mbedTLS 错误码对应的原因参见:Mbed TLS error codes
High level error codes
0x1080 PEM - No PEM header or footer found
0x1100 PEM - PEM string is not as expected
0x1180 PEM - Failed to allocate memory
0x1200 PEM - RSA IV is not in hex-format
0x1280 PEM - Unsupported key encryption algorithm
0x1300 PEM - Private key password can't be empty
0x1380 PEM - Given private key password does not allow for correct decryption
0x1400 PEM - Unavailable feature, e.g. hashing/encryption combination
0x1480 PEM - Bad input parameters to function
0x1E00 PKCS12 - Given private key password does not allow for correct decryption
0x1E80 PKCS12 - PBE ASN.1 data not as expected
0x1F00 PKCS12 - Feature not available, e.g. unsupported encryption scheme
0x1F80 PKCS12 - Bad input parameters to function
0x2080 X509 - Unavailable feature, e.g. RSA hashing/encryption combination
0x2100 X509 - Requested OID is unknown
0x2180 X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected
0x2200 X509 - The CRT/CRL/CSR version element is invalid
0x2280 X509 - The serial tag or value is invalid
0x2300 X509 - The algorithm tag or value is invalid
0x2380 X509 - The name tag or value is invalid
0x2400 X509 - The date tag or value is invalid
0x2480 X509 - The signature tag or value invalid
0x2500 X509 - The extension tag or value is invalid
0x2580 X509 - CRT/CRL/CSR has an unsupported version number
0x2600 X509 - Signature algorithm (oid) is unsupported
0x2680 X509 - Signature algorithms do not match. (see \\c ::mbedtls_x509_crt sig_oid)
0x2700 X509 - Certificate verification failed, e.g. CRL, CA or signature check failed
0x2780 X509 - Format not recognized as DER or PEM
0x2800 X509 - Input invalid
0x2880 X509 - Allocation of memory failed
0x2900 X509 - Read/write of file failed
0x2980 X509 - Destination buffer is too small
0x2e00 PKCS5 - Given private key password does not allow for correct decryption
0x2e80 PKCS5 - Requested encryption or digest alg not available
0x2f00 PKCS5 - Unexpected ASN.1 data
0x2f80 PKCS5 - Bad input parameters to function
0x3000 X509 - A fatal error occured, eg the chain is too long or the vrfy callback failed
0x3080 DHM - Bad input parameters
0x3100 DHM - Reading of the DHM parameters failed
0x3180 DHM - Making of the DHM parameters failed
0x3200 DHM - Reading of the public values failed
0x3280 DHM - Making of the public value failed
0x3300 DHM - Calculation of the DHM secret failed
0x3380 DHM - The ASN.1 data is not formatted correctly
0x3400 DHM - Allocation of memory failed
0x3480 DHM - Read or write of file failed
0x3500 DHM - DHM hardware accelerator failed
0x3580 DHM - Setting the modulus and generator failed
0x3880 PK - PK hardware accelerator failed
0x3900 PK - The buffer contains a valid signature followed by more data
0x3980 PK - Unavailable feature, e.g. RSA disabled for RSA key
0x3A00 PK - Elliptic curve is unsupported (only NIST curves are supported)
0x3A80 PK - The algorithm tag or value is invalid
0x3B00 PK - The pubkey tag or value is invalid (only RSA and EC are supported)
0x3B80 PK - Given private key password does not allow for correct decryption
0x3C00 PK - Private key password can't be empty
0x3C80 PK - Key algorithm is unsupported (only RSA and EC are supported)
0x3D00 PK - Invalid key tag or value
0x3D80 PK - Unsupported key version
0x3E00 PK - Read/write of file failed
0x3E80 PK - Bad input parameters to function
0x3F00 PK - Type mismatch, eg attempt to encrypt with an ECDSA key
0x3F80 PK - Memory allocation failed
0x4080 RSA - Bad input parameters to function
0x4100 RSA - Input data contains invalid padding and is rejected
0x4180 RSA - Something failed during generation of a key
0x4200 RSA - Key failed to pass the validity check of the library
0x4280 RSA - The public key operation failed
0x4300 RSA - The private key operation failed
0x4380 RSA - The PKCS#1 verification failed
0x4400 RSA - The output buffer for decryption is not large enough
0x4480 RSA - The random generator failed to generate non-zeros
0x4500 RSA - The implementation does not offer the requested operation, for example, because of security violations or lack of functionality
0x4580 RSA - RSA hardware accelerator failed
0x4B00 ECP - Operation in progress, call again with the same parameters to continue
0x4B80 ECP - The ECP hardware accelerator failed
0x4C00 ECP - The buffer contains a valid signature followed by more data
0x4C80 ECP - Invalid private or public key
0x4D00 ECP - Generation of random value, such as ephemeral key, failed
0x4D80 ECP - Memory allocation failed
0x4E00 ECP - The signature is not valid
