Arun Praveen
Reputation: 9
Is there a way to check the token info in HSM?
My Luna HSM 7 was imported with new certificates now and then when I try to encrypt the file I get the below error, what does this mean?
7:47:09,909 [main] INFO 2023-12-06 com.cgi.crypto.s1sm.cli.MyModuleCLI line 174| My Module: START
17:47:09,912 [main] INFO 2023-12-06 com.cgi.crypto.s1sm.cli.MyModuleCLI line 175| ### Mode: FILE ENCRYPTION ###
17:47:10,901 [main] INFO 2023-12-06 com.cgi.crypto.s1sm.utils.KeystoreUtils line 96| Using Keystore Provider: SunJSSE, Keystore Type: PKCS12
17:47:11,349 [main] ERROR 2023-12-06 com.cgi.crypto.s1sm.cli.MyModuleCLI line 191| function 'C_GenerateRandom' returns 0x8000001a
com.safenetinc.luna.exception.LunaCryptokiException: function 'C_GenerateRandom' returns 0x8000001a
at com.safenetinc.luna.exception.LunaCryptokiException.ThrowNew(LunaCryptokiException.java:91)
at com.safenetinc.luna.LunaAPI.GenerateRandom(Native Method)
at com.safenetinc.luna.provider.LunaRandom.engineNextBytes(LunaRandom.java:75)
at java.security.SecureRandom.nextBytes(SecureRandom.java:468)
at com.cgi.crypto.s1sm.DataEncrypter.createRandomness(DataEncrypter.java:110)
at com.cgi.crypto.s1sm.cli.MyModuleCLI.doEncrypt(MyModuleCLI.java:183)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.jcommando.JCommandParser.executeCommands(JCommandParser.java:368)
at org.jcommando.JCommandParser.parse(JCommandParser.java:130)
at com.cgi.crypto.s1sm.cli.MyModuleCLI.main(MyModuleCLI.java:58)
17:47:11,351 [main] INFO 2023-12-06 com.cgi.crypto.s1sm.cli.MyModuleCLI line 194| My Module: END
This is the first time I am using Luna HSM and not sure what the issue is
Upvotes: 0
Views: 86
Answers (1)
Sam Paul
Reputation: 86
"0x8000001a" is the return value for CKR_USER_NOT_AUTHORIZED which means you're trying to execute a function that requires a user to authenticate first. C_GenerateRandom will not execute without user login.
C_GenerateRandom used to work without a user login in the previous generation of Luna HSMs but with Luna 7, login is required.
Upvotes: 0
Related Questions
- Generate CSR using the private key store on Google HSM
- install4j: Can the HSM module for Windows EV code signing be configured to pick the first available certificate?
- How do I change the Crypto Service Provider using Windows AD CS (and C#) to use a HSM Vendor
- KeystoreException Bouncy Castle not found on application server
- Kurento - Configure Java applications to use https - keystore error
- Any way to use the info from an old eclipse app / file.keystore in a new app donw in Android Studio?