ImageVerifierCode 换一换
格式:PDF , 页数:44 ,大小:333.87KB ,
资源ID:590967      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-590967.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(CAN CSA-ISO IEC 7816-15A-2008 Identification cards - Integrated circuit cards - Part 15 Cryptographic information application AMENDMENT 1 Examples of the use of the cryptographic i.pdf)为本站会员(livefirmly316)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

CAN CSA-ISO IEC 7816-15A-2008 Identification cards - Integrated circuit cards - Part 15 Cryptographic information application AMENDMENT 1 Examples of the use of the cryptographic i.pdf

1、 Reference numberISO/IEC 7816-15:2004/Amd.1:2007(E)ISO/IEC 2007Identification cards Integrated circuit cards Part 15: Cryptographic information application AMENDMENT 1: Examples of the use of the cryptographic information application Cartes didentification Cartes circuit intgr Partie 15: Application

2、 des informations cryptographiques AMENDEMENT 1: Exemples demploi de lapplication des informations cryptographiques Amendment 1:2008 toNational Standard of CanadaCAN/CSA-ISO/IEC 7816-15:05Amendment 1:2007 to International Standard ISO/IEC 7816-15:2004 has been adopted without modification(IDT) as Am

3、 endment 1:2008 to CSA Standard CAN/CSA-ISO/IEC 7816-15:05. This Amendment wasreviewed by the CSA Technical Committee on Information Technology (TCIT) under the jurisdiction of theStrategic Steering Committee on Information Technology and deemed acceptable for use in Canada.September 2008 Internatio

4、nal Organization for Standardization (ISO), 2007. All rights reserved. International Electrotechnical Commission (IEC), 2007. All rights reserved. NOT FOR RESALE. ISO/IEC 7816-15:2004/Amd.1:2007(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing polic

5、y, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central S

6、ecretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to

7、 ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2007 All rights reserved. Unless otherwise specified, no part of this p

8、ublication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 G

9、eneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org ii ISO/IEC 2007 All rights reservedISO/IEC 7816-15:2004/Amd.1:2007(E) ISO/IEC 2007 All rights reserved iiiForeword ISO (the International Organization for Standardization) and IEC (the International Electro

10、technical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technica

11、l activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical

12、 committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circul

13、ated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held r

14、esponsible for identifying any or all such patent rights. Amendment 1 to ISO/IEC 7816-15:2004 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 17, Cards and personal identification. ISO/IEC 7816-15:2004/Amd.1:2007(E) ISO/IEC 2007 All rights reserved 1I

15、dentification cards Integrated circuit cards Part 15: Cryptographic information application AMENDMENT 1: Examples of the use of the cryptographic information application Insert the following new annex after Annex D. Annex E (informative) Examples of the use of the cryptographic information applicati

16、on E.1 Introduction The purpose of this informative annex is to provide practical examples of the use of the cryptographic information application. By providing sample program code for each example, programmers can see the programmatic connection between high-level ASN.1 representations and low-leve

17、l BER representations and thus create more efficient and more compact software that uses the cryptographic information application. Each clause in the annex is a free-standing example and consists of four paragraphs: 1. Description of the example 2. A specification of the example described in paragr

18、aph (1) in commented ISO/IEC 7816-15 ASN.1 constructs, using the formal value notation defined in ISO/IEC 8824-1. 3. Annotated code in the ISO/IEC 9899 TC2 C programming language for BER encoding and decoding according to the ASN.1 specification of paragraph (2). 4. BER encoding of the example as pr

19、oduced by the encoder of paragraph (3). Two examples also include graphic representations of the BER at the end of the Annex. 5. The source code provided in paragraph (3) was compiled and run to generate the output shown in paragraph (4). A transcription of the ASN.1 encoding of the Cryptographic In

