I recently purchased two Nitrokey HSM 2’s. But I can’t initialize them. OpenSC v0.23 on Windows 10 drives it.
C:\K3\sha256+newkey\sample-image-sha256>winget list OpenSC
Name Id Version Source
-----------------------------------------------------------------
OpenSC smartcard framework (64bit) OpenSC.OpenSC 0.23.0.0 winget
C:\K3\sha256+newkey\sample-image-sha256>"C:\Program Files\OpenSC Project\OpenSC\tools\pkcs11-tool.exe" -T -v
Available slots:
Slot 0 (0xc): Nitrokey Nitrokey HSM 0
manufacturer: Nitrokey
hardware ver: 0.0
firmware ver: 0.0
flags: token present, removable device, hardware slot
token label : SmartCard-HSM (UserPIN)
token manufacturer : www.CardContact.de
token model : PKCS#15 emulated
token flags : login required, rng, token initialized, PIN initialized
hardware version : 24.13
firmware version : 4.1
serial num : DENK0301800
pin min/max : 6/15
C:\K3\sha256+newkey\sample-image-sha256>"C:\Program Files\OpenSC Project\OpenSC\tools\pkcs15-tool.exe" -C
Using reader with a card: AKS ifdh 0
Card not present.
C:\K3\sha256+newkey\sample-image-sha256>"C:\Program Files\OpenSC Project\OpenSC\tools\sc-hsm-tool.exe" sc-hsm-tool --initialize --so-pin ### --pin ### -vvv
P:13000; T:10572 2024-08-20 08:11:22.038 [sc-hsm-tool] sc.c:340:sc_detect_card_presence: called
P:13000; T:10572 2024-08-20 08:11:22.040 [sc-hsm-tool] reader-pcsc.c:470:pcsc_detect_card_presence: called
P:13000; T:10572 2024-08-20 08:11:22.041 [sc-hsm-tool] AKS ifdh 0 check
P:13000; T:10572 2024-08-20 08:11:22.042 [sc-hsm-tool] current state: 0x00200222
P:13000; T:10572 2024-08-20 08:11:22.044 [sc-hsm-tool] previous state: 0x00200012
P:13000; T:10572 2024-08-20 08:11:22.045 [sc-hsm-tool] card present, changed
P:13000; T:10572 2024-08-20 08:11:22.046 [sc-hsm-tool] reader-pcsc.c:478:pcsc_detect_card_presence: returning with: 3
P:13000; T:10572 2024-08-20 08:11:22.047 [sc-hsm-tool] sc.c:351:sc_detect_card_presence: returning with: 3
Using reader with a card: AKS ifdh 0
P:13000; T:10572 2024-08-20 08:11:22.051 [sc-hsm-tool] sc.c:340:sc_detect_card_presence: called
P:13000; T:10572 2024-08-20 08:11:22.052 [sc-hsm-tool] reader-pcsc.c:470:pcsc_detect_card_presence: called
P:13000; T:10572 2024-08-20 08:11:22.054 [sc-hsm-tool] AKS ifdh 0 check
P:13000; T:10572 2024-08-20 08:11:22.055 [sc-hsm-tool] current state: 0x00210012
P:13000; T:10572 2024-08-20 08:11:22.056 [sc-hsm-tool] previous state: 0x00200222
P:13000; T:10572 2024-08-20 08:11:22.057 [sc-hsm-tool] card absent
P:13000; T:10572 2024-08-20 08:11:22.058 [sc-hsm-tool] reader-pcsc.c:480:pcsc_detect_card_presence: returning with: 0 (Success)
P:13000; T:10572 2024-08-20 08:11:22.059 [sc-hsm-tool] sc.c:351:sc_detect_card_presence: returning with: 0 (Success)
Card not present.
Failed to connect to card: Success
P:13000; T:10572 2024-08-20 08:11:22.061 [sc-hsm-tool] ctx.c:934:sc_release_context: called
P:13000; T:10572 2024-08-20 08:11:22.063 [sc-hsm-tool] reader-pcsc.c:977:pcsc_finish: called
I saw this post in this link. It says that some HSMs need to be replaced. Does my HSM need to be replaced as well?