OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: SO login into non-initialized token



maybe youve also seen this new question on StackExchange (https://crypto.stackexchange.com/questions/61822/what-is-the-proper-return-code-for-c-login-when-a-cku-so-attempts-to-log-into-a):


Looking at the PKCS#11 2.4 spec, C_Login returns CKR_USER_PIN_NOT_INITIALIZED when a "normal user's PIN has not yet been initialized with C_InitPIN". However, I can not find anything that would be analogous to a situation when a user calls C_Login for a CKU_SO user on a token that has not been initialized using C_InitToken.


Thats actually a good question IMO.


We simply return CKR_USER_PIN_NOT_INITIALIZED also in this case, but thinking about it now this doesnt seem to be correct according to the description of this error code in the standard. But all other return values do not fit either.


Any opinions?





Utimaco IS GmbH
Germanusstr. 4, D.52080 Aachen, Germany, Tel: +49-241-1696-0, www.utimaco.com
Seat: Aachen – Registergericht Aachen HRB 18922
VAT ID No.: DE 815 496 496
Managementboard: Malte Pollmann (Chairman) CEO, Dr. Frank J. Nellissen CFO

This communication is confidential. We only send and receive email on the basis of the terms set out at https://www.utimaco.com/en/e-mail-disclaimer/

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]