This function extends AAL2GenSyncTokenAndHostCmd. With this function, you can address the HSM storage key by name and to specify an initial vector. The initial vector is used during the 3DES/AES encryption of the sensitive authenticator application BLOB data.
The Digipass token and host synchronization on the HSM is identical to the functionality available with the Authentication Suite Server SDK Software Digipass Management Service. For information on the associated functions, refer to the Authentication Suite Server SDK C-C++ Programmer's Guide.
This function must be used with the post-HSM API AAL2ProcSyncTokenAndHostRpl.
Parameters
Table: Parameters (AAL2GenSyncTokenAndHostCmdEx)
Type
Name
Use
Description
aat_byte *
Cmd
O
Up to 566 bytes that serialize the SYNC TOKEN AND HOST command type and the input data to the synchronize token and host function on the HSM:
Command type - 2 bytes
An authenticator applicationBLOB - 192 bytes
Runtime parameters - 80 bytes
StorageKeyName - up to 128 characters
InitialVector - 8 bytes
Password 1 - up to 41 characters
Challenge 1 - up to 17 characters
Password 2- up to 41 characters
Challenge 2- up to 17 characters
Host time- 4 bytes
Plus 36 bytes for Authentication Suite Server SDK internal use.
aat_int32 *
CmdSize
I/O
On entry, this parameter contains the size of the Cmd buffer.On exit, this parameter contains the length of the Cmd message.
TDigipassBlob *
DPData
I
authenticator applicationBLOB.
TKernelParms *
CallParms
I
Structure of runtime parameters to use during this function call.
aat_ascii *
aStorageKeyNameIn
I
String of up to 128+1 characters, left-justified, null-terminated, or right-padded with spaces. This is the label of the HSM storage key used to encrypt the sensitive Digipass application BLOB data.
aat_ascii *
aIVIn
I
String of 16 hexadecimal characters, left-justified, null-terminated, or right-padded with spaces. This is the initial vector used to encrypt the sensitive authenticator application BLOB data.
aat_ascii *
aResponse In
I
String of up to 17+24 numeric or hexadecimal characters, left-justified, null-terminated or right-padded with spaces. This is the first dynamic password generated by the Digipass authenticator.
aat_ascii *
aChallenge In
I
String of up to 17 numeric characters, left-justified, null-terminated, or right-padded with spaces. This parameter holds the challenge that was proposed to the user to generate CodeToVerify. If no challenge was generated, this parameter should be NULL.
aat_ascii *
aResponse2 In
I
String of up to 17+24 numeric or hexadecimal characters, left-justified, null-terminated or right-padded with spaces. This is the second dynamic password generated by the Digipass authenticator.
aat_ascii *
aChallenge2 In
I
String of up to 17 numeric characters, left-justified, null-terminated, or right-padded with spaces. This parameter holds the challenge that was proposed to the user to generate CodeToVerify. If no challenge was generated, this parameter should be NULL.
