- A error_strerror function() has been added to translate between error codes and their description.
- The error codes have been remapped and combining error codes is now done with a PLUS instead of an OR as error codes used are negative.
- Descriptions to all error codes have been added.
- Generation script for error.c has been created to automatically generate error.c from the available error definitions in the headers.
diff --git a/include/polarssl/aes.h b/include/polarssl/aes.h
index 4b97568..7404e4e 100644
--- a/include/polarssl/aes.h
+++ b/include/polarssl/aes.h
@@ -32,8 +32,8 @@
#define AES_ENCRYPT 1
#define AES_DECRYPT 0
-#define POLARSSL_ERR_AES_INVALID_KEY_LENGTH -0x0800
-#define POLARSSL_ERR_AES_INVALID_INPUT_LENGTH -0x0810
+#define POLARSSL_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */
+#define POLARSSL_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */
/**
* \brief AES context structure
diff --git a/include/polarssl/base64.h b/include/polarssl/base64.h
index 27ba685..9071155 100644
--- a/include/polarssl/base64.h
+++ b/include/polarssl/base64.h
@@ -29,8 +29,8 @@
#include <string.h>
-#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL 0x0010
-#define POLARSSL_ERR_BASE64_INVALID_CHARACTER 0x0012
+#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL -0x0010 /**< Output buffer too small. */
+#define POLARSSL_ERR_BASE64_INVALID_CHARACTER -0x0012 /**< Invalid character in input. */
#ifdef __cplusplus
extern "C" {
diff --git a/include/polarssl/bignum.h b/include/polarssl/bignum.h
index 3800967..96b0391 100644
--- a/include/polarssl/bignum.h
+++ b/include/polarssl/bignum.h
@@ -30,13 +30,13 @@
#include <stdio.h>
#include <string.h>
-#define POLARSSL_ERR_MPI_FILE_IO_ERROR 0x0002
-#define POLARSSL_ERR_MPI_BAD_INPUT_DATA 0x0004
-#define POLARSSL_ERR_MPI_INVALID_CHARACTER 0x0006
-#define POLARSSL_ERR_MPI_BUFFER_TOO_SMALL 0x0008
-#define POLARSSL_ERR_MPI_NEGATIVE_VALUE 0x000A
-#define POLARSSL_ERR_MPI_DIVISION_BY_ZERO 0x000C
-#define POLARSSL_ERR_MPI_NOT_ACCEPTABLE 0x000E
+#define POLARSSL_ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or writing to a file. */
+#define POLARSSL_ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Bad input parameters to function. */
+#define POLARSSL_ERR_MPI_INVALID_CHARACTER -0x0006 /**< There is an invalid character in the digit string. */
+#define POLARSSL_ERR_MPI_BUFFER_TOO_SMALL -0x0008 /**< The output buffer is too small to write too. */
+#define POLARSSL_ERR_MPI_NEGATIVE_VALUE -0x000A /**< The input arguments are negative or result in illegal output. */
+#define POLARSSL_ERR_MPI_DIVISION_BY_ZERO -0x000C /**< The input argument for division is zero, which is not allowed. */
+#define POLARSSL_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< The input arguments are not acceptable. */
#define MPI_CHK(f) if( ( ret = f ) != 0 ) goto cleanup
diff --git a/include/polarssl/camellia.h b/include/polarssl/camellia.h
index 4884fdc..0dcb830 100644
--- a/include/polarssl/camellia.h
+++ b/include/polarssl/camellia.h
@@ -39,8 +39,8 @@
#define CAMELLIA_ENCRYPT 1
#define CAMELLIA_DECRYPT 0
-#define POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH -0x0a00
-#define POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0a10
+#define POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH -0x0024 /**< Invalid key length. */
+#define POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */
/**
* \brief CAMELLIA context structure
diff --git a/include/polarssl/config.h b/include/polarssl/config.h
index cf3eb9a..d063e83 100644
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@@ -324,6 +324,18 @@
#define POLARSSL_DHM_C
/**
+ * \def POLARSSL_ERROR_C
+ *
+ * Enable error code to error string conversion.
+ *
+ * Module: library/error.c
+ * Caller:
+ *
+ * This module enables err_strerror().
