Function prototype
aat_int32 AAL2ProcGenPasswordRpl(
aat_byte *InReply,
aat_int32 ReplySize,
TDigipassBlob *DPData,
aat_ascii *Response,
aat_ascii *aReturnHostCodeOut,
aat_int32 *ReturnHostCodeLenOut);
Description
This function processes a reply from the HSM to a password generation command which was generated with AAL2GenGenPasswordCmd.
The password generation on the HSM is identical to the functionality available with the Authentication Suite Server SDK Software Password Generation Service. For information on the associated functions, refer to the Authentication Suite Server SDK C-C++ Programmer's Guide.
Parameters
Table: Parameters (AAL2ProcGenPasswordRpl) | Type | Name | Use | Description |
|---|
| aat_byte * | InReply | I | Up to 256 bytes that contain the GENERATE PASSWORD command type and the output data from the generate password function on the HSM: - Command type - 2 bytes
- An authenticator application BLOB - 192 bytes
- Return code - 4 bytes
- Response - up to 17 characters
- Return host code length - 4 bytes
- Return host code - up to 17 characters
Plus 20 bytes for Authentication Suite Server SDK internal use. |
| aat_int32 | ReplySize | I | The length of the InReply message. |
| TDigipassBlob * | DPData | O | authenticator application BLOB. Upon return from the function call, this BLOB must be rewritten to the application database to reflect changes. |
| aat_ascii * | Response | O | String of up to 17 numeric or hexadecimal characters, left-justified, null-terminated, or right-padded with spaces. This is the dynamic password generated by the library (recommended buffer size is 18 bytes). |
| aat_ascii * | aReturnHostCodeOut | O | String of up to 17 numeric or hexadecimal characters, left-justified, null-terminated, or right-padded with spaces. This is the code generated by Authentication Suite Server SDK (recommended buffer size is 18 bytes). Leave NULL if not required. |
| aat_int32 * | ReturnHostCodeLenOut | O | Pointer to a long integer that in input contains the size of the ReturnHostCodeOut buffer, and in output contains the real length of the generated return host code. Leave NULL if not required. |
Return codes
Table: Return codes (AAL2ProcGenPasswordRpl) | Code | Meaning | Code | Meaning |
|---|
| 0 | Success | 951 | Invalid HSM key type for HSM decryption |
| 130 | Invalid response pointer | 1009 | Invalid TLV total length |
| 131 | Missing required challenge | 1018 | Invalid TLV item pointer |
| 202 | Identification error threshold reached | 1019 | Missing mandatory TLV item |
| 208 | Application disabled | 1025 | Data buffer too small |
| 209 | Grace period expired | 1103 | Unlock Version 2 not supported |
| 210 | Allowed use count reached | 1116 | Response check digit not allowed |
| 211 | Virtual token not supported | 1117 | Challenge check digit not allowed |
| 272 | Invalid wrapped key | 1118 | Unsupported BLOB |
| 412 | Invalid checksum (software) | -101 | Challenge too short |
| 413 | Invalid Base64 format | -102 | Challenge too long |
| 414 | Invalid checksum (HSM) | -103 | Challenge check digit wrong |
| 510 | Invalid Digipass data pointer | -105 | Challenge minimum length not allowed |
| 701 | Invalid input buffer pointer | -106 | Challenge maximum length not allowed |
| 910 | Invalid HSM command in reply | -107 | Challenge number wrong |
| 912 | HSM invalid BLOB status | -108 | Challenge character invalid |
| 913 | Invalid HSM key property | -1501 | Memory allocation failed |