Function prototype
aat_int32 AAL2GenVerifyDeviceCodeCmd(
aat_byte *Cmd,
aat_int32 *CmdSize,
TDigipassBlob *DPMAData,
TKernelParms *CallParms,
aat_ascii *aStorageKeyNameIn,
aat_ascii *aIVIn,
aat_ascii *Challenge,
aat_ascii *DeviceCode);
Description
This function creates a command that directs the HSM to verify a device code generated by Digipass using the given data, and to return a result in the form of a reply.
It is only applicable to hardware or software Digipass authenticators compliant with the multi-device two-step activation (in the context of multi-device licensing). For more information, refer to the Authentication Suite Server SDK Product Guide.
The device code validation on the HSM is identical to the functionality available with the Authentication Suite Server SDK Software Digipass Multi-Device Activation Service. For information on the associated functions, refer to the Authentication Suite Server SDK C-C++ Programmer's Guide.
This function must be used with the post-HSM API AAL2ProcVerifyDeviceCodeRpl.
Parameters
Table: Parameters (AAL2GenVerifyDeviceCodeCmd) | Type | Name | Use | Description |
|---|
| aat_byte * | Cmd | O | Up to 485 bytes that serialize the VERIFY DEVICE CODE command type and the input data to the verify device code function on the HSM: - Command type - 2 bytes
- Digipass Master Activation application BLOB - 192 bytes
- Runtime parameters - 80 bytes
- StorageKeyName - up to 128 characters
- InitialVector - 8 bytes
- Challenge - up to 16 characters
- DeviceCode - up to 27 characters
- Host time - 4 bytes
Plus 28 bytes for Authentication Suite Server SDK internal use. |
| aat_int32 * | CmdSize | I/O | On entry, this parameter contains the size of the Cmd buffer.On exit, this parameter contains the length of the Cmd message. |
| TDigipassBlob | DPMAData | I | Digipass master activation application BLOB of the Digipass serial number license that will be used for the activation. |
| TKernelParms * | CallParms | I | Structure of runtime parameters to use during this function call. |
| aat_ascii * | aStorageKey NameIn | I | String of up to 128+1 characters, left-justified, null-terminated, or right-padded with spaces. This is the label of the HSM storage key used to encrypt the sensitive Digipass application BLOB data. |
| aat_ascii * | aIVIn | I | String of 16 hexadecimal characters, left-justified, null-terminated, or right-padded with spaces. This is the initial vector used to encrypt the sensitive authenticator application BLOB data. |
| aat_ascii * | Challenge | I | Optional string of 16 numeric or hexadecimal characters, left-justified, null-terminated, or right-padded with spaces. This parameter must hold the challenge that was used initially to generate Activation Message 1. If no challenge was used to generate Activation Message 1, this parameter must be NULL. |
| aat_ascii * | DeviceCode | I | String of up to 26+1 characters, null-terminated. It contains the device code generated by the Digipass device. |
Return codes
Table: Return codes (AAL2GenVerifyDeviceCodeCmd) | Code | Meaning | Code | Meaning |
|---|
| 0 | Success | 1000 | Function does not support EMV-CAP |
| 149 | Invalid initial vector length | 1018 | Invalid TLV item pointer |
| 412 | Invalid checksum (software) | 1025 | Buffer too small |
| 413 | Invalid Base64 format | 1265 | Invalid master application data pointer |
| 590 | Invalid command pointer | 1276 | Invalid device code pointer |
| 706 | Invalid data buffer pointer | | |