Canmove, confirm
937
edits
Changes
→Auditable Events
* initialize or re-initialize the module, and
* initialize the NSS User's password.
Every audit record contains the following information about the event:
** <code>FC_InitToken(slotID, pPin, ulPinLen, pLabel)</code>
*** If <code>slotID</code> is invalid, the return code is 0x00000003 (<code>CKR_SLOT_ID_INVALID</code>).
*** The other input arguments are ignored. (The <code>pPin</code> and <code>ulPinLen</code> specify the password of the Crypto PKCS #11 Security Officer , which is not used because the module depends on empty string. Although the OS to authenticate the Crypto Officer and function doesn't perform further authenticationverify the password, the empty string should be passed as the password.)
** <code>FC_InitPIN(hSession, pPin, ulPinLen)</code>
*** If <code>hSession</code> is invalid, the return code is 0x000000B3 (<code>CKR_SESSION_HANDLE_INVALID</code>).
*** "C_Logout(hSession=''<session handle>'')=''<return code>''"
* explicit requests to assume a crypto officer role
** N<code>FC_Login</A. The crypto officer role is assumed implicitly when the operator performs crypto officer functionscode> calls, described above.
* the allocation of a function to a crypto officer role
** N/A. The functions allocated to the crypto officer role are fixed.
