OATH Usage Sequences

To perform a TOTP authentication operation, use the following process:

  1. Select the ACA instance, see SELECT

  2. Verify the PIN, see VERIFY PIN

  3. Select the OATH instance, see SELECT

  4. Perform a TOTP authentication, see TOTP AUTHENTICATE

Note: This only applies to the HID Crescendo key. It does not apply to the HID Crescendo 2300 card.

TOTP Usage Sequence

TOTP Sequence Parameters

This section details the sequences to perform a TOTP authentication operation with the following parameters:

  • Algorithm : SHA1

  • Code Digit: 06

  • Truncation: Dynamic

  • Time step: 30s

  • Friendly name: OATH TOTP

  • Key: 3132333435363738393031323334353637383930

  • Current time: 2020 April, 1st 16:41:06 → 1585752066 decimal → 5E 84A8 02 h

Sample of TOTP Usage Sequences

Field Value

 

Select ACA instance

Cmd

00A4040007A0000000791000

Resp

6F128407A0000000791000A507010510030003019000

 

Verify PIN "00000000"

Cmd

00200000083030303030303030

Resp

9000

 

Select OATH TOTP instance

Cmd

00A4040007A0000000792301

Resp

6F2F8407A0000000792301A52401052303000302260201014A170000000000000000000000000600101E000000000000069000

 

Perform a TOTP "Current Time"

Cmd

80881100045E84A802

Resp 6985
Cmd 80881100045E84A802
Resp 6985
... ...
 The end user presses the button
Cmd 80881100045E84A802

Resp

3409099000

OCRA Suite 1 Usage Sequence

OCRA Suite 1 Sequence Parameters

This section details the sequences to generate a challenge response with the following parameters:

  • Algorithm : SHA1

  • Code Digit: 06

  • Challenge Q format: Numeric, Max length: 8

  • Friendly name: OATH OCRA

  • Key: 3132333435363738393031323334353637383930

  • Challenge: 44444444 decimal → 2A62B1Ch

Sample of OCRA Usage Sequences OCRA-1:HOTP-SHA1-6:QN08

Field Value

 

Select ACA instance

Cmd

00A4040007A0000000791000

Resp

6F128407A0000000791000A507010510030003019000

 

Verify PIN "00000000"

Cmd

00200000083030303030303030

Resp

9000

 

Select OATH OCRA instance

Cmd

00A4040007A0000000792302

Resp

6F538407A0000000792302A54801052303000302260203034A1700000000000000000000220006001000000000000001084B174F4352412D313A484F54502D534841312D363A514E30384C094F415448204F4352419000

 

Perform an OCRA Challenge-Response:

Challenge: 44444444 decimal → 2A62B1Ch

Cmd

80872200887C818582008181802A62B1C000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

Resp

6985

Cmd

80872200887C818582008181802A62B1C000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

Resp 6985
... ...
 The end user presses the button
Cmd

80872200887C818582008181802A62B1C000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

Resp 7C0582036089939000

OCRA Suite 2 Usage Sequence

OCRA Suite 2 Sequence Parameters

This section details the sequences to generate a challenge response with the following parameters

  • Algorithm: SHA-256

  • Code Digit: 8

  • Compteur: 0000000000000004

  • Challenge Q format: Numeric, Max length: 8

  • Friendly name: OATH OCRA

  • Key: 3132333435363738393031323334353637383930313233343536373839303132

  • Pin 1234 SHA1(31323334)=7110EDA4D09E062AA5E4A390B0A572AC0D2C0220

  • Challenge: 12345678 decimal → BC614Eh

Sample of OCRA Usage Sequences OCRA-1:HOTP-SHA256-8:C-QN08-PSHA1

Field Value

 

Select ACA instance

Cmd

00A4040007A0000000791000

Resp

6F128407A0000000791000A507010510030003019000

 

Verify PIN "00000000"

Cmd

00200000083030303030303030

Resp

9000

 

Select OATH OCRA instance

Cmd

00A4040007A0000000792302

Resp

6F5D8407A0000000792302A55201052303000302260203034A1700000000000000000004220108001000000100010001084B214F4352412D313A484F54502D5348413235362D383A432D514E30382D50534841314C094F415448204F4352419000

 

Perform an OCRA Challenge-Response:

Challenge: 12345678 decimal → BC614Eh

Hash (Pin=31323334)= 7110EDA4D09E062AA5E4A390B0A572AC0D2C0220

Cmd

808722009E7C819B8200818180BC614E000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084147110EDA4D09E062AA5E4A390B0A572AC0D2C0220

Resp 6985
Cmd

808722009E7C819B8200818180BC614E000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084147110EDA4D09E062AA5E4A390B0A572AC0D2C0220

Resp 6985
... ...
 The end user presses the button

Cmd

808722009E7C819B8200818180BC614E000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084147110EDA4D09E062AA5E4A390B0A572AC0D2C0220

Resp

7C058204101043299000