This function processes a reply from the HSM after to a command which has been generated either with AAL2GenSyncTokenAndHostCmd or AAL2GenSyncTokenAndHostCmdEx.
The Digipass token and host synchronization on the HSM is identical to the functionality available with the Authentication Suite Server SDK Software Digipass Management Service. For information on the associated functions, refer to the Authentication Suite Server SDK C-C++ Programmer's Guide.
Score-based Digipass
For Digipass devices that integrate the score-based algorithm, the HSM module performs a score-based authentication which allows retrieving the Digipass scoring value. Once the HSM module has successfully validated the two consecutive passwords, it returns either SUCCESS or SUCCESS with the relevant scoring warning code. See the return codes in Table: Return codes (AAL2ProcSyncTokenAndHostRpl) for more details.
Parameters
Table: Parameters (AAL2ProcSyncTokenAndHostRpl)
Type
Name
Use
Description
aat_byte *
InReply
I
Up to 206 bytes that contain the SYNC TOKEN AND HOST command type and the output data from the verify password function on the HSM:
Command type - 2 bytes
An authenticator application BLOB - 192 bytes
Return code - 4 bytes
Plus 8 bytes for Authentication Suite Server SDK internal use.
aat_int32
ReplySize
I
The length of the InReply message.
TDigipassBlob *
DPData
O
authenticator application BLOB. Upon return from the function call, this BLOB must be rewritten to the application database to reflect changes.
Return codes
Table: Return codes (AAL2ProcSyncTokenAndHostRpl)
Code
Meaning
Code
Meaning
0
Success
802
Change password mandatory
10001
Success with context warning*
803
New password too short
10002
Success with user warning*
804
New password too long
10003
Success with user & context warning*
908
Invalid key ID specified to decrypt the BLOB
10004
Success with platform warning*
910
Invalid command type in reply
10005
Success with platform & context warning *
912
HSM Invalid BLOB Status
10006
Success with platform & user warning*
913
Invalid HSM key property
10007
Success with platform & user & context warning*
951
Invalid HSM key type for HSM decryption
1
Code not verified
1009
Invalid TLV total length
2
Static password validation failed
1018
Invalid TLV item pointer
131
Missing required challenge
1019
Missing mandatory TLV item
132
Unsupported token type
1025
Data buffer too small
140
Challenge corrupted
1039
Invalid response length with DP algorithm
201
Code replay attempt
1040
Invalid host code length with DP algorithm
202
Identification error threshold reached
1118
Unsupported BLOB
205
Inactive days reached
-101
Challenge too short
208
Application disabled
1103
Unlock Version 2 not supported
272
Invalid wrapped key
-102
Challenge too long
412
Invalid checksum (software)
-103
Challenge check digit wrong
413
Invalid Base64 format
-104
Challenge character not decimal
414
Invalid checksum (HSM)
-108
Challenge character invalid
510
Invalid Digipass data pointer
-201
Response length out of bounds
600
Invalid Gordian root information
-202
Response too short
601
Invalid Gordian today information
-203
Response too long
602
Invalid Gordian tomorrow information
-204
Response check digit wrong
603
Invalid Gordian stimulus information
-205
Response character not decimal
701
Invalid input buffer pointer
-206
Response character not hexadecimal
* Specific score-based authentication codes; for more information, refer to Score-based Digipass.
Cet article vous a-t-il été utile ?
Merci pour vos commentaires! Notre équipe vous répondra
