Login
    Contenu x
    AAL2GenDeriveTokenBlobsCmd
    • 22 Jan 2025
    • 2 Minutes à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    AAL2GenDeriveTokenBlobsCmd

    • Mis à jour le 22 Jan 2025
    • 2 Minutes à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    Function prototype

    aat_int32 AAL2GenDeriveTokenBlobsCmd(
                                     aat_byte        *Cmd,
                                     aat_int32       *CmdSize,
                                     TDigipassBlob   *DPData [8],
                                     TKernelParms    *CallParms,
                                     aat_int16        Appl_count,
                                     aat_ascii       *aStorageKeyNameIn,
                                     aat_ascii       *aIVIn,
                                     aat_ascii       *aChallengeIn,
                                     aat_ascii       *aDerivationCodeIn,
                                     aat_word32       DerivationCodeFormat);

    Description

    This function creates a command which directs the HSM to derive the Digipass data of a Software Digipass based on Digipass SDK 4.0 or higher for Software Digipass compliant with the standard one-step activation (in the context of single-device licensing); for more information, refer to the Authentication Suite Server SDK Product Guide, using the given data and to return a result in the form of a reply.

    The software Digipass data derivation on the HSM is identical to the functionality available with the Authentication Suite Server SDK Software Digipass Derivation Service. For information on the associated functions, refer to the Authentication Suite Server SDK C-C++ Programmer's Guide.

    This function must be used with the post-HSM API AAL2ProcDeriveTokenBlobsRpl.

    This function serializes an important amount of data. The Cmd buffer must be allocated with a sufficient size. For more information about the allocation of the Cmd and InReply buffers, refer to Cmd and InReply buffers allocation

    Parameters

     Table: Parameters (AAL2GenDeriveTokenBlobsCmd)
    TypeNameUseDescription
    aat_byte *CmdO

    Up to 1874 bytes that serialize the DERIVE TOKEN BLOBS command type and the input data to the derive token Blobs function on the HSM:

    • Command type - 2 bytes
    • An authenticator application BLOBs - up to 8x192 bytes
    • Runtime parameters - 80 bytes
    • ApplCount - 4 bytes
    • StorageKeyName - up to 128 characters
    • InitialVector - 8 bytes
    • Challenge - up to 17 characters
    • DerivationCode - up to 27 characters
    • DerivationCodeFormat - 4 bytes
    • Host time - 4 bytes

    Plus 64 bytes for Authentication Suite Server SDK internal use.

    aat_int32 *CmdSizeI/O

    On entry, this parameter contains the size of the Cmd buffer.On exit, this parameter contains the length of the Cmd message.

    TDigipassBlob * [8]DPData IArray of authenticator application BLOB pointers.
    TKernelParms *CallParmsI

    Structure of runtime parameters to use during this function call.

    aat_int16 Appl_count INumber of applications in the authenticator application BLOB array (1 to 8).
    aat_ascii *aStorageKey NameIn I

    String of up to 128+1 characters, left-justified, null-terminated, or right-padded with spaces. This is the label of the HSM storage key used to encrypt the sensitive Digipass application BLOB data.

    aat_ascii *aIVInI

    String of 16 hexadecimal characters, left-justified, null-terminated, or right-padded with spaces. This is the initial vector used to encrypt the sensitive authenticator application BLOB data.

    aat_ascii *aChallenge In I

    String of up to 17 numeric characters, left justified, null-terminated or right padded with spaces. This parameter holds the challenge that may have been proposed to the user to generate the DerivationCode (in case the first authenticator application BLOB is a Challenge/Response application).

    If no challenge is used to generate the derivation code, this parameter must be NULL.

    aat_ascii *aDerivationCodeInI

    String of up to 27+1 decimal or hexadecimal characters, null-terminated. This is the derivation code generated by the Digipass authenticator.

    This derivation code can contain hexadecimal characters if the OTP response output is hexadecimal.

    aat_word32DerivationCodeFormatIReserved. Must be set to 0.

    Return codes

     Table: Return codes (AAL2GenDeriveTokenBlobsCmd)
    CodeMeaningCodeMeaning
    0Success706Invalid data buffer pointer
    149Invalid initial vector length1000Function does not support EMV-CAP
    412Invalid checksum (software))1018Invalid TLV item pointer
    413Invalid Base64 format1025Data buffer too small
    510Invalid Digipass data pointer1110Invalid derivation code pointer
    590Invalid command pointer  
    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle