EldoS | Feel safer!

Software components for data protection, secure storage and transfer

PKCS11 Set PIN function

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
Posted: 05/07/2010 07:55:04
by Paolo Righi (Standard support level)
Joined: 02/15/2008
Posts: 34


I would add to my application a function (common to other digital signature softwares) to change or unlock the PIN in a smart card/token.
I found in the SecureBlackBox sources a reference to the PKCS11 function call C_SetPIN(), but no use of that reference can be found (TPKCS11SetPINFunc function type).
Can you suggest to me how to add such a function maybe integrated in the existing objects?

Thank you and best regards.
Posted: 05/09/2010 22:23:12
by Ken Ivanov (EldoS Corp.)

Thank you for contacting us.

SBB does not provide high-level access to PIN change feature at the moment, however, you can implement it manually with the use of import declarations available in SBPKCS11Common unit.

C_SetPIN() accepts five parameters: a handle to the opened session, and pointers to UTF8-encoded old and new PINs along with their lengths. You can call this function provided that you have an opened PKCS#11 session (represented via TElPKCS11SessionInfo object). Use TElPKCS11SessionInfo.Handle property to obtain the session handle.

The call this way will have the following look:

PKCS11CheckError(PKCS11_SetPIN, TPKCS11SetPINFunc(FModule.FuncArray[PKCS11_SetPIN])(Session.Handle, oldPassPtr, oldPassLen, newPassPtr, newPassLen));

You might wish to have a look at the official PKCS#11 specification for more details about the SetPIN function.



Topic viewed 1824 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!