From 19d77b6aa696a66bb6825f00a8ad2ff9c0bb85a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 7 Mar 2018 09:36:30 +0100 Subject: [PATCH] Clarify mutual references in comments --- library/x509_crt.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/library/x509_crt.c b/library/x509_crt.c index cb8159d3e..112348538 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1894,11 +1894,11 @@ static int x509_crt_check_parent( const mbedtls_x509_crt *child, * This function is called in two cases: * - child was found to have a parent in trusted roots, in which case we're * called with trust_ca pointing directly to that parent (not the full list) - * - this happens in cases 1, 2 and 3 of the comment on verify() + * - this is cases 1, 2 and 3 of the comment on verify_with_profile() * - case 1 is special as child and trust_ca point to copies of the same * certificate then * - child was found to have no parent either in the chain or in trusted CAs - * - this is cases 4 and 5 of the comment on verify() + * - this is cases 4 and 5 of the comment on verify_with_profile() * * For historical reasons, the function currently does not assume that * trust_ca points directly to the right root in the first case, and it @@ -2225,6 +2225,8 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, * (plus variant with multiple intermediates) * 5. E (EE not trusted) * verify(E, T) -> verify_top(E, T) + * + * Note: this notation and case numbering is also used in x509_crt_verify_top() */ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, mbedtls_x509_crt *trust_ca,