When you use the PKCS #11 library, your application runs as a specific crypto user (CU) in your HSM instance. Your application can view and manage only the owned or shared keys of that CU.
To specify the CU to PKCS #11 library, use the pin parameter of the PKCS #11 C_Login function. For HSM instances, the pin should come in the form of user_name:passwd. Only CU login supported.
For example, you can run the following command to set the PKCS #11 library pin to the CU. In this example, the username is crypto_user
and the password is crypto_user_1234qwer!
.
crypto_user:crypto_user_1234qwer!