dual alg: peer review cleanup, and more function comments.

src/x509.c

@@ -8088,10 +8088,11 @@ int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out)
 /* Generate a der preTBS from a decoded cert, and write
  * to buffer.
  *
- * @param[in]  cert  The decoded cert to parse.
- * @param[out] der   The der buffer to write in.
- * @param[in]  derZ  The der buffer size.
- * @return     preTBS der size on success.
+ * @param [in]  cert  The decoded cert to parse.
+ * @param [out] der   The der buffer to write in.
+ * @param [in]  derSz The der buffer size.
+ *
+ * @return  preTBS der size on success.
  * */
 int wc_GeneratePreTBS(DecodedCert* cert, byte *der, int derSz) {
     int ret = 0;
@@ -15743,6 +15744,17 @@ int wolfSSL_X509_ACERT_verify(WOLFSSL_X509_ACERT* x509, WOLFSSL_EVP_PKEY* pkey)
     return ret == 0 ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
 }
 
+/* Loads an x509 attribute certificate from buffer, and returns
+ * pointer to new WOLFSSL_X509_ACERT struct on success.
+ *
+ * @param [in]  buf    The acert buffer to load.
+ * @param [in]  sz     The size of the buffer.
+ * @param [in]  format The format of the buffer data.
+ * @param [in]  heap   Dynamic memory allocation hint.
+ *
+ * @return  pointer to WOLFSSL_X509_ACERT on success.
+ * @return  NULL on error.
+ * */
 WOLFSSL_X509_ACERT * wolfSSL_X509_ACERT_load_certificate_buffer_ex(
     const unsigned char* buf, int sz, int format, void * heap)
 {

wolfcrypt/src/asn.c

@@ -32147,9 +32147,11 @@ static int SignCert(int requestSz, int sType, byte* buf, word32 buffSz,
  * @param [in]  buf     The input buf to sign.
  * @param [in]  bufSz   The buffer size
  * @param [in]  keyType The key type.
+ * @param [in]  key     Key data.
  * @param [in]  rng     Random number generator.
- * @return      Size of signature on success.
- * @return      < 0 on error.
+ *
+ * @return  Size of signature on success.
+ * @return  < 0 on error.
  * */
 int wc_MakeSigWithBitStr(byte *sig, int sigSz, int sType, byte* buf,
                          word32 bufSz, int keyType, void* key, WC_RNG* rng)
@@ -32282,14 +32284,16 @@ int wc_MakeSigWithBitStr(byte *sig, int sigSz, int sType, byte* buf,
 /* Sign an x509 Certificate v3 from cert input using any
  * key type, and write to buffer.
  *
- * @param [in]  requestSz Size of requested data to sign.
- * @param [in]  sType     The signature type.
- * @param [in]  derSz     Der buffer size.
- * @param [in]  keyType   The type of key.
- * @param [in]  key       Key data.
- * @param [in]  rng       Random number generator.
- * @return      Size of signature on success.
- * @return      < 0 on error
+ * @param [in]     requestSz Size of requested data to sign.
+ * @param [in]     sType     The signature type.
+ * @param [in,out] buf       Der buffer to sign.
+ * @param [in]     buffSz    Der buffer size.
+ * @param [in]     keyType   The type of key.
+ * @param [in]     key       Key data.
+ * @param [in]     rng       Random number generator.
+ *
+ * @return  Size of signature on success.
+ * @return  < 0 on error
  * */
 int wc_SignCert_ex(int requestSz, int sType, byte* buf, word32 buffSz,
                    int keyType, void* key, WC_RNG* rng)
@@ -40940,7 +40944,7 @@ static int DecodeAcertGeneralName(const byte* input, word32* inOutIdx,
  * @param [in]      input    Buffer holding encoded data.
  * @param [in]      sz       Size of encoded data in bytes.
  * @param [in]      tag      ASN.1 tag value expected in header.
- * @param [in, out] acert    Decoded certificate object.
+ * @param [in, out] acert    Decoded attribute certificate object.
  * @param [in, out] entries  Linked list of DNS name entries.
  *
  * @return  0 on success.
@@ -41069,7 +41073,7 @@ enum {
  *
  * @param [in]      input     Buffer containing encoded Holder field.
  * @param [in]      len       Length of Holder field.
- * @param [in, out] acert     Decoded certificate object.
+ * @param [in, out] acert     Decoded attribute certificate object.
  *
  * @return  0 on success.
  * @return  ASN_PARSE_E when BER encoded data does not match ASN.1 items or