{"version":1,"pages":[{"id":"0I9MDXfSSVyO6gTSpvTT","title":"Welcome","pathname":"/hem-api","siteSpaceId":"sitesp_5JzLA","description":""},{"id":"mw9WsrFdcdyMjVDW6jNc","title":"Quick Start","pathname":"/hem-api/preliminary/quick-start","siteSpaceId":"sitesp_5JzLA","description":"In order to start working with Encedo HEM, three basic steps need to be done. Here is a short guide on what and how :)","breadcrumbs":[{"label":"Preliminary"}]},{"id":"YqKtoXScMxoOBBO2fjgS","title":"General information","pathname":"/hem-api/preliminary/general-information","siteSpaceId":"sitesp_5JzLA","description":"This section describes basic and general information regards API references, access control, response and error codes.","breadcrumbs":[{"label":"Preliminary"}]},{"id":"ArIqzVMC8tRIQCUmOuO8","title":"End-of-Life","pathname":"/hem-api/preliminary/end-of-life","siteSpaceId":"sitesp_5JzLA","description":"End-of-Life (EOL) and Secure Disposal of the Encedo HEM.","breadcrumbs":[{"label":"Preliminary"}]},{"id":"6W0p2NQmed2nljMvKb1i","title":"Report an issue","pathname":"/hem-api/security/report-an-issue","siteSpaceId":"sitesp_5JzLA","description":"This page hosts our security policies and information with regards to reporting security flaws.","breadcrumbs":[{"label":"Security"}]},{"id":"Znt9wnTsDRgHSV3XdTAU","title":"Advisory","pathname":"/hem-api/security/advisory","siteSpaceId":"sitesp_5JzLA","description":"The Security Advisory section provides a persistent, chronological list of all published advisories affecting the Encedo HEM.","breadcrumbs":[{"label":"Security"}]},{"id":"Lyq44kuEzgLeBTTcZrpi","title":"Hall of fame","pathname":"/hem-api/security/advisory/hall-of-fame","siteSpaceId":"sitesp_5JzLA","description":"Responsible Disclosure","breadcrumbs":[{"label":"Security"},{"label":"Advisory"}]},{"id":"ThMbXUWdKscRYYqMl8z7","title":"API Reference","pathname":"/hem-api/reference/api-reference","siteSpaceId":"sitesp_5JzLA","description":"Dive into the specifics of each HEM API endpoint by checking out our complete API Reference documentation.","breadcrumbs":[{"label":"Reference"}]},{"id":"HMB0a4QXeYrzij31Uz0u","title":"System","pathname":"/hem-api/reference/api-reference/system","siteSpaceId":"sitesp_5JzLA","description":"","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"}]},{"id":"aufLMWnjYsOfhIUisz0c","title":"Version & Status","pathname":"/hem-api/reference/api-reference/system/version-and-status","siteSpaceId":"sitesp_5JzLA","description":"Two endpoints to gather general information about the device.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"System"}]},{"id":"ssphXE1Degwfu8R3qvZA","title":"Checkin","pathname":"/hem-api/reference/api-reference/system/checkin","siteSpaceId":"sitesp_5JzLA","description":"Those endpoints perform check-in procedures, a'ka firmware verification and setup of RTC based on trusted data.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"System"}]},{"id":"XbFVoJ2BSfgQ5oS7HNki","title":"Configuration","pathname":"/hem-api/reference/api-reference/system/configuration","siteSpaceId":"sitesp_5JzLA","description":"These operations allow the read and update of the device configuration. This section includes Secure Enclave provisioning (on Encedo PPA only and during manufacture only).","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"System"}]},{"id":"4Nz60NDIVyFXUr1l9OzD","title":"Upgrade","pathname":"/hem-api/reference/api-reference/system/upgrade","siteSpaceId":"sitesp_5JzLA","description":"","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"System"}]},{"id":"Fh9IM0kaYdyucfzYbCVD","title":"Firmware","pathname":"/hem-api/reference/api-reference/system/upgrade/firmware","siteSpaceId":"sitesp_5JzLA","description":"These operations allow the device firmware to be upgraded by uploading a new firmware image over API. This includes integrity and signature validation allowing only a legitimate firmware to be install","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"System"},{"label":"Upgrade"}]},{"id":"PCKPVuFdfT5N947F8Dcv","title":"Low level USB mode","pathname":"/hem-api/reference/api-reference/system/upgrade/firmware/low-level-usb-mode","siteSpaceId":"sitesp_5JzLA","description":"","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"System"},{"label":"Upgrade"},{"label":"Firmware"}]},{"id":"krui2sUkcNhlYaSVReDO","title":"Management app","pathname":"/hem-api/reference/api-reference/system/upgrade/management-app","siteSpaceId":"sitesp_5JzLA","description":"These operations (on Encedo PPA only) allow the build-in management application to be upgraded. This includes integrity and signature validation allowing only a legitimate application to be installed.