z/OS Cryptographic Services ICSF Application Programmer's Guide
Previous topic | Next topic | Contents | Index | Contact z/OS | Library | PDF


Reason Codes for Return Code 4 (4)

z/OS Cryptographic Services ICSF Application Programmer's Guide
SA22-7522-16

Table 328 lists reason codes returned from callable services that give return code 4.

Table 328. Reason Codes for Return Code 4 (4)
Reason Code Hex (Decimal) Description
1 (1) The verification test failed.

REASONCODES: This reason code also corresponds to these ICSF reason codes: FA0 (4000), 1F40 (8000), 1F44 (8004), 2328 (9000), 232C (9004), 2AF8 (11000), or 36B8 (14008).

13 (19) This is a combination reason code value. The call to the Encrypted PIN verify (PINVER) callable service was successfully processed. However, the trial PIN that was supplied does not match the PIN in the PIN block.

User action: The PIN is incorrect. If you expected the reason code to be zero, check that you are using the correct key.

REASONCODES: ICSF BD4 (3028)

In addition, a key in a key identifier token has been reenciphered.

User action: See reason code 10000 (return code 0) for more detail about the key reencipherment.

14 (20) The input text length was odd rather than even. The right nibble of the last byte is padded with X'00'.

User action: None

REASONCODES: ICSF 7D0 (2000)

A6 (166) The control vector is not valid because of parity bits, anti-variant bits, inconsistent KEK bits, or because bits 59 to 62 are not zero.
B3 (179) The control vector keywords that are in the rule array are ignored.
1AD (429) The digital signature verify ICSF callable service completed successfully but the supplied digital signature failed verification.

User action: None

REASONCODES: ICSF 2AF8 (11000)

7D0 (2000) The input text length was odd rather than even. The right nibble of the last byte is padded with X'00'.

User action: None

REASONCODES: TSS 14 (20)

81E (2078) The call to CKDS Key Record Read was successful. The key label exists in the CKDS. The key label contains a clear DES or AES key token and is not returned to the caller.
BBA (3002) The call to the CVV Verify callable service was successfully processed. However, the trial CVV that was supplied does not match the generated CVV. In addition, a key in the key identifier has been reenciphered.

REASONCODES: See reason code 4000 (return code 4) for more details about the incorrect CVV. See reason code 10000 (return code 0) for more details about the key reencipherment.

BC9 (3017) The call to create a list of information completed successfully, however the storage supplied for the list was insufficient to hold the complete list.
BD4 (3028) The call to the Encrypted PIN verify (PINVER) callable service was successfully processed. However, the trial PIN that was supplied does not match the PIN in the PIN block.

User action: The PIN is incorrect. If you expected the reason code to be zero, check that you are using the correct key.

REASONCODES: TSS 13 (19)

BD8 (3032) This is a combination reason code value. The call to the Encrypted PIN verify (PINVER) callable service was successfully processed. However, the trial PIN that was supplied does not match the PIN in the PIN block.

In addition, a key in a key identifier token has been reenciphered.

REASONCODES: See reason code 3028 (return code 4) for more detail about the incorrect PIN. See reason code 10000 (return code 0) for more detail about the key reencipherment.

BFC (3068) The verification pattern of an encrypted CPACF key block doesn't match the current wrapping key's verification pattern.
FA0 (4000) The CVV did not verify.

User action: Regenerate the CVV.

REASONCODES: TSS 1 (1)

FA4 (4004) Rewrapping is not allowed for one or more keys.
1F40 (8000) The call to the MAC verification (MACVER) callable service was successfully processed. However, the trial MAC that you supplied does not match that of the message text.

User action: The message text may have been modified, such that its contents cannot be trusted. If you expected the reason code to be zero, check that you are using the correct key. Check that all segments of the message were presented and in the correct sequence. Also check that the trial MAC corresponds to the message being authenticated.

REASONCODES: TSS 1 (1)

1F44 (8004) This is a combination reason code value. The call to the MAC verification (MACVER) callable service was successfully processed. However, the trial MAC that was supplied does not match the message text provided.

In addition, a key in a key identifier token has been reenciphered.

User action: See reason code 8000 (return code 4) for more detail about the incorrect MAC. See reason code 10000 (return code 0) for more detail about the key reencipherment.

REASONCODES: TSS 1 (1)

2328 (9000) The call to the key test service processed successfully, but the key test pattern was not verified.

User action: Investigate why the key failed. When determining this, you can reinstall or regenerate the key.

REASONCODES: TSS 1 (1)

232C (9004) This is a combination reason code value. The call to the key test service processed successfully, but the key test pattern was not verified. Also, the key token has been reenciphered.

User action: Investigate why the key failed. When determining this, you can reinstall or regenerate the key.

REASONCODES: TSS 1 (1)

2AF8 (11000) The digital signature verify ICSF callable service completed successfully but the supplied digital signature failed verification.

User action: None

REASONCODES: TSS 1AD (429)

36B8 (14008) The PKDS record failed the authentication test.

User action: The record has changed since ICSF wrote it to the PKDS. The user action is application dependent.

REASONCODES: TSS 1 (1)

8D10 (36112) CKDS conversion completed successfully but some tokens could not be rewrapped because the control vector prohibited rewrapping from the enhanced wrapping method.

Go to the previous page Go to the next page




Copyright IBM Corporation 1990, 2014