User Objects
User objects provide a means to obtain Authentication values (these objects can be used when logging into a Token). The User object is supported only on soft (non-smart card based) tokens. It is automatically created whenever a Token is initialized.
The attributes of the User Object may be read to obtain an Authentication Challenge or to get a Temporary PIN.
For more details on the use of the User Object, refer to the description of C_Login.
Table 1: User Attributes
CKA_AUTH_CHALLENGE
|
CK_CHAR[16]
|
The current challenge value. Each time this attribute is read a new challenge value will be returned. |
CKA_TEMP_PIN
|
CK_CHAR[32]
|
The current Temporary PIN value. Each time this attribute is read a new PIN value will be returned. A CKU_USER or CKU_SO must be logged in or else a read of this attribute will return CKR_USER_NOT_LOGGED_IN error. The PIN returned can only be used to authenticate the same user that is currently logged in. |