Clarification on how cryptotoken details are stored in the CryptoTokenData table in community version

[Manju-212]

I’m currently reviewing how cryptotoken details are stored in the EJBCA database, specifically in the CryptoTokenData table. I noticed that the data column contains Base64-encoded content, which, when decoded, includes fields like slotLabelValue, tokenName, sharedLibrary, and a hashed pin.
I have a few questions
1. Which hashing algorithm is used to store the PIN?
2. Is the hashing process configurable?
3. How does EJBCA internally verify or decrypt the PIN during token activation?

[primetomas]

PIN is only there is you choose "auto activation". That is not recommended in a high security, compliant, deployment.
The password is not hashed, it is encrypted with the password.encryption.key you define in cesecore.properties (or variables in container) as it needs to be accessible in clear to EJBCA to activate the slot.