From b17ce13cc31abd088088bf8ab26cc924a6a36585 Mon Sep 17 00:00:00 2001 From: CGantert345 <57003061+CGantert345@users.noreply.github.com> Date: Tue, 28 Jul 2020 17:57:25 +0200 Subject: Draft of the new DOSIPAS included --- src/org/uic/barcode/dynamicFrame/Constants.java | 38 +++ src/org/uic/barcode/dynamicFrame/DataType.java | 95 ++++++++ src/org/uic/barcode/dynamicFrame/DynamicFrame.java | 263 +++++++++++++++++++++ .../uic/barcode/dynamicFrame/Level1DataType.java | 218 +++++++++++++++++ .../uic/barcode/dynamicFrame/Level2DataType.java | 98 ++++++++ .../barcode/dynamicFrame/SequenceOfDataType.java | 26 ++ src/org/uic/barcode/dynamicFrame/headerSpec.asn | 119 ++++++++++ src/org/uic/barcode/dynamicFrame/package.html | 9 + 8 files changed, 866 insertions(+) create mode 100644 src/org/uic/barcode/dynamicFrame/Constants.java create mode 100644 src/org/uic/barcode/dynamicFrame/DataType.java create mode 100644 src/org/uic/barcode/dynamicFrame/DynamicFrame.java create mode 100644 src/org/uic/barcode/dynamicFrame/Level1DataType.java create mode 100644 src/org/uic/barcode/dynamicFrame/Level2DataType.java create mode 100644 src/org/uic/barcode/dynamicFrame/SequenceOfDataType.java create mode 100644 src/org/uic/barcode/dynamicFrame/headerSpec.asn create mode 100644 src/org/uic/barcode/dynamicFrame/package.html (limited to 'src/org/uic/barcode/dynamicFrame') diff --git a/src/org/uic/barcode/dynamicFrame/Constants.java b/src/org/uic/barcode/dynamicFrame/Constants.java new file mode 100644 index 0000000..98b62aa --- /dev/null +++ b/src/org/uic/barcode/dynamicFrame/Constants.java @@ -0,0 +1,38 @@ +package org.uic.barcode.dynamicFrame; + +public class Constants { + + /* + * Object Identifier for recommended signature algorithms + * + */ + public static String KG_EC_256 = "1.2.840.10045.3.1.7"; + public static String KG_EC = "1.2.840.10045.2.1"; + public static String ECDSA_SHA256 = "1.2.840.10045.4.3.2"; + + public static String DSA_SHA1 = "1.2.840.10040.4.3"; + public static String DSA_SHA224 = "2.16.840.1.101.3.4.3.1"; + public static String DSA_SHA248 = "2.16.840.1.101.3.4.3.2"; + + public static String DATA_TYPE_FCB_VERSION_1 = "FCB1"; + public static String DATA_TYPE_FCB_VERSION_2 = "FCB2"; + + public static String DYNAMIC_BARCODE_FORMAT_DEFAULT = "U1"; + + public static int LEVEL2_VALIDATION_OK = 0; + public static int LEVEL2_VALIDATION_NO_KEY = 1; + public static int LEVEL2_VALIDATION_NO_SIGNATURE = 2; + public static int LEVEL2_VALIDATION_FRAUD = 3; + public static int LEVEL2_VALIDATION_SIG_ALG_NOT_IMPLEMENTED = 4; + public static int LEVEL2_VALIDATION_KEY_ALG_NOT_IMPLEMENTED = 5; + public static int LEVEL2_VALIDATION_ENCODING_ERROR = 6; + + public static int LEVEL1_VALIDATION_OK = 0; + public static int LEVEL1_VALIDATION_NO_KEY = 1; + public static int LEVEL1_VALIDATION_NO_SIGNATURE = 2; + public static int LEVEL1_VALIDATION_FRAUD = 3; + public static int LEVEL1_VALIDATION_SIG_ALG_NOT_IMPLEMENTED = 4; + public static int LEVEL1_VALIDATION_KEY_ALG_NOT_IMPLEMENTED = 5; + public static int LEVEL1_VALIDATION_ENCODING_ERROR = 6; + +} diff --git a/src/org/uic/barcode/dynamicFrame/DataType.java b/src/org/uic/barcode/dynamicFrame/DataType.java new file mode 100644 index 0000000..fb84db6 --- /dev/null +++ b/src/org/uic/barcode/dynamicFrame/DataType.java @@ -0,0 +1,95 @@ +package org.uic.barcode.dynamicFrame; + +import net.gcdc.asn1.datatypes.Asn1Default; +import net.gcdc.asn1.datatypes.CharacterRestriction; +import net.gcdc.asn1.datatypes.RestrictedString; +import net.gcdc.asn1.datatypes.Sequence; +import net.gcdc.asn1.datatypesimpl.OctetString; +import net.gcdc.asn1.uper.UperEncoder; + +/** + * The