I'm using OpenSC's PKCS11 engine for OpenSSL. I want to obtain the logs from OpenSC, also I want to force a login. According to https://github.com/OpenSC/libp11/blob/master/README.md I can do so with the VERBOSE and FORCE_LOGIN parameters, but where do I put them?
I tried to put them into the corresponding OpenSSL config section:
[pkcs11_section]
engine_id = pkcs11
dynamic_path = C:/App/pkcs11.dll
MODULE_PATH = C:/App/MyCryptokiImpl.dll
PIN = ENV
FORCE_LOGIN = 1
VERBOSE = 1
default_algorithms = ALL
init = 0
But that doesn't do anything. How to properly forward those flags to OpenSC?
FORCE_LOGIN and VERBOSE commands do not take any parameters.
The proper way to forward them to the engine through the config file is to use EMPTY instead of 1:
[pkcs11_section]
engine_id = pkcs11
dynamic_path = C:/App/pkcs11.dll
MODULE_PATH = C:/App/MyCryptokiImpl.dll
PIN = ENV
FORCE_LOGIN = EMPTY
VERBOSE = EMPTY
default_algorithms = ALL
init = 0