HID® Crescendo® API

Documentation

HID Crescendo Authenticators are portable devices that provide a security-evaluated isolated computing environment dedicated to the generation, storage and use of cryptographic keys used for authentication, generation of digital signatures and protection of encryption keys.

HID Crescendo Authenticators share a common framework that can be leveraged in different form factors, and two main families are available:

With HID Crescendo devices, it is possible to enable users with well-established security mechanisms, such as:

While FIDO U2F and FIDO2 support comes standard out of the box in HID Crescendo devices, OTP and PKI require configuring the HID Crescendo device to work with the selected back-end system.

This API documentation describes the low-level APDU commands that are available to configure the PKI or OTP mechanisms.

Note: The current documentation applies to Applets version 3.0.3 or higher. (For information about the Applet version, see SELECT).

It also provides an introduction to the applications in the authenticator, and the shared mechanisms that secure access to the different services. It then presents dedicated sections for PKI and OTP that explain how to create or load keys into the HID Crescendo device and how to subsequently use those keys for authentication, signature or encryption key exchange.

To explore the API documentation, enter keywords or phrases in the search bar or use the expandable menu in the top-left corner.

Specifications

RFC 5208

SP 800-73-4

Standards