AAL2ProcVerifyDeviceCodeRpl

Mis à jour le 23 Jan 2025
2 Minutes à lire

Partager
Sombre
Lumière
PDF

The content is currently unavailable in French. You are viewing the default English version.

Résumé de l’article

Avez-vous trouvé ce résumé utile ?

Merci pour vos commentaires

Function prototype

aat_int32 AAL2ProcVerifyDeviceCodeRpl(
                                      aat_byte        *InReply,
                                      aat_int32        ReplySize,
                                      TDigipassBlob   *DPMAData,
                                      aat_ascii       *DeviceID,
                                      aat_int32       *DeviceIDLength,
                                      aat_int32       *pDeviceType);

Description

This function processes a reply from the HSM to a device code validation command which has been generated with AAL2GenVerifyDeviceCodeCmd.

The device code validation on the HSM is identical to the functionality available with the Authentication Suite Server SDK Software Digipass Multi-Device Activation Service. For information on the associated functions, refer to the Authentication Suite Server SDK C-C++ Programmer's Guide.

Score-based Digipass

For Digipass devices that integrate the score-based algorithm, the HSM module performs a score-based authentication to validate the device code. This allows retrieving the Digipass scoring value. Once the HSM module has successfully validated the device code, it returns either SUCCESS or SUCCESS with the relevant scoring warning code. See return codes in Table: Return codes (AAL2ProcVerifyDeviceCodeRpl) for more details.

Parameters

Table: Parameters (AAL2ProcVerifyDeviceCodeRpl)
Type	Name	Use	Description
aat_byte *	InReply	I	String of up to 218 bytes that contain the VERIFY DEVICE CODE command type and the output data from the verify device code function on the HSM: Command type - 2 bytes Digipass Master Activation application BLOB - 192 bytes DeviceID - 8 bytes Return code - 4 bytes Plus 12 bytes for Authentication Suite Server SDK internal use.
aat_int32	ReplySize	I	The length of the InReply message.
TDigipassBlob	DPMAData	O	Digipass master activation application BLOB of the Digipass serial number license that will be used for the activation. Upon return from the function call, this BLOB must be rewritten to the application database to reflect changes.
aat_ascii *	DeviceID	O	Output string of 8+1 hexadecimal characters, null-terminated. If the device code has been successfully verified, this parameter contains the value of the Digipass device ID.
aat_int32 *	DeviceIDLength	I/O	In input, this parameter must indicate the size of the allocated buffer for the DeviceID parameter (recommended 9 bytes). In output, this parameter indicates the length of the DeviceID string (without the null-terminated character).
aat_int32 *	pDeviceType	O	In output, this parameter contains the Digipass device type if the device code has been successfully verified (from 0 to 31).

Table: List of device type values and definitions

Value

Definition

Value

Definition

0	Hardware device	13	BlackBerry Native
1	Unknown software platform	15	MIDP2 Platform or BB Java
3	iOS	17	Windows
5	Jailbroken iOS	19	Linux
7	Android	21	Mac
9	Rooted Android	Other	RFU
11	Windows Phone

Return codes

Table: Return codes (AAL2ProcVerifyDeviceCodeRpl)
Code	Meaning	Code	Meaning
0	Success	1019	Missing mandatory TLV item
10001	Success with context warning*	1025	Buffer too small
10002	Success with user warning*	1039	Invalid response length with DP algorithm
10003	Success with user & context warning*	1040	Invalid host code length with DP algorithm
10004	Success with platform warning*	1103	Unlock Version 2 not supported
10005	Success with platform & context warning*	1116	Response check digit not allowed
10006	Success with platform & user warning*	1117	Challenge check digit not allowed
10007	Success with platform & user & context warning*	1118	Unsupported BLOB
1	Code not verified	1263	Device ID buffer too small
2	Static password validation failed	1264	Invalid master application
140	Challenge corrupted	1265	Invalid master application data pointer
201	Code replay attempt	1277	Invalid device ID pointer
202	Identification error threshold reached	1278	Invalid device ID length pointer
205	Inactive days reached	1280	Invalid device type pointer
208	Application disabled	1281	Invalid device code length
272	Invalid wrapped key	1282	Invalid device code check digit
412	Invalid checksum (software)	1283	Invalid device code character
413	Invalid Base64 format	1284	Invalid device code
414	Invalid checksum (HSM)	1285	Master key derivation failed
600	Invalid Gordian root information	-102	Challenge too long
601	Invalid Gordian today information	-103	Challenge check digit wrong
602	Invalid Gordian tomorrow information	-105	Challenge minimum length not allowed
603	Invalid Gordian stimulus information	-106	Challenge maximum length not allowed
701	Invalid input buffer pointer	-107	Challenge number wrong
910	Invalid HSM command in reply	-108	Challenge character invalid
912	HSM invalid BLOB status	-201	Response length out of bounds
913	Invalid HSM key property	-205	Response character not decimal
951	Invalid HSM key type for HSM decryption	-206	Response character not hexadecimal
1009	Invalid TLV total length	-207	Response character set not specified
1018	Invalid TLV item pointer

* Specific score-based authentication codes; for more information, refer to Score-based Digipass.

Cet article vous a-t-il été utile ?

What's Next

Conceptual description

Table des matières

Function prototype
Description
Parameters
Return codes