Class DataType. + */ +@Sequence +public class DataType { + + + /** The data format. + * + * -- FCB1 FCB version 1 + * -- FCB2 FCB version 2 + * -- RICS company code + ... + **/ + @Asn1Default("FCB1") + @RestrictedString(CharacterRestriction.IA5String) + public String format; + + /** The data. */ + public OctetString data; + + /** + * Gets the data format. + * + * @return the data format + */ + public String getFormat() { + return format; + } + + /** + * Sets the data format. + * + * @param dataFormat the new data format + */ + public void setFormat(String format) { + this.format = format; + } + + /** + * Gets the data. + * + * @return the data + */ + public OctetString getData() { + return data; + } + + /** + * Sets the data. + * + * @param data the new data + */ + public void setData(OctetString data) { + this.data = data; + } + + /** + * Gets the data as byte array. + * + * @return the data + */ + public byte[] getByteData() { + return data.toByteArray(); + } + + /** + * Sets the data from a byte array. + * + * @param data the new data + */ + public void setByteData(byte[] data) { + this.data = new OctetString(data); + } + + /** + * Encode. + * + * Encode the header as ASN.1 PER UNALIGNED byte array + * + * @return the byte[] + */ + public byte[] encode() { + return UperEncoder.encode(this); + } + +} diff --git a/src/org/uic/barcode/dynamicFrame/DynamicFrame.java b/src/org/uic/barcode/dynamicFrame/DynamicFrame.java new file mode 100644 index 0000000..445990a --- /dev/null +++ b/src/org/uic/barcode/dynamicFrame/DynamicFrame.java @@ -0,0 +1,263 @@ +package org.uic.barcode.dynamicFrame; + +import java.security.InvalidKeyException; +import java.security.KeyFactory; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.Signature; +import java.security.SignatureException; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.X509EncodedKeySpec; + +import org.uic.barcode.utils.AlgorithmNameResolver; + +import net.gcdc.asn1.datatypes.Asn1Optional; +import net.gcdc.asn1.datatypes.CharacterRestriction; +import net.gcdc.asn1.datatypes.HasExtensionMarker; +import net.gcdc.asn1.datatypes.RestrictedString; +import net.gcdc.asn1.datatypes.Sequence; +import net.gcdc.asn1.datatypesimpl.OctetString; +import net.gcdc.asn1.uper.UperEncoder; + + +/** + * The DynamicHeader for bar codes + * + * Implementation of the Draft under discussion, not final. + */ +@Sequence +@HasExtensionMarker +public class DynamicFrame extends Object{ + + public DynamicFrame() {} + + /** The format. */ + @RestrictedString(CharacterRestriction.IA5String) + public String format; + + /*level 2 data*/ + Level2DataType level2SignedData; + + + /** The signature of level 2 data*/ + @Asn1Optional public OctetString level2Signature; + + /** + * Gets the format. + * + * @return the format + */ + public String getFormat() { + return format; + } + + /** + * Sets the format. + * + * @param format the new format + */ + public void setFormat(String format) { + this.format = format; + } + + public Level2DataType getLevel2SignedData() { + return level2SignedData; + } + + public void setLevel2SignedData(Level2DataType level2SignedData) { + this.level2SignedData = level2SignedData; + } + + public OctetString getLevel2Signature() { + return level2Signature; + } + + public void setLevel2Signature(OctetString level2Signature) { + this.level2Signature = level2Signature; + } + + /** + * Encode. + * + * Encode the header as ASN.1 PER UNALIGNED byte array + * + * @return the byte[] + */ + public byte[] encode() { + return UperEncoder.encode(this); + } + + /** + * Decode. + * + * Decode the header from an ASN.1 PER UNALIGNED encoded