Login
    Contenu x
    VerifyPassword (function)
    • 23 Jan 2025
    • 1 Minute à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    VerifyPassword (function)

    • Mis à jour le 23 Jan 2025
    • 1 Minute à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    Function prototype

    aat_int32 VerifyPassword (
    TKernelParms*   CallParms,
    aat_ascii*      aPassword,
    aat_byte*       bSalt,
    aat_int32       SaltLength,
    aat_byte*       bStateDataBlock,
    aat_int32       StateDataBlockLength,
    aat_byte*       bHashDataBlock,
    aat_int32       HashDataBlockLength,
    aat_byte*       bKey,
    aat_int32*      KeyLength);

    Description

    This function verifies an OTP against the hashes in the given package. If the password is successfully validated, the function will release the decryption key which can be used to decrypt static credentials on the client side such as the static Windows password. In case of time-based algorithms, the caller is responsible for providing the package containing OTP hashes for the current time.

    Parameters

      Table: Parameters (VerifyPassword)
    TypeNameUseDescription
    TKernelParms*CallParmsIStructure of runtime parameters to use during this function call.
    aat_ascii*aPasswordIPassword to verify
    aat_byte*bSaltIThis parameter is used to further randomize the produced hashes. The same salt value is used to generate hashes of all the OTP values in the package.
    aat_int32SaltLengthI

    Length of the salt string parameter.

    Possible values: 1–512

    aat_byte*bStateDataBlockI/OData string of 64 bytes containing the last authenticator status.
    aat_int32StateDataBlockLengthILength of the allocated state data block.
    aat_byte*bHashDataBlockIHash data block list.
    aat_int32HashDataBlockLengthIHash data block list length.
    aat_byte*bKeyO16-byte key released in case of successful OTP validation
    aat_int32*KeyLengthOLength of the key

    Return codes

      Table: Return codes (VerifyPassword)
    CodeMeaning
    0Success
    1Authentication failed. The response does not match with any hash in the acceptance window.
    130Invalid password pointer
    132Unsupported token type. Only time- or event-based authenticators are supported.
    156Obsolete hash data block. The last used value in the state data block is greater than the max hash value.
    157Authentication failed. The hash data block does not cover the full acceptance window.
    158Invalid salt pointer
    159Invalid state data block pointer
    160Invalid hash data block pointer
    161Invalid key pointer
    162Salt buffer too big. The maximum salt length is 512 bytes.
    202Identification error threshold reached
    208Application disabled
    412Invalid checksum (hash or state data block)
    807Hash data block does not match with the state data block
    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle