Revert unification for some error codes
Signed-off-by: Felix Conway <felix.conway@arm.com>
diff --git a/include/mbedtls/pkcs7.h b/include/mbedtls/pkcs7.h
index cf9e440..957ca53 100644
--- a/include/mbedtls/pkcs7.h
+++ b/include/mbedtls/pkcs7.h
@@ -53,7 +53,7 @@
#define MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO -0x5480 /**< The PKCS #7 content info is invalid or cannot be parsed. */
#define MBEDTLS_ERR_PKCS7_INVALID_ALG -0x5500 /**< The algorithm tag or value is invalid or cannot be parsed. */
#define MBEDTLS_ERR_PKCS7_INVALID_CERT -0x5580 /**< The certificate tag or value is invalid or cannot be parsed. */
-#define MBEDTLS_ERR_PKCS7_INVALID_SIGNATURE PSA_ERROR_INVALID_SIGNATURE /**< Error parsing the signature */
+#define MBEDTLS_ERR_PKCS7_INVALID_SIGNATURE -0x5600 /**< Error parsing the signature */
#define MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO -0x5680 /**< Error parsing the signer's info */
#define MBEDTLS_ERR_PKCS7_BAD_INPUT_DATA PSA_ERROR_INVALID_ARGUMENT /**< Input invalid. */
#define MBEDTLS_ERR_PKCS7_ALLOC_FAILED PSA_ERROR_INSUFFICIENT_MEMORY /**< Allocation of memory failed. */
diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index a021a7d..3cced52 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -58,7 +58,7 @@
/** The date tag or value is invalid. */
#define MBEDTLS_ERR_X509_INVALID_DATE -0x2400
/** The signature tag or value invalid. */
-#define MBEDTLS_ERR_X509_INVALID_SIGNATURE PSA_ERROR_INVALID_SIGNATURE
+#define MBEDTLS_ERR_X509_INVALID_SIGNATURE -0x2480
/** The extension tag or value is invalid. */
#define MBEDTLS_ERR_X509_INVALID_EXTENSIONS -0x2500
/** CRT/CRL/CSR has an unsupported version number. */
@@ -68,11 +68,11 @@
/** Signature algorithms do not match. (see \c ::mbedtls_x509_crt sig_oid) */
#define MBEDTLS_ERR_X509_SIG_MISMATCH -0x2680
/** Certificate verification failed, e.g. CRL, CA or signature check failed. */
-#define MBEDTLS_ERR_X509_CERT_VERIFY_FAILED PSA_ERROR_INVALID_SIGNATURE
+#define MBEDTLS_ERR_X509_CERT_VERIFY_FAILED -0x2700
/** Format not recognized as DER or PEM. */
#define MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780
/** Input invalid. */
-#define MBEDTLS_ERR_X509_BAD_INPUT_DATA PSA_ERROR_INVALID_ARGUMENT
+#define MBEDTLS_ERR_X509_BAD_INPUT_DATA -0x2800
/** Allocation of memory failed. */
#define MBEDTLS_ERR_X509_ALLOC_FAILED PSA_ERROR_INSUFFICIENT_MEMORY
/** Read/write of file failed. */
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index 6b81652..6198648 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -610,7 +610,7 @@
* other than fatal error, as a non-zero return code
* immediately aborts the verification process. For fatal
* errors, a specific error code should be used (different
- * from #PSA_ERROR_INVALID_SIGNATURE which should not
+ * from #MBEDTLS_ERR_X509_CERT_VERIFY_FAILED which should not
* be returned at this point), or MBEDTLS_ERR_X509_FATAL_ERROR
* can be used if no better code is available.
*
@@ -653,7 +653,7 @@
*
* \return \c 0 if the chain is valid with respect to the
* passed CN, CAs, CRLs and security profile.
- * \return #PSA_ERROR_INVALID_SIGNATURE in case the
+ * \return #MBEDTLS_ERR_X509_CERT_VERIFY_FAILED in case the
* certificate chain verification failed. In this case,
* \c *flags will have one or more
* \c MBEDTLS_X509_BADCERT_XXX or \c MBEDTLS_X509_BADCRL_XXX
@@ -694,7 +694,7 @@
*
* \return \c 0 if the chain is valid with respect to the
* passed CN, CAs, CRLs and security profile.
- * \return #PSA_ERROR_INVALID_SIGNATURE in case the
+ * \return #MBEDTLS_ERR_X509_CERT_VERIFY_FAILED in case the
* certificate chain verification failed. In this case,
* \c *flags will have one or more
* \c MBEDTLS_X509_BADCERT_XXX or \c MBEDTLS_X509_BADCRL_XXX
@@ -826,7 +826,7 @@
* that bit MAY be set.
*
* \return 0 is these uses of the certificate are allowed,
- * #PSA_ERROR_INVALID_ARGUMENT if the keyUsage extension
+ * #MBEDTLS_ERR_X509_BAD_INPUT_DATA if the keyUsage extension
* is present but does not match the usage argument.
*
* \note You should only call this function on leaf certificates, on
@@ -845,7 +845,7 @@
* \param usage_len Length of usage_oid (eg given by MBEDTLS_OID_SIZE()).
*
* \return 0 if this use of the certificate is allowed,
- * #PSA_ERROR_INVALID_ARGUMENT if not.
+ * #MBEDTLS_ERR_X509_BAD_INPUT_DATA if not.
*
* \note Usually only makes sense on leaf certificates.
*/
@@ -952,7 +952,7 @@
* input buffer
*
* \return 0 if successful, or
- * #PSA_ERROR_INVALID_ARGUMENT if the provided input buffer
+ * #MBEDTLS_ERR_X509_BAD_INPUT_DATA if the provided input buffer
* is too big (longer than MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN)
*/
int mbedtls_x509write_crt_set_serial_raw(mbedtls_x509write_cert *ctx,