diff --git a/include/sys/crypto/common.h b/include/sys/crypto/common.h
index 557c3d4d1780..a644a8e9a9db 100644
--- a/include/sys/crypto/common.h
+++ b/include/sys/crypto/common.h
@@ -436,95 +436,25 @@ typedef enum cmd_type {
  * Common cryptographic status and error codes.
  */
 #define	CRYPTO_SUCCESS				0x00000000
-#define	CRYPTO_CANCEL				0x00000001
 #define	CRYPTO_HOST_MEMORY			0x00000002
-#define	CRYPTO_GENERAL_ERROR			0x00000003
 #define	CRYPTO_FAILED				0x00000004
 #define	CRYPTO_ARGUMENTS_BAD			0x00000005
-#define	CRYPTO_ATTRIBUTE_READ_ONLY		0x00000006
-#define	CRYPTO_ATTRIBUTE_SENSITIVE		0x00000007
-#define	CRYPTO_ATTRIBUTE_TYPE_INVALID		0x00000008
-#define	CRYPTO_ATTRIBUTE_VALUE_INVALID		0x00000009
-#define	CRYPTO_CANCELED				0x0000000A
-#define	CRYPTO_DATA_INVALID			0x0000000B
 #define	CRYPTO_DATA_LEN_RANGE			0x0000000C
-#define	CRYPTO_DEVICE_ERROR			0x0000000D
-#define	CRYPTO_DEVICE_MEMORY			0x0000000E
-#define	CRYPTO_DEVICE_REMOVED			0x0000000F
-#define	CRYPTO_ENCRYPTED_DATA_INVALID		0x00000010
 #define	CRYPTO_ENCRYPTED_DATA_LEN_RANGE		0x00000011
-#define	CRYPTO_KEY_HANDLE_INVALID		0x00000012
 #define	CRYPTO_KEY_SIZE_RANGE			0x00000013
 #define	CRYPTO_KEY_TYPE_INCONSISTENT		0x00000014
-#define	CRYPTO_KEY_NOT_NEEDED			0x00000015
-#define	CRYPTO_KEY_CHANGED			0x00000016
-#define	CRYPTO_KEY_NEEDED			0x00000017
-#define	CRYPTO_KEY_INDIGESTIBLE			0x00000018
-#define	CRYPTO_KEY_FUNCTION_NOT_PERMITTED	0x00000019
-#define	CRYPTO_KEY_NOT_WRAPPABLE		0x0000001A
-#define	CRYPTO_KEY_UNEXTRACTABLE		0x0000001B
 #define	CRYPTO_MECHANISM_INVALID		0x0000001C
 #define	CRYPTO_MECHANISM_PARAM_INVALID		0x0000001D
-#define	CRYPTO_OBJECT_HANDLE_INVALID		0x0000001E
-#define	CRYPTO_OPERATION_IS_ACTIVE		0x0000001F
-#define	CRYPTO_OPERATION_NOT_INITIALIZED	0x00000020
-#define	CRYPTO_PIN_INCORRECT			0x00000021
-#define	CRYPTO_PIN_INVALID			0x00000022
-#define	CRYPTO_PIN_LEN_RANGE			0x00000023
-#define	CRYPTO_PIN_EXPIRED			0x00000024
-#define	CRYPTO_PIN_LOCKED			0x00000025
-#define	CRYPTO_SESSION_CLOSED			0x00000026
-#define	CRYPTO_SESSION_COUNT			0x00000027
-#define	CRYPTO_SESSION_HANDLE_INVALID		0x00000028
-#define	CRYPTO_SESSION_READ_ONLY		0x00000029
-#define	CRYPTO_SESSION_EXISTS			0x0000002A
-#define	CRYPTO_SESSION_READ_ONLY_EXISTS		0x0000002B
-#define	CRYPTO_SESSION_READ_WRITE_SO_EXISTS	0x0000002C
 #define	CRYPTO_SIGNATURE_INVALID		0x0000002D
-#define	CRYPTO_SIGNATURE_LEN_RANGE		0x0000002E
-#define	CRYPTO_TEMPLATE_INCOMPLETE		0x0000002F
-#define	CRYPTO_TEMPLATE_INCONSISTENT		0x00000030
-#define	CRYPTO_UNWRAPPING_KEY_HANDLE_INVALID	0x00000031
-#define	CRYPTO_UNWRAPPING_KEY_SIZE_RANGE	0x00000032
-#define	CRYPTO_UNWRAPPING_KEY_TYPE_INCONSISTENT	0x00000033
-#define	CRYPTO_USER_ALREADY_LOGGED_IN		0x00000034
-#define	CRYPTO_USER_NOT_LOGGED_IN		0x00000035
-#define	CRYPTO_USER_PIN_NOT_INITIALIZED		0x00000036
-#define	CRYPTO_USER_TYPE_INVALID		0x00000037
-#define	CRYPTO_USER_ANOTHER_ALREADY_LOGGED_IN	0x00000038
-#define	CRYPTO_USER_TOO_MANY_TYPES		0x00000039
-#define	CRYPTO_WRAPPED_KEY_INVALID		0x0000003A
-#define	CRYPTO_WRAPPED_KEY_LEN_RANGE		0x0000003B
-#define	CRYPTO_WRAPPING_KEY_HANDLE_INVALID	0x0000003C
-#define	CRYPTO_WRAPPING_KEY_SIZE_RANGE		0x0000003D
-#define	CRYPTO_WRAPPING_KEY_TYPE_INCONSISTENT	0x0000003E
-#define	CRYPTO_RANDOM_SEED_NOT_SUPPORTED	0x0000003F
-#define	CRYPTO_RANDOM_NO_RNG			0x00000040
-#define	CRYPTO_DOMAIN_PARAMS_INVALID		0x00000041
 #define	CRYPTO_BUFFER_TOO_SMALL			0x00000042
-#define	CRYPTO_INFORMATION_SENSITIVE		0x00000043
 #define	CRYPTO_NOT_SUPPORTED			0x00000044
 
