NSC_InitToken() - initialize or re-initialize a token.
NSC_InitToken() has the following parameters:
- the ID of the token's slot
- the password of the security officer (SO)
- the length in bytes of the SO password
- points to the label of the token, which must be padded with spaces to 32 bytes and not be null-terminated
NSC_InitToken() initializes a brand new token or re-initializes a token that was initialized before.
NSC_InitToken() initializes or clears the key database, removes the password, and then marks all the user certs in the certificate database as non-user certs. (User certs are the certificates that have their associated private keys in the key database.)
Note: The SO password should be the empty string, i.e.,
ulPinLen argument should be 0.
NSC_InitToken() ignores the
NSC_InitToken() returns the following return codes.
CKR_OK: token initialization succeeded.
CKR_SLOT_ID_INVALID: slot ID is invalid.
- slot ID is 1. (The non-FIPS mode has two slots: 1 and 2. The key database is in slot 2. Slot 1 doesn't have a key database.)
- we don't have a reference to the key database (we failed to open the key database or we have released our reference).
CKR_DEVICE_ERROR: failed to reset the key database.
NSC_InitToken() is used to reset the password for the key database when the user forgets the password.
- The "Reset Password" button of the Mozilla Application Suite and SeaMonkey (in Preferences->Privacy & Security->Master Passwords) calls
- The "-T" (token reset) command of