+ */
+#define POLARSSL_ERROR_C
+
+/**
* \def POLARSSL_HAVEGE_C
*
* Enable the HAVEGE random generator.
diff --git a/include/polarssl/des.h b/include/polarssl/des.h
index f9e8e60..5606afb 100644
--- a/include/polarssl/des.h
+++ b/include/polarssl/des.h
@@ -32,7 +32,7 @@
#define DES_ENCRYPT 1
#define DES_DECRYPT 0
-#define POLARSSL_ERR_DES_INVALID_INPUT_LENGTH -0x0C00
+#define POLARSSL_ERR_DES_INVALID_INPUT_LENGTH -0x0032 /**< The data input has an invalid length. */
#define DES_KEY_SIZE 8
diff --git a/include/polarssl/dhm.h b/include/polarssl/dhm.h
index 4a479d6..94ad015 100644
--- a/include/polarssl/dhm.h
+++ b/include/polarssl/dhm.h
@@ -32,12 +32,12 @@
/*
* DHM Error codes
*/
-#define POLARSSL_ERR_DHM_BAD_INPUT_DATA 0x0480
-#define POLARSSL_ERR_DHM_READ_PARAMS_FAILED 0x0490
-#define POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED 0x04A0
-#define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED 0x04B0
-#define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED 0x04C0
-#define POLARSSL_ERR_DHM_CALC_SECRET_FAILED 0x04D0
+#define POLARSSL_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters to function. */
+#define POLARSSL_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */
+#define POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */
+#define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */
+#define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Makeing of the public value failed. */
+#define POLARSSL_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */
/**
* \brief DHM context structure
diff --git a/include/polarssl/error.h b/include/polarssl/error.h
new file mode 100644
index 0000000..b9a73af
--- /dev/null
+++ b/include/polarssl/error.h
@@ -0,0 +1,85 @@
+/**
+ * \file error.h
+ *
+ * \brief Error to string translation
+ *
+ * Copyright (C) 2006-2010, Brainspark B.V.
+ *
+ * This file is part of PolarSSL (http://www.polarssl.org)
+ * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
+ *
+ * All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+#ifndef POLARSSL_ERROR_H
+#define POLARSSL_ERROR_H
+
+/**
+ * Error code layout.
+ *
+ * Currently we try to keep all error codes within the negative space of 16
+ * bytes signed integers to support all platforms (-0x0000 - -0x8000). In
+ * addition we'd like to give two layers of information on the error if
+ * possible.
+ *
+ * For that purpose the error codes are segmented in the following manner:
+ *
+ * 16 bit error code bit-segmentation
+ *
+ * 1 bit - Intentionally not used
+ * 3 bits - High level module ID
+ * 5 bits - Module-dependent error code
+ * 6 bits - Low level module errors
+ * 1 bit - Intentionally not used
+ *
+ * Low-level module errors (0x007E-0x0002)
+ *
+ * Module Nr Codes assigned
+ * MPI 7 0x0002-0x000E
+ * BASE64 2 0x0010-0x0012
+ * ASN1 5 0x0014-0x001C
+ * AES 2 0x0020-0x0022
+ * CAMELLIA 2 0x0024-0x0026
+ * XTEA 1 0x0028-0x0028
+ * PADLOCK 1 0x0030-0x0030
+ * DES 1 0x0032-0x0032
+ * NET 10 0x0040-0x0052
+ *
+ * High-level module nr (3 bits - 0x1...-0x8...)
+ * Name ID Nr of Errors
+ * PEM 1 8
+ * X509 2 20
+ * DHM 3 6
+ * RSA 4 9
+ * MD 5 1
+ * CIPER 6 1
+ * SSL 7 27
+ *
+ * Module dependent error code (5 bits 0x.08.-0x.F8.)
+ */
+
+/**
+ * \brief Translate a PolarSSL error code into a string representation,
+ * Result is truncated if necessary and always includes a terminating
+ * null byte.
+ *
+ * \param errnum error code
+ * \param buffer buffer to place representation in
+ * \param buflen length of the buffer
+ */
+void error_strerror( int errnum, char *buffer, size_t buflen );
+
+#endif /* error.h */
diff --git a/include/polarssl/md.h b/include/polarssl/md.h
index 57a0d6a..7914d88 100644
--- a/include/polarssl/md.h
+++ b/include/polarssl/md.h
@@ -36,7 +36,7 @@
#define inline _inline
#endif
-#define POLARSSL_ERR_MD_FEATURE_UNAVAILABLE -0x0830
+#define POLARSSL_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */
typedef enum {
POLARSSL_MD_NONE=0,
diff --git a/include/polarssl/net.h b/include/polarssl/net.h
index 3fa2161..d828a3e 100644
--- a/include/polarssl/net.h
+++ b/include/polarssl/net.h
@@ -29,16 +29,16 @@
#include <string.h>
-#define POLARSSL_ERR_NET_UNKNOWN_HOST -0x0F00
-#define POLARSSL_ERR_NET_SOCKET_FAILED -0x0F10
-#define POLARSSL_ERR_NET_CONNECT_FAILED -0x0F20
-#define POLARSSL_ERR_NET_BIND_FAILED -0x0F30
-#define POLARSSL_ERR_NET_LISTEN_FAILED -0x0F40
-#define POLARSSL_ERR_NET_ACCEPT_FAILED -0x0F50
-#define POLARSSL_ERR_NET_RECV_FAILED -0x0F60
-#define POLARSSL_ERR_NET_SEND_FAILED -0x0F70
-#define POLARSSL_ERR_NET_CONN_RESET -0x0F80
-#define POLARSSL_ERR_NET_TRY_AGAIN -0x0F90
+#define POLARSSL_ERR_NET_UNKNOWN_HOST -0x0040 /**< Failed to get an IP address for the given hostname. */
+#define POLARSSL_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */
+#define POLARSSL_ERR_NET_CONNECT_FAILED -0x0044 /**< The connection to the given server / port failed. */
+#define POLARSSL_ERR_NET_BIND_FAILED -0x0046 /**< Binding of the socket failed. */
+#define POLARSSL_ERR_NET_LISTEN_FAILED -0x0048 /**< Could not listen on the socket. */
+#define POLARSSL_ERR_NET_ACCEPT_FAILED -0x004A /**< Could not accept the incoming connection. */
+#define POLARSSL_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */
+#define POLARSSL_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */
+#define POLARSSL_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */
+#define POLARSSL_ERR_NET_TRY_AGAIN -0x0052 /**< Connection was busy, try again. */
#ifdef __cplusplus
extern "C" {
diff --git a/include/polarssl/padlock.h b/include/polarssl/padlock.h
index 722c9b2..6a0bda2 100644
--- a/include/polarssl/padlock.h
+++ b/include/polarssl/padlock.h
@@ -42,7 +42,7 @@
#define PADLOCK_ALIGN16(x) (unsigned long *) (16 + ((long) x & ~15))
-#define POLARSSL_ERR_PADLOCK_DATA_MISALIGNED -0x08E0
+#define POLARSSL_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */
#ifdef __cplusplus
extern "C" {
diff --git a/include/polarssl/pem.h b/include/polarssl/pem.h
index 509ed11..1505401 100644
--- a/include/polarssl/pem.h
+++ b/include/polarssl/pem.h
@@ -35,14 +35,14 @@
* PEM data.
* \{
*/
-#define POLARSSL_ERR_PEM_NO_HEADER_PRESENT -0x0500 /**< No PEM header found. */
-#define POLARSSL_ERR_PEM_INVALID_DATA -0x0520 /**< PEM string is not as expected. */
-#define POLARSSL_ERR_PEM_MALLOC_FAILED -0x0540 /**< Failed to allocate memory. */
-#define POLARSSL_ERR_PEM_INVALID_ENC_IV -0x0560 /**< RSA IV is not in hex-format. */
-#define POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG -0x0580 /**< Unsupported key encryption algorithm. */
-#define POLARSSL_ERR_PEM_PASSWORD_REQUIRED -0x05A0 /**< Private key password can't be empty. */
-#define POLARSSL_ERR_PEM_PASSWORD_MISMATCH -0x05C0 /**< Given private key password does not allow for correct decryption. */
-#define POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE -0x05E0 /**< Unavailable feature, e.g. hashing/encryption combination. */
+#define POLARSSL_ERR_PEM_NO_HEADER_PRESENT -0x1080 /**< No PEM header found. */
+#define POLARSSL_ERR_PEM_INVALID_DATA -0x1100 /**< PEM string is not as expected. */
+#define POLARSSL_ERR_PEM_MALLOC_FAILED -0x1180 /**< Failed to allocate memory. */
+#define POLARSSL_ERR_PEM_INVALID_ENC_IV -0x1200 /**< RSA IV is not in hex-format. */
+#define POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG -0x1280 /**< Unsupported key encryption algorithm. */
+#define POLARSSL_ERR_PEM_PASSWORD_REQUIRED -0x1300 /**< Private key password can't be empty. */
+#define POLARSSL_ERR_PEM_PASSWORD_MISMATCH -0x1380 /**< Given private key password does not allow for correct decryption. */
+#define POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE -0x1400 /**< Unavailable feature, e.g. hashing/encryption combination. */
/* \} name */
/**
diff --git a/include/polarssl/rsa.h b/include/polarssl/rsa.h
index cb2420a..441c998 100644
--- a/include/polarssl/rsa.h
+++ b/include/polarssl/rsa.h
@@ -32,15 +32,15 @@
/*
* RSA Error codes
*/
-#define POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x0400
-#define POLARSSL_ERR_RSA_INVALID_PADDING -0x0410
-#define POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x0420
-#define POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x0430
-#define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x0440
-#define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x0450
-#define POLARSSL_ERR_RSA_VERIFY_FAILED -0x0460
-#define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE -0x0470
-#define POLARSSL_ERR_RSA_RNG_FAILED -0x0480
+#define POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x4080 /**< Bad input parameters to function. */
+#define POLARSSL_ERR_RSA_INVALID_PADDING -0x4100 /**< Input data contains invalid padding and is rejected. */
+#define POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x4180 /**< Something failed during generation of a key. */
+#define POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x4200 /**< Key failed to pass the libraries validity check. */
+#define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x4280 /**< The public key operation failed. */
+#define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x4300 /**< The private key operation failed. */
+#define POLARSSL_ERR_RSA_VERIFY_FAILED -0x4380 /**< The PKCS#1 verification failed. */
+#define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 /**< The output buffer for decryption is not large enough. */
+#define POLARSSL_ERR_RSA_RNG_FAILED -0x4480 /**< The random generator failed to generate non-zeros. */
/*
* PKCS#1 constants
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 15b595f..af9ec11 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -48,33 +48,35 @@
/*
* SSL Error codes
*/
-#define POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE -0x1000
-#define POLARSSL_ERR_SSL_BAD_INPUT_DATA -0x1800
-#define POLARSSL_ERR_SSL_INVALID_MAC -0x2000
-#define POLARSSL_ERR_SSL_INVALID_RECORD -0x2800
-#define POLARSSL_ERR_SSL_INVALID_MODULUS_SIZE -0x3000
-#define POLARSSL_ERR_SSL_UNKNOWN_CIPHER -0x3800
-#define POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN -0x4000
-#define POLARSSL_ERR_SSL_NO_SESSION_FOUND -0x4800
-#define POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE -0x5000
-#define POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE -0x5800
-#define POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED -0x6000
-#define POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED -0x6800
-#define POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED -0x7000
-#define POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE -0x7800
-#define POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE -0x8000
-#define POLARSSL_ERR_SSL_PEER_VERIFY_FAILED -0x8800
-#define POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY -0x9000