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"System"},{"label":"Upgrade"}]},{"id":"qqjRqQEpdTTOX6GdMJ2o","title":"Reboot","pathname":"/hem-api/reference/api-reference/system/reboot","siteSpaceId":"sitesp_5JzLA","description":"This operation reboots the device, effectively invalidating all issued access tokens (JWT_TOKEN).","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"System"}]},{"id":"gzmRHn08G22cLMQPHdNH","title":"Shutdown","pathname":"/hem-api/reference/api-reference/system/shutdown","siteSpaceId":"sitesp_5JzLA","description":"This operation shutdown the device, effectively stopping API and securing the chip in a safe state.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"System"}]},{"id":"3Tv38nlFsgcfJ1HX7dY4","title":"Self-test","pathname":"/hem-api/reference/api-reference/system/self-test","siteSpaceId":"sitesp_5JzLA","description":"This operation performs an internal full self-test of the device's critical components, including cryptography primitives, random number generator and key repository integrity.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"System"}]},{"id":"NGqdjwT3IhOjqJ8WBf2h","title":"Authorization","pathname":"/hem-api/reference/api-reference/authorization","siteSpaceId":"sitesp_5JzLA","description":"","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"}]},{"id":"hJ53wvIy6aKyYJaj54QC","title":"Initialisation","pathname":"/hem-api/reference/api-reference/authorization/initialisation","siteSpaceId":"sitesp_5JzLA","description":"Encedo HEM needs to be initialised before it's usable. This process is called Personalisation, and these two API endpoints are dedicated to this operation.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Authorization"}]},{"id":"jkrDYwGLJsiHLnMnODkK","title":"User authentication","pathname":"/hem-api/reference/api-reference/authorization/user-authentication","siteSpaceId":"sitesp_5JzLA","description":"Those endpoints allow to authenticate the User or Master based on passphrase.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Authorization"}]},{"id":"UtqESzfa8QRlZehDpQGZ","title":"External authenticator","pathname":"/hem-api/reference/api-reference/authorization/external-authenticator","siteSpaceId":"sitesp_5JzLA","description":"","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Authorization"}]},{"id":"LJAuL0kNmpGa2mipiRhT","title":"Registration","pathname":"/hem-api/reference/api-reference/authorization/external-authenticator/registration","siteSpaceId":"sitesp_5JzLA","description":"Those endpoints allow to register a external authenticator, like Encedo Mobile Authenticator.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Authorization"},{"label":"External authenticator"}]},{"id":"wlxthlj5o3JIqoAqJoj9","title":"Authentication","pathname":"/hem-api/reference/api-reference/authorization/external-authenticator/authentication","siteSpaceId":"sitesp_5JzLA","description":"Those endpoints allow to authenticate based by External Authenticator.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Authorization"},{"label":"External authenticator"}]},{"id":"RO0JCr33Bntbh0a2zsyB","title":"Key Management","pathname":"/hem-api/reference/api-reference/key-management","siteSpaceId":"sitesp_5JzLA","description":"","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"}]},{"id":"OAy09OZsBO6kzVN2FknW","title":"Create a key","pathname":"/hem-api/reference/api-reference/key-management/create-a-key","siteSpaceId":"sitesp_5JzLA","description":"This key management operation allows the creation of a new key and saving it inside the device's secure repository.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Key Management"}]},{"id":"ZR7sSKCHqp6uS6cBUqW4","title":"Derive a key","pathname":"/hem-api/reference/api-reference/key-management/derive-a-key","siteSpaceId":"sitesp_5JzLA","description":"This key management operation allows to derive a new key and save it inside the device's secure repository.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Key Management"}]},{"id":"uh8pf0q8NkJOwmHFbwjL","title":"Import a key","pathname":"/hem-api/reference/api-reference/key-management/import-a-key","siteSpaceId":"sitesp_5JzLA","description":"This key management operation allows importing of a public key to the keys repository and treats it as a trusted key afterwards.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Key Management"}]},{"id":"VHTIxuLgU4dzviLZuklG","title":"Update a key","pathname":"/hem-api/reference/api-reference/key-management/update-a-key","siteSpaceId":"sitesp_5JzLA","description":"This key management operation allows updating the key label or description fields.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Key Management"}]},{"id":"MRdY2hmAdJL48ez4xgBG","title":"Delete a key","pathname":"/hem-api/reference/api-reference/key-management/delete-a-key","siteSpaceId":"sitesp_5JzLA","description":"This key management operation allows the deletion of a key stored inside the device's secure repository.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Key Management"}]},{"id":"x3fZrCKmZEoKjrdvTui2","title":"Get a public key","pathname":"/hem-api/reference/api-reference/key-management/get-a-public-key","siteSpaceId":"sitesp_5JzLA","description":"This key management operation allows retrieving the public key of an asymmetric key stored inside the device's secure repository.