Use PIN PED to login on Luna HSM

[peterwu]

Hi!

Would you please share some examples how to login to an HSM, such as the Luna HSM, via PIN PED? Thank you.

If I read the code correctly, the session is hard coded to use a password pin.

               # user_pin need to be a string, not bytes
                cls.session = cls._token.open(rw=True, user_pin=os.environ["PKCS11_PIN"])
                print("created new pkcs11 session")

while the Token class supports passing PROTECTED_AUTH to use an external pin pad.

   def open(self, rw=False, user_pin=None, so_pin=None):
        """
        Open a session on the token and optionally log in as a user or
        security officer (pass one of `user_pin` or `so_pin`). Pass PROTECTED_AUTH to
        indicate the pin should be supplied via an external mechanism (e.g. pin pad).

[vinas003]

Hmm, I have never used a PIN PED with a HSM.

I will look into this. I will get back to you @peterwu Thanks for reporting this.