Reset static PIN

  • Updated on Aug 5, 2025
  • Published on Jan 24, 2025
  • 1 minute(s) read
Prev Next

This chapter describes the function(s) on which the reset static PIN functionality is based. It contains information about parameters and possible return codes, as well as a prototype for each function.

AAL2ResetStaticPasswordICSF

Function prototype

aat_int32 AAL2ResetStaticPasswordICSF (
                                TDigipassBlob*     DPBlob,
                                TKernelParms*      CallParms,
                                aat_ascii*         aStorageKeyNameIn,
                                aat_ascii*         aInitialVectorIn);

Description

This function extends the AAL2ResetStaticPasswordHSM and allows the integrator to address the HSM storage key by name and specifying an initial vector. The initial vector is used during the 3DES/AES decryption/encryption of the sensitive data of the authenticator application BLOB.

The reset static password on the HSM has the same functionality as the Authentication Suite Server SDK standard API AAL2ResetStaticPassword(). For information about this functionality, refer to the Authentication Suite Server SDK C-C++ Programmer's Guide.

Parameters

The memory management of the output parameters must be performed by the calling function.

  Table: Parameters (AAL2ResetStaticPasswordICSF)
TypeNameUseDescription
TDigipassBlob *DPBlobI/OThe authenticator application BLOB.
TKernelParms *CallParmsIStructure of runtime parameters to use during this function call.
aat_ascii *aStorageKeyNameInIString of up to 64+1 characters, left-justified, null-terminated, or right-padded with spaces. This is the label of the HSM storage key used to encrypt the sensitive authenticator application BLOB data.
aat_ascii *aInitialVectorInIString of 16 or 32 hexadecimal characters, left-justified, null-terminated. This is the initial vector used to encrypt the sensitive authenticator application BLOB data.

COBOL calling convention

Entry point: AA2RSPIC
02   02   W-BLOB           PIC X(248).
02   W-KERNELPARMS.
     03   W-PARMCOUNT     PIC 9(8) USAGE BINARY.
     03   W-PARM01        PIC 9(8) USAGE BINARY.
     . . .
     03   W-PARM19        PIC 9(8) USAGE BINARY.
02   W-STORAGEKEY         PIC X(65).
02   W-INITVECTOR         PIC X(17).
02   W-RETURN             PIC S9(8) USAGE BINARY.
02   W-API-NAME            PIC X(8) VALUE 'AA2RSPIC'.
. . .
     CALL W-API-NAME USING
           BY REFERENCE W-BLOB
           BY REFERENCE W-KERNELPARMS
           BY REFERENCE W-STORAGEKEY
           BY REFERENCE W-INITVECTOR
           RETURNING W-RETURN

Return codes

  Table: Return codes (AAL2ResetStaticPasswordICSF)
CodeMeaningCodeMeaning
0Success806Static password change not supported
133Invalid RandomNumber pointer900Invalid session context handle
134Invalid UnlockCode pointer908HSM key not found
138Unlock function not supported951Invalid HSM key type for HSM decryption
412Invalid checksum (software)1000Function does not support EMV-CAP
413Invalid Base64 format1103Unlock Version 2 not supported
414Invalid checksum (HSM)1118Unsupported BLOB
510Invalid Digipass data pointer-1501Memory allocation failed