terry
April 8, 2022, 6:42am
1
I just tried to do a firmware update of Nitrokey 3A NFC. With pynitrokey version 0.4.21 I ran nitropy nk3 update
, but a critical error occured. This came in the log:
955 INFO libusbsio Loading SIO library: C:\Users\terry\envs\nk\lib\site-packages\libusbsio\bin\x64\libusbsio.dll
971 INFO libusbsio HID enumeration[2688107331952]: initialized
971 DEBUG libusbsio HID enumeration[2688107331952]: device #0: HID Miniport Device
971 DEBUG libusbsio HID enumeration[2688107331952]: device #1: Plantronics Voyager Focus UC
971 DEBUG libusbsio HID enumeration[2688107331952]: device #2: HID Miniport Device
971 DEBUG libusbsio HID enumeration[2688107331952]: device #3: Plantronics Voyager Focus UC
971 DEBUG libusbsio HID enumeration[2688107331952]: device #4: Plantronics Voyager Focus UC
971 DEBUG libusbsio HID enumeration[2688107331952]: device #5: SecureKVM
971 DEBUG libusbsio HID enumeration[2688107331952]: device #6: HID Miniport Device
971 DEBUG libusbsio HID enumeration[2688107331952]: device #7: HID Miniport Device
971 DEBUG libusbsio HID enumeration[2688107331952]: device #8: SecureKVM
971 DEBUG libusbsio HID enumeration[2688107331952]: device #9:
971 DEBUG libusbsio HID enumeration[2688107331952]: device #10: SecureKVM
971 INFO libusbsio HID enumeration[2688107331952]: finished, total 11 devices
971 DEBUG fido2.hid.windows Failed reading HID descriptor: [WinError 6] The handle is invalid.
971 DEBUG root print: Critical error:
971 DEBUG root print: No Nitrokey 3 device found
986 DEBUG root listing all connected devices:
986 DEBUG fido2.hid.windows Failed reading HID descriptor: [WinError 6] The handle is invalid.
986 DEBUG root :: 'Nitrokey FIDO2' keys
986 DEBUG root :: 'Nitrokey Start' keys:
1002 DEBUG root :: 'Nitrokey 3' keys
1024 INFO libusbsio HID enumeration[2688107331040]: initialized
1024 DEBUG libusbsio HID enumeration[2688107331040]: device #0: HID Miniport Device
1024 DEBUG libusbsio HID enumeration[2688107331040]: device #1: Plantronics Voyager Focus UC
1024 DEBUG libusbsio HID enumeration[2688107331040]: device #2: HID Miniport Device
1024 DEBUG libusbsio HID enumeration[2688107331040]: device #3: Plantronics Voyager Focus UC
1024 DEBUG libusbsio HID enumeration[2688107331040]: device #4: Plantronics Voyager Focus UC
1024 DEBUG libusbsio HID enumeration[2688107331040]: device #5: SecureKVM
1024 DEBUG libusbsio HID enumeration[2688107331040]: device #6: HID Miniport Device
1024 DEBUG libusbsio HID enumeration[2688107331040]: device #7: HID Miniport Device
1024 DEBUG libusbsio HID enumeration[2688107331040]: device #8: SecureKVM
1024 DEBUG libusbsio HID enumeration[2688107331040]: device #9:
1024 DEBUG libusbsio HID enumeration[2688107331040]: device #10: SecureKVM
1024 INFO libusbsio HID enumeration[2688107331040]: finished, total 11 devices
1024 DEBUG fido2.hid.windows Failed reading HID descriptor: [WinError 6] The handle is invalid.
1024 DEBUG root print: --------------------------------------------------------------------------------
1024 DEBUG root print: Critical error occurred, exiting now
1024 DEBUG root print: Unexpected? Is this a bug? Would you like to get support/help?
1024 DEBUG root print: - You can report issues at: https://support.nitrokey.com/
1040 DEBUG root print: - Writing an e-mail to support@nitrokey.com is also possible
1040 DEBUG root print: - Please attach the log: 'C:\Users\terry\AppData\Local\Temp\nitropy.log.pqc6fibi' with any support/help request!
