libp11 icon indicating copy to clipboard operation
libp11 copied to clipboard
verified publisher icon OpenSC

PIN from environment

Open roberto497 opened this issue 3 years ago • 1 comments

It is possible to pass the PIN through the pkcs11 uri or through the OPENSSL_CONF file, but for security reasons in my project, I need to pass the pin through an environment variable, just as I can pass the PKCS11_MODULE_PATH. It's possible?

roberto497 avatar Nov 17 '22 19:11 roberto497

That should be possible using variable substution in the config file, i.e. set PIN=${ENV::PINVAR_TO_USE} inside the [pkcs11_section] section of your OPENSSL_CONF file and then set the PINVAR_TO_USE environment variable to the PIN value.

See config(5) from the openssl man-pages for more information. (C-f The value string undergoes variable expansion.)

comphuter avatar Nov 26 '22 07:11 comphuter

It seems that the issue has been resolved. I recommend closing this issue.

olszomal avatar Nov 07 '24 13:11 olszomal