Skip to content

Cryptographic Failure

URI: https://docs.ankatech.co/errors/crypto
HTTP Status: 500 Internal Server Error

When you see this

A low-level cryptographic operation (encrypt, decrypt, sign, verify, key unwrap, etc.) failed due to an internal or data-related issue. The server understood your request but could not complete the operation.

Common Causes

  • The ciphertext or JWE payload is malformed, corrupted, or fails integrity/authenticity checks (bad tag, invalid padding).
  • The recipient key unwrap failed (wrong key material, algorithm mismatch, or OAEP padding error).
  • An unsupported or mis-configured algorithm/provider (Bouncy Castle) prevented the cryptographic primitive from executing.
  • An unexpected error reading or initializing the key from the keystore (corrupted keystore entry, serialization issue).

How to Resolve

  1. Inspect the response detail for the underlying message (e.g. “unable to decrypt block”, “data wrong”, or “Failed to decrypt data”).
  2. Verify that the key ID (kid), algorithm, and JWE parameters (IV, tag, encrypted key) match exactly what was used to encrypt.
  3. Ensure the key exists in the keystore, is in the correct lifecycle state, and matches the original key material.
  4. If using streaming endpoints, confirm you’re not accidentally re-sending the authentication tag in the cipher stream.
  5. Retry the operation once the above have been corrected.

If you continue to receive a 500 error after these steps, please consult the full API Reference.