purpose/trust: Improve comments about COUNT/MAX confusion

diff --git a/lib/libcrypto/x509/x509_purp.c b/lib/libcrypto/x509/x509_purp.c
index dbae7bc..35f20e2 100644 (file)
--- a/lib/libcrypto/x509/x509_purp.c
+++ b/lib/libcrypto/x509/x509_purp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_purp.c,v 1.34 2024/01/06 17:17:08 tb Exp $ */
+/* $OpenBSD: x509_purp.c,v 1.35 2024/01/07 16:22:46 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
@@ -232,7 +232,10 @@ LCRYPTO_ALIAS(X509_PURPOSE_get_by_sname);
 int
 X509_PURPOSE_get_by_id(int purpose)
 {
-       /* X509_PURPOSE_MIN == 1, so the bounds are correct. */
+       /*
+        * Ensure the purpose identifier is between MIN and MAX inclusive.
+        * If so, translate it to an index into the xstandard[] table.
+        */
        if (purpose < X509_PURPOSE_MIN || purpose > X509_PURPOSE_MAX)
                return -1;
 

diff --git a/lib/libcrypto/x509/x509_trs.c b/lib/libcrypto/x509/x509_trs.c
index e3a20e2..6e98eb2 100644 (file)
--- a/lib/libcrypto/x509/x509_trs.c
+++ b/lib/libcrypto/x509/x509_trs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_trs.c,v 1.33 2024/01/07 14:50:45 tb Exp $ */
+/* $OpenBSD: x509_trs.c,v 1.34 2024/01/07 16:22:46 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -191,7 +191,10 @@ LCRYPTO_ALIAS(X509_TRUST_get0);
 int
 X509_TRUST_get_by_id(int id)
 {
-       /* X509_TRUST_MIN == 1, so the bounds are correct. */
+       /*
+        * Ensure the trust identifier is between MIN and MAX inclusive.
+        * If so, translate it into an index into the trstandard[] table.
+        */
        if (id < X509_TRUST_MIN && id > X509_TRUST_MAX)
                return -1;