byte array + * + * @param bytes the bytes + * @return the dynamic header + */ + public static DynamicFrame decode(byte[] bytes) { + return UperEncoder.decode(bytes, DynamicFrame.class); + } + + /** + * Verify the level 2 signature + * + * Note: an appropriate security provider (e.g. BC) must be registered before + * + */ + public int validateLevel2() { + + + String level2KeyAlg = this.getLevel2SignedData().getLevel1Data().level2KeyAlg; + + if (level2KeyAlg == null || level2KeyAlg.length() == 0) { + return Constants.LEVEL2_VALIDATION_NO_KEY; + } + + if (this.level2Signature.toByteArray() == null || this.level2Signature.toByteArray().length == 0) { + return Constants.LEVEL2_VALIDATION_NO_SIGNATURE; + } + + + + String keyAlgName = null; + try { + keyAlgName = AlgorithmNameResolver.getName(AlgorithmNameResolver.TYPE_KEY_GENERATOR_ALG, level2KeyAlg); + } catch (Exception e1) { + return Constants.LEVEL2_VALIDATION_KEY_ALG_NOT_IMPLEMENTED; + } + if (keyAlgName == null || keyAlgName.length() == 0) { + return Constants.LEVEL2_VALIDATION_KEY_ALG_NOT_IMPLEMENTED; + } + + PublicKey key = null; + try { + key = KeyFactory.getInstance(keyAlgName).generatePublic(new X509EncodedKeySpec(this.getLevel2SignedData().getLevel1Data().level2publicKey.toByteArray())); + } catch (InvalidKeySpecException | NoSuchAlgorithmException e1) { + return Constants.LEVEL2_VALIDATION_KEY_ALG_NOT_IMPLEMENTED; + } + + //find the algorithm name for the signature OID + String algo = null; + try { + algo = AlgorithmNameResolver.getName(AlgorithmNameResolver.TYPE_SIGNATURE_ALG,this.getLevel2SignedData().getLevel1Data().level2SigningAlg); + } catch (Exception e1) { + return Constants.LEVEL2_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; + } + if (algo == null) { + return Constants.LEVEL2_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; + } + + Signature sig; + try { + sig = Signature.getInstance(algo); + } catch (NoSuchAlgorithmException e) { + return Constants.LEVEL2_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; + } + try { + sig.initVerify(key); + } catch (InvalidKeyException e) { + return Constants.LEVEL2_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; + } + + try { + sig.update(UperEncoder.encode(level2SignedData)); + } catch (SignatureException e) { + return Constants.LEVEL2_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; + } catch (IllegalArgumentException e) { + return Constants.LEVEL2_VALIDATION_ENCODING_ERROR; + } catch (UnsupportedOperationException e) { + return Constants.LEVEL2_VALIDATION_ENCODING_ERROR; + } + + byte[] signature = level2Signature.toByteArray(); + try { + if (sig.verify(signature)){ + return Constants.LEVEL2_VALIDATION_OK; + } else { + return Constants.LEVEL2_VALIDATION_FRAUD; + } + } catch (SignatureException e) { + return Constants.LEVEL2_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; + } + } + + /** + * Verify the level 1 signature + * + * Note: an appropriate security provider (e.g. BC) must be registered before + * + */ + public int validateLevel1(PublicKey key) { + + if (this.level2SignedData == null) { + return Constants.LEVEL1_VALIDATION_NO_SIGNATURE; + } + + + if (this.level2SignedData.level1Signature == null || this.level2SignedData.level1Signature.toByteArray().length == 0) { + return Constants.LEVEL1_VALIDATION_NO_SIGNATURE; + } + + byte[] signature = this.getLevel2SignedData().level1Signature.toByteArray(); + + //find the algorithm name for the signature OID + String algo = null; + try { + algo = AlgorithmNameResolver.getSignatureAlgorithmName(getLevel2SignedData().getLevel1Data().level1SigningAlg); + } catch (Exception e1) { + return