Function prototype
aat_int32 AAL2MXVerifyPassword (
void* HSMsession
TDigipassBlob* MXCardBlob,
TKernelParms* CallParms,
aat_int32 MXCardSequenceNumber,
aat_ascii* Challenge,
aat_ascii* Password,
aat_ascii* ReturnHostCode);
Description
This function verifies the password of a matrix card based on the matrix card sequence number and a challenge.
Parameters
Table: Parameters (AAL2MXVerifyPassword) | Type | Name | Use | Description |
|---|
| void* | HSMsession | I/O | Handle on an HSM session. |
| TDigipassBlob * | MXCardBlob | I/O | Matrix Card application BLOB. Upon return from the function call, this BLOB must be rewritten to the application database to reflect changes. |
| TKernelParms * | CallParms | I | Structure of runtime parameters to use during this function call. |
| aat_int32 | MXCard
Sequence
Number | I | Sequence number of the matrix card on up to four digits. |
| aat_ascii * | Challenge | I | Challenge generated by AAL2MXGenerateChallenge.- |
| aat_ascii * | Password | I | Password resulting from the concatenation of user authentication characters. |
| aat_ascii * | ReturnHostCode | O | Host code resulting from the concatenation of host authentication characters (recommended buffer size is 18 bytes). |
Return codes
Table: Return codes (AAL2MXVerifyPassword) | Code | Meaning | Code | Meaning |
|---|
| 0 | Success | 802 | Change password mandatory |
| 1 | Code not verified | 803 | New password too short |
| 2 | Static password validation failed | 804 | New password too long |
| 130 | Invalid response pointer | 1000 | Function does not support EMV-CAP |
| 131 | Missing required challenge | 1103 | Unlock Version 2 not supported |
| 132 | Unsupported token type | 1116 | Response check digit not allowed |
| 135 | Invalid challenge pointer | 1117 | Challenge check digit not allowed |
| 136 | Invalid ChallengeLength pointer | 1118 | Unsupported BLOB |
| 140 | Challenge corrupted | -101 | Challenge too short |
| 165 | Invalid response length | -102 | Challenge too long |
| 201 | Code replay attempt | -103 | Challenge check digit wrong |
| 202 | Identification error threshold reached | -105 | Challenge minimum length not allowed |
| 205 | Inactive days reached | -106 | Challenge maximum length not allowed |
| 208 | Application disabled | -107 | Challenge number wrong |
| 412 | Invalid checksum | -108 | Challenge character invalid |
| 413 | Invalid Base64 format | -201 | Response length out of bounds |
| 510 | Invalid Digipass data pointer | -202 | Response too short |
| 560 | Null output buffer | -203 | Response too long |
| 561 | Invalid matrix card sequence number | -204 | Response check digit wrong |
| 600 | Invalid Gordian root information | -205 | Response character not decimal |
| 601 | Invalid Gordian today information | -206 | Response character not hexadecimal |
| 602 | Invalid Gordian tomorrow information | -207 | Response character set not specified |
| 603 | Invalid Gordian stimulus information | -401 | Event most execution failed |