From 71a1abebf581ec65b2663755b7d7305afe28a568 Mon Sep 17 00:00:00 2001
From: toddouska <todd@wolfssl.com>
Date: Thu, 18 Apr 2013 08:38:28 -0700
Subject: [PATCH] break up sig confirm errors into no sig, crl, and ocsp
 specific

---
 ctaocrypt/src/asn.c      | 10 +++++-----
 ctaocrypt/src/error.c    | 16 ++++++++++++++++
 cyassl/ctaocrypt/error.h |  6 +++++-
 3 files changed, 26 insertions(+), 6 deletions(-)

diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c
index fda23853d..f5bdcfa66 100644
--- a/ctaocrypt/src/asn.c
+++ b/ctaocrypt/src/asn.c
@@ -2726,7 +2726,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
         else {
             /* no signer */
             CYASSL_MSG("No CA signer to verify with");
-            return ASN_SIG_CONFIRM_E;
+            return ASN_NO_SIGNER_E;
         }
     }
 
@@ -4611,8 +4611,8 @@ static int DecodeBasicOcspResponse(byte* source,
 
         if (ret == 0)
         {
-            CYASSL_MSG("\tConfirm signature failed");
-            return ASN_SIG_CONFIRM_E;
+            CYASSL_MSG("\tOCSP Confirm signature failed");
+            return ASN_OCSP_CONFIRM_E;
         }
     }
 
@@ -5168,12 +5168,12 @@ int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm)
                 ca->publicKey, ca->pubKeySize, ca->keyOID,
                 dcrl->signature, dcrl->sigLength, dcrl->signatureOID, NULL)) {
             CYASSL_MSG("CRL Confirm signature failed");
-            return ASN_SIG_CONFIRM_E;
+            return ASN_CRL_CONFIRM_E;
         }
     }
     else {
         CYASSL_MSG("Did NOT find CRL issuer CA");
-        return ASN_SIG_CONFIRM_E;
+        return ASN_CRL_NO_SIGNER_E;
     }
 
     return 0;
diff --git a/ctaocrypt/src/error.c b/ctaocrypt/src/error.c
index c1f39c054..3d043a4df 100644
--- a/ctaocrypt/src/error.c
+++ b/ctaocrypt/src/error.c
@@ -303,6 +303,22 @@ void CTaoCryptErrorString(int error, char* buffer)
         XSTRNCPY(buffer, "Bad alignment error, no alloc help", max);
         break;
 
+    case ASN_NO_SIGNER_E :
+        XSTRNCPY(buffer, "ASN no signer error to confirm failure", max);
+        break;
+
+    case ASN_CRL_CONFIRM_E :
+        XSTRNCPY(buffer, "ASN CRL sig error, confirm failure", max);
+        break;
+
+    case ASN_CRL_NO_SIGNER_E :
+        XSTRNCPY(buffer, "ASN CRL no signer error to confirm failure", max);
+        break;
+
+    case ASN_OCSP_CONFIRM_E :
+        XSTRNCPY(buffer, "ASN OCSP sig error, confirm failure", max);
+        break;
+
     default:
         XSTRNCPY(buffer, "unknown error number", max);
 
diff --git a/cyassl/ctaocrypt/error.h b/cyassl/ctaocrypt/error.h
index 14a08af95..7f6c2ec69 100644
--- a/cyassl/ctaocrypt/error.h
+++ b/cyassl/ctaocrypt/error.h
@@ -108,7 +108,11 @@ enum {
     DECOMPRESS_INIT_E  = -185,  /* DeCompress init error */
     DECOMPRESS_E       = -186,  /* DeCompress error */
 
-    BAD_ALIGN_E        = -187,  /* Bad alignment for operation, no alloc */
+    BAD_ALIGN_E         = -187,  /* Bad alignment for operation, no alloc */
+    ASN_NO_SIGNER_E     = -188,  /* ASN no signer to confirm failure */
+    ASN_CRL_CONFIRM_E   = -189,  /* ASN CRL signature confirm failure */
+    ASN_CRL_NO_SIGNER_E = -190,  /* ASN CRL no signer to confirm failure */
+    ASN_OCSP_CONFIRM_E  = -191,  /* ASN OCSP signature confirm failure */
 
     MIN_CODE_E         = -200   /* errors -101 - -199 */
 };