Vendor-Defined Error Codes
The table below lists the error codes that may be returned from SafeNet ProtectToolkit-C which are Vendor extensions to the PKCS#11 standard.
Name |
Value |
Description |
---|---|---|
CKR_BIP32_CHILD_INDEX_INVALID
|
0x8000007B | BIP32 private key cannot be produced due to passing an invalid index. |
CKR_BIP32_INVALID_HARDENED_DERIVATION
|
0x8000007C | Base public key used to derive a hardened BIP32 key. Private and hardened keys must be derived from private keys. |
CKR_BIP32_MASTER_SEED_LEN_INVALID
|
0x8000007D | CKK_GENERIC_SECRET used to derive a master BIP32 key has an invalid bit length. Use a seed within the accepted range of 128-512 bits. |
CKR_BIP32_MASTER_SEED_INVALID
|
0x8000007E | Invalid BIP32 public key generated from the seed provided. |
CKR_BIP32_INVALID_KEY_PATH_LEN
|
0x8000007F | |
CKR_TIME_STAMP
|
0x80000101 |
Not used |
CKR_ACCESS_DENIED
|
0x80000102 |
Attempting to call C_InitToken when HSM configured for “No Clear Pins” |
CKR_CRYPTOKI_UNUSABLE
|
0x80000103 |
Not used |
CKR_ENCODE_ERROR
|
0x80000104 |
Template encode/decode error. Usually internal error but may be caused by badly formed function request parameters. |
CKR_V_CONFIG
|
0x80000105 |
Not used |
CKR_SO_NOT_LOGGED_IN
|
0x80000106 |
Operation requires session to be in SO RW mode. |
CKR_CERT_NOT_VALIDATED
|
0x80000107 |
Public key certificate chain not terminated by a TRUSTED certificate. |
CKR_PIN_ALREADY_INITIALIZED
|
0x80000108 |
Calling C_InitPIN when PIN is already initialized. Use C_SetPIN instead. |
CKR_REMOTE_SERVER_ERROR
|
0x8000010A |
Not used |
CKR_CSA_HW_ERROR
|
0x8000010B |
Not used |
CKR_NO_CHALLENGE
|
0x80000110 |
Not used |
CKR_RESPONSE_INVALID
|
0x80000111 |
Failure to disable an FM |
CKR_EVENT_LOG_NOT_FULL
|
0x80000113 |
Attempting to erase Event log when it is not full. |
CKR_OBJECT_READ_ONLY
|
0x80000114 |
Attempting to C_DestroyObject with |
CKR_TOKEN_READ_ONLY
|
0x80000115 |
Not used |
CKR_TOKEN_NOT_INITIALIZED
|
0x80000116 |
Attempting to Reset a Token that is not initialized |
CKR_NOT_ADMIN_TOKEN
|
0x80000117 |
Attempting to create an object or write an attribute of an object on a normal token that should only be on an Admin token |
CKR_AUTHENTICATION_REQUIRED
|
0x80000130 |
Not used |
CKR_OPERATION_NOT_PERMITTED
|
0x80000131 |
Attempting to generate a timestamp when the RTC is not working or trusted. |
CKR_PKCS12_DECODE
|
0x80000132 |
PKCS#12 package corrupt |
CKR_PKCS12_UNSUPPORTED_SAFEBAG_TYPE
|
0x80000133 |
PKCS#12 package contains unrecognised SAFEBAG |
CKR_PKCS12_UNSUPPORTED_PRIVACY_MODE
|
0x80000134 |
PKCS#12 package contains unrecognised privacy (public key mode not psupported) |
CKR_PKCS12_UNSUPPORTED_INTEGRITY_MODE
|
0x80000135 |
PKCS#12 package contains unrecognised integrity (should be MAC) |
CKR_KEY_NOT_ACTIVE
|
0x80000136 |
Key has exceeded its usage limit or dates. |
CKR_ET_NOT_ODD_PARITY
|
0x80000140 |
DES key being loaded into HSM has bad parity (should be odd) – fix key or enable “Des Keys Even Parity Allowed” mode (ctconf –fd) |
