Function prototype
aat_int32 AAL2ChangeEncryptedStaticPassword (
TDigipassBlob* DPData,
TKernelParms* CallParms,
aat_ascii* Challenge,
aat_ascii* CESPR);
Description
This function is used with a Digipass authenticator that can use encrypted static passwords (e.g. Digipass 110). It utilizes an operating mode compliant only with the software authenticator Digipass 110 and will not work with hardware authenticators, as for example Digipass GO 1. Thus, administrators can provide a new static password in an encrypted format on a mandatory basis. As this function is critical, only an authenticated user should be able use it.
Unlike AAL2ChangeStaticPassword, AAL2ChangeEncryptedStaticPassword does not contain the new static password as clear-text parameter. The new static password is encrypted in the change-encrypted-static-password request.
For a list of the characters that can be used for the new static password, see Supported new static password charset.
Parameters
Table: Parameters (AAL2ChangeEncryptedStaticPassword) | Type | Name | Use | Description |
|---|
| TDigipassBlob * | DPData | I/O | authenticator application BLOB. Upon return from the function call, this BLOB must be rewritten to the application database to reflect changes. |
| TKernelParms * | CallParms | I | Structure of runtime parameters to use during this function call. |
| aat_ascii * | Challenge | I | String of 16 numeric characters, left-justified, null-terminated or right-padded with spaces. This parameter holds the challenge that was proposed to the user to generate the CESPR. This parameter is mandatory. |
| aat_ascii * | CESPR | I | 16 hexadecimal characters, left-justified, null-terminated or right-padded with spaces. This parameter is the change-encrypted-static-password request generated by the Digipass 110 applet. |
Return codes
Table: Return codes (AAL2ChangeEncryptedStaticPassword) | Code | Meaning | Code | Meaning |
|---|
| 0 | Success | 809 | Encrypted static password not supported |
| 131 | Missing required challenge | 1000 | Function does not support EMV-CAP |
| 166 | Missing required CESPR | 1103 | Unlock Version 2 not supported |
| 167 | Input data corrupted (challenge or CESPR)) | 1118 | Unsupported BLOBBLOB |
| 169 | CESPR character invalid | -101 | Challenge too short |
| 412 | Invalid checksum software | -102 | Challenge too long |
| 413 | Invalid Base64 format | -151 | CESPR too short |
| 510 | Invalid Digipass data pointer | -152 | CESPR too long |
| 803 | New encrypted static password too short | -1501 | Memory allocation failed |
| 804 | New encrypted static password too long | | |