Only return VERIFY_FAILED from a single point Everything else is a fatal error. Also improve documentation about that for the vrfy callback.

commit: d0e755716f88234e19f9a8289ea3ba22861c85e7 [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon Jul 10 11:31:01 2017 +0200
committer: Simon Butcher <simon.butcher@arm.com> Fri Jul 28 13:15:57 2017 +0100
tree: f147e6ce11c1b82bf6ce0c7bcb2450088c1c3bf0
parent: 8af7bfa982dbc855d159f2e990ea33c464f969bc [diff] [blame]
diff --git a/library/error.c b/library/error.c
index 98fba5c..be642ca 100644
--- a/library/error.c
+++ b/library/error.c

@@ -496,6 +496,8 @@
             polarssl_snprintf( buf, buflen, "X509 - Allocation of memory failed" );
         if( use_ret == -(POLARSSL_ERR_X509_FILE_IO_ERROR) )
             polarssl_snprintf( buf, buflen, "X509 - Read/write of file failed" );
+        if( use_ret == -(POLARSSL_ERR_X509_FATAL_ERROR) )
+            polarssl_snprintf( buf, buflen, "X509 - A fatal error occured, eg the chain is too long or the vrfy callback failed" );
 #endif /* POLARSSL_X509_USE,X509_CREATE_C */
         // END generated code
commit	d0e755716f88234e19f9a8289ea3ba22861c85e7	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Mon Jul 10 11:31:01 2017 +0200
committer	Simon Butcher <simon.butcher@arm.com>	Fri Jul 28 13:15:57 2017 +0100
tree	f147e6ce11c1b82bf6ce0c7bcb2450088c1c3bf0
parent	8af7bfa982dbc855d159f2e990ea33c464f969bc [diff] [blame]