1040 DEBUG root print: --------------------------------------------------------------------------------
Here is some screenshots how Windows sees the Nitrokey:
terry
April 15, 2022, 8:30am
4
Here is what USB Device Tree Viewer says about my Nitrokey 3A:
=========================== USB Port7 ===========================
Connection Status : 0x01 (Device is connected)
Port Chain : 2-7
Properties : 0x01
IsUserConnectable : yes
PortIsDebugCapable : no
PortHasMultiCompanions : no
PortConnectorIsTypeC : no
======================== USB Device ========================
+++++++++++++++++ Device Information ++++++++++++++++++
Device Description : USB Composite Device
Device Path : \\.\usb#vid_20a0&pid_42b2#5&326c0cbc&0&7#{a5dcbf10-6530-11d2-901f-00c04fb951ed}
Device ID : USB\VID_20A0&PID_42B2\5&326C0CBC&0&7
Hardware IDs : USB\VID_20A0&PID_42B2&REV_0100 USB\VID_20A0&PID_42B2
Driver KeyName : {36fc9e60-c465-11cf-8056-444553540000}\0011 (GUID_DEVCLASS_USB)
Driver : \SystemRoot\System32\drivers\usbccgp.sys (Version: Date: )
Driver Inf : C:\WINDOWS\inf\usb.inf
Legacy BusType : PNPBus
Class : USB
Class GUID : {36fc9e60-c465-11cf-8056-444553540000} (GUID_DEVCLASS_USB)
Interface GUID : {a5dcbf10-6530-11d2-901f-00c04fb951ed} (GUID_DEVINTERFACE_USB_DEVICE)
Service : usbccgp
Enumerator : USB
Location Info : Port_#0007.Hub_#0003
Location IDs : PCIROOT(0)#PCI(1400)#USBROOT(0)#USB(7), ACPI(_SB_)#ACPI(PCI0)#ACPI(XHC_)#ACPI(RHUB)#ACPI(HS07)
Container ID : {d77d1f96-b456-11ec-8375-d0509936ebca}
Manufacturer Info : (Standard USB Host Controller)
Capabilities : 0x84 (Removable, SurpriseRemovalOK)
Status : 0x0180600A (DN_DRIVER_LOADED, DN_STARTED, DN_DISABLEABLE, DN_REMOVABLE, DN_NT_ENUMERATOR, DN_NT_DRIVER)
Problem Code : 0
Address : 7
Power State : D0 (supported: D0, D3, wake from D0)
Child Device 1 : Microsoft Usbccid Smartcard Reader (WUDF)
Device ID : USB\VID_20A0&PID_42B2&MI_00\6&11668004&0&0000
Class : SmartCardReader
Child Device 1 : Smart card filter driver
Device ID : {892EDE5E-BE49-443C-A0B3-005D74F2D69C}\SCFILTER\7&9912855&0&01
Class : SmartCardFilter
Child Device 2 : USB Serial Device
Device ID : USB\VID_20A0&PID_42B2&MI_02\6&11668004&0&0002
Class : Ports
COM-Port : COM3 (\Device\USBSER000)
---------------- Connection Information ---------------
Connection Index : 0x07 (7)
Connection Status : 0x01 (DeviceConnected)
Current Config Value : 0x01
Device Address : 0x0B (11)
Is Hub : 0x00 (no)
Number Of Open Pipes : 0x07 (7)
Device Bus Speed : 0x01 (Full-Speed)
Pipe0ScheduleOffset : 0x00 (0)
Pipe1ScheduleOffset : 0x00 (0)
Pipe2ScheduleOffset : 0x00 (0)
Pipe3ScheduleOffset : 0x00 (0)
Pipe4ScheduleOffset : 0x00 (0)
Pipe5ScheduleOffset : 0x00 (0)
Pipe6ScheduleOffset : 0x00 (0)
--------------- Connection Information V2 -------------
Connection Index : 0x07 (7)
Length : 0x10 (16 bytes)
SupportedUsbProtocols : 0x03
Usb110 : 1 (yes)
Usb200 : 1 (yes)
Usb300 : 0 (no)
ReservedMBZ : 0x00
Flags : 0x00
DevIsOpAtSsOrHigher : 0 (Is not operating at SuperSpeed or higher)
DevIsSsCapOrHigher : 0 (Is not SuperSpeed capable or higher)
DevIsOpAtSsPlusOrHigher : 0 (Is not operating at SuperSpeedPlus or higher)
