Introduced GNUTLS_E_CERTIFICATE_TIME_ERROR error code

This error code indicates an issue in the time fields of certificate.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

3 files changed, 4 insertions, 1 deletions

diff --git a/lib/errors.c b/lib/errors.c
index e17ce86557..7dd7e149ee 100644
--- a/lib/errors.c
+++ b/lib/errors.c
@@ -158,6 +158,8 @@ static const gnutls_error_entry error_entries[] = {
 		    GNUTLS_E_RECORD_LIMIT_REACHED),
 	ERROR_ENTRY(N_("Error in the certificate."),
 		    GNUTLS_E_CERTIFICATE_ERROR),
+	ERROR_ENTRY(N_("Error in the time fields of certificate."),
+		    GNUTLS_E_CERTIFICATE_TIME_ERROR),
 	ERROR_ENTRY(N_("Error in the certificate verification."),
 		    GNUTLS_E_CERTIFICATE_VERIFICATION_ERROR),
 	ERROR_ENTRY(N_("Error in the private key verification; seed doesn't match."),
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index a550cdd004..2b240727d2 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -2838,6 +2838,7 @@ unsigned gnutls_fips140_mode_enabled(void);
 #define GNUTLS_E_NO_EMBEDDED_DATA -413
 #define GNUTLS_E_INVALID_UTF8_EMAIL -414
 #define GNUTLS_E_INVALID_PASSWORD_STRING -415
+#define GNUTLS_E_CERTIFICATE_TIME_ERROR -416
 
 #define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250
 
diff --git a/lib/x509/x509.c b/lib/x509/x509.c
index a96e23c770..9b97137e20 100644
--- a/lib/x509/x509.c
+++ b/lib/x509/x509.c
@@ -455,7 +455,7 @@ int _gnutls_check_cert_sanity(gnutls_x509_crt_t cert)
 	    gnutls_x509_crt_get_activation_time(cert) == -1) {
 		gnutls_assert();
 		_gnutls_debug_log("error: invalid expiration or activation time in certificate\n");
-		result = GNUTLS_E_X509_CERTIFICATE_ERROR;
+		result = GNUTLS_E_CERTIFICATE_TIME_ERROR;
 		goto cleanup;
 	}