OATH Personalization Sequences

HOTP Personalization Sequence

To update the configuration and/or the key of the HOTP button, use the following process:

  1. Select the ACA instance, see SELECT

  2. Verify the PIN, see VERIFY PIN

  3. Select the OATH instance, see SELECT

  4. Set the configuration, see PUT KEY / CONFIGURATION

  5. Put the HOTP key, see PUT KEY / CONFIGURATION

Note: This only applies to the HID Crescendo key. It does not apply to the HID Crescendo 2300 card.

HOTP Sequence Parameters

This section details the sequences to update the HOTP slot with the following parameters:

  • Algorithm : SHA1

  • Code Digit: 06

  • Truncation: Dynamic

  • Friendly name: OATH HOTP

  • Key: 3132333435363738393031323334353637383930

Sample of HOTP Personalization Sequences

Field Value

 

Select ACA instance

Cmd

00A4040007A0000000791000

Resp

6F128407A0000000791000A507010510030003019000

 

Verify PIN "00000000"

Cmd

00200000083030303030303030

Resp

9000

 

Select OATH HOTP instance

Cmd

00A4040007A0000000792300

Resp

6F2F8407A0000000792300A5240105230300030226260201014A170000000000000000000000000600101E000000000000069000

 

Set HOTP Configuration

SHA1 / Code Digit 6 / Dynamic truncation / OATH HOTP

Cmd

80D805002700002322000000000000000000000600100000000000000000000000004F41544820484F545000

Resp

9000

 

Inject HOTP Key 3132333435363738393031323334353637383930

Cmd

80D804001900001514313233343536373839303132333435363738393000

Resp

9000

TOTP Personalization Sequence

To update the configuration and/or the key of a TOTP slot, use the following process:

  1. Select the ACA instance, see SELECT

  2. Verify the PIN, see VERIFY PIN

  3. Select the TOTP instance, see SELECT

  4. Set the configuration, see PUT KEY / CONFIGURATION

  5. Put the TOTP key, see PUT KEY / CONFIGURATION

Note: This only applies to the HID Crescendo key. It does not apply to the HID Crescendo 2300 card.

TOTP Sequence Parameters

This section details the sequences to update the TOTP slot with the following parameters:

  • Algorithm : SHA1

  • Code Digit: 06

  • Truncation: Dynamic

  • Time step: 30s

  • Friendly name: OATH TOTP

  • Key: 0102030405060708090A0B0C0D0E0F10 1112131415161718191A1B1C1D1E1F20 2122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F40 4142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60 6162636465666768696A6B6C6D6E6F70172737475767778797A7B7C7D7E7F80

Sample of TOTP Personalization Sequences

Field Value

 

Select ACA instance

Cmd

00A4040007A0000000791000

Resp

6F128407A0000000791000A507010510030003019000

 

Verify PIN "00000000"

Cmd

00200000083030303030303030

Resp

9000

 

Select OATH TOTP instance

Cmd

00A4040007A0000000792301

Resp

6F2F8407A0000000792301A52401052303000302260201014A170000000000000000000000000600101E000000000000069000

 

Set TOTP Configuration

SHA1 / Code Digit 6 / Dynamic truncation / Time Step 30s / OATH TOTP

Cmd

80D805002700002322000000000000000011000600101E00000000000000000000004F41544820544F545000

Resp

9000

 

Inject TOTP Key 0102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F70172737475767778797A7B7C7D7E7F80

Cmd

80D80400870000818281800102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F8000

Resp

9000

OCRA Suite 1 Personalization Sequence

OCRA Suite 1 Sequence Parameters: OCRA-1:HOTP-SHA1-6:QN08

This section details the sequences to update an OCRA slot with OCRA-1:HOTP-SHA1-6:QN08 using the following parameters:

  • Algorithm : SHA1

  • Code Digit: 06

  • Challenge Q format: Numeric, Max length: 8

  • Friendly name: OATH OCRA

  • Key: 3132333435363738393031323334353637383930

Sample of OCRA Suite 1 Personalization Sequence

Field Value

 

Select ACA instance

Cmd

00A4040007A0000000791000

Resp

6F128407A0000000791000A507010510030003019000

 

Verify PIN "00000000"

Cmd

00200000083030303030303030

Resp

9000

 

Select OATH OCRA instance

Cmd

00A4040007A0000000792302

Resp

6F2F8407A0000000792302A52401052303000302260201014A170000000000000000000000000600101E000000000000069000

 

Set OCRA Configuration

SHA1 / Code Digit 6 / Dynamic truncation / Challenge Numeric, Max length 8 / OATH OCRA

Cmd

80D805002700002322000000000000000022000600100000000000000000000001084F415448204F43524100

Resp

9000

 

Inject OCRA Key 3132333435363738393031323334353637383930

Cmd

80D804001900001514313233343536373839303132333435363738393000

Resp

9000

OCRA Suite 2 Personalization Sequence

OCRA Suite 2 Sequence Parameters: OCRA-1:HOTP-SHA256-8:C-QN08-PSHA1

This section details the sequences to update the OCRA slot with OCRA-1:HOTP-SHA256-8:C-QN08-PSHA1 using the following parameters:

  • Algorithm: SHA-256

  • Code Digit: 8

  • Compteur: 0000000000000004

  • Challenge Q format: Numeric, Max length: 8

  • Friendly name: OATH OCRA

  • Key: 3132333435363738393031323334353637383930313233343536373839303132

Sample of OCRA Suite 2 Personalization Sequence

Field Value

 

Select ACA instance

Cmd

00A4040007A0000000791000

Resp

6F128407A0000000791000A507010510030003019000

 

Verify PIN "00000000"

Cmd

00200000083030303030303030

Resp

9000

 

Select OATH OCRA instance

Cmd

00A4040007A0000000792302

Resp

6F2F8407A0000000792302A52401052303000302260201014A170000000000000000000000000600101E000000000000069000

 

Set OCRA Configuration

SHA256 / Counter 4 / Code Digit 8 / Dynamic truncation / Challenge Numeric, Max length 8 / OATH OCRA

Cmd

80D805002700002322000000000000000422010800100000000000000100010001084F415448204F43524100

Resp

9000

 

Inject OCRA Key 3132333435363738393031323334353637383930313233343536373839303132

Cmd

80D804002500002120313233343536373839303132333435363738393031323334353637383930313200

Resp

9000