Only return VERIFY_FAILED from a single point Everything else is a fatal error. Also improve documentation about that for the vrfy callback.

commit: 31458a18788b0cf0b722acda9bb2f2fe13a3fb32 [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon Jun 26 10:11:49 2017 +0200
committer: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Thu Jul 06 11:58:41 2017 +0200
tree: ef4d4387ef4fec4e9318c6af4bdfa3abd5880574
parent: d15795acd5074e0b44e71f7ede8bdfe1b48591fc [diff] [blame]
diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index f219bf1..128eade 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h

@@ -76,6 +76,7 @@
 #define MBEDTLS_ERR_X509_ALLOC_FAILED                     -0x2880  /**< Allocation of memory failed. */
 #define MBEDTLS_ERR_X509_FILE_IO_ERROR                    -0x2900  /**< Read/write of file failed. */
 #define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL                 -0x2980  /**< Destination buffer is too small. */
+#define MBEDTLS_ERR_X509_FATAL_ERROR                      -0x3000  /**< A fatal error occured, eg the chain is too long or the vrfy callback failed. */
 /* \} name */
 
 /**
commit	31458a18788b0cf0b722acda9bb2f2fe13a3fb32	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Mon Jun 26 10:11:49 2017 +0200
committer	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Thu Jul 06 11:58:41 2017 +0200
tree	ef4d4387ef4fec4e9318c6af4bdfa3abd5880574
parent	d15795acd5074e0b44e71f7ede8bdfe1b48591fc [diff] [blame]