PKCS#5 v2 PBES2 support and use in PKCS#8 encrypted certificates The error code POLARSSL_ERR_X509_PASSWORD_MISMATCH is now properly returned in case of an encryption failure in the padding. The POLARSSL_ERR_X509_PASSWORD_REQUIRED error code is only returned for PEM formatted private keys as for DER formatted ones it is impossible to distinguish if a DER blob is PKCS#8 encrypted or not.

commit: 1fd4321ba2016dfaff2b48c11f731fc9ccbd7ccf [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Mon Jun 17 15:14:42 2013 +0200
committer: Paul Bakker <p.j.bakker@polarssl.org> Mon Jun 17 15:14:42 2013 +0200
tree: 89d7e1089c7d280d0f51493044eee6a4253fedbb
parent: 19bd297dc896410e0d859729f9e8d4b1e107e6c8 [diff] [blame]
diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h
index 296925f..6dabf37 100644
--- a/include/polarssl/x509.h
+++ b/include/polarssl/x509.h

@@ -62,6 +62,8 @@
 #define POLARSSL_ERR_X509_INVALID_INPUT                    -0x2A00  /**< Input invalid. */
 #define POLARSSL_ERR_X509_MALLOC_FAILED                    -0x2A80  /**< Allocation of memory failed. */
 #define POLARSSL_ERR_X509_FILE_IO_ERROR                    -0x2B00  /**< Read/write of file failed. */
+#define POLARSSL_ERR_X509_PASSWORD_REQUIRED                -0x2B80  /**< Private key password can't be empty. */
+#define POLARSSL_ERR_X509_PASSWORD_MISMATCH                -0x2C00  /**< Given private key password does not allow for correct decryption. */
 /* \} name */
commit	1fd4321ba2016dfaff2b48c11f731fc9ccbd7ccf	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Mon Jun 17 15:14:42 2013 +0200
committer	Paul Bakker <p.j.bakker@polarssl.org>	Mon Jun 17 15:14:42 2013 +0200
tree	89d7e1089c7d280d0f51493044eee6a4253fedbb
parent	19bd297dc896410e0d859729f9e8d4b1e107e6c8 [diff] [blame]