Hello,My problem has already been met (http://groups.google.co.jp/group/microsoft.public.security.crypto/browse_thread/thread/cefe0c4bf0edc4aa?fwc=1) but no answers, so i decided to post my problem here.So, the idea is simple, when i use Aladdin CSP based , admin PIN is not good to initialize the card. This is the same issue as encoutered on the link above.What's the good Hexa 24 Bytes values for that please ?Admin PIN: P@ssw0rd ==> orAdminP PIN: 1234567890 ==>I also saw these links:http://social.technet.microsoft.com/Forums/en-US/identitylifecyclemanager/thread/84a3c9a3-ddba-46f7-b4ee-69bd44464439/http://www.eggheadcafe.com/software/aspnet/31773459/hiim-using-gemalto-ne.aspxhttp://www.eggheadcafe.com/software/aspnet/32007012/-clm-agent-certificate.aspxhttp://www.eggheadcafe.com/software/aspnet/31773459/hiim-using-gemalto-ne.aspxRegards,Lylian

Have you contacted Aladdin as to what value to put in the field.As you stated in your crypto posting, leaving the value blank (equivalent to all Zeros) works with the Gemalto base CSP cards.All you need to do is to get the value from Aladdin.Brian

I contacted Aladdin and they sent me a command tool "AdminKey.exe" Which convert String into Hex 24 Bytes. Thank you for your reply Brian Lylian

Hello, is it possible to get some more information about this "adminkey.exe" (download link?). I am trying to set the admin key on a java 72k etoken with the follwing free tool: http://itbloggen.se/cs/blogs/hasain/archive/2009/10/01/scutil-tool-to-manage-admin-user-pin-for-minidriver-microsoft-base-smart-card-csp-based-smart-cards.aspx This tool works with the gemalto .NET card but I get only an error message when I try to change the admin key on my etoken. The etoken minidriver is installed and working. When I set an admin pin with the etoken PKI Client (for instance "123456789012345678901234") the 48 hex key doesn't work "313233343536373839303132333435363738393031323334"). On the website from Raak Technologies I found a tool (vSEC:CMS Key Tool) which supports also the Aladdin etoken java 72k. http://www.raaktechnologies.com/support/index.html But I get the same result. Wrong admin key! Can someone post a working example (24 characters -> 48hex)? Thanks in advance. decker99

I contact Safenet and get a small command prompt tool "adminkey.exe". This tool produces a 48hex hash from the admin password set with eToken PKI client. The 48hex hash is the admin key to calculate the response to unblock the user pin or to set a new admin key. Here two examples: AdminKey.exe 1234567890 -> Key: 1d6a4f7a652e18203e3d3b0c70451022107f7420216e611b AdminKey.exe 123456789012345678901234 -> Key: 4d1e081e68027b3a073651360a483a532363692554703708 Does anybody have more informations about this hash function (source code)?

This tool can also perform different calculations of admin keys based on given passphrases: http://www.versasec.com/cms.k.html From what I tested, it gets the same result as described above.