Specific return code for PK sig length mismatch
diff --git a/include/polarssl/error.h b/include/polarssl/error.h
index 83102bd..d27b0e5 100644
--- a/include/polarssl/error.h
+++ b/include/polarssl/error.h
@@ -83,7 +83,7 @@
* PEM 1 9
* PKCS#12 1 4 (Started from top)
* X509 2 18
- * PK 2 13 (Started from top)
+ * PK 2 14 (Started from top, plus 0x2000)
* DHM 3 9
* PKCS5 3 4 (Started from top)
* RSA 4 9
diff --git a/include/polarssl/pk.h b/include/polarssl/pk.h
index b764d55..cebe057 100644
--- a/include/polarssl/pk.h
+++ b/include/polarssl/pk.h
@@ -57,6 +57,7 @@
#define POLARSSL_ERR_PK_INVALID_ALG -0x2A80 /**< The algorithm tag or value is invalid. */
#define POLARSSL_ERR_PK_UNKNOWN_NAMED_CURVE -0x2A00 /**< Elliptic curve is unsupported (only NIST curves are supported). */
#define POLARSSL_ERR_PK_FEATURE_UNAVAILABLE -0x2980 /**< Unavailable feature, e.g. RSA disabled for RSA key. */
+#define POLARSSL_ERR_PK_SIG_LEN_MISMATCH -0x2000 /**< The signature is valid but its length is less than expected. */
#if defined(POLARSSL_RSA_C)
@@ -288,6 +289,8 @@
* \param sig_len Signature length
*
* \return 0 on success (signature is valid),
+ * POLARSSL_ERR_PK_SIG_LEN_MISMATCH if the signature is
+ * valid but its actual length is less than sig_len,
* or a specific error code.
*
* \note If hash_len is 0, then the length associated with md_alg