-#define	CRYPTO_QUEUED				0x00000045
-#define	CRYPTO_BUFFER_TOO_BIG			0x00000046
 #define	CRYPTO_INVALID_CONTEXT			0x00000047
 #define	CRYPTO_INVALID_MAC			0x00000048
 #define	CRYPTO_MECH_NOT_SUPPORTED		0x00000049
-#define	CRYPTO_INCONSISTENT_ATTRIBUTE		0x0000004A
-#define	CRYPTO_NO_PERMISSION			0x0000004B
 #define	CRYPTO_INVALID_PROVIDER_ID		0x0000004C
-#define	CRYPTO_VERSION_MISMATCH			0x0000004D
 #define	CRYPTO_BUSY				0x0000004E
 #define	CRYPTO_UNKNOWN_PROVIDER			0x0000004F
-#define	CRYPTO_MODVERIFICATION_FAILED		0x00000050
-#define	CRYPTO_OLD_CTX_TEMPLATE			0x00000051
-#define	CRYPTO_WEAK_KEY				0x00000052
-#define	CRYPTO_FIPS140_ERROR			0x00000053
-/*
- * Don't forget to update CRYPTO_LAST_ERROR and the error_number_table[]
- * in kernelUtil.c when new error code is added.
- */
-#define	CRYPTO_LAST_ERROR			0x00000053
 
 #ifdef __cplusplus
 }
diff --git a/module/icp/api/kcf_cipher.c b/module/icp/api/kcf_cipher.c
index 30fd0f3d198d..963e94bfd3d4 100644
--- a/module/icp/api/kcf_cipher.c
+++ b/module/icp/api/kcf_cipher.c
@@ -98,8 +98,7 @@ crypto_encrypt(crypto_mechanism_t *mech, crypto_data_t *plaintext,
 	    plaintext, ciphertext, spi_ctx_tmpl, KCF_SWFP_RHNDL(crq));
 	KCF_PROV_INCRSTATS(pd, error);
 
-	if (error != CRYPTO_SUCCESS && error != CRYPTO_QUEUED &&
-	    IS_RECOVERABLE(error)) {
+	if (error != CRYPTO_SUCCESS && IS_RECOVERABLE(error)) {
 		/* Add pd to the linked list of providers tried. */
 		if (kcf_insert_triedlist(&list, pd, KCF_KMFLAG(crq)) != NULL)
 			goto retry;
@@ -177,8 +176,7 @@ crypto_decrypt(crypto_mechanism_t *mech, crypto_data_t *ciphertext,
 	    ciphertext, plaintext, spi_ctx_tmpl, KCF_SWFP_RHNDL(crq));
 	KCF_PROV_INCRSTATS(pd, error);
 
-	if (error != CRYPTO_SUCCESS && error != CRYPTO_QUEUED &&
-	    IS_RECOVERABLE(error)) {
+	if (error != CRYPTO_SUCCESS && IS_RECOVERABLE(error)) {
 		/* Add pd to the linked list of providers tried. */
 		if (kcf_insert_triedlist(&list, pd, KCF_KMFLAG(crq)) != NULL)
 			goto retry;
diff --git a/module/icp/api/kcf_mac.c b/module/icp/api/kcf_mac.c
index 369ba55cec70..11102cdeaedd 100644
--- a/module/icp/api/kcf_mac.c
+++ b/module/icp/api/kcf_mac.c
@@ -40,8 +40,6 @@
  * presence of the arguments.
  *
  *	CRYPTO_SUCCESS:	The operation completed successfully.
- *	CRYPTO_QUEUED:	A request was submitted successfully. The callback
- *			routine will be called when the operation is done.
  *	CRYPTO_INVALID_MECH_NUMBER, CRYPTO_INVALID_MECH_PARAM, or
  *	CRYPTO_INVALID_MECH for problems with the 'mech'.
  *	CRYPTO_INVALID_DATA for bogus 'data'
@@ -117,8 +115,7 @@ crypto_mac(crypto_mechanism_t *mech, crypto_data_t *data,
 	    mac, spi_ctx_tmpl, KCF_SWFP_RHNDL(crq));
 	KCF_PROV_INCRSTATS(pd, error);
 
