The deactivation message generation functionality is only applicable to hardware or software Digipass authenticators compliant with the multi-device two-step activation (in the context of multi-device licensing). For more information, refer to the Authentication Suite Server SDK Product Guide.
In addition, the deactivation message generation is only applicable if the Secure Channel feature has been ordered (configured by OneSpan at the time of order).
Function prototype
aat_int32 AAL2GenMessageDeactivation (
aat_ascii *PKBlob,
TKernelParms *CallParms,
aat_ascii *MessageVector,
aat_int32 *SeqNum,
aat_ascii *DeactivationMessage,
aat_ascii *DeactivationMessageLength);
Description
This function generates a deactivation message from a sequence number, using the payload key embedded into the payload key BLOB.
It is only applicable to hardware or software Digipass authenticators compliant with the multi-device two-step activation (in the context of multi-device licensing). For more information, refer to the Authentication Suite Server SDK Product Guide.
The payload key BLOB must be the one corresponding to the Digipass serial number the deactivation message will target.
The deactivation message generation is only applicable if the Secure Channel feature has been ordered (configured by OneSpan at the time of order).
Parameters
Table: Parameters (AAL2GenMessageDeactivation) | Type | Name | Use | Description |
|---|
| aat_ascii * | PKBlob | I | Contains the payload key BLOB that has been generated for the Digipass instances activated with a particular serial number license. |
| TKernelParms * | CallParms | I | Structure of runtime parameters to use during this function call. |
| aat_ascii * | MessageVector | I | A string of up to 26+1 characters containing the message parameter settings, null-terminated (obtained during import). |
| aat_int32 | SeqNum | I | Integer containing the sequence number of the Digipass instance to deactivate. |
| aat_ascii * | DeactivationMessage | O | String of up to 50+1 hexadecimal characters, null-terminated. In case of a successful operation, this parameter contains the generated deactivation message. |
| aat_int32 * | DeactivationMessageLength | I/O | In input, this parameter must indicate the size of the allocated buffer for the DeactivationMessage parameter (recommended 51 bytes). In output, this parameter indicates the length of the DeactivationMessage string (without the null-terminated character). |
Return codes
Table: Return codes (AAL2GenMessageDeactivation) | Code | Meaning | Code | Meaning |
|---|
| 0 | Success | 1286 | Invalid payload key pointer |
| 412 | Invalid checksum | 1288 | Invalid serial number prefix |
| 413 | Invalid Base64 format | 1289 | Invalid serial number suffix |
| 1118 | Unsupported BLOB | 1293 | Invalid sequence number pointer |
| 1119 | Unsupported payload key BLOB | 1302 | AES CTR encryption failed |
| 1266 | Invalid message vector pointer | 1307 | Invalid deactivation message pointer |
| 1267 | Invalid message vector length | 1308 | Invalid deactivation message length pointer |
| 1268 | Invalid message vector version | 1333 | Deactivation not supported |
| 1274 | Invalid message protocol version | 1335 | Invalid payload key type in payload key data |
| 1275 | Invalid message protection type | 1336 | Inconsistent payload key type between payload key data and message vector |
| 1285 | Master key derivation failed | | |