-#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO -0x9800
-#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO -0xA000
-#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE -0xA800
-#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0xB000
-#define POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0xB800
-#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0xC000
-#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0xC800
-#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0xD000
-#define POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0xD800
-#define POLARSSL_ERR_SSL_BAD_HS_FINISHED -0xE000
+#define POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE -0x7080 /**< The requested feature is not available. */
+#define POLARSSL_ERR_SSL_BAD_INPUT_DATA -0x7100 /**< Bad input parameters to function. */
+#define POLARSSL_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */
+#define POLARSSL_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */
+#define POLARSSL_ERR_SSL_INVALID_MODULUS_SIZE -0x7280 /**< An invalid modulus size was received. */
+#define POLARSSL_ERR_SSL_UNKNOWN_CIPHER -0x7300 /**< An unknown cipher was received. */
+#define POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */
+#define POLARSSL_ERR_SSL_NO_SESSION_FOUND -0x7400 /**< No session to recover was found. */
+#define POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */
+#define POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE -0x7500 /**< Our own certificate(s) is/are too large to send in an SSL message.*/
+#define POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED -0x7580 /**< The own certificate is not set, but needed by the server. */
+#define POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 /**< The own private key is not set, but needed. */
+#define POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */
+#define POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */
+#define POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 /**< A fatal alert message was received from our peer. */
+#define POLARSSL_ERR_SSL_PEER_VERIFY_FAILED -0x7800 /**< Verification of our peer failed. */
+#define POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */
+#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */
+#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */
+#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */
+#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */
+#define POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */
+#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 /**< Processing of the ServerHelloDone handshake message failed. */
+#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Processing of the ClientKeyExchange handshake message failed. */
+#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_RP -0x7C80 /**< Processing of the ClientKeyExchange handshake message failed in DHM Read Public. */
+#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM Calculate Secret. */
+#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */
+#define POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */
+#define POLARSSL_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */
/*
* Various constants
diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h
index 731c186..9ce98f4 100644
--- a/include/polarssl/x509.h
+++ b/include/polarssl/x509.h
@@ -42,37 +42,37 @@
* ASN1 is a standard to specify data structures.
* \{
*/
-#define POLARSSL_ERR_ASN1_OUT_OF_DATA 0x0014 /**< Out of data when parsing an ASN1 data structure. */
-#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG 0x0016 /**< ASN1 tag was of an unexpected value. */
-#define POLARSSL_ERR_ASN1_INVALID_LENGTH 0x0018 /**< Error when trying to determine the length or invalid length. */
-#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH 0x001A /**< Actual length differs from expected length. */
-#define POLARSSL_ERR_ASN1_INVALID_DATA 0x001C /**< Data is invalid. (not used) */
+#define POLARSSL_ERR_ASN1_OUT_OF_DATA -0x0014 /**< Out of data when parsing an ASN1 data structure. */
+#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG -0x0016 /**< ASN1 tag was of an unexpected value. */
+#define POLARSSL_ERR_ASN1_INVALID_LENGTH -0x0018 /**< Error when trying to determine the length or invalid length. */
+#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH -0x001A /**< Actual length differs from expected length. */
+#define POLARSSL_ERR_ASN1_INVALID_DATA -0x001C /**< Data is invalid. (not used) */
/* \} name */
/**
* \name X509 Error codes
* \{
*/
-#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x0020 /**< Unavailable feature, e.g. RSA hashing/encryption combination. */