0x4E80 ECP - The requested feature is not available, for example, the requested curve is not supported
0x4F00 ECP - The buffer is too small to write to
0x4F80 ECP - Bad input parameters to function
0x5080 MD - The selected feature is not available
0x5100 MD - Bad input parameters to function
0x5180 MD - Failed to allocate memory
0x5200 MD - Opening or reading of file failed
0x5280 MD - MD hardware accelerator failed
0x6080 CIPHER - The selected feature is not available
0x6100 CIPHER - Bad input parameters
0x6180 CIPHER - Failed to allocate memory
0x6200 CIPHER - Input data contains invalid padding and is rejected
0x6280 CIPHER - Decryption of block requires a full block
0x6300 CIPHER - Authentication failed (for AEAD modes)
0x6380 CIPHER - The context is invalid. For example, because it was freed
0x6400 CIPHER - Cipher hardware accelerator failed
0x6480 SSL - Internal-only message signaling that a message arrived early
0x6500 SSL - The asynchronous operation is not completed yet
0x6580 SSL - Internal-only message signaling that further message-processing should be done
0x6600 SSL - Couldn't set the hash for verifying CertificateVerify
0x6680 SSL - The alert message received indicates a non-fatal error
0x6700 SSL - Record header looks valid but is not expected
0x6780 SSL - The client initiated a reconnect from the same port
0x6800 SSL - The operation timed out
0x6880 SSL - Connection requires a write call
0x6900 SSL - No data of requested type currently available on underlying transport
0x6980 SSL - None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages)
0x6A00 SSL - A buffer is too small to receive or write a message
0x6A80 SSL - DTLS client must retry for hello verification
0x6B00 SSL - Unexpected message at ServerHello in renegotiation
0x6B80 SSL - A counter would wrap (eg, too many messages exchanged)
0x6C00 SSL - Internal error (eg, unexpected failure in lower-level module)
0x6C80 SSL - Unknown identity received (eg, PSK identity)
0x6D00 SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)
0x6D80 SSL - Session ticket has expired
0x6E00 SSL - Processing of the NewSessionTicket handshake message failed
0x6E80 SSL - Handshake protocol not within min/max boundaries
0x6F00 SSL - Processing of the compression / decompression failed
0x6F80 SSL - Hardware acceleration function skipped / left alone data
0x7000 SSL - A cryptographic operation is in progress. Try again later
0x7080 SSL - The requested feature is not available
0x7100 SSL - Bad input parameters to function
0x7180 SSL - Verification of the message MAC failed
0x7200 SSL - An invalid SSL record was received
0x7280 SSL - The connection indicated an EOF
0x7300 SSL - An unknown cipher was received
0x7380 SSL - The server has no ciphersuites in common with the client
0x7400 SSL - No RNG was provided to the SSL module
0x7480 SSL - No client certification received from the client, but required by the authentication mode
0x7500 SSL - Our own certificate(s) is/are too large to send in an SSL message
0x7580 SSL - The own certificate is not set, but needed by the server
0x7600 SSL - The own private key or pre-shared key is not set, but needed
0x7680 SSL - No CA Chain is set, but required to operate
0x7700 SSL - An unexpected message was received from our peer
0x7780 SSL - A fatal alert message was received from our peer
0x7800 SSL - Verification of our peer failed
0x7880 SSL - The peer notified us that the connection is going to be closed
0x7900 SSL - Processing of the ClientHello handshake message failed
0x7980 SSL - Processing of the ServerHello handshake message failed
0x7A00 SSL - Processing of the Certificate handshake message failed
0x7A80 SSL - Processing of the CertificateRequest handshake message failed
0x7B00 SSL - Processing of the ServerKeyExchange handshake message failed
0x7B80 SSL - Processing of the ServerHelloDone handshake message failed
0x7C00 SSL - Processing of the ClientKeyExchange handshake message failed
0x7C80 SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public
0x7D00 SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret
0x7D80 SSL - Processing of the CertificateVerify handshake message failed
0x7E00 SSL - Processing of the ChangeCipherSpec handshake message failed
0x7E80 SSL - Processing of the Finished handshake message failed
0x7F00 SSL - Memory allocation failed
0x7F80 SSL - Hardware acceleration function returned with error
Low level error codes
0x0002 BIGNUM - An error occurred while reading from or writing to a file
0x0003 HMAC_DRBG - Too many random requested in single call
0x0004 BIGNUM - Bad input parameters to function
