sep 8, 2023 · Sep 8, 2023
diff --git a/wolfSSL/src/chapter02.md b/wolfSSL/src/chapter02.md
@@ -1365,6 +1365,14 @@ Enable Max Strength build, allows TSLv1.2-AEAD-PFS ciphers only
 
 Disable Hardened build, Enables Timing Resistance and Blinding
 
+To disable via user_settings.h the equivalent settings would be:
+
+* `#define WC_NO_CACHE_RESISTANT`
+* `#define WC_NO_HARDEN`
+* Remove the setting `WC_RSA_BLINDING` if present or un-define it
+* Remove the setting `ECC_TIMING_RESISTANT` if present or un-define it
+* Remove the setting `TFM_TIMING_RESISTANT` if present or un-define it
+
 ### `--enable-ipv6`
 
 Enable testing of IPv6, wolfSSL proper is IP neutral

diff --git a/wolfSSL/src/chapter04.md b/wolfSSL/src/chapter04.md
@@ -696,7 +696,7 @@ See also: [`--disable-harden`](chapter02.md#--disable-harden)
 
 Timing resistance and cache resistance defines enabled with `--enable-harden`:
 
-* `WOLFSSL_SP_CACHE_RESISTANT`: Enables logic to mask the address used.
+* DEPRECATED: `WOLFSSL_SP_CACHE_RESISTANT`: Always on by default, see [`--disable-harden`](chapter02.md#--disable-harden) to disable default cache resistance.
 * `WC_RSA_BLINDING`: Enables blinding mode, to prevent timing attacks.
 * `ECC_TIMING_RESISTANT`: ECC specific timing resistance.
 * `TFM_TIMING_RESISTANT`: Fast math specific timing resistance.