DevIsSsPlusCapOrHigher : 0 (Is not SuperSpeedPlus capable or higher)
ReservedMBZ : 0x00
---------------------- Device Descriptor ----------------------
bLength : 0x12 (18 bytes)
bDescriptorType : 0x01 (Device Descriptor)
bcdUSB : 0x210 (USB Version 2.10)
bDeviceClass : 0xEF (Miscellaneous)
bDeviceSubClass : 0x02
bDeviceProtocol : 0x01 (IAD - Interface Association Descriptor)
bMaxPacketSize0 : 0x40 (64 bytes)
idVendor : 0x20A0
idProduct : 0x42B2
bcdDevice : 0x0100
iManufacturer : 0x01 (String Descriptor 1)
Language 0x0409 : "Nitrokey"
iProduct : 0x02 (String Descriptor 2)
Language 0x0409 : "Nitrokey 3"
iSerialNumber : 0x00 (No String Descriptor)
bNumConfigurations : 0x01 (1 Configuration)
------------------ Configuration Descriptor -------------------
bLength : 0x09 (9 bytes)
bDescriptorType : 0x02 (Configuration Descriptor)
wTotalLength : 0x00B8 (184 bytes)
bNumInterfaces : 0x04 (4 Interfaces)
bConfigurationValue : 0x01 (Configuration 1)
iConfiguration : 0x00 (No String Descriptor)
bmAttributes : 0x80
D7: Reserved, set 1 : 0x01
D6: Self Powered : 0x00 (no)
D5: Remote Wakeup : 0x00 (no)
D4..0: Reserved, set 0 : 0x00
MaxPower : 0x32 (100 mA)
---------------- Interface Descriptor -----------------
bLength : 0x09 (9 bytes)
bDescriptorType : 0x04 (Interface Descriptor)
bInterfaceNumber : 0x00
bAlternateSetting : 0x00
bNumEndpoints : 0x02 (2 Endpoints)
bInterfaceClass : 0x0B (Smart Card)
bInterfaceSubClass : 0x00
bInterfaceProtocol : 0x00
iInterface : 0x04 (String Descriptor 4)
Language 0x0409 : "CCID/ICCD Interface"
----------------- Unknown Descriptor ------------------
bLength : 0x36 (54 bytes)
bDescriptorType : 0x21
Data (HexDump) : 36 21 10 01 00 01 02 00 00 00 FC 0D 00 00 FC 0D
00 00 00 80 25 00 00 80 25 00 00 00 FE 00 00 00
00 00 00 00 00 00 00 00 40 08 04 00 00 0C 00 00
FF FF 00 00 00 01
----------------- Endpoint Descriptor -----------------
bLength : 0x07 (7 bytes)
bDescriptorType : 0x05 (Endpoint Descriptor)
bEndpointAddress : 0x81 (Direction=IN EndpointID=1)
bmAttributes : 0x02 (TransferType=Bulk)
wMaxPacketSize : 0x0040 (64 bytes)
bInterval : 0x00 (ignored)
----------------- Endpoint Descriptor -----------------
bLength : 0x07 (7 bytes)
bDescriptorType : 0x05 (Endpoint Descriptor)
bEndpointAddress : 0x01 (Direction=OUT EndpointID=1)
bmAttributes : 0x02 (TransferType=Bulk)
wMaxPacketSize : 0x0040 (64 bytes)
bInterval : 0x00 (ignored)
---------------- Interface Descriptor -----------------
bLength : 0x09 (9 bytes)
bDescriptorType : 0x04 (Interface Descriptor)
bInterfaceNumber : 0x01
bAlternateSetting : 0x00
bNumEndpoints : 0x02 (2 Endpoints)
bInterfaceClass : 0x03 (HID - Human Interface Device)
bInterfaceSubClass : 0x00 (None)
bInterfaceProtocol : 0x00 (None)
iInterface : 0x00 (No String Descriptor)
------------------- HID Descriptor --------------------
bLength : 0x09 (9 bytes)
bDescriptorType : 0x21 (HID Descriptor)
bcdHID : 0x0111 (HID Version 1.11)
bCountryCode : 0x00 (00 = not localized)
bNumDescriptors : 0x01
Descriptor 1:
bDescriptorType : 0x22 (Class=Report)
wDescriptorLength : 0x0022 (34 bytes)
Error reading descriptor : ERROR_INVALID_PARAMETER
----------------- Endpoint Descriptor -----------------
