PTK-C Vendor-Defined Error Codes
The table below lists the error codes that may be returned from ProtectToolkit-C which are vendor extensions to the PKCS#11 standard.
Name | Value | Description |
---|---|---|
CKR_BIP32_CHILD_INDEX_INVALID
|
0x8000007B | BIP32 private key cannot be produced due to passing an invalid index. |
CKR_BIP32_INVALID_HARDENED_DERIVATION
|
0x8000007C | Base public key used to derive a hardened BIP32 key. Private and hardened keys must be derived from private keys. |
CKR_BIP32_MASTER_SEED_LEN_INVALID
|
0x8000007D | CKK_GENERIC_SECRET used to derive a master BIP32 key has an invalid bit length. Use a seed within the accepted range of 128-512 bits. |
CKR_BIP32_MASTER_SEED_INVALID
|
0x8000007E | Invalid BIP32 public key generated from the seed provided. |
CKR_BIP32_INVALID_KEY_PATH_LEN
|
0x8000007F | Invalid BIP32 key path length. |
CKR_OTP_PIN_INCORRECT
|
0x8000008B | The presented user PIN component is correct, but the OTP PIN is incorrect. |
CKR_OTP_PIN_LEN_RANGE
|
0x8000008C | The presented user PIN component is correct, but the OTP PIN is not the expected length. |
CKR_OTP_PIN_ALREADY_INITIALIZED
|
0x8000008D | Cannot initialize OTP on a slot where it is already initialized. |
CKR_OTP_PIN_NOT_INITIALIZED
|
0x8000008E | Cannot remove OTP from a slot where it has not been initialized. |
CKR_ACCESS_DENIED
|
0x80000102 | Attempting to call C_InitToken when HSM configured for “No Clear PINs”. Use CT_InitToken instead. |
CKR_ENCODE_ERROR
|
0x80000104 | Template encode/decode error. Usually internal error but may be caused by badly formed function request parameters. |
CKR_SO_NOT_LOGGED_IN
|
0x80000106 | Operation requires session to be in SO RW mode. |
CKR_CERT_NOT_VALIDATED
|
0x80000107 | Public key certificate chain not terminated by a TRUSTED certificate. |
CKR_PIN_ALREADY_INITIALIZED
|
0x80000108 | Calling C_InitPIN when PIN is already initialized. Use C_SetPIN instead. |
CKR_RESPONSE_INVALID
|
0x80000111 | Failure to disable an FM |
CKR_EVENT_LOG_NOT_FULL
|
0x80000113 | Attempting to erase Event log when it is not full. |
CKR_OBJECT_READ_ONLY
|
0x80000114 | Attempting to C_DestroyObject with CKA_DELETABLE=TRUE |
CKR_TOKEN_NOT_INITIALIZED
|
0x80000116 | Attempting to Reset a Token that is not initialized |
CKR_NOT_ADMIN_TOKEN
|
0x80000117 | Attempting to create an object or write an attribute of an object on a normal token that should only be on an Admin token |
CKR_CERTIFICATE_NOT_YET_ACTIVE
|
0x80000120 | The certificate's CKA_START_DATE value is a future date (the certificate is not yet valid). |
CKR_CERTIFICATE_EXPIRED
|
0x80000121 | The certificate's CKA_END_DATE value is past (the certificate is expired). |
CKR_OPERATION_NOT_PERMITTED
|
0x80000131 | Attempting to generate a timestamp when the RTC is not working or trusted. PKCS#12 import package has more than one private key. |
CKR_PKCS12_DECODE
|
0x80000132 | PKCS#12 package corrupt |
CKR_PKCS12_UNSUPPORTED_SAFEBAG_TYPE
|
0x80000133 | PKCS#12 package contains unrecognised SAFEBAG |
CKR_PKCS12_UNSUPPORTED_PRIVACY_MODE
|
0x80000134 | PKCS#12 package contains unrecognised privacy (public key mode not supported) |
CKR_PKCS12_UNSUPPORTED_INTEGRITY_MODE
|
0x80000135 | PKCS#12 package contains unrecognised integrity (should be MAC) |
CKR_KEY_NOT_ACTIVE
|
0x80000136 | Key has exceeded its usage limit or dates. |
CKR_ET_NOT_ODD_PARITY
|
0x80000140 | DES key being loaded into HSM has bad parity (should be odd) - fix key or enable “Des Keys Even Parity Allowed” mode (ctconf -fd) |
CKR_CANNOT_DERIVE_KEYS
|
