Extend scope of ERR_RSA_UNSUPPORTED_OPERATION error code
diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h
index 2ffb7ab..562395f 100644
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@@ -48,7 +48,8 @@
#define MBEDTLS_ERR_RSA_VERIFY_FAILED -0x4380 /**< The PKCS#1 verification failed. */
#define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 /**< The output buffer for decryption is not large enough. */
#define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480 /**< The random generator failed to generate non-zeros. */
-#define MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION -0x4500 /**< The implementation doesn't provide the requested operation. */
+#define MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION -0x4500 /**< The implementation doesn't offer the requested operation,
+ e.g. because of security violations or lack of functionality */
/*
* RSA constants
diff --git a/library/error.c b/library/error.c
index 0217767..66e6aa2 100644
--- a/library/error.c
+++ b/library/error.c
@@ -332,7 +332,8 @@
if( use_ret == -(MBEDTLS_ERR_RSA_RNG_FAILED) )
mbedtls_snprintf( buf, buflen, "RSA - The random generator failed to generate non-zeros" );
if( use_ret == -(MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION) )
- mbedtls_snprintf( buf, buflen, "RSA - The implementation doesn't provide the requested operation" );
+ mbedtls_snprintf( buf, buflen, "RSA - The implementation doesn't offer the requested operation, "\
+ "e.g. because of security violations or lack of functionality" );
#endif /* MBEDTLS_RSA_C */
#if defined(MBEDTLS_SSL_TLS_C)