ISO IEC 19785-4:2010 pdf download – Information technology — Common Biometric Exchange Formats Framework — Part 4: Security block format specifications
5.8.3 Integrity If CBEFF_BIR_integrity_options in the SBH is present and contains the encoding for INTEGRITY, the security block shall contain a component of type ContentInfoCBEFFSB , the value of whose first component is id-signatureRelatedData or id-authenticationRelatedData . As seen in the definition of ContentInfoCBEFFSB , the type of its second component is determined by the value of the first component, i.e., SignatureRelatedData is taken for idsignatureRelatedData , and AuthenticationRelatedData for id-authenticationRelatedData . When a digital signature is used to ensure integrity, the signatureRelatedData content type is used. When a MAC is used, the authenticationRelatedData content type is used. The digital signature or MAC is calculated on the concatenation of the SBH and the (possibly encrypted) BDB encodings.
5.8.3.1 signatureRelatedData content type
5.8.3.1.1 The signatureRelatedData content type associates an object identifier id-signatureRelatedData with an ASN.1 type SignatureRelatedData as described in 5.8.1.3.
a) The type SignatureRelatedData consists of one or more signature values. Any number of signers in parallel can sign the concatenation of the SBH and (possibly encrypted) BDB encodings. Unlike the signedData content type defined in RFC 3852 and RFC 5911, this content type does not contain the data that is being digitally signed.
b) The process by which SignatureRelatedData is constructed involves the following steps, which is illustrated as the left half of Figure 1:
1) For each signer, a message digest, or hash value, is computed on the concatenation of the SBH and (possibly encrypted) BDB encodings with a signer-specific message-digest algorithm (DA in Figure 1), and the result becomes the message digest (MD in Figure 1).
2) For each signer, the message digest is digitally signed using the signer’s private key (PrK in Figure 1) with a signer-specific signature algorithm (SA in Figure 1).
3) For each signer, the signature value (DS in Figure 1) and other signer-specific information are collected into a SignerInfo value, which is defined in RFC 3852 and RFC 5911. Certificates and CRLs for each signer, and those not corresponding to any signer, are collected in this step.
4) The message digest algorithms for all the signers and the SignerInfo values for all the signers are collected together into a SignatureRelatedData value.
c) The process by which SignatureRelatedData is verified involves the following steps, which are illustrated as the right half of Figure 1. A recipient independently computes the message digest (MD’ in Figure 1) of the concatenation of the SBH and (possibly encrypted) BDB encodings with the signer-specific message-digest algorithm (DA in Figure 1). This message digest and the signer’s public key (PbK in Figure 1) are used to verify the signature value (DS in Figure 1) comparing the message digest calculated by the verifier (MD’ in Figure 1) and the message digest calculated by the signer (MD in Figure 1), which is decrypted from the digital signature (DS in Figure 1) using the signer’s public key (PbK in Figure 1) with the signer-specific signature algorithm (DS in Figure 1). The signer’s public key is referenced either by an issuer distinguished name along with an issuer-specific serial number or by a subject key identifier that uniquely identifies the certificate containing the public key. The signer’s certificate can be included in the field certificates in the SignatureRelatedData.
5.8.3.1.2 Type SignatureRelatedData is defined as follows: SignatureRelatedData ::= SEQUENCE { version CBEFFSBVersion DEFAULT v0, digestAlgorithms SET OF DigestAlgorithmIdentifier, certificates [0] IMPLICIT CertificateSet OPTIONAL, crls [1] IMPLICIT RevocationInfoChoices OPTIONAL, signerInfos SignerInfos
a) version is the version number of this security block specification of type CBEFFSBVersion , as defined in 5.8.2.1.2.
b) The digestAlgorithms component takes a value of type DigestAlgorithmIdentifiers , which is a collection of message digest algorithm identifiers. Each element identifies the message digest algorithm, along with any associated parameters, used by one or more signers. The collection is intended to list the message digest algorithms employed by all of the signers, in any order. The cryptographic hash algorithm to be supported is not specified in this part of ISO/IEC 19785.ISO IEC 19785-4 pdf download.