0x80000381 | Internal error when establishing a secure messaging connection. |
CKR_BAD_REQ_SIGNATURE
|
0x80000382 | Corrupt request to HSM when using secure messaging (network or device driver error) |
CKR_BAD_REPLY_SIGNATURE
|
0x80000383 | Corrupt reply from HSM when using secure messaging (network or device driver error) |
CKR_SMS_ERROR
|
0x80000384 | General error from secure messaging system - probably caused by HSM failure or network failure. |
CKR_BAD_PROTECTION
|
0x80000385 | Cryptoki library has failed to apply proper secure message protection - internal error. |
CKR_DEVICE_RESET
|
0x80000386 | HSM has unexpectedly shut down. Check the event log for errors (ctconf -e) |
CKR_NO_SESSION_KEYS
|
0x80000387 | Cryptoki library has failed to establish keys for secure message protection - internal error. |
CKR_BAD_REPLY
|
0x80000388 | Reply message from HSM is badly formatted (network or device driver error). |
CKR_KEY_ROLLOVER
|
0x80000389 | Secure messaging system has not implemented key rollover protocol properly |
CKR_NEED_IV_UPDATE
|
0x80000310 | Secure messaging system has not implemented key rollover protocol properly |
CKR_HOST_ERROR
|
0x80001000 | Host-side error |
CKR_BAD_REQUEST
|
0x80001001 | Badly formed request message (network or device driver error) |
CKR_BAD_ATTRIBUTE_PACKING
|
0x80001002 | Cryptoki client has failed to encode attribute list correctly. |
CKR_BAD_ATTRIBUTE_COUNT
|
0x80001003 | Cryptoki client has failed to encode attribute list correctly. |
CKR_BAD_PARAM_PACKING
|
0x80001004 | Cryptoki client has failed to encode function parameters correctly. |
CKR_MSG_ERROR
|
0x80001300 | Message error |
CKR_HIMK_NOT_FOUND
|
0x80001400 | Requested Host Interface Master Key not found |
CKR_WLD_ERROR
|
0x80002000 | WLD error |
CKR_WLD_CONFIG_NOT_FOUND
|
0x80002001 | ET_PTKC_WLD configuration data not consistent |
CKR_WLD_CONFIG_ITEM_READ_FAILED
|
0x80002002 | ET_PTKC_WLD configuration data not available |
CKR_WLD_CONFIG_NO_TOKEN_LABEL
|
0x80002003 | ET_PTKC_WLD configuration data not formatted correctly |
CKR_WLD_CONFIG_TOKEN_LABEL_LEN
|
0x80002004 | ET_PTKC_WLD configuration data not formatted correctly |
CKR_WLD_CONFIG_TOKEN_SERIAL_NUM_LEN
|
0x80002005 | ET_PTKC_WLD configuration data not formatted correctly |
CKR_WLD_CONFIG_SLOT_DESCRIPTION_LEN
|
0x80002006 | ET_PTKC_WLD configuration data not formatted correctly |
CKR_WLD_CONFIG_ITEM_FORMAT_INVALID
|
0x80002007 | ET_PTKC_WLD configuration data not formatted correctly |
CKR_WLD_LOGIN_CACHE_INCONSISTENT
|
0x80002010 | Internal error in cryptoki library where WLD values are inconsistent. |
CKR_HA_ERROR
|
0x80003000 | HA error |
CKR_HA_MAX_SLOTS_INVALID_LEN
|
0x80003001 | Too many virtual WLD slots are defined |
CKR_HA_SESSION_HANDLE_INVALID
|
0x80003002 | Unknown session handle passed to Cryptoki library. |
CKR_HA_SESSION_INVALID
|
0x80003003 | HA session is invalid |
CKR_HA_OBJECT_INDEX_INVALID
|
0x80003004 | HA Object ID is invalid |
CKR_HA_CANNOT_RECOVER_KEY
|
0x80003005 | HA recovery process needs to create a key but is unable to |
CKR_HA_NO_HSM
|
0x80003006 | HA has tried to recover a lost session but no more working HSMs are available. |
CKR_HA_OUT_OF_OBJS
|
0x80003007 | The HA feature has reached its capacity to manage session objects - too many objects created. |
CKR_SECURITY_FLAGS_INCOMPATIBLE
|
0x80003500 | The current security flag settings are not compatible with the requested action. |
CKR_FM_ERROR
|
0x80004000 | FM error |
CKR_FM_NOT_REGISTERED
|
0x80004001 | The FM could not be registered. |
CKR_FM_DISPATCH_BLOCKED
|
0x80004002 | FM dispatch blocked |