P2PE errors
The Point-to-Point Encryption (P2PE) service returns service errors, and the Luna Cloud HSM back end returns PKCS#11 errors.
Service errors
P2PE service errors are returned in JSON format and include the following:
| Error Code | Error Message |
|---|---|
| 2 | Failed to generate key |
| 3 | Failed to find key with attributes |
| 4 | Failed to get key attributes |
| 6 | Failed to delete existing keys |
| 8 | Failed to set key attributes |
| 9 | Failed to delete key |
| 11 | Key not found |
| 12 | More than one key found for provided key id |
| 14 | Failed to wrap Key |
| 15 | Failed to obtain PKCS#11 Session |
| 16 | Failed to import RSA Public Key |
| 17 | Export of Base Derivation Key (BDK) is not allowed |
| 18 | Failed to get key information |
| 19 | Unsupported key length |
| 20 | Unsupported Key algorithm |
| 21 | Failed to calculate key KCV |
| 22 | CMAC KCV not supported for DES keys |
| 23 | Unsupported Key usage |
| 24 | Failed to Derive IPEK/Key |
| 25 | Failed to wrap IPEK/Key |
| 26 | Failed to decrypt data/key |
| 27 | Invalid IV length |
| 28 | Failed to derive DUKPT Key |
| 30 | Failed to calculate MAC on data |
| 31 | MAC mismatch error |
| 32 | RSA OAEP message too long error |
| 33 | Invalid Asymmetric key's public modulus |
PKCS#11 errors
The Luna Cloud HSM back end PKCS#11 error lists are visible on the following pages:
