diff --git a/includes/ziti/errors.h b/includes/ziti/errors.h index eb478165..bf926348 100644 --- a/includes/ziti/errors.h +++ b/includes/ziti/errors.h @@ -35,9 +35,9 @@ extern "C" { #define ZITI_CONFIG_NOT_FOUND (-1) /** The provided JWT was not found */ #define ZITI_JWT_NOT_FOUND (-2) -/** The provided JWT is not accepted by controller */ +/** The provided JWT is not accepted by the controller */ #define ZITI_JWT_INVALID (-3) -/** The provided JWT has invalid format */ +/** The provided JWT has an invalid format */ #define ZITI_JWT_INVALID_FORMAT (-4) /** PKCS7/ASN.1 parsing failed */ #define ZITI_PKCS7_ASN1_PARSING_FAILED (-5) @@ -49,7 +49,7 @@ extern "C" { #define ZITI_ENROLLMENT_METHOD_UNSUPPORTED (-8) /** enrollment method requires client certificate */ #define ZITI_ENROLLMENT_CERTIFICATE_REQUIRED (-9) -/** Attempt to generate an private key failed */ +/** Attempt to generate a private key failed */ #define ZITI_KEY_GENERATION_FAILED (-10) /** Attempt to load TLS key failed */ #define ZITI_KEY_LOAD_FAILED (-11) @@ -79,7 +79,7 @@ is offline or did not respond to the request*/ #define ZITI_TIMEOUT (-20) /** The connection has been closed abnormally. */ #define ZITI_CONNABORT (-21) -/** SDK detected invalid state, most likely caaused by improper use. */ +/** SDK detected invalid state, most likely caused by improper use. */ #define ZITI_INVALID_STATE (-22) /** SDK detected invalid cryptographic state of Ziti connection */ #define ZITI_CRYPTO_FAIL (-23) @@ -105,6 +105,11 @@ is offline or did not respond to the request*/ #define ZITI_INVALID_AUTHENTICATOR_CERT (-33) /** returned when attempting to set the current certificate and key being used by a ztx when it could not be parsed/applied */ #define ZITI_INVALID_CERT_KEY_PAIR (-34) +/** returned when attempting to enroll the same key/cert with an external CA that has already been used */ +#define ZITI_CERT_IN_USE (-35) +/** returned when enrolling a key/cert with an external CA and no CA matches the cert */ +#define ZITI_CERT_FAILED_VALIDATION (-36) + // Put new error codes here and add error string in error.c diff --git a/library/errors.c b/library/errors.c index 6d21e477..648d7d70 100644 --- a/library/errors.c +++ b/library/errors.c @@ -49,7 +49,9 @@ XX(PARTIALLY_AUTHENTICATED, "api session is partially authenticated, waiting for auth query resolution") \ XX(INVALID_AUTHENTICATOR_TYPE, "the authenticator could not be extended as it is the incorrect type") \ XX(INVALID_AUTHENTICATOR_CERT, "the authenticator could not be extended as the current client certificate does not match") \ - XX(INVALID_CERT_KEY_PAIR, "the active certificate and key could not be set, invalid pair, or could not parse") \ + XX(INVALID_CERT_KEY_PAIR, "the active certificate and key could not be set, invalid pair, or could not parse") \ + XX(CERT_IN_USE,"the provided certificate already in use") \ + XX(CERT_FAILED_VALIDATION, "the provided key/cert are invalid") \ XX(WTF, "WTF: programming error") diff --git a/library/ziti_ctrl.c b/library/ziti_ctrl.c index 2d325720..19c1f808 100644 --- a/library/ziti_ctrl.c +++ b/library/ziti_ctrl.c @@ -73,6 +73,8 @@ XX(MFA_INVALID_TOKEN, ZITI_MFA_INVALID_TOKEN) \ XX(MFA_EXISTS, ZITI_MFA_EXISTS) \ XX(MFA_NOT_ENROLLED, ZITI_MFA_NOT_ENROLLED) \ XX(INVALID_ENROLLMENT_TOKEN, ZITI_JWT_INVALID) \ +XX(CERT_IN_USE, ZITI_CERT_IN_USE) \ +XX(CERT_FAILED_VALIDATION, ZITI_CERT_FAILED_VALIDATION) \ XX(COULD_NOT_VALIDATE, ZITI_NOT_AUTHORIZED)