commit a1b2bfff467d114365d5b9cd17a798de9201651e
author Dave Rodgman <dave.rodgman@arm.com> Mon Feb 20 14:45:09 2023 +0000
committer Dave Rodgman <dave.rodgman@arm.com> Mon Feb 20 14:45:09 2023 +0000
tree 0e1ddf4f9819e8709ca982efff295b161453435f
parent d652dce9eacad8eba19b0f54abbcfd6cb8a5a64e

Add clarifying comments

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>

library/pkcs7.c

diff --git a/library/pkcs7.c b/library/pkcs7.c
index ba43f49..010d706 100644
--- a/library/pkcs7.c
+++ b/library/pkcs7.c
@@ -607,13 +607,16 @@
     }
 
     if (MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_SIGNED_DATA, p, len)) {
+        /* OID is not MBEDTLS_OID_PKCS7_SIGNED_DATA, which is the only supported feature */
         if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_DATA, p, len)
             || !MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_ENCRYPTED_DATA, p, len)
             || !MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_ENVELOPED_DATA, p, len)
             || !MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_SIGNED_AND_ENVELOPED_DATA, p, len)
             || !MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_DIGESTED_DATA, p, len)) {
+            /* OID is valid according to the spec, but unsupported */
             ret =  MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE;
         } else {
+            /* OID is invalid according to the spec */
             ret = MBEDTLS_ERR_PKCS7_BAD_INPUT_DATA;
         }
         goto out;