Annotate incorrect value for ub_email_address

The ub_email_address upper bound, 128, returned for NID_pkcs9_emailAddress,
doesn't match the PKCS#9 specification where it is 255.  This was adjusted
in RFC 5280:

   The ASN.1 modules in Appendix A are unchanged from RFC 3280, except
   that ub-emailaddress-length was changed from 128 to 255 in order to
   align with PKCS #9 [RFC2985].

Nobody seems to have noticed so far, so leave it at an XXX and a BUGS
entry for now. It also clearly has the wrong name.

Another mystery is why the RFCs suffix some upper bounds with length, but
not others. Also, OpenSSL chose to be inconsistent with that, because
inconsistency is one of the few things this library is really good at.

1 files changed, 6 insertions, 1 deletions

diff --git a/lib/libcrypto/man/ASN1_STRING_TABLE_get.3 b/lib/libcrypto/man/ASN1_STRING_TABLE_get.3
index 0fcc8a123de..7e3e360ac3c 100644
--- a/lib/libcrypto/man/ASN1_STRING_TABLE_get.3
+++ b/lib/libcrypto/man/ASN1_STRING_TABLE_get.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ASN1_STRING_TABLE_get.3,v 1.1 2023/12/16 10:26:10 tb Exp $
+.\" $OpenBSD: ASN1_STRING_TABLE_get.3,v 1.2 2023/12/16 12:56:20 tb Exp $
 .\" checked up to:
 .\" OpenSSL ASN1_STRING_TABLE_add.pod 7b608d08 Jul 27 01:18:50 2017 +0800
 .\"
@@ -83,3 +83,8 @@ first appeared in OpenSSL 0.9.5 and have been available since
 .Ox 2.7 .
 .Sh BUGS
 Most aspects of the semantics considerably differ from OpenSSL.
+.Pp
+.Dv ub_email_address ,
+which should really be called
+.Dv ub_emailaddress_length ,
+was changed in RFC 5280 from 128 to 255 to match PKCS#9 (RFC 2985).