Availability: Authentication Suite Server SDK 4.0.2 and later
Service: Digipass Multi-Device Activation
Function prototype
aat_int32 AAL2GenVerifyDeviceCodeExCmd(
aat_byte *Cmd,
aat_int32 *CmdSize,
TDigipassBlob *DPMAData,
TKernelParms *CallParms,
aat_ascii *StorageKeyName,
aat_ascii *StorageIV,
aat_ascii *Challenge,
aat_ascii *SignedMessage,
aat_ascii *DeviceCode);Description
AAL2GenVerifyDeviceCodeExCmd() overloads AAL2GenVerifyDeviceCodeCmd(), exposing an additional SignedMessage parameter.
This function creates a command that directs the HSM to verify a device code generated by Digipass using the given data, and to return a result in the form of a reply.
It is only applicable to hardware or software Digipass authenticators compliant with the multi-device two-step activation (in the context of multi-device licensing).
The device code validation on the HSM is identical to the functionality available with the Software Digipass Multi-Device Activation service.
This function must be used with the post-HSM API AAL2ProcVerifyDeviceCodeRpl.
Parameters
| Type | Name | Use | Description |
|---|---|---|---|
| aat_byte * | Cmd | O | Up to 4719 bytes that serialize the VERIFY DEVICE CODE command type and the input data to the verify device code function on the HSM:
Plus 32 bytes for Authentication Suite Server SDK internal use. |
| aat_int32 * | CmdSize | I/O | On entry, this parameter contains the size of the Cmd buffer. On exit, this parameter contains the length of the Cmd message. |
| TDigipassBlob | DPMAData | I | Digipass master activation application BLOB of the Digipass serial number license that will be used for the activation. |
| TKernelParms * | CallParms | I | Structure of runtime parameters to use during this function call. |
| aat_ascii * | StorageKey Name | I | String of up to 128+1 characters, left-justified, null-terminated, or right-padded with spaces. This is the label of the HSM storage key used to encrypt the sensitive Digipass application BLOB data. |
| aat_ascii * | StorageIV | I | String of 16 hexadecimal characters, left-justified, null-terminated, or right-padded with spaces. This is the initial vector used to encrypt the sensitive authenticator application BLOB data. |
| aat_ascii * | Challenge | I | Optional string of 16 numeric or hexadecimal characters, left-justified, null-terminated, or right-padded with spaces. This parameter must hold the challenge that was used initially to generate Activation Message 1. If no challenge was used to generate Activation Message 1, this parameter must be NULL. |
| aat_ascii * | SignedMessage | I | The signed message generated by AAL2GenGenMessageActivation1Cmd(). If this parameter is NULL, the function does a standard device code validation using the optional |
| aat_ascii * | DeviceCode | I | String of up to 26+1 characters, null-terminated. It contains the device code generated by the Digipass device. |