Constants.LEVEL1_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; + } + if (algo == null) { + return Constants.LEVEL1_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; + } + + Signature sig; + try { + sig = Signature.getInstance(algo); + } catch (NoSuchAlgorithmException e) { + return Constants.LEVEL1_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; + } + try { + sig.initVerify(key); + } catch (InvalidKeyException e) { + return Constants.LEVEL1_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; + } + + try { + sig.update(this.level2SignedData.level1Data.encode()); + } catch (SignatureException e) { + return Constants.LEVEL1_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; + } catch (IllegalArgumentException e) { + return Constants.LEVEL1_VALIDATION_ENCODING_ERROR; + } catch (UnsupportedOperationException e) { + return Constants.LEVEL1_VALIDATION_ENCODING_ERROR; + } + + + try { + if (sig.verify(signature)){ + return Constants.LEVEL2_VALIDATION_OK; + } else { + return Constants.LEVEL2_VALIDATION_FRAUD; + } + } catch (SignatureException e) { + return Constants.LEVEL2_VALIDATION_SIG_ALG_NOT_IMPLEMENTED; + } + } + + public void signLevel2(PrivateKey key) throws Exception { + + //find the algorithm name for the signature OID + String algo = AlgorithmNameResolver.getSignatureAlgorithmName(this.getLevel2SignedData().getLevel1Data().level2SigningAlg); + Signature sig = Signature.getInstance(algo); + sig.initSign(key); + byte[] data = level2SignedData.encode(); + sig.update(data); + this.level2Signature = new OctetString(sig.sign()); + + } + + +} diff --git a/src/org/uic/barcode/dynamicFrame/Level1DataType.java b/src/org/uic/barcode/dynamicFrame/Level1DataType.java new file mode 100644 index 0000000..ac48ba8 --- /dev/null +++ b/src/org/uic/barcode/dynamicFrame/Level1DataType.java @@ -0,0 +1,218 @@ +package org.uic.barcode.dynamicFrame; + +import org.uic.ticket.EncodingFormatException; +import org.uic.ticket.api.utils.UicEncoderUtils; + +import net.gcdc.asn1.datatypes.Asn1Optional; +import net.gcdc.asn1.datatypes.CharacterRestriction; +import net.gcdc.asn1.datatypes.IntRange; +import net.gcdc.asn1.datatypes.RestrictedString; +import net.gcdc.asn1.datatypes.Sequence; +import net.gcdc.asn1.datatypesimpl.OctetString; +import net.gcdc.asn1.uper.UperEncoder; + +/** + * The Class SignedDataType. + */ +@Sequence +public class Level1DataType { + + /** + * The security provider + * numeric codes 1 ...32000 + * + * */ + @IntRange(minValue=1,maxValue=32000) + @Asn1Optional public Long securityProviderNum; + + /** The security provider alphanumeric codes. */ + @RestrictedString(CharacterRestriction.IA5String) + @Asn1Optional public String securityProviderIA5; + + + /** The key id. */ + @IntRange(minValue=1,maxValue=99999) + @Asn1Optional public Long keyId; + + + /** The data. */ + public SequenceOfDataType data; + + /** + * The key generator algorithms + * Object Identifier of the Algorithm + * Number notation: + * + * e.g.: + * -- DSA SHA224 2.16.840.1.101.3.4.3.1 + * -- DSA SHA248 2.16.840.1.101.3.4.3.2 + * -- ECC 256 1.2.840.10045.3.1.7 + * + * + */ + @RestrictedString(CharacterRestriction.ObjectIdentifier) + @Asn1Optional public String level1KeyAlg; + + + @RestrictedString(CharacterRestriction.ObjectIdentifier) + @Asn1Optional public String level2KeyAlg; + + /** + * The signing algorithm + * Object Identifier of the Algorithms + * Number notation: + * + * e.g.: + * -- DSA SHA224 2.16.840.1.101.3.4.3.1 + * -- DSA SHA248 2.16.840.1.101.3.4.3.2 + * -- ECC 256 1.2.840.10045.3.1.7 + * + * + */ + @RestrictedString(CharacterRestriction.ObjectIdentifier) + @Asn1Optional