AAL2GenVerifyPasswordCmd

  • Published on Jul 9, 2025
  • 1 minute(s) read
Prev Next

Function prototype

aat_int32 AAL2GenVerifyPasswordCmd(
                                   aat_byte           *Cmd,
                                   aat_int32          *CmdSize,
                                   TDigipassBlob      *DPData,
                                   TKernelParms       *CallParms,
                                   aat_ascii          *aResponseIn,
                                   aat_ascii          *aChallengeIn);

Description

This function creates a command which directs the HSM to verify a password using the given data and to return a result in the form of a reply.

The password validation on the HSM is identical to the functionality available with the Authentication Suite Server SDK Software Dynamic Authentication Service. For information on the associated functions, refer to the Authentication Suite Server SDK C-C++ Programmer's Guide.

This function must be used with the post-HSM API AAL2ProcVerifyPasswordRpl.

Parameters

  Table: Parameters (AAL2GenVerifyPasswordCmd)
TypeNameUseDescription
aat_byte *CmdO

Up to 356 bytes that serialize the VERIFY PASSWORD command type and the input data to the verify password function on the HSM:

  • Command type - 2 bytes
  • An authenticator application BLOB - 192 bytes
  • Runtime parameters - 80 bytes
  • Password - up to 41 characters
  • Challenge - up to 17 characters
  • Host time - 4 bytes

Plus 20 bytes for Authentication Suite Server SDK internal use.

aat_int32 * CmdSizeI/O

On entry, this parameter contains the size of the Cmd buffer.On exit, this parameter contains the length of the Cmd message.

TDigipassBlob *DPDataIauthenticator application BLOB.
TKernelParms *CallParmsIStructure of runtime parameters to use during this function call.
aat_ascii * aResponseInIString of up to 17+24 numeric or hexadecimal characters, left-justified, null-terminated or right-padded with spaces. This is the dynamic password generated by the Digipass authenticator.
aat_ascii * aChallengeInIString of up to 17 numeric characters, left-justified, null-terminated, or right-padded with spaces. This parameter holds the challenge that was proposed to the user to generate CodeToVerify. If no challenge was generated, this parameter should be NULL.

Return codes

  Table: Return codes (AAL2GenVerifyPasswordCmd)
CodeMeaningCodeMeaning
0Success590Invalid command pointer
130Invalid response pointer706Invalid data buffer pointer
412Invalid checksum1018Invalid TLV item pointer
413Invalid Base64 format1025Data buffer too small
510Invalid Digipass data pointer