bLength : 0x07 (7 bytes)
bDescriptorType : 0x05 (Endpoint Descriptor)
bEndpointAddress : 0x02 (Direction=OUT EndpointID=2)
bmAttributes : 0x03 (TransferType=Interrupt)
wMaxPacketSize : 0x0040 (64 bytes)
bInterval : 0x05 (5 ms)
----------------- Endpoint Descriptor -----------------
bLength : 0x07 (7 bytes)
bDescriptorType : 0x05 (Endpoint Descriptor)
bEndpointAddress : 0x82 (Direction=IN EndpointID=2)
bmAttributes : 0x03 (TransferType=Interrupt)
wMaxPacketSize : 0x0040 (64 bytes)
bInterval : 0x05 (5 ms)
------------------- IAD Descriptor --------------------
bLength : 0x08 (8 bytes)
bDescriptorType : 0x0B
bFirstInterface : 0x02
bInterfaceCount : 0x02
bFunctionClass : 0x02 (Communications and CDC Control)
bFunctionSubClass : 0x02
bFunctionProtocol : 0x00
iFunction : 0x00 (No String Descriptor)
---------------- Interface Descriptor -----------------
bLength : 0x09 (9 bytes)
bDescriptorType : 0x04 (Interface Descriptor)
bInterfaceNumber : 0x02
bAlternateSetting : 0x00
bNumEndpoints : 0x01 (1 Endpoint)
bInterfaceClass : 0x02 (Communications and CDC Control)
bInterfaceSubClass : 0x02 (Abstract Control Model)
bInterfaceProtocol : 0x00 (No class specific protocol required)
iInterface : 0x00 (No String Descriptor)
-------------- CDC Interface Descriptor ---------------
bFunctionLength : 0x05 (5 bytes)
bDescriptorType : 0x24 (Interface)
bDescriptorSubType : 0x00 (Header Functional Descriptor)
bcdCDC : 0x110 (CDC Version 1.10)
-------------- CDC Interface Descriptor ---------------
bFunctionLength : 0x04 (4 bytes)
bDescriptorType : 0x24 (Interface)
bDescriptorSubType : 0x02 (Abstract Control Management Functional Descriptor)
bmCapabilities : 0x00
D7..4: : 0x00 (Reserved)
D3 : : 0x00 (not supports the notification Network_Connection)
D2 : : 0x00 (not supports the request Send_Break)
D1 : : 0x00 (not supports the request combination of Set_Line_Coding, Set_Control_Line_State, Get_Line_Coding, and the notification Serial_State)
D0 : : 0x00 (not supports the request combination of Set_Comm_Feature, Clear_Comm_Feature, and Get_Comm_Feature)
-------------- CDC Interface Descriptor ---------------
bFunctionLength : 0x05 (5 bytes)
bDescriptorType : 0x24 (Interface)
bDescriptorSubType : 0x06 (Union Functional Descriptor)
bControlInterface : 0x02
bSubordinateInterface[0] : 0x03
-------------- CDC Interface Descriptor ---------------
bFunctionLength : 0x05 (5 bytes)
bDescriptorType : 0x24 (Interface)
bDescriptorSubType : 0x01 (Call Management Functional Descriptor)
bmCapabilities : 0x00
D7..2: : 0x00 (Reserved)
D1 : : 0x00 (sends/receives call management information only over the Communication Class interface)
D0 : : 0x00 (does not handle call management itself)
bDataInterface : 0x03
----------------- Endpoint Descriptor -----------------
bLength : 0x07 (7 bytes)
bDescriptorType : 0x05 (Endpoint Descriptor)
bEndpointAddress : 0x83 (Direction=IN EndpointID=3)
bmAttributes : 0x03 (TransferType=Interrupt)
wMaxPacketSize : 0x0008 (8 bytes)
bInterval : 0xFF (255 ms)
---------------- Interface Descriptor -----------------
bLength : 0x09 (9 bytes)
bDescriptorType : 0x04 (Interface Descriptor)
bInterfaceNumber : 0x03
bAlternateSetting : 0x00