20、formation Application listed in Annex A above was used for all examples. A free, publically-available ASN.1 compiler was used to generate the BER encoders and decoders from this ASN.1. E.2 Encoding of a Private Key E.2.1 Cryptographic Information Application Example Description This is an example of

21、 an ISO/IEC 7816-15 RSA private key. ISO/IEC 7816-15:2004/Amd.1:2007(E) 2 ISO/IEC 2007 All rights reservedE.2.2 ASN.1 Encoding of an RSA Private Key privateKeys objects - SEQUENCE OF - privateRSAKey - SEQUENCE - commonObjectAttributes - SEQUENCE - label 4b455931H - “KEY1“ -, flags 80H, authId 41444d

22、H - “ADM“ -, userConsent 1 , classAttributes - SEQUENCE - iD 9bH, usage 2040H, native TRUE, accessFlags 98H, keyReference 10 , subClassAttributes - SEQUENCE - keyIdentifiers - SEQUENCE OF - - SEQUENCE - idType 5, idValue 3132333435363738H - “12345678“ - , typeAttributes - SEQUENCE - value indirect p

23、ath - SEQUENCE - efidOrPath 3f004041H , modulusLength 1024 E.2.3 Code Encoding and Decoding BER from the ASN.1 /* * Encoding of a Private Key as a Data Object in EF.OD */ void Part15PrivateKey(const char *label, unsigned char objectFlags, unsigned char *authId, unsigned int authIdLength, unsigned in

24、t userConsent, unsigned char native, unsigned char *iD, unsigned int iDLength, unsigned short usageFlags, unsigned char accessFlags, unsigned int keyReference, unsigned int identifierType, unsigned char *externalIdentifier, unsigned char *path, unsigned int pathLength, unsigned int modulusLength ) u

25、nsigned int l; CIOChoice *cio; PrivateKeyChoice *prk, *prkp; CredentialIdentifier *crid, *cridp; PrivateKeyObject_PrivateRSAKeyAttributes pattr = 0 ; CommonObjectAttributes commonObjAttr = 0 ; CommonKeyAttributes commonKeyAttr = 0 ; CommonPrivateKeyAttributes commonPrivateKeyAttr = 0 ; PrivateRSAKey

26、Attributes privateRSAKeyAttr = 0 ; ISO/IEC 7816-15:2004/Amd.1:2007(E) ISO/IEC 2007 All rights reserved 3Path pathOctets = 0 ; AsnOcts issuerHash = 0 ; char commonObjectFlags1 = 0 ; AsnBits commonFlagsAsnBits = 3, commonObjectFlags ; char keyUsage2 = 0 ; AsnBits keyUsageAsnBits = 10, keyUsage ; char

27、keyAccessFlags1 = 0 ; AsnBits keyAccessFlagsAsnBits = 5, keyAccessFlags ; /* * Section 8.3 The CIOChoice type * * “EF.OD shall contain the concatenation of 0, 1, or more DER-encoded CIOChoice values.“ */ cio = (CIOChoice *)calloc(1, sizeof(PrivateKeyChoice); cio-choiceId = CIOCHOICE_PRIVATEKEYS; /*

28、* “It is expected that an EF.OD entry will usually reference a separate file (the path * choice of PathOrObjects) containing CIOs of the indicated type. An entry may, however, * hold CIOs directly (the objects choice of PathOrObjects), if the objects and the EF.OD * file have the same access control

29、 requirements.“ * * PathOrObjectsPrivateKeyChoice */ cio-a.privateKeys = (PrivateKeys *)calloc(1, sizeof(PrivateKeys); cio-a.privateKeys-choiceId = PATHOROBJECTS_PRIVATEKEYCHOICE_OBJECTS; cio-a.privateKeys-a.objects = AsnListNew(sizeof (void*); /* * Section 8.4.1 PrivateKeyChoice * * “This type cont

30、ains information pertaining to a private key. Each value * consists of attributes common to any object, any key, any private key, * and attributes particular to the key.“ */ prkp = (PrivateKeyChoice *)AsnListAppend(cio-a.privateKeys-a.objects); *prkp = prk = calloc(1, sizeof(PrivateKeyChoice); prk-c

