From 7dbc47e8e6e7d7938432da2cbe391f9040e25a3a Mon Sep 17 00:00:00 2001
From: toth92g <toth92g@gmail.com>
Date: Tue, 11 May 2021 12:55:58 +0200
Subject: [PATCH] Adding some comments for easier understand

Signed-off-by: toth92g <toth92g@gmail.com>
---
 library/x509_crt.c | 51 +++++++++++++++++++++++++---------------------
 1 file changed, 28 insertions(+), 23 deletions(-)

diff --git a/library/x509_crt.c b/library/x509_crt.c
index 019d65e8c0..d3794f82c6 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -808,50 +808,55 @@ static int x509_get_authority_key_id(unsigned char **p,
     } else {
         authority_key_id->keyIdentifier.len = len;
         authority_key_id->keyIdentifier.p = *p;
+        /* Setting tag of the keyIdentfier intentionally to 0x04.
+         * Although the .keyIdentfier field is CONTEXT_SPECIFIC ([0] OPTIONAL),
+         * its tag with the content is the payload of on OCTET STRING primitive   */
         authority_key_id->keyIdentifier.tag = MBEDTLS_ASN1_OCTET_STRING;
 
         *p += len;
     }
 
     if (*p < end) {
+        /* Getting authorityCertIssuer using the required specific class tag [1] */
         if ((ret = mbedtls_asn1_get_tag(p, end, &len,
                                         MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED |
                                         1)) != 0) {
             /* authorityCertIssuer is an OPTIONAL field */
         } else {
-            if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+            /* Getting directoryName using the required specific class tag [4] *
+               if ((ret = mbedtls_asn1_get_tag(p, end, &len,
                                             MBEDTLS_ASN1_CONTEXT_SPECIFIC |
                                             MBEDTLS_ASN1_CONSTRUCTED | 4)) != 0) {
                 return ret;
-            } else {
+               } else {
                 /* "end" also includes the CertSerialNumber field so "len" shall be used */
-                ret = x509_get_general_names(p,
-                                             (*p+len),
-                                             &authority_key_id->authorityCertIssuer);
-            }
+            ret = x509_get_general_names(p,
+                                         (*p+len),
+                                         &authority_key_id->authorityCertIssuer);
         }
     }
+}
 
-    if (*p < end) {
-        if ((ret = mbedtls_asn1_get_tag(p, end, &len,
-                                        MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_INTEGER)) !=
-            0) {
-            /* authorityCertSerialNumber is an OPTIONAL field, but if there are still data it must be the serial number */
-            return ret;
-        } else {
-            authority_key_id->authorityCertSerialNumber.len = len;
-            authority_key_id->authorityCertSerialNumber.p = *p;
-            authority_key_id->authorityCertSerialNumber.tag = MBEDTLS_ASN1_OCTET_STRING;
-            *p += len;
-        }
+if (*p < end) {
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+                                    MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_INTEGER)) !=
+        0) {
+        /* authorityCertSerialNumber is an OPTIONAL field, but if there are still data it must be the serial number */
+        return ret;
+    } else {
+        authority_key_id->authorityCertSerialNumber.len = len;
+        authority_key_id->authorityCertSerialNumber.p = *p;
+        authority_key_id->authorityCertSerialNumber.tag = MBEDTLS_ASN1_OCTET_STRING;
+        *p += len;
     }
+}
 
-    if (*p != end) {
-        return MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-               MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
-    }
+if (*p != end) {
+    return MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+           MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
+}
 
-    return 0;
+return 0;
 }
 
 /*