Hello. I work for a company that uses Nitrokey HSMs for PKI purposes. Today, the question came up what exactly the format requirements for User PIN and SO PIN are.
With the command “pkcs15-tool -D” I got the information that the User PIN has length “min_len:6, max_len:15, stored_len:0” and that the SO PIN has length “min_len:16, max_len:16, stored_len:0”. What does “stored_len” mean here and why is it always zero?
Also with pkcs15-tool, I found out that the type of the User PIN is “ascii-numeric” and the type of the SO PIN is “bcd”. I assume the former means all (printable?) ASCII characters are allowed and the latter is short for Binary Coded Decimal (i.e. only digits are allowed), correct?
Anyway, are the requirements for PIN and SO PIN for the Nitrokey HSM 2 documented somewhere? I could not find any documentation on your web site. Could you please point me to the documentation or add it somewhere?