Fix some issues in comments

2025-01-09 05:55:28 +00:00 · 2018-03-06 10:34:11 +01:00 · 2018-03-06 10:34:11 +01:00 · b6d3e6d102
parent f1985570a9
commit b6d3e6d102
1 changed files with 6 additions and 4 deletions
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@ -1885,11 +1885,11 @@ static int x509_crt_check_parent( const mbedtls_x509_crt *child,
 }

 /*
- * Verify a certificate no parent inside the chain
+ * Verify a certificate with no parent inside the chain
 * (either the parent is a trusted root, or there is no parent)
 *
 * See comments for mbedtls_x509_crt_verify_with_profile()
- * (also for notation used belowe)
+ * (also for notation used below)
 *
 * This function is called in two cases:
 *  - child was found to have a parent in trusted roots, in which case we're
@ -2208,7 +2208,7 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
 *
 * There are five main cases to consider. Let's introduce some notation:
 *  - E means the end-entity certificate
- *  - I and intermediate CA
+ *  - I an intermediate CA
 *  - R the trusted root CA this chain anchors to
 *  - T the list of trusted roots (R and possible some others)
 *
@ -2219,8 +2219,10 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
 *      verify(E, T) -> verify_top(E, R)
 *  3. E -> I -> R (EE signed by intermediate signed by trusted root)
 *      verify(E, T) -> verify_child(E, I, T) -> verify_top(I, R)
+ *      (plus variant with multiple intermediates)
 *  4. E -> I (EE signed by intermediate that's not trusted)
 *      verify(E, T) -> verify_child(E, I, T) -> verify_top(I, T)
+ *      (plus variant with multiple intermediates)
 *  5. E (EE not trusted)
 *      verify(E, T) -> verify_top(E, T)
 */