Function prototype
aat_int32 AAL2ProcAuthorizeUnlockRpl(
aat_byte *InReply,
aat_int32 ReplySize,
TDigipassBlob *DPData,
aat_ascii *aUnlockAuthCodeOut,
aat_word32 UnlockAuthCodeLenIn);
Description
This function processes a reply from the HSM to a command generated either with AAL2GenAuthorizeUnlockCmd or with AAL2GenAuthorizedUnlockCmdEx.
Unlocking Digipass with the HSM module is identical to the functionality available with the Authentication Suite Server SDK Software Digipass Management Service. For information on the associated functions, refer to the Authentication Suite Server SDK C-C++ Programmer's Guide.
Parameters
Table: Parameters (AAL2ProcAuthorizeUnlockRpl) | Type | Name | Use | Description |
|---|
| aat_byte * | InReply | I | Up to 218 bytes that contain the AUTHORIZE UNLOCK command type and the output data from the authorize unlock function on the HSM: - Command type - 2 bytes
- An authenticator application BLOB - 192 bytes
- Return code - 4 bytes
- Unlock code - up to 8 characters
Plus 12 bytes for Authentication Suite Server SDK internal use. |
| aat_int32 | ReplySize | I | The length of the InReply message. |
| TDigipassBlob * | DPData | O | authenticator application BLOB. Upon return from the function call, this BLOB must be rewritten to the application database to reflect changes. |
| aat_ascii * | aUnlockCodeOut | O | String of 7 or 8 + 1 numeric characters, which the needs to enter to unlock the Digipass authenticator (recommended buffer size is 9 bytes). |
| aat_int32 | UnlockCodeLenIn | I | Buffer size of aUnlockCodeOut. |
Return codes
Table: Return codes (AAL2ProcAuthorizeUnlockRpl) | Code | Meaning | Code | Meaning |
|---|
| 0 | Success | 814 | Unlock authentication code is too long |
| 134 | Invalid UnlockCode pointer | 910 | Invalid command type in reply |
| 138 | Unlock function not supported | 912 | HSM invalid BLOB status |
| 208 | Application disabled | 913 | Invalid HSM key property |
| 209 | Grace period expired | 951 | Invalid HSM key type for HSM decryption |
| 210 | Allowed use count reached | 1009 | Invalid TLV total length |
| 211 | Virtual token not supported | 1018 | Invalid TLV item pointer |
| 272 | Invalid wrapped key | 1019 | Missing mandatory TLV item |
| 412 | Invalid checksum (software) | 1025 | Data buffer too small |
| 413 | Invalid Base64 format | 1104 | Virtual token is not a primary token |
| 414 | Invalid checksum (HSM) | 1118 | Unsupported BLOB |
| 510 | Invalid Digipass data pointer | -101 | Random number too short |
| 701 | Invalid input buffer pointer | -102 | Random number too long |
| 810 | Unlock authentication code validation Failed | -103 | Random number check digit wrong |
| 811 | Invalid unlock authentication code pointer | -104 | Random number character not decimal |
| 813 | Unlock authentication code is too short | | |