Login
    Contenu x
    AAL2UnlockICSF
    • 22 Jan 2025
    • 1 Minute à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    AAL2UnlockICSF

    • Mis à jour le 22 Jan 2025
    • 1 Minute à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    Function prototype (aal2sdk.h)

    aat_int32 AAL2UnlockICSF (
                      TDigipassBlob*   DPBlob,
                      TKernelParms*    CallParms,
                      aat_ascii*       aStorageKeyNameIn,
                      aat_ascii*       aInitialVectorIn,
                      aat_ascii*       aRandomNumberIn,
                      aat_ascii*       aUnlockCode);

    Description

    If a user's Digipass authenticator is locked because of wrong PIN entries, the Digipass administrator will be able to unlock the Digipass authenticator using this function. It obtains the initialized unlock information of the user's Digipass authenticator from the authenticator application BLOB and performs the unlock code calculation.

    This function generates an unlock code that the user enters in their Digipass authenticator in response to the currently displayed random number.

    Parameters

    The memory management of the output parameters must be performed by the calling function.

      Table: Parameters (AAL2UnlockICSF)
    TypeNameUseDescription
    TDigipassBlob *DPBlobI/Oauthenticator application BLOB.
    TKernelParms *CallParmsIStructure of run time parameters to use during the HSM unlock function call.
    aat_ascii *aStorageKeyNameInI

    String of up to 64+1 characters, left-justified, null-terminated, or right-padded with spaces. This is the label of the HSM storage key used to encrypt the sensitive authenticator applicationBLOB data.

    aat_ascii *aInitialVectorInIString of 16 hexadecimal characters, left-justified, null-terminated, or right-padded with spaces. This is the initial vector used to encrypt the sensitive authenticator application BLOB data.
    aat_ascii *aRandomNumberInIUp to 8 numeric characters, null terminated or padded with spaces. This parameter holds the random number that is generated and displayed by a Digipass authenticator when it gets locked - the Unlock challenge.
    aat_ascii *aUnlockCodeO7 or 8 numeric characters, which the user will have to enter on the Digipass authenticator to unlock it.

    COBOL calling convention

    Entry point: AA2ULKIC
02   W-BLOB              PIC X(248).
02   W-KERNELPARMS.
     03   W-PARMCOUNT    PIC 9(8) USAGE BINARY.
     03   W-PARM01       PIC 9(8) USAGE BINARY.
     . . .
     03   W-PARM19       PIC 9(8) USAGE BINARY.
02   W-RANDOM-NBR        PIC X(9).
02   W-UNLOCK-CODE       PIC X(9).
02   W-STORAGEKEY        PIC X(65).
02   W-INITVECTOR        PIC X(17).
02   W-RETURN            PIC S9(8) USAGE BINARY.
02   W-API-NAME          PIC X(8) VALUE 'AA2ULKIC'.
. . .
     CALL W-API-NAME USING
           BY REFERENCE W-BLOB
           BY REFERENCE W-KERNELPARMS
           BY REFERENCE W-STORAGEKEY
           BY REFERENCE W-INITVECTOR
           BY REFERENCE RANDOM-NBR
           BY REFERENCE UNLOCK-CODE
           RETURNING W-RETURN

    Return codes

      Table: Return codes (AAL2UnlockICSF)
    CodeMeaningCodeMeaning
    0Success908HSM key not found
    133Invalid RandomNumber pointer951Invalid HSM key type for HSM decryption
    134Invalid UnlockCode pointer1000Function does not support EMV-CAP
    138Unlock function not supported1104Virtual token is not a primary token
    208Application disabled1116Response check digit not allowed
    209Grace period expired1117Challenge check digit not allowed
    210Allowed use count reached1118Unsupported BLOB
    211Virtual token not supported-101Random number too small
    412Invalid checksum-102Random number too long
    413Invalid Base64 format-103Random number check digit wrong
    414Invalid checksum (HSM)-104Random number character not decimal
    510Invalid Digipass data pointer-310Invalid reserved parameter
    900Invalid session context handle-1501Memory allocation failed
    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle