2 files changed, 10 insertions, 4 deletions

diff --git a/lib/libcrypto/x509/x509_purp.c b/lib/libcrypto/x509/x509_purp.c
index dbae7bcb7c0..35f20e2bc38 100644
--- a/lib/libcrypto/x509/x509_purp.c
+++ b/lib/libcrypto/x509/x509_purp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_purp.c,v 1.34 2024/01/06 17:17:08 tb Exp $ */
+/* $OpenBSD: x509_purp.c,v 1.35 2024/01/07 16:22:46 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
@@ -232,7 +232,10 @@ LCRYPTO_ALIAS(X509_PURPOSE_get_by_sname);
 int
 X509_PURPOSE_get_by_id(int purpose)
 {
-	/* X509_PURPOSE_MIN == 1, so the bounds are correct. */
+	/*
+	 * Ensure the purpose identifier is between MIN and MAX inclusive.
+	 * If so, translate it to an index into the xstandard[] table.
+	 */
 	if (purpose < X509_PURPOSE_MIN || purpose > X509_PURPOSE_MAX)
 		return -1;
 
diff --git a/lib/libcrypto/x509/x509_trs.c b/lib/libcrypto/x509/x509_trs.c
index e3a20e22b0d..6e98eb27852 100644
--- a/lib/libcrypto/x509/x509_trs.c
+++ b/lib/libcrypto/x509/x509_trs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_trs.c,v 1.33 2024/01/07 14:50:45 tb Exp $ */
+/* $OpenBSD: x509_trs.c,v 1.34 2024/01/07 16:22:46 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -191,7 +191,10 @@ LCRYPTO_ALIAS(X509_TRUST_get0);
 int
 X509_TRUST_get_by_id(int id)
 {
-	/* X509_TRUST_MIN == 1, so the bounds are correct. */
+	/*
+	 * Ensure the trust identifier is between MIN and MAX inclusive.
+	 * If so, translate it into an index into the trstandard[] table.
+	 */
 	if (id < X509_TRUST_MIN && id > X509_TRUST_MAX)
 		return -1;