I’m attempting to initialize my Nitrokey with sc-hsm-tool. When I try with the sc-hsm-tool that comes with Ubuntu 1804 (v0.17.0), I get this output:
sc-hsm-tool --initialize --so-pin 12345678 --pin 123456 --dkek-shares 1 --label neverware-update-signing
Using reader with a card: Nitrokey Nitrokey Pro (000000000000000000006BC0) 00 00
Failed to connect to card: Card is invalid or cannot be handled
When I try with the current tip of OpenSC, I get this:
./sc-hsm-tool --initialize --so-pin 12345678 --pin 123456 --dkek-shares 1 --label neverware-update-signing
Using reader with a card: Nitrokey Nitrokey Pro (000000000000000000006BC0) 00 00
Failed to select application: File not found
pkcs11-tool does see the Nitrokey, so I’m not sure what sc-hsm-tool is failing to find. Here’s the output of pkcs11-tool:
./pkcs11-tool --list-slots
Available slots:
Slot 0 (0x0): Nitrokey Nitrokey Pro (000000000000000000006BC0) 00 00
token label : User PIN (OpenPGP)
token manufacturer : ZeitControl
token model : PKCS#15 emulated
token flags : login required, rng, token initialized, PIN initialized
hardware version : 3.3
firmware version : 3.3
serial num : 000500006bc0
pin min/max : 6/64
Slot 1 (0x1): Nitrokey Nitrokey Pro (000000000000000000006BC0) 00 00
token label : User PIN (sig) (OpenPGP)
token manufacturer : ZeitControl
token model : PKCS#15 emulated
token flags : login required, rng, token initialized, PIN initialized
hardware version : 3.3
firmware version : 3.3
serial num : 000500006bc0
pin min/max : 6/64
It’s worth mentioning that my system’s pkcs11-tool sees significantly less than the one I’ve built from the top of OpenSC. Here’s my system’s pkcs11-tool’s output:
pkcs11-tool --list-slots
Available slots:
Slot 0 (0x0): Nitrokey Nitrokey Pro (000000000000000000006BC0) 00 00
(empty)
Am I missing some sort of dependency? I’ve followed the steps in the installation guide (but haven’t changed the default pins yet), so I’m not sure what other steps I need to take to initialize my key.