CKR_CANNOT_DERIVE_KEYS
|
0x80000381 |
Internal error when establishing a secure messaging connection. |
CKR_BAD_REQ_SIGNATURE
|
0x80000382 |
Corrupt request to HSM when using secure messaging (network or device driver error) |
CKR_BAD_REPLY_SIGNATURE
|
0x80000383 |
Corrupt reply from HSM when using secure messaging (network or device driver error) |
CKR_SMS_ERROR
|
0x80000384 |
General error from secure messaging system – probably caused by HSM failure or network failure. |
CKR_BAD_PROTECTION
|
0x80000385 |
Cryptoki library has failed to apply proper secure message protection – internal error. |
CKR_DEVICE_RESET
|
0x80000386 |
HSM has unexpectantly shutdown. Check the event log for errors (ctconf –e) |
CKR_NO_SESSION_KEYS
|
0x80000387 |
Cryptoki library has failed to establish keys for secure message protection – internal error. |
CKR_BAD_REPLY
|
0x80000388 |
Reply message from HSM is badly formatted (network or device driver error). |
CKR_KEY_ROLLOVER
|
0x80000389 |
Secure messaging system has not implemented key rollover protocol properly |
CKR_NEED_IV_UPDATE
|
0x80000310 |
Secure messaging system has not implemented key rollover protocol properly |
CKR_DUPLICATE_IV_FOUND
|
0x80000311 |
Not used |
CKR_BAD_REQUEST
|
0x80001001 |
Badly formed request message (network or device driver error) |
CKR_BAD_ATTRIBUTE_PACKING
|
0x80001002 |
Cryptoki client has failed to encode attribute list correctly. |
CKR_BAD_ATTRIBUTE_COUNT
|
0x80001003 |
Cryptoki client has failed to encode attribute list correctly. |
CKR_BAD_PARAM_PACKING
|
0x80001004 |
Cryptoki client has failed to encode function parameters correctly. |
CKR_EXTERN_DCP_ERROR
|
0x80001386 |
Not used |
CKR_WLD_CONFIG_NOT_FOUND
|
0x80002001 |
ET_PTKC_WLD configuration data not consistent |
CKR_WLD_CONFIG_ITEM_READ_FAILED
|
0x80002002 |
ET_PTKC_WLD configuration data not available |
CKR_WLD_CONFIG_NO_TOKEN_LABEL
|
0x80002003 |
ET_PTKC_WLD configuration data not formatted correctly |
CKR_WLD_CONFIG_TOKEN_LABEL_LEN
|
0x80002004 |
ET_PTKC_WLD configuration data not formatted correctly |
CKR_WLD_CONFIG_TOKEN_SERIAL_NUM_LEN
|
0x80002005 |
ET_PTKC_WLD configuration data not formatted correctly |
CKR_WLD_CONFIG_SLOT_DESCRIPTION_LEN
|
0x80002006 |
ET_PTKC_WLD configuration data not formatted correctly |
CKR_WLD_CONFIG_ITEM_FORMAT_INVALID
|
0x80002007 |
ET_PTKC_WLD configuration data not formatted correctly |
CKR_WLD_LOGIN_CACHE_INCONSISTENT
|
0x80002010 |
Internal error in cryptoki library where WLD values are inconsistent. |
|
0x80003001 |
Too many virtual WLD slots are defined |
CKR_HA_SESSION_HANDLE_INVALID
|
0x80003002
|
Unknown session handle passed to Cryptoki library. |
CKR_HA_CANNOT_RECOVER_KEY
|
0x80003005 |
HA recovery process needs to create a key but is unable to |
|
0x80003006 |
HA has tried to recover a lost session but no more working HSMs are available. |
CKR_HA_OUT_OF_OBJS
|
0x80003007 |
The HA feature has reached its capacity to manage session objects – too many objects created. |