-	if (error != CRYPTO_SUCCESS && error != CRYPTO_QUEUED &&
-	    IS_RECOVERABLE(error)) {
+	if (error != CRYPTO_SUCCESS && IS_RECOVERABLE(error)) {
 		/* Add pd to the linked list of providers tried. */
 		if (kcf_insert_triedlist(&list, pd, KCF_KMFLAG(crq)) != NULL)
 			goto retry;
@@ -188,7 +185,7 @@ crypto_mac_init_prov(crypto_provider_t provider,
 	    KCF_SWFP_RHNDL(crq));
 	KCF_PROV_INCRSTATS(pd, rv);
 
-	if ((rv == CRYPTO_SUCCESS) || (rv == CRYPTO_QUEUED))
+	if (rv == CRYPTO_SUCCESS)
 		*ctxp = (crypto_context_t)ctx;
 	else {
 		/* Release the hold done in kcf_new_ctx(). */
@@ -236,8 +233,7 @@ crypto_mac_init(crypto_mechanism_t *mech, crypto_key_t *key,
 
 	error = crypto_mac_init_prov(pd, mech, key,
 	    spi_ctx_tmpl, ctxp, crq);
-	if (error != CRYPTO_SUCCESS && error != CRYPTO_QUEUED &&
-	    IS_RECOVERABLE(error)) {
+	if (error != CRYPTO_SUCCESS && IS_RECOVERABLE(error)) {
 		/* Add pd to the linked list of providers tried. */
 		if (kcf_insert_triedlist(&list, pd, KCF_KMFLAG(crq)) != NULL)
 			goto retry;
diff --git a/module/icp/include/sys/crypto/impl.h b/module/icp/include/sys/crypto/impl.h
index 172661adc46d..c4b9d7dcadfb 100644
--- a/module/icp/include/sys/crypto/impl.h
+++ b/module/icp/include/sys/crypto/impl.h
@@ -87,7 +87,7 @@ typedef struct kcf_sched_info {
 	(pd)->pd_sched_info.ks_ndispatches++;				\
 	if (error == CRYPTO_BUSY)					\
 		(pd)->pd_sched_info.ks_nbusy_rval++;			\
-	else if (error != CRYPTO_SUCCESS && error != CRYPTO_QUEUED)	\
+	else if (error != CRYPTO_SUCCESS)	\
 		(pd)->pd_sched_info.ks_nfails++;			\
 }
 
diff --git a/module/icp/include/sys/crypto/sched_impl.h b/module/icp/include/sys/crypto/sched_impl.h
index 0f3961958336..29e573800c71 100644
--- a/module/icp/include/sys/crypto/sched_impl.h
+++ b/module/icp/include/sys/crypto/sched_impl.h
@@ -75,12 +75,8 @@ typedef struct kcf_prov_tried {
 	(tlist != NULL && is_in_triedlist(pd, tlist))
 
 #define	IS_RECOVERABLE(error)			\
-	(error == CRYPTO_BUFFER_TOO_BIG ||	\
-	error == CRYPTO_BUSY ||			\
-	error == CRYPTO_DEVICE_ERROR ||		\
-	error == CRYPTO_DEVICE_MEMORY ||	\
-	error == CRYPTO_KEY_SIZE_RANGE ||	\
-	error == CRYPTO_NO_PERMISSION)
+	(error == CRYPTO_BUSY ||			\
+	error == CRYPTO_KEY_SIZE_RANGE)
 
 /*
  * Internal representation of a canonical context. We contain crypto_ctx_t
@@ -107,10 +103,9 @@ typedef struct kcf_context {
 }
 
 /*
- * Check if we can release the context now. In case of CRYPTO_QUEUED
- * we do not release it as we can do it only after the provider notified
- * us. In case of CRYPTO_BUSY, the client can retry the request using
- * the context, so we do not release the context.
+ * Check if we can release the context now. In case of CRYPTO_BUSY,
+ * the client can retry the request using the context,
+ * so we do not release the context.
  *
  * This macro should be called only from the final routine in
  * an init/update/final sequence. We do not release the context in case
@@ -128,8 +123,7 @@ typedef struct kcf_context {
  * This macro determines whether we're done with a context.
  */
 #define	KCF_CONTEXT_DONE(rv)					\
-	((rv) != CRYPTO_QUEUED && (rv) != CRYPTO_BUSY &&	\
-	    (rv) != CRYPTO_BUFFER_TOO_SMALL)
+	((rv) != CRYPTO_BUSY &&	(rv) != CRYPTO_BUFFER_TOO_SMALL)
 
 /*
  * A crypto_ctx_template_t is internally a pointer to this struct