-#define POLARSSL_ERR_X509_CERT_INVALID_PEM -0x0040 /**< The PEM-encoded certificate contains invalid elements, e.g. invalid character. */
-#define POLARSSL_ERR_X509_CERT_INVALID_FORMAT -0x0060 /**< The certificate format is invalid, e.g. different type expected. */
-#define POLARSSL_ERR_X509_CERT_INVALID_VERSION -0x0080 /**< The certificate version element is invalid. */
-#define POLARSSL_ERR_X509_CERT_INVALID_SERIAL -0x00A0 /**< The serial tag or value is invalid. */
-#define POLARSSL_ERR_X509_CERT_INVALID_ALG -0x00C0 /**< The algorithm tag or value is invalid. */
-#define POLARSSL_ERR_X509_CERT_INVALID_NAME -0x00E0 /**< The name tag or value is invalid. */
-#define POLARSSL_ERR_X509_CERT_INVALID_DATE -0x0100 /**< The date tag or value is invalid. */
-#define POLARSSL_ERR_X509_CERT_INVALID_PUBKEY -0x0120 /**< The pubkey tag or value is invalid (only RSA is supported). */
-#define POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE -0x0140 /**< The signature tag or value invalid. */
-#define POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS -0x0160 /**< The extension tag or value is invalid. */
-#define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION -0x0180 /**< Certificate or CRL has an unsupported version number. */
-#define POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG -0x01A0 /**< Signature algorithm (oid) is unsupported. */
-#define POLARSSL_ERR_X509_CERT_UNKNOWN_PK_ALG -0x01C0 /**< Public key algorithm is unsupported (only RSA is supported). */
-#define POLARSSL_ERR_X509_CERT_SIG_MISMATCH -0x01E0 /**< Certificate signature algorithms do not match. (see \c ::x509_cert sig_oid) */
-#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x0200 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */
-#define POLARSSL_ERR_X509_KEY_INVALID_VERSION -0x0240 /**< Unsupported RSA key version */
-#define POLARSSL_ERR_X509_KEY_INVALID_FORMAT -0x0260 /**< Invalid RSA key tag or value. */
-#define POLARSSL_ERR_X509_POINT_ERROR -0x0300 /**< Not used. */
-#define POLARSSL_ERR_X509_VALUE_TO_LENGTH -0x0320 /**< Not used. */
+#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Unavailable feature, e.g. RSA hashing/encryption combination. */
+#define POLARSSL_ERR_X509_CERT_INVALID_PEM -0x2100 /**< The PEM-encoded certificate contains invalid elements, e.g. invalid character. */
+#define POLARSSL_ERR_X509_CERT_INVALID_FORMAT -0x2180 /**< The certificate format is invalid, e.g. different type expected. */
+#define POLARSSL_ERR_X509_CERT_INVALID_VERSION -0x2200 /**< The certificate version element is invalid. */
+#define POLARSSL_ERR_X509_CERT_INVALID_SERIAL -0x2280 /**< The serial tag or value is invalid. */
+#define POLARSSL_ERR_X509_CERT_INVALID_ALG -0x2300 /**< The algorithm tag or value is invalid. */
+#define POLARSSL_ERR_X509_CERT_INVALID_NAME -0x2380 /**< The name tag or value is invalid. */
+#define POLARSSL_ERR_X509_CERT_INVALID_DATE -0x2400 /**< The date tag or value is invalid. */
+#define POLARSSL_ERR_X509_CERT_INVALID_PUBKEY -0x2480 /**< The pubkey tag or value is invalid (only RSA is supported). */
+#define POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE -0x2500 /**< The signature tag or value invalid. */
+#define POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS -0x2580 /**< The extension tag or value is invalid. */
+#define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION -0x2600 /**< Certificate or CRL has an unsupported version number. */
+#define POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG -0x2680 /**< Signature algorithm (oid) is unsupported. */
+#define POLARSSL_ERR_X509_CERT_UNKNOWN_PK_ALG -0x2700 /**< Public key algorithm is unsupported (only RSA is supported). */
+#define POLARSSL_ERR_X509_CERT_SIG_MISMATCH -0x2780 /**< Certificate signature algorithms do not match. (see \c ::x509_cert sig_oid) */
+#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2800 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */
+#define POLARSSL_ERR_X509_KEY_INVALID_VERSION -0x2880 /**< Unsupported RSA key version */
+#define POLARSSL_ERR_X509_KEY_INVALID_FORMAT -0x2900 /**< Invalid RSA key tag or value. */
+#define POLARSSL_ERR_X509_POINT_ERROR -0x2980 /**< Not used. */
+#define POLARSSL_ERR_X509_VALUE_TO_LENGTH -0x2A00 /**< Not used. */
/* \} name */
diff --git a/include/polarssl/xtea.h b/include/polarssl/xtea.h
index 8f41d5d..e2adb87 100644
--- a/include/polarssl/xtea.h
+++ b/include/polarssl/xtea.h
@@ -39,7 +39,7 @@
#define XTEA_ENCRYPT 1
#define XTEA_DECRYPT 0
-#define POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH -0x0820
+#define POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH -0x0028 /**< The data input has an invalid length. */
/**
* \brief XTEA context structure