Software Prerequisites

Before you install PQSDK:

This release of PQSDK is compatible with Linux only. See the PQSDK Release Notes for the list of compatible operating systems and versions.

Security World software

PQSDK requires nShield Security World software to be installed, and a working Security World to be configured. To confirm that there is a usable Security World, use the nfkminfo command:


If the Security World is usable then the state line in the nfkminfo output shows Usable.

    generation 2
    state 0x37270008 Initialised Usable Recovery !PINRecovery !ExistingClient RTC NVRAM FTO AlwaysUseStrongPrimes !DisablePKCS1Padding !PpStrengthCheck !AuditLogging SEEDebug

Additionally, your hardserver should have appropriately configured priv_port and nonpriv_port settings.


For further information on installing Security World software and creating a Security World, see the User Guide shipped with your nShield Security World software.

See the PQSDK Release Notes for supported Security World Software versions.


The requirements for PQSDK remote and local HSM installations are different.

  • PQSDK remote installations require only Security World software.

  • Local HSM installations require nShield CodeSafe software to be installed for building examples with the PQSDK. To confirm that CodeSafe is installed, use the elftool command:

elftool --version

If CodeSafe is installed, a message similar to the following will be printed in your terminal:

elftool, nshield (12.70.4-265-4efba9d)

See the PQSDK Release Notes for supported CodeSafe versions.

HSM Firmware

PQSDK requires a supported version of the nShield HSM firmware to be installed. To confirm the installed version, use the enquiry command.

Module #1:
 version              13.4.3
 speed index          20000
 rec. queue           120..250
 level one flags      Hardware HasTokens SupportsCommandState SupportsHotReset
 version string       13.4.3-338-6c66aa0d
 checked in           00000000649dc17c Thu Jun 29 13:38:04 2023
 level two flags      none

In this example, the installed firmware version is 13.4.3. See the PQSDK Release Notes for supported firmware versions.

In addition, for nShield XC, you must enable the Unrestricted SEE feature. This is indicated by the presence of SEE Activation (EU+10) in the enabled features seen in FET.

For nShield 5, you must enable the SEE Activation feature. This is indicated by the presence of SEE Activation, Codesafe 5 in the enabled features seen in FET.

Third party software

PQSDK requires following third party software to be installed:

  • CMake 3.13.0 (or higher).

  • GCC version 4.8.5 (or higher).

  • GNU Make version 3.82 (or higher).

  • Java Development Kit (Java 8) version 1.8.0_362 (or higher).

  • Apache Ant version 1.9.4 (or higher).

Remove existing nShield Post-Quantum Software Development Kit

Please see Uninstallation for uninstallation instructions.