Your Search Results



    FC_InitPIN() - Initialize the user's PIN.


    CK_RV FC_InitPIN(
      CK_SESSION_HANDLE hSession,
      CK_CHAR_PTR pPin,
      CK_ULONG ulPinLen


    FC_InitPIN() takes three parameters:

    [Input] Session handle.
    [Input] Pointer to the PIN being set.
    [Input] Length of the PIN.


    FC_InitPIN() initializes the normal user's PIN.

    FC_InitPIN() must be called when the PKCS #11 Security Officer (SO) is logged into the token and the session is read/write, that is, the session must be in the "R/W SO Functions" state (CKS_RW_SO_FUNCTIONS). The role of the PKCS #11 SO is to initialize a token and to initialize the normal user's PIN. In the NSS cryptographic module, one uses the empty string password ("") to log in as the PKCS #11 SO. The module only allows the PKCS #11 SO to log in if the normal user's PIN has not yet been set or has been reset.

    Return value

    FC_InitPIN() returns the following return codes.

    • CKR_OK: normal user's PIN initialization succeeded.
    • CKR_SESSION_HANDLE_INVALID: the session handle is invalid.
    • CKR_USER_NOT_LOGGED_IN: the session is not in the "R/W SO Functions" state.
    • CKR_PIN_INVALID: the PIN has an invalid UTF-8 character.
    • CKR_PIN_LEN_RANGE: the PIN is too short, too long, or too weak (doesn't have enough character types).
    • CKR_DEVICE_ERROR: normal user's PIN is already initialized.

    See also

    Document Tags and Contributors

    Contributors to this page: Neil.williams, Wtchang,, fscholz, Sheppy
    Last updated by: fscholz,