| Cryptographic Token Interface Standard |
PKCS#11
|
Return values
Support for the CKM_SECURID mechanism extends the set of return values for C_Verify with the following values:
- CKR_NEW_PIN_MODE: The supplied OTP was not accepted and the library requests a new OTP computed using a new PIN. The new PIN is set through means out of scope for this document.
- CKR_NEXT_OTP: The supplied OTP was correct but indicated a larger than normal drift in the token's internal state (e.g. clock, counter). To ensure this was not due to a temporary problem, the application should provide the next one-time password to the library for verification.
RSA Security Inc. Public-Key Cryptography Standards -
PKCS#11 - v230mechanism1