31、hoiceId = PRIVATEKEYCHOICE_PRIVATERSAKEY; prk-a.privateRSAKey = monObjectAttributes = pattr.classAttributes = pattr.subClassAttributes = pattr.typeAttributes = /* * Section 8.2.8 CommonObjectAttributes * * “This type is a container for attributes common to all CIOs.“ */ commonObjAttr.label.octs = _s

32、trdup(label); commonObjAttr.label.octetLen = strlen(label); commonObjectFlags0 = objectFlags; commonObjAttr.flags = commonFlagsAsnBits; commonObjAttr.authId.octetLen=authIdLength; commonObjAttr.authId.octs = authId; commonObjAttr.userConsent = /* * Section 8.2.9 CommonKeyAttributes * * “The iD field

33、 shall be unique for each key information object, except when a public * key information object and its corresponding private key object are stored on * the same card. In this case, the information objects shall share the same * identifier (which may also be shared with one or several certificate in

34、formation ISO/IEC 7816-15:2004/Amd.1:2007(E) 4 ISO/IEC 2007 All rights reserved* objects .“ */ commonKeyAttr.iD.octs = iD; commonKeyAttr.iD.octetLen = iDLength; keyUsage0 = (unsigned char)(usageFlags8); keyUsage1 = (unsigned char)(usageFlags); commonKeyAttr.usage = keyUsageAsnBits; keyAccessFlags0 =

35、 accessFlags; commonKeyAttr.accessFlags= keyAccessFlagsAsnBits; commonKeyAttr.native = commonKeyAttr.keyReference = /* * Section 8.2.10 CommonPrivateKeyAttributes * * “The name field, when present, names the owner of the key, as specified in a * corresponding certificates subject field. * * Values o

36、f the keyIdentifiers field can be matched to identifiers from external * messages or protocols to select the appropriate key to a given operation.“ */ commonPrivateKeyAttr.keyIdentifiers = (CommonPrivateKeyAttributesSeqOf *)AsnListNew(sizeof (void*); cridp = (CredentialIdentifier *)AsnListAppend(com

37、monPrivateKeyAttr.keyIdentifiers); *cridp = crid = (CredentialIdentifier *)calloc(1, sizeof(CredentialIdentifier); issuerHash.octs = _strdup(externalIdentifier); issuerHash.octetLen = strlen(externalIdentifier); crid-idType = identifierType; crid-idValue.value = SetAnyTypeByInt( /* * Section 8.4.2 P

38、rivate RSA Key Attributes * * “PrivateRSAKeyAttributes.value: The value shall be a path to a file containing * a private RSA key. If there is no need to specify a path to a file, the path * value may be set to the empty path.“ */ privateRSAKeyAttr.value = (ObjectValue *)calloc(1, sizeof(ObjectValue)

39、; privateRSAKeyAttr.value-choiceId = OBJECTVALUE_INDIRECT; privateRSAKeyAttr.value-a.indirect = (ReferencedValue *)calloc(1, sizeof(ReferencedValue); privateRSAKeyAttr.value-a.indirect-choiceId = REFERENCEDVALUE_PATH; pathOctets.efidOrPath.octs = (char *)calloc(1, pathLength); memcpy(pathOctets.efid

40、OrPath.octs, path, pathLength); pathOctets.efidOrPath.octetLen = pathLength; privateRSAKeyAttr.value-a.indirect-a.path = privateRSAKeyAttr.modulusLength = modulusLength; /* * Print the Private Key Data Object */ PrintCIOChoice(stdout, cio, 3); /* * BER Encode the Private Key Data Object */ BERLength