bNumEndpoints : 0x02 (2 Endpoints)
bInterfaceClass : 0x0A (CDC-Data)
bInterfaceSubClass : 0x00
bInterfaceProtocol : 0x00
iInterface : 0x00 (No String Descriptor)
----------------- Endpoint Descriptor -----------------
bLength : 0x07 (7 bytes)
bDescriptorType : 0x05 (Endpoint Descriptor)
bEndpointAddress : 0x84 (Direction=IN EndpointID=4)
bmAttributes : 0x02 (TransferType=Bulk)
wMaxPacketSize : 0x0040 (64 bytes)
bInterval : 0x00 (ignored)
----------------- Endpoint Descriptor -----------------
bLength : 0x07 (7 bytes)
bDescriptorType : 0x05 (Endpoint Descriptor)
bEndpointAddress : 0x04 (Direction=OUT EndpointID=4)
bmAttributes : 0x02 (TransferType=Bulk)
wMaxPacketSize : 0x0040 (64 bytes)
bInterval : 0x00 (ignored)
---------- Binary Object Store (BOS) Descriptor -----------
bLength : 0x05 (5 bytes)
bDescriptorType : 0x0F (Binary Object Store)
wTotalLength : 0x000C (12 bytes)
bNumDeviceCaps : 0x01
------------- USB 2.0 Extension Descriptor ------------
bLength : 0x07 (7 bytes)
bDescriptorType : 0x10 (Device Capability Descriptor)
bDevCapabilityType : 0x02 (USB 2.0 Extension)
bmAttributes : 0x00
LPMCapable : 0 (Link Power Management protocol is not supported)
BESLAndAlternateHIRD : 0 (BESL & Alternate HIRD definitions are not supported)
BaselineBESLValid : 0 (not valid)
DeepBESLValid : 0 (not valid)
BaselineBESL : 0
DeepBESL : 0
-------------------- String Descriptors -------------------
------ String Descriptor 0 ------
bLength : 0x04 (4 bytes)
bDescriptorType : 0x03 (String Descriptor)
Language ID[0] : 0x0409 (English - United States)
------ String Descriptor 1 ------
bLength : 0x12 (18 bytes)
bDescriptorType : 0x03 (String Descriptor)
Language 0x0409 : "Nitrokey"
------ String Descriptor 2 ------
bLength : 0x16 (22 bytes)
bDescriptorType : 0x03 (String Descriptor)
Language 0x0409 : "Nitrokey 3"
------ String Descriptor 4 ------
bLength : 0x28 (40 bytes)
bDescriptorType : 0x03 (String Descriptor)
Language 0x0409 : "CCID/ICCD Interface"
My Windows device Manager sees is as a Unknown smart card device:
I see. Can you make sure that you run the update in elevated / Administrator prompt?
The device is correctly listed, but pynitrokey seems to have a problem connecting to it.
Listing as smart card is expected, as Nitrokey 3 expose a CCID interface (currently dormant).
terry
April 15, 2022, 8:41am
6
Thank you, that was it. The update went smoothly in the admin prompt:
Command line tool to interact with Nitrokey devices 0.4.21
Current firmware version: v1.0.0
Latest firmware version: v1.0.3
Do you want to download the firmware version v1.0.3? [Y/n]: y
Download v1.0.3: 100%|βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ| 302k/302k [00:00<00:00, 5.20MB/s]
Please do not remove the Nitrokey 3 or insert any other Nitrokey 3 devices during the update. Doing so may damage the Nitrokey 3.
Do you want to perform the firmware update now? [y/N]: y
Please press the touch button to reboot the device into bootloader mode ...
Performing firmware update: 100%|ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ| 302k/302k [00:03<00:00, 87.1kB/s]
Successfully updated the firmware to version v1.0.3.
1 Like