louib
commented
3 months ago @felinira Thanks for testing this library with Nitrokey 3 and reporting the issue! PCSC is not implemented yet, but I agree that it would make a lot of sense to add this feature to the library. I've created https://github.com/louib/challenge-response/issues/46 to track PCSC support. I'm keeping this issue open to make sure we test Nitrokey support once the library supports PCSC.
I have tried to understand why my Nitrokey 3 does not work with this at all.
The gist of it seems to be: This library only supports HMAC-SHA1 challenge-response via the yubico proprietary HID protocol. However the Nitrokey only supports the challenge via the regular CCID smartcard interface. (and apparently via CTAP HID?)
Keepass acts as a PCSC client https://github.com/keepassxreboot/keepassxc/blob/develop/src/keys/drivers/YubiKeyInterfacePCSC.cpp which seems to be the only way to make this specific device actually work. This is also supported by yubikey FWIW, so at least this would be a slightly more portable way to go about it.