Documentation Index

Fetch the complete documentation index at: https://docs.onespan.com/llms.txt

Use this file to discover all available pages before exploring further.

AAL2GenVerifyDeviceCodeExCmd

Prev Next

Availability: Authentication Suite Server SDK 4.0.2 and later

Service: Digipass Multi-Device Activation

Function prototype

aat_int32 AAL2GenVerifyDeviceCodeExCmd(
                                       aat_byte        *Cmd,
                                       aat_int32       *CmdSize,
                                       TDigipassBlob   *DPMAData,
                                       TKernelParms    *CallParms,
                                       aat_ascii       *StorageKeyName,
                                       aat_ascii       *StorageIV,
                                       aat_ascii       *Challenge,
                                       aat_ascii       *SignedMessage,
                                       aat_ascii       *DeviceCode);

Description

AAL2GenVerifyDeviceCodeExCmd() overloads AAL2GenVerifyDeviceCodeCmd(), exposing an additional SignedMessage parameter.

This function creates a command that directs the HSM to verify a device code generated by Digipass using the given data, and to return a result in the form of a reply.

It is only applicable to hardware or software Digipass authenticators compliant with the multi-device two-step activation (in the context of multi-device licensing).

The device code validation on the HSM is identical to the functionality available with the Software Digipass Multi-Device Activation service.

This function must be used with the post-HSM API AAL2ProcVerifyDeviceCodeRpl.

Parameters

  Table: Parameters (AAL2GenVerifyDeviceCodeExCmd)
TypeNameUseDescription
aat_byte *CmdO

Up to 4719 bytes that serialize the VERIFY DEVICE CODE command type and the input data to the verify device code function on the HSM:

  • Command type – 2 bytes
  • Digipass Master Activation application BLOB – 192 bytes
  • Runtime parameters – 80 bytes
  • StorageKeyName – up to 128 characters
  • InitialVector – 8 bytes
  • Challenge – up to 16 characters
  • SignedMessage – up to 4234 characters
  • DeviceCode – up to 27 characters
  • Host time – 4 bytes

Plus 32 bytes for Authentication Suite Server SDK internal use.

aat_int32 *CmdSizeI/O

On entry, this parameter contains the size of the Cmd buffer. On exit, this parameter contains the length of the Cmd message.

TDigipassBlobDPMAData I

Digipass master activation application BLOB of the Digipass serial number license that will be used for the activation.

TKernelParms *CallParmsI

Structure of runtime parameters to use during this function call.

aat_ascii *StorageKey NameI

String of up to 128+1 characters, left-justified, null-terminated, or right-padded with spaces. This is the label of the HSM storage key used to encrypt the sensitive Digipass application BLOB data.

aat_ascii *StorageIVI

String of 16 hexadecimal characters, left-justified, null-terminated, or right-padded with spaces. This is the initial vector used to encrypt the sensitive authenticator application BLOB data.

aat_ascii *ChallengeI

Optional string of 16 numeric or hexadecimal characters, left-justified, null-terminated, or right-padded with spaces. This parameter must hold the challenge that was used initially to generate Activation Message 1. If no challenge was used to generate Activation Message 1, this parameter must be NULL.

aat_ascii *SignedMessageI

The signed message generated by AAL2GenGenMessageActivation1Cmd(). If this parameter is NULL, the function does a standard device code validation using the optional Challenge parameter.

aat_ascii *DeviceCodeI

String of up to 26+1 characters, null-terminated. It contains the device code generated by the Digipass device.

Return codes

  Table: Return codes (AAL2GenVerifyDeviceCodeExCmd)
CodeMeaningCodeMeaning
0Success1000Function does not support EMV-CAP
149Invalid initial vector length1018Invalid TLV item pointer
412Invalid checksum (software)1025Buffer too small
413Invalid Base64 format1265Invalid master application data pointer
590Invalid command pointer1276Invalid device code pointer
706Invalid data buffer pointer