public String level1SigningAlg; + + @RestrictedString(CharacterRestriction.ObjectIdentifier) + @Asn1Optional public String level2SigningAlg; + + + /** The level 2 public key*/ + @Asn1Optional public OctetString level2publicKey; + + + + /** + * Gets the security provider num. + * + * @return the security provider num + */ + public Long getSecurityProviderNum() { + return securityProviderNum; + } + + /** + * Sets the security provider num. + * + * in case the security provider code is encoded in IA5 this will return null + * + * @param securityProviderNum the new security provider num + */ + public void setSecurityProviderNum(Long securityProviderNum) { + this.securityProviderNum = securityProviderNum; + } + + /** + * Gets the security provider IA5. + * + * in case the security provider code is encoded numerically this will return null + * + * @return the security provider IA5 + */ + public String getSecurityProviderIA5() { + return securityProviderIA5; + } + + /** + * Sets the security provider + * + * The security provider code must use the IA5 Alphabet . + * + * @param securityProvider the new security provider + * @throws EncodingFormatException the encoding format exception + */ + public void setSecurityProvider(String securityProvider) throws EncodingFormatException { + this.securityProviderNum = UicEncoderUtils.getNum(securityProvider); + this.securityProviderIA5 = UicEncoderUtils.getIA5NonNum(securityProvider); + } + + + /** + * Gets the security provider. + * + * @return the security provider + */ + public String getSecurityProvider() { + return UicEncoderUtils.mapToString(this.securityProviderNum, this.securityProviderIA5); + } + + + /** + * Sets the security provider IA 5. + * + * @param securityProviderIA5 the new security provider IA 5 + */ + public void setSecurityProviderIA5(String securityProviderIA5) { + this.securityProviderIA5 = securityProviderIA5; + } + + public Long getKeyId() { + return keyId; + } + + public void setKeyId(Long keyId) { + this.keyId = keyId; + } + + public SequenceOfDataType getData() { + return data; + } + + public void setData(SequenceOfDataType data) { + this.data = data; + } + + public String getLevel2KeyAlg() { + return level2KeyAlg; + } + + public void setLevel2KeyAlg(String level2KeyAlg) { + this.level2KeyAlg = level2KeyAlg; + } + + public String getLevel1SigningAlg() { + return level1SigningAlg; + } + + public void setLevel1SigningAlg(String level1SigningAlg) { + this.level1SigningAlg = level1SigningAlg; + } + + public String getLevel2SigningAlg() { + return level2SigningAlg; + } + + public void setLevel2SigningAlg(String level2SigningAlg) { + this.level2SigningAlg = level2SigningAlg; + } + + public OctetString getLevel2publicKey() { + return level2publicKey; + } + + public void setLevel2publicKey(OctetString level2publicKey) { + this.level2publicKey = level2publicKey; + } + + + + public String getLevel1KeyAlg() { + return level1KeyAlg; + } + + public void setLevel1KeyAlg(String level1KeyAlg) { + this.level1KeyAlg = level1KeyAlg; + } + + /** + * Gets the data for signature. + * + * The byte array containing the ASN.1 PER UNALIGNED encoded data of the DataBlock + * + * + * @return the data for signature + */ + public byte[] encode() { + return UperEncoder.encode(this); + + } +} diff --git a/src/org/uic/barcode/dynamicFrame/Level2DataType.java b/src/org/uic/barcode/dynamicFrame/Level2DataType.java new file mode 100644 index 0000000..66e4225 --- /dev/null +++ b/src/org/uic/barcode/dynamicFrame/Level2DataType.java @@ -0,0 +1,98 @@ +package org.uic.barcode.dynamicFrame; + +import java.security.PrivateKey; +import