Arun Praveen
Arun Praveen

Reputation: 9

Is there a way to check the token info in HSM?

My Luna HSM 7 was imported with new certificates now and then when I try to encrypt the file I get the below error, what does this mean?

7:47:09,909 [main] INFO  2023-12-06 com.cgi.crypto.s1sm.cli.MyModuleCLI line 174| My Module: START
17:47:09,912 [main] INFO  2023-12-06 com.cgi.crypto.s1sm.cli.MyModuleCLI line 175| ### Mode: FILE ENCRYPTION ###
17:47:10,901 [main] INFO  2023-12-06 com.cgi.crypto.s1sm.utils.KeystoreUtils line 96| Using Keystore Provider: SunJSSE, Keystore Type: PKCS12
17:47:11,349 [main] ERROR 2023-12-06 com.cgi.crypto.s1sm.cli.MyModuleCLI line 191| function 'C_GenerateRandom' returns 0x8000001a
com.safenetinc.luna.exception.LunaCryptokiException: function 'C_GenerateRandom' returns 0x8000001a
        at com.safenetinc.luna.exception.LunaCryptokiException.ThrowNew(LunaCryptokiException.java:91)
        at com.safenetinc.luna.LunaAPI.GenerateRandom(Native Method)
        at com.safenetinc.luna.provider.LunaRandom.engineNextBytes(LunaRandom.java:75)
        at java.security.SecureRandom.nextBytes(SecureRandom.java:468)
        at com.cgi.crypto.s1sm.DataEncrypter.createRandomness(DataEncrypter.java:110)
        at com.cgi.crypto.s1sm.cli.MyModuleCLI.doEncrypt(MyModuleCLI.java:183)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.jcommando.JCommandParser.executeCommands(JCommandParser.java:368)
        at org.jcommando.JCommandParser.parse(JCommandParser.java:130)
        at com.cgi.crypto.s1sm.cli.MyModuleCLI.main(MyModuleCLI.java:58)
17:47:11,351 [main] INFO  2023-12-06 com.cgi.crypto.s1sm.cli.MyModuleCLI line 194| My Module: END

This is the first time I am using Luna HSM and not sure what the issue is

Upvotes: 0

Views: 86

Answers (1)

Sam Paul
Sam Paul

Reputation: 86

"0x8000001a" is the return value for CKR_USER_NOT_AUTHORIZED which means you're trying to execute a function that requires a user to authenticate first. C_GenerateRandom will not execute without user login.

C_GenerateRandom used to work without a user login in the previous generation of Luna HSMs but with Luna 7, login is required.

Upvotes: 0

Related Questions