41、 = BEncCIOChoiceContent(gb, cio); /* * Decoding of a Private Key as a Data Object in EF.OD */ PrivateKeyObject_PrivateRSAKeyAttributes *PrivateRSAKey(unsigned char *BER, unsigned int BERLength) ISO/IEC 7816-15:2004/Amd.1:2007(E) ISO/IEC 2007 All rights reserved 5SBuf b; GenBuf *gb; unsigned int byte

42、sDecoded = 0; ENV_TYPE env; CIOChoice *cio; AsnTag tagId0; AsnLen elmtLen0; if(setjmp(env)!= 0) exit(0); cio = calloc(1, sizeof(CIOChoice); SBufInstallData( SBuftoGenBuf( tagId0 = BDecTag(gb, elmtLen0 = BDecLen(gb, /* * Decode the RSA Private Key Data Object */ BDecCIOChoiceContent(gb, tagId0, elmtL

43、en0, cio, return (PrivateKeyChoice *)(cio-a.privateKeys-a.objects-first-data)-a.privateRSAKey; E.2.4 BER Encoding 0xa0,0x51,0xa0,0x4f,0x30,0x4d,0x30,0x12,0x0c,0x04,0x4b,0x45,0x59,0x31,0x03,0x02, 0x05,0x80,0x04,0x03,0x41,0x44,0x4d,0x02,0x01,0x01,0x30,0x12,0x04,0x01,0x9b,0x03, 0x03,0x06,0x20,0x40,0x01

44、,0x01,0xff,0x03,0x02,0x03,0x98,0x02,0x01,0x0a,0xa0,0x13, 0x30,0x11,0xa0,0x0f,0x30,0x0d,0x02,0x01,0x05,0x04,0x08,0x31,0x32,0x33,0x34,0x35, 0x36,0x37,0x38,0xa1,0x0e,0x30,0x0c,0x30,0x06,0x04,0x04,0x3f,0x00,0x40,0x41,0x02, 0x02,0x04,0x00 Table E.1 is a diagrammatic representation of this BER encoding. I

45、SO/IEC 7816-15:2004/Amd.1:2007(E) 6 ISO/IEC 2007 All rights reservedTable E.1 EF.PrKD ofRSAprivate KeyData Type A0 51 CIOChoice:Private keydata objectA0 4F PrivateKeyChoice: Private RSA Key30 4DPrivate RSA Keyobject 30 12 Common object Attribute 0C04 label 4B, 45, 59, 31 UTF8String 03 02 flags 05, 8

46、0 BITSTRING04 03 auth Id 41, 44, 44 OCTETSTRING02 01 userConsent 01 INTEGER30 12 Common KeyAttrribute 04 01 iD9B OCTETSTRING03 03 usage 06, 20, 40 BITSTRING01 01 native FF BOOLEAN03 02 accessFlags 03, 98 BITSTRING02 01 keyReference 0A INTEGERISO/IEC 7816-15:2004/Amd.1:2007(E) ISO/IEC 2007 All rights

47、 reserved 7Table E.1 (continued)A0 13 Common Private KeyAttribute30 11 Sequence A00FkeyIdentifier 30 0DSequence 02 01 idType 05 INTEGER60 08 idValue 31, 32, 33, 34,35, 36, 37, 38 OpenType A1 0e Private RSA keyattribute 30 0CSequence 30 06 Path 04 04 efidOrPath 3F, 00, 40,41 OCTETSTRING02 02 modulusL

48、ength 04, 00 INTEGERISO/IEC 7816-15:2004/Amd.1:2007(E) 8 ISO/IEC 2007 All rights reservedE.3 Encoding of a Protected Data Container E.3.1 Cryptographic Information Application Example Description A data container object with two security conditions, one for READ and one for UPDATE. The data in the data container is a BER-TLV. The secret key SK-1 must be verified in order to change password AO-1. E.3.2 ASN.1 Encoding of the Protected Data Container Object dataContainerObjects objects - SEQUENCE OF - iso7816DO - SEQUENCE - commonObjectAtt

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1