java.security.Signature; + +import org.uic.barcode.utils.AlgorithmNameResolver; + +import net.gcdc.asn1.datatypes.Asn1Optional; +import net.gcdc.asn1.datatypes.Sequence; +import net.gcdc.asn1.datatypesimpl.OctetString; +import net.gcdc.asn1.uper.UperEncoder; + +/** + * The Class DataType. + */ +@Sequence +public class Level2DataType { + + Level1DataType level1Data; + + /** The data. */ + @Asn1Optional public OctetString level1Signature; + + + @Asn1Optional DataType level2Data; + + + public Level1DataType getLevel1Data() { + return level1Data; + } + + + public void setLevel1Data(Level1DataType level1Data) { + this.level1Data = level1Data; + } + + + public OctetString getLevel1Signature() { + return level1Signature; + } + + public byte[] getLevel1SignatureBytes() { + return level1Signature.toByteArray(); + } + + public void setLevel1Signature(OctetString level1Signature) { + this.level1Signature = level1Signature; + } + + public void setLevel1Signature(byte[] level1Signature) { + this.level1Signature = new OctetString(level1Signature); + } + + + public DataType getLevel2Data() { + return level2Data; + } + + + public void setLevel2Data(DataType level2Data) { + this.level2Data = level2Data; + } + + + /** + * Encode. + * + * Encode the header as ASN.1 PER UNALIGNED byte array + * + * @return the byte[] + */ + public byte[] encode() { + return UperEncoder.encode(this); + } + + /** + * Sign the contained data block. + * + * Note: an appropriate security provider (e.g. BC) must be registered before + * + * @param key the key + * @return + * @return the byte[] + * @throws Exception + */ + public void signLevel1(PrivateKey key) throws Exception { + //find the algorithm name for the signature OID + String algo = AlgorithmNameResolver.getSignatureAlgorithmName(getLevel1Data().level1SigningAlg); + Signature sig = Signature.getInstance(algo); + sig.initSign(key); + byte[] data = level1Data.encode(); + sig.update(data); + this.level1Signature = new OctetString(sig.sign()); + } + + + +} diff --git a/src/org/uic/barcode/dynamicFrame/SequenceOfDataType.java b/src/org/uic/barcode/dynamicFrame/SequenceOfDataType.java new file mode 100644 index 0000000..c879ddd --- /dev/null +++ b/src/org/uic/barcode/dynamicFrame/SequenceOfDataType.java @@ -0,0 +1,26 @@ +package org.uic.barcode.dynamicFrame; + + +import java.util.Collection; + +import net.gcdc.asn1.datatypes.Asn1SequenceOf; +// TODO: Auto-generated Javadoc + +/** + * The Class SequenceOfDataType. + */ +public class SequenceOfDataType extends Asn1SequenceOf{ + + /** + * Instantiates a new sequence of data type. + */ + public SequenceOfDataType() { super(); } + + /** + * Instantiates a new sequence of data type. + * + * @param coll the coll + */ + public SequenceOfDataType(Collection coll) { super(coll); } + +} diff --git a/src/org/uic/barcode/dynamicFrame/headerSpec.asn b/src/org/uic/barcode/dynamicFrame/headerSpec.asn new file mode 100644 index 0000000..08d84f6 --- /dev/null +++ b/src/org/uic/barcode/dynamicFrame/headerSpec.asn @@ -0,0 +1,119 @@ +-- Author: ClemensGantert +-- Created: Thu Jun 04 17:19:28 CEST 2020 +ASN-Module DEFINITIONS AUTOMATIC TAGS ::= BEGIN + +-- imports and exports +-- EXPORTS ALL; + + +-- ############################################################################################## +-- # +-- # UIC barcode header - first draft +-- # +-- ############################################################################################## + + +-- ############################################################################################## +-- # +-- # Naming and encoding conventions +-- # +-- # Elements included as String and as Numeric values: +-- # Some elements are included in different formats to reduce the data size. +-- # These elements must be included only once. +-- # These elements are named with the same name and appendix +-- # Num (numeric values) +-- # IA5 (String values according to ASN IA5String (7Bit)) +-- # +-- # RICS codes must be used to encode companies (issuer, product owner, ...) where available +-- # other codes are possible based on bilateral agreements +-- # the format is kept more flexible to cover upcoming extensions of the RICS code by ERA +-- # +-- # +-- # - A bar code which is only static (printed on a paper), and for which the security is in the system, doesn’t need any of these elements. +-- # - A bar code which is only static, and includes its own security, needs: +-- # level1Signature +-- # level1KeyAlg if the associated key does not include the complete certificate in keys.xml but only the public key +-- # (but level1SigningAlg is not necessary as it is in keys.xml) +-- # - A dynamic bar code including static and dynamic signatures needs: +-- # The same elements as a static bar code above, +-- # level2SigningAlg, level2keyAlg, level2PublicKey, and level2Signature. +-- # +-- ######################################################################################### + + +-- ############################################################################################ + + +-- type assignments + + -- ######################################################################################### + -- the basic entry point of the data structure + -- ########################################################################################## + UicBarcodeHeader ::= SEQUENCE { + -- barcode format type + format IA5String, + -- "U1" = UIC ticket + + + level2SignedData Level2DataType, + + -- signature is calculated on the PER unaligned encoding of level2 signature data + level2Signature OCTET STRING OPTIONAL + + + } + + Level2DataType ::= SEQUENCE { + + level1Data Level1DataType, + + -- signature is calculated on the PER unaligned encoding of level1 signature data + level1Signature OCTET STRING OPTIONAL, + + level2Data DataType OPTIONAL + + } + + + Level1DataType ::= SEQUENCE { + + -- provider of the level1 signature (RICS code) + securityProviderNum INTEGER (1..32000) OPTIONAL, + securityProviderIA5 IA5String OPTIONAL, + + keyId INTEGER(0..99999) OPTIONAL, + + dataSequence SEQUENCE OF DataType, + + + -- object identifier of the key algorithms + -- e.g. + -- ECC P-256 1.2.840.10045.3.1.7 + level1KeyAlg OBJECT IDENTIFIER OPTIONAL, + level2KeyAlg OBJECT IDENTIFIER OPTIONAL, + + -- object identifier of the signing algorithm + -- e.g. + -- DSA SHA224 2.16.840.1.101.3.4.3.1 + -- DSA SHA256 2.16.840.1.101.3.4.3.2 + -- ECDSA-256 1.2.840.10045.4.3.2 + -- algorithm used for signing + level1SigningAlg OBJECT IDENTIFIER OPTIONAL, + level2SigningAlg OBJECT IDENTIFIER OPTIONAL, + + level2PublicKey OCTET STRING OPTIONAL + + } + + DataType ::= SEQUENCE { + -- Content of data format: + -- FCBn (FCB1 = FCB version 1, FCB2 = FCB version 2) + -- FDCn dynamic content + -- or proprietary: + -- _RICS company code + addon + dataFormat IA5String, + data OCTET STRING + } + + +END \ No newline at end of file diff --git a/src/org/uic/barcode/dynamicFrame/package.html b/src/org/uic/barcode/dynamicFrame/package.html new file mode 100644 index 0000000..dbe6c06 --- /dev/null +++ b/src/org/uic/barcode/dynamicFrame/package.html @@ -0,0 +1,9 @@ + + + + + +

drafted new header for dynamic content

+

Provides a decoding and encoding of the header data frame. (Draft for UIC IRS 90918-9).

+ + \ No newline at end of file -- cgit v1.2.3