1 files changed, 12 insertions, 5 deletions

diff --git a/crypto/x509/x509_txt.c b/crypto/x509/x509_txt.c
index e31ebc6741..247e7e178a 100644
--- a/crypto/x509/x509_txt.c
+++ b/crypto/x509/x509_txt.c
@@ -122,8 +122,12 @@ const char *X509_verify_cert_error_string(long n)
 		return("certificate revoked");
 	case X509_V_ERR_INVALID_CA:
 		return ("invalid CA certificate");
+	case X509_V_ERR_INVALID_NON_CA:
+		return ("invalid non-CA certificate (has CA markings)");
 	case X509_V_ERR_PATH_LENGTH_EXCEEDED:
 		return ("path length constraint exceeded");
+	case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED:
+		return("proxy path length constraint exceeded");
 	case X509_V_ERR_INVALID_PURPOSE:
 		return ("unsupported certificate purpose");
 	case X509_V_ERR_CERT_UNTRUSTED:
@@ -140,19 +144,22 @@ const char *X509_verify_cert_error_string(long n)
 		return("authority and issuer serial number mismatch");
 	case X509_V_ERR_KEYUSAGE_NO_CERTSIGN:
 		return("key usage does not include certificate signing");
-
 	case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
 		return("unable to get CRL issuer certificate");
-
 	case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
 		return("unhandled critical extension");
-
 	case X509_V_ERR_KEYUSAGE_NO_CRL_SIGN:
 		return("key usage does not include CRL signing");
-
+	case X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE:
+		return("key usage does not include digital signature");
 	case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION:
 		return("unhandled critical CRL extension");
-
+	case X509_V_ERR_INVALID_EXTENSION:
+		return("invalid or inconsistent certificate extension");
+	case X509_V_ERR_INVALID_POLICY_EXTENSION:
+		return("invalid or inconsistent certificate policy extension");
+	case X509_V_ERR_NO_EXPLICIT_POLICY:
+		return("no explicit policy");
 	default:
 		BIO_snprintf(buf,sizeof buf,"error number %ld",n);
 		return(buf);