Function prototype
aat_int32 AAL2ProcVerifyPasswordEsRpl(
aat_byte *InReply,
aat_int32 *ReplySize,
TDigipassBlob *DPData,
aat_ascii *aReturnHostCodeOut,
aat_int32 *ReturnHostCodeLenOut);Description
This function processes a reply from the HSM to a password validation command which has been generated with AAL2GenVerifyPasswordEsCmd.
The password validation with enhanced security on the HSM is identical to the functionality available with the Authentication Suite Server SDK Software Dynamic Authentication Service. For information on the associated functions, refer to the Authentication Suite Server SDK C-C++ Programmer's Guide.
Parameters
Return codes
| Code | Meaning | Code | Meaning |
|---|---|---|---|
| 0 | Success | 912 | HSM invalid BLOB status |
| 10001 | Success with context warning[1] | 913 | Invalid HSM key property |
| 10002 | Success with user warning[1] | 951 | Invalid HSM key type for HSM decryption |
| 10003 | Success with user & context warning[1] | 1009 | Invalid TLV total length |
| 10004 | Success with platform warning[1] | 1018 | Invalid TLV item pointer |
| 10005 | Success with platform & context warning[1] | 1019 | Missing mandatory TLV item |
| 10006 | Success with platform & user warning[1] | 1025 | Data buffer too small |
| 10007 | Success with platform & user & context warning[1] | 1039 | Invalid response length with DP algorithm |
| 1 | Code not verified | 1040 | Invalid host code length with DP algorithm |
| 2 | Static password validation failed | 1103 | Unlock Version 2 not supported |
| 131 | Missing required challenge | 1116 | Response check digit not allowed |
| 140 | Challenge corrupted | 1117 | Challenge check digit not allowed |
| 201 | Code replay attempt | 1118 | Unsupported BLOB |
| 202 | Identification error threshold reached | -101 | Challenge too short |
| 205 | Inactive days reached | -102 | Challenge too long |
| 208 | Application disabled | -103 | Challenge check digit wrong |
| 272 | Invalid wrapped key | -105 | Challenge minimum length not allowed |
| 412 | Invalid checksum (software) | -106 | Challenge maximum length not allowed |
| 413 | Invalid Base64 format | -107 | Challenge number wrong |
| 414 | Invalid checksum (HSM) | -108 | Challenge character invalid |
| 510 | Invalid Digipass data pointer | -153 | Server public key too long |
| 600 | Invalid Gordian root information | -201 | Response length out of bounds |
| 601 | Invalid Gordian today information | -202 | Response too short |
| 602 | Invalid Gordian tomorrow information | -203 | Response too long |
| 603 | Invalid Gordian stimulus information | -204 | Response check digit wrong |
| 701 | Invalid input buffer pointer | -205 | Response character not decimal |
| 802 | Change password mandatory | -206 | Response character not hexadecimal |
| 803 | New password too short | -207 | Response character set not specified |
| 804 | New password too long | -1501 | Memory allocation failed |
| 910 | Invalid HSM command in reply |
- Specific score-based authentication code (see Score-based DIGIPASS)