HID® Crescendo® PKCS11
|
Unpack the package file to a chosen location, e.g. C:\Program Files\CrescendoPKCS11
, the PKCS#11 module dll file libcrescendo-pkcs11.dll
will be located in the Libraries\x64win32
subdirectory of the folder where the package was unpacked. Follow your application vendor's instructions to enable its use in an application.
Note that HID provides official support only for the following distributions:
The software may work on other systems but has not been tested by HID.
Note that HID provides official support only for the following applications:
The software may work on other systems (such as Thunderbird and Chrome-based browsers) but has not been tested by HID.
Install the provided deb
file using your distributions package manager or by running the following command in a terminal
This will install the PKCS#11 module shared library into /usr/lib
and register it with p11-kit. It will also try to automatically set up Firefox for all users in the system so that the module is usable with Firefox.
If Firefox is installed via snap (the default in Ubuntu 24.04), any updates to Firefox may cause it to no longer recognize the PKCS#11 module. If this is the case, running the following command, after the update is performed, should fix this:
For more information see the man page of the pkcs11-crescendo-register
command:
Install pcsc-lite (both library & daemon) and libstdc++. An example of how to install both components on Red Hat from terminal:
Unpack the provided tgz
file into /opt/hid/lib-crescendo-pkcs11
and run the following commands as root:
This command will try to automatically set up Firefox for all users in the system so that the module is usable with Firefox.
The library can be configured via the Windows Registry. This release supports the following registry keys:
Registry Location | Key Name | Values | Default | Description |
---|---|---|---|---|
SOFTWARE\HID Global\Logging\Products\ActivClient | Enabled | DWORD (0/1) | 0 | If set to 1, the library will generate logs |
SOFTWARE\HID Global\CrescendoAPI\Config | LOGGING_VERBOSITY | DWORD (0-5) | 0 | Only messages >= this level will be logged |
SOFTWARE\HID Global\Logging | LOGGING_PATH | STRING | CommonProgramFiles%\HID Global\Logs\x64\P-I.log | The path to the file where logs will be saved. P will be replaced by the process name, I will be replaced by process PID, NAME% will be replaced by the contents of environment variabe NAME. |
SOFTWARE\HID Global\Logging | MaxFileBackups | DWORD | 3 | When a log file reaches a certain size, it will be renamed to end with a numbered postfix, and a new log file will be created; this setting controls the number of log files to keep |
SOFTWARE\HID Global\Logging | MaxFileSize | DWORD (bytes) | 20971520 | The maximum size of the generated log file |
SOFTWARE\HID Global\SecurityModuleMW\DiscoveryProvider | DisableCaching | DWORD (0/1) | 0 | Disables caching |
In this release, the registry keys will only be looked up in the HKEY_LOCAL_MACHINE
registry hive. It is expected that more registry hives will be considered in future releases.
The library can be configured via ini-formatted files. It looks for configuration in the following locations:
# Systemwide configuration /etc/hid-pkcs11.ini # User configuration $XDG_CONFIG_HOME/hid-pkcs11.ini $HOME/.config/hid-pkcs11.ini $XDG_CONFIG_DIRS.../hid-pkcs11.ini
User configuration will be read from the first available file, if any, and will override any configuration from the system-wide configuration file. Note that the relevant user is the one running the process which loads the PKCS#11 module.
Additionally, configuration will be read from the environment, which will override any settings from the files. Configuration via environment variables is done by setting an environment variable with the name of the configuration key prefixed by HIDGLOBAL_
.
This release supports the following settings:
Setting name | Values | Default | Description |
---|---|---|---|
LOGGING_ENABLED | true/false | false | The library will generate logs |
LOGGING_VERBOSITY | 0-5 | 0 | Only messages >= this level will be logged |
LOGGING_PATH | string | /tmp/libcrescendo-pkcs11-$USER-P-I.log | The path to the file where logs will be saved. P will be replaced by the process name, I will be replaced by process PID, $NAME will be replaced by the contents of environment variabe NAME. |
LOGGING_MAX_FILE_COUNT | number | 3 | When a log file reaches a certain size, it will be renamed to end with a numbered postfix, and a new log file will be created; this setting controls the number of log files to keep |
LOGGING_MAX_FILE_SIZE | number (bytes) | 20971520 | The maximum size of the generated log file |
PERSISTENT_CACHE_DISABLED | true/false | false | Disables caching |