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Key Management"}]},{"id":"DiOwm8Zth2f12ioBrXrG","title":"List the keys","pathname":"/hem-api/reference/api-reference/key-management/list-the-keys","siteSpaceId":"sitesp_5JzLA","description":"This key management operation allows the listing of the keys from the repository.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Key Management"}]},{"id":"5mbCv5XXYHWzVFn2ugKm","title":"Search a key","pathname":"/hem-api/reference/api-reference/key-management/search-a-key","siteSpaceId":"sitesp_5JzLA","description":"This key management operation allows searching the repository for a key based on the key 'descr' field.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Key Management"}]},{"id":"i9BKE7ISRMmrFJn1Rr9h","title":"Cryptography operations","pathname":"/hem-api/reference/api-reference/cryptography-operations","siteSpaceId":"sitesp_5JzLA","description":"","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"}]},{"id":"MTjewrqSAJcngLER2Otf","title":"HMAC","pathname":"/hem-api/reference/api-reference/cryptography-operations/hmac","siteSpaceId":"sitesp_5JzLA","description":"Those basic cryptography operations allow the calculation and verify HMAC messages.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Cryptography operations"}]},{"id":"5fLDwgFYy1gjQSrWz9gt","title":"ExDSA","pathname":"/hem-api/reference/api-reference/cryptography-operations/exdsa","siteSpaceId":"sitesp_5JzLA","description":"Those basic cryptography operations allow the calculation and verify ExDSA signatures. ECDSA and EdDSA are supported.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Cryptography operations"}]},{"id":"ZuDxGwQCLKmYoiYDtZv7","title":"ECDH","pathname":"/hem-api/reference/api-reference/cryptography-operations/ecdh","siteSpaceId":"sitesp_5JzLA","description":"This basic cryptography operation allows the calculation of the ECDH between a trusted key or by an external public key.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Cryptography operations"}]},{"id":"NtvQWuio3SleouJx0IWp","title":"Encryption","pathname":"/hem-api/reference/api-reference/cryptography-operations/encryption","siteSpaceId":"sitesp_5JzLA","description":"","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Cryptography operations"}]},{"id":"YlpjY3ezHm3vKrNmwyuT","title":"Encryption/Decryption","pathname":"/hem-api/reference/api-reference/cryptography-operations/encryption/encryption-decryption","siteSpaceId":"sitesp_5JzLA","description":"These two endpoint implements the encryption and decryption of short data message using the AES scheme.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Cryptography operations"},{"label":"Encryption"}]},{"id":"OqyotJTHWqISnfVAlVRR","title":"Wrap/Unwrap","pathname":"/hem-api/reference/api-reference/cryptography-operations/encryption/wrap-unwrap","siteSpaceId":"sitesp_5JzLA","description":"These two endpoint implements the NIST Key Wrapping scheme.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Cryptography operations"},{"label":"Encryption"}]},{"id":"87vOMHOYvIAb6vLe27Or","title":"Post-Quantum Cryptography","pathname":"/hem-api/reference/api-reference/cryptography-operations/post-quantum-cryptography","siteSpaceId":"sitesp_5JzLA","description":"This section contains modern Post-Quantum Cryptography algorithms recently approved by the NIST.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Cryptography operations"}]},{"id":"udlk6jOBcKNYfuMT01Ym","title":"ML-DSA","pathname":"/hem-api/reference/api-reference/cryptography-operations/post-quantum-cryptography/ml-dsa","siteSpaceId":"sitesp_5JzLA","description":"These two basic cryptography operations allow the calculation and verification of the ML-DSA signatures.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Cryptography operations"},{"label":"Post-Quantum Cryptography"}]},{"id":"KdJJ3LO8PkicDJlA0T2A","title":"ML-KEM","pathname":"/hem-api/reference/api-reference/cryptography-operations/post-quantum-cryptography/ml-kem","siteSpaceId":"sitesp_5JzLA","description":"This section describes two endpoints functional for key-encapsulation PQC operations - ML-KEM, FIPS 203 compliant.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"},{"label":"Cryptography operations"},{"label":"Post-Quantum Cryptography"}]},{"id":"BedVV2z5li0AG4W5svU1","title":"Audit log","pathname":"/hem-api/reference/api-reference/audit-log","siteSpaceId":"sitesp_5JzLA","description":"Get an audit log signing key (all configuration) and on Encedo PPA only get a log list & files.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"}]},{"id":"2p8bvqmjCcZPHqOTct5k","title":"Storage","pathname":"/hem-api/reference/api-reference/storage","siteSpaceId":"sitesp_5JzLA","description":"These endpoints controls two embedded Flash Drives - regular and encrypted, available on Encedo PPA only.","breadcrumbs":[{"label":"Reference"},{"label":"API Reference"}]}]}