AAL2GenSignatureICSF

Mis à jour le 22 Jan 2025
2 Minutes à lire

Partager
Sombre
Lumière
PDF

The content is currently unavailable in French. You are viewing the default English version.

Résumé de l’article

Avez-vous trouvé ce résumé utile ?

Merci pour vos commentaires

Function prototype

aat_int32 AAL2GenSignatureICSF(
                           TDigipassBlob*   DPData,
                           TKernelParms*    CallParms,
                           aat_ascii*       aStorageKeyNameIn,
                           aat_ascii*       aInitialVectorIn,
                           aat_ascii*       Signature,
                           aat_ascii        SignedDataFields[8][20],
                           aat_int32        FieldCount,
                           aat_int32        DeferredSignatureDate,
                           aat_ascii*       ConfirmationCode,
                           aat_int32*       ConfirmationCodeLength);

Description

If primary Virtual Mobile Authenticator is supported and activated for the given authenticator application BLOB, this function can be used to generate an e-signature. It is an extension of AAL2GenSignature, with the additional feature of integrating the confirmation code.

Parameters

Table: Parameters (AAL2GenSignatureICSF)
Type	Name	Use	Description
TDigipassBlob *	DPData	I/O	authenticator application BLOB. Upon return from the function call, this BLOB must be rewritten to the application database to reflect changes.
TKernelParms *	CallParms	I	Structure of runtime parameters to use during this function call.
aat_ascii *	aStorageKeyNameIn	I	String of up to 64+1 characters, left-justified, null-terminated, or right-padded with spaces. This is the label of the ICSF storage key used to encrypt the sensitive Digipass application BLOB data.
aat_ascii *	aInitialVectorIn	I	String of 16 hexadecimal characters, left-justified, null-terminated, or right-padded with spaces. This is the initial vector used to encrypt the sensitive authenticator application BLOB data.
aat_ascii *	Signature	O	String of up to 17 numeric or hexadecimal characters, left-justified, null-terminated, or right-padded with spaces. This is the dynamic password generated by the library (recommended buffer size is 18 bytes).
aat_ascii *	SignedDataFields	I	Array of 8 left-justified, null-terminated, or space-padded strings of max. 20 characters. This parameter holds the 8 possible data fields that are entered into the Digipass authenticator to generate a signature. Digipass data fields are limited to 16 decimal, hexadecimal, or alphabetic characters.
aat_int32	FieldCount	I	Numeric value from 1 to 8 indicating the number of data fields to use from the aSignedDataFieldsIn array.
aat_int32	DeferredSignatureDate	I	Must be 0 if signature is generated in online mode (OnlineSG=1 or 2). If signature is generated in offline mode with OnlineSG=0 or 3, this parameter can receive the date for the signature generation (number of elapsed seconds since January 1st 1970) or 0 (with 0, the current time is used).
aat_ascii *	ConfirmationCode	O	String of up to 17 numeric or hexadecimal characters, left-justified, null-terminated, or right-padded with spaces. This is the confirmation code generated by Authentication Suite Server SDK (recommended buffer size is 18 bytes).
aat_int32 *	ConfirmationCodeLength	O	Pointer to a long integer that indicates the length of the generated confirmation code.

COBOL calling convention

Entry point: AA2VGSIC
02   W-BLOB             PIC X(248).
02   W-KERNELPARMS.
     03   W-PARMCOUNT   PIC 9(8) USAGE BINARY.
     03   W-PARM01      PIC 9(8) USAGE BINARY.
     . . .
     03   W-PARM19      PIC 9(8) USAGE BINARY.
02   W-CONFCODE         PIC X(17).
02   W-CONFCODE-LENGTH  PIC 9(8) USAGE BINARY.
02   W-RETURN           PIC S9(8) USAGE BINARY.
02   W-SIGNATURE        PIC X(17).
02   W-SIGNED-DATA      PIC X(20) OCCURS 8.
02   W-FIELDCOUNT       PIC 9(8) USAGE BINARY.
02   W-SIGNATUREDATE    PIC 9(8) USAGE BINARY.
02   W-STORAGEKEY       PIC X(65).
02   W-INITVECTOR       PIC X(17).
02   W-API-NAME         PIC X(8) VALUE 'AA2VGSIC'.
. . .
     CALL W-API-NAME USING
           BY REFERENCE W-BLOB
           BY REFERENCE W-KERNELPARMS
           BY REFERENCE W-STORAGEKEY
           BY REFERENCE W-INITVECTOR
           BY REFERENCE W-SIGNATURE
           BY REFERENCE W-SIGNED-DATA
           BY VALUE W-FIELDCOUNT
           BY VALUE W-SIGNATUREDATE
           BY REFERENCE W-CONFCODE
           BY REFERENCE W-CONFCODE-LENGTH
           RETURNING W-RETURN

Return codes

Table: Return codes (AAL2GenSignatureICSF)
Code	Meaning	Code	Meaning
0	Success	908	HSM key not found
130	Invalid response pointer	951	Invalid HSM key type for HSM decryption
131	Missing required challenge	1000	Function does not support EMV-CAP
140	Challenge corrupted	1103	Unlock Version 2 not supported
141	Invalid field count	1104	Virtual token is not a primary token
148	Invalid data field pointer	1116	Response check digit not allowed
203	Sign error threshold reached	1117	Challenge check digit not allowed
208	Application disabled	1118	Unsupported BLOB
209	Grace period expired	-101	Challenge too short
210	Allowed use count reached	-102	Challenge too long
211	Virtual token not supported	-103	Challenge check digit wrong
412	Invalid checksum	-105	Challenge minimum length not allowed
413	Invalid Base64 format	-106	Challenge maximum length not allowed
414	Invalid checksum (HSM)	-107	Challenge number wrong
510	Invalid Digipass data pointer	-108	Challenge character invalid
900	Invalid session context handle	-1501	Memory allocation failed

Cet article vous a-t-il été utile ?

What's Next

AAL2GenUnlockAuthCodeICSF

Table des matières

Function prototype
Description
Parameters
COBOL calling convention
Return codes