0x0005 HMAC_DRBG - Input too large (Entropy + additional)
0x0006 BIGNUM - There is an invalid character in the digit string
0x0007 HMAC_DRBG - Read/write error in file
0x0008 BIGNUM - The buffer is too small to write to
0x0009 HMAC_DRBG - The entropy source failed
0x000A BIGNUM - The input arguments are negative or result in illegal output
0x000B OID - output buffer is too small
0x000C BIGNUM - The input argument for division is zero, which is not allowed
0x000D CCM - Bad input parameters to the function
0x000E BIGNUM - The input arguments are not acceptable
0x000F CCM - Authenticated decryption failed
0x0010 BIGNUM - Memory allocation failed
0x0011 CCM - CCM hardware accelerator failed
0x0012 GCM - Authenticated decryption failed
0x0013 GCM - GCM hardware accelerator failed
0x0014 GCM - Bad input parameters to function
0x0016 BLOWFISH - Bad input data
0x0017 BLOWFISH - Blowfish hardware accelerator failed
0x0018 BLOWFISH - Invalid data input length
0x0019 ARC4 - ARC4 hardware accelerator failed
0x0020 AES - Invalid key length
0x0021 AES - Invalid input data
0x0022 AES - Invalid data input length
0x0023 AES - Feature not available. For example, an unsupported AES key size
0x0024 CAMELLIA - Bad input data
0x0025 AES - AES hardware accelerator failed
0x0026 CAMELLIA - Invalid data input length
0x0027 CAMELLIA - Camellia hardware accelerator failed
0x0028 XTEA - The data input has an invalid length
0x0029 XTEA - XTEA hardware accelerator failed
0x002A BASE64 - Output buffer too small
0x002B MD2 - MD2 hardware accelerator failed
0x002C BASE64 - Invalid character in input
0x002D MD4 - MD4 hardware accelerator failed
0x002E OID - OID is not found
0x002F MD5 - MD5 hardware accelerator failed
0x0030 PADLOCK - Input data should be aligned
0x0031 RIPEMD160 - RIPEMD160 hardware accelerator failed
0x0032 DES - The data input has an invalid length
0x0033 DES - DES hardware accelerator failed
0x0034 CTR_DRBG - The entropy source failed
0x0035 SHA1 - SHA-1 hardware accelerator failed
0x0036 CTR_DRBG - The requested random buffer length is too big
0x0037 SHA256 - SHA-256 hardware accelerator failed
0x0038 CTR_DRBG - The input (entropy + additional data) is too large
0x0039 SHA512 - SHA-512 hardware accelerator failed
0x003A CTR_DRBG - Read or write error in file
0x003C ENTROPY - Critical entropy source failure
0x003D ENTROPY - No strong sources have been added to poll
0x003E ENTROPY - No more sources can be added
0x003F ENTROPY - Read/write error in file
0x0040 ENTROPY - No sources have been added to poll
0x0042 NET - Failed to open a socket
0x0043 NET - Buffer is too small to hold the data
0x0044 NET - The connection to the given server / port failed
0x0045 NET - The context is invalid, eg because it was free()ed
0x0046 NET - Binding of the socket failed
0x0047 NET - Polling the net context failed
0x0048 NET - Could not listen on the socket
0x0049 NET - Input invalid
0x004A NET - Could not accept the incoming connection
0x004C NET - Reading information from the socket failed
0x004E NET - Sending information through the socket failed
0x0050 NET - Connection was reset by peer
0x0051 CHACHA20 - Invalid input parameter(s)
0x0052 NET - Failed to get an IP address for the given hostname
0x0053 CHACHA20 - Feature not available. For example, s part of the API is not implemented
0x0054 CHACHAPOLY - The requested operation is not permitted in the current state
0x0055 CHACHA20 - Chacha20 hardware accelerator failed
0x0056 CHACHAPOLY - Authenticated decryption failed: data was not authentic
0x0057 POLY1305 - Invalid input parameter(s)
0x0058 ARIA - ARIA hardware accelerator failed
0x0059 POLY1305 - Feature not available. For example, s part of the API is not implemented
0x005A ARIA - Feature not available. For example, an unsupported ARIA key size
0x005B POLY1305 - Poly1305 hardware accelerator failed
0x005C ARIA - Bad input data
0x005E ARIA - Invalid data input length
0x0060 ASN1 - Out of data when parsing an ASN1 data structure
0x0062 ASN1 - ASN1 tag was of an unexpected value
0x0064 ASN1 - Error when trying to determine the length or invalid length
0x0066 ASN1 - Actual length differs from expected length
0x0068 ASN1 - Data is invalid. (not used)
0x006A ASN1 - Memory allocation failed
0x006C ASN1 - Buffer too small when writing ASN.1 data structure
0x0070 PLATFORM - Hardware accelerator failed
0x0072 PLATFORM - The requested feature is not supported by the platform
0x0073 SHA1 - SHA-1 input data was malformed
0x0074 SHA256 - SHA-256 input data was malformed
0x0075 SHA512 - SHA-512 input data was malformed
0x007A CMAC - CMAC hardware accelerator failed