1、 ETSI TS 119 164-5 V1.1.1 (2016-06) Electronic Signatures and Infrastructures (ESI); Associated Signature Containers (ASiC) - Testing Compliance and Interoperability; Part 5: Testing Conformance of additional ASiC containers TECHNICAL SPECIFICATION ETSI ETSI TS 119 164-5 V1.1.1 (2016-06)2 Reference
2、DTS/ESI-0019164-5 Keywords ASiC, conformance,e-commerce, electronic signature, security, testing ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Pr
3、fecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not
4、be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secreta
5、riat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, pl
6、ease send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written pe
7、rmission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2016. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand
8、 the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TS 1
9、19 164-5 V1.1.1 (2016-06)3 Contents Intellectual Property Rights 4g3Foreword . 4g3Modal verbs terminology 4g31 Scope 5g32 References 5g32.1 Normative references . 5g32.2 Informative references 5g33 Definitions and abbreviations . 6g33.1 Definitions 6g33.2 Abbreviations . 6g34 ASiC additional contain
10、er conformity test specification overview 7g35 Testing Simple Associated Signature Containers (ASiC-S) 7g35.1 Test Assertions for ASiC-S 7g35.1.1 ASiC-S test assertions for Additional Container Structure . 7g35.1.2 ASiC-S test assertions for Additional Container Syntactical Conformance . 8 g35.1.3 T
11、est assertions for ASiC-S ACST conformance . 9g36 Testing Extended Associated Signature Containers (ASiC-E). 12g36.1 Test Assertions for ASiC-E 12g36.1.1 ASiC-E test assertions for Additional Container Structure . 12g36.1.2 ASiC-E test assertions for Additional Container Syntactical Conformance . 13
12、g36.1.3 Test assertions for ASiC-E Additional Container Signature or Timestamp token conformance 14g3History 17g3ETSI ETSI TS 119 164-5 V1.1.1 (2016-06)4 Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information perta
13、ining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secreta
14、riat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on
15、the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI Technical Committee Electronic Signatures and Infrastructures (ESI). The present document is part 5 of a multi-part deliverable covering A
16、ssociated Signature Containers (ASiC) - Testing Conformance and Interoperability. Full details of the entire series can be found in part 1 i.2. A tool implementing the present document has been developed and is accessible at http:/signatures-conformance-checker.etsi.org/ Modal verbs terminology In t
17、he present document “shall“, “shall not“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliv
18、erables except when used in direct citation. ETSI ETSI TS 119 164-5 V1.1.1 (2016-06)5 1 Scope The present document defines the sets of checks required for testing conformance of ASiC containers against: ASiC containers conforming to building blocks defined in ETSI EN 319 162-1 1 and containing exten
19、ded CAdES i.5 and extended XAdES i.6 digital dignatures, expanding the scope of ASiC baseline containers also defined in ETSI EN 319 162-1 1; and additional containers defined in ETSI EN 319 162-2 2. The set of checks that are common with ASiC baseline containers, are defined in ETSI TS 119 164-4 5
20、and referenced when needed. 2 References 2.1 Normative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of th
21、e referenced document (including any amendments) applies. Referenced documents which are not found to be publicly available in the expected location might be found at http:/docbox.etsi.org/Reference. NOTE: While any hyperlinks included in this clause were valid at the time of publication ETSI cannot
22、 guarantee their long term validity. The following referenced documents are necessary for the application of the present document. 1 ETSI EN 319 162-1: “Electronic Signatures and Infrastructures (ESI); Associated Signature Containers (ASiC); Part 1: Building blocks and ASiC baseline containers“. 2 E
23、TSI EN 319 162-2: “Electronic Signatures and Infrastructures (ESI); Associated Signature Containers (ASiC); Part 2: Additional ASiC containers“. 3 ETSI TS 119 124-5: “Electronic Signatures and Infrastructures (ESI); CAdES digital signatures - Testing Conformance and Interoperability; Part 5: Testing
24、 conformance of extended CAdES signatures“. 4 ETSI TS 119 134-5: “Electronic Signatures and Infrastructures (ESI); XAdES digital signatures - Testing Compliance Part 5: Conformance Testing for XAdES Baseline Profile“. 5 ETSI TS 119 164-4: “Electronic Signatures and Infrastructures (ESI); Associated
25、Signature Containers (ASiC) - Testing Compliance and Interoperability; Part 4: Testing conformance of ASiC baseline containers“. 2.2 Informative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific referen
26、ces, only the cited version applies. For non-specific references, the latest version of the referenced document (including any amendments) applies. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following
27、referenced documents are not necessary for the application of the present document but they assist the user with regard to a particular subject area. i.1 OASIS: “Test Assertions Guidelines Version 1.0“, 19 June 2013. OASIS Committee Note 02. NOTE: Available at http:/docs.oasis-open.org/tag/guideline
28、s/v1.0/cn02/guidelines-v1.0-cn02.html. ETSI ETSI TS 119 164-5 V1.1.1 (2016-06)6 i.2 ETSI TR 119 164-1: “Electronic Signatures and Infrastructures (ESI); Associated Signature Containers (ASiC) - Testing Conformance and Interoperability; Part 1: Overview“. i.3 ETSI TR 119 001: “Electronic Signatures a
29、nd Infrastructures (ESI); The framework for standardization of signatures; Definitions and abbreviations“. i.4 ETSI EN 319 122-2: “Electronic Signatures and Infrastructures (ESI); CAdES digital signatures; Part 2: Extended CAdES signatures“. i.5 ETSI EN 319 132-2: “Electronic Signatures and Infrastr
30、uctures (ESI); XAdES digital signatures; Part 2: Extended XAdES signatures“. i.6 IETF RFC 3161: “Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)“. i.7 IETF RFC 5816: “ESSCertIDv2 Update for RFC 3161“. i.8 IETF RFC 4998: “Evidence Record Syntax (ERS)“. i.9 IETF RFC 6283: “Extensibl
31、e Markup Language Evidence Record Syntax (XMLERS)“. i.10 OASIS: “Open Document Format for Office Applications (OpenDocument) Version 1.2; Part 3: Packages“ 29 September 2011. i.11 ISO/IEC TS 30135 (all parts): “Information technology - Digital publishing - EPUB3“. 3 Definitions and abbreviations 3.1
32、 Definitions For the purposes of the present document, the terms and definitions given in ETSI TR 119 001 i.3 and in the Test Assertions Guidelines i.1 apply. In case of contrast the former prevails. 3.2 Abbreviations For the purposes of the present document, the abbreviations given in ETSI TR 119 0
33、01 i.3 and the following apply: ACS Additional Container Structure PKI Public Key Infrastructure ACSC Additional Container Syntactical Conformance ACST Additional Container Signature or Time-stamp token TA Test Assertion NOTE: Refer to i.1. TAL Test Assertion List NOTE: Refer to i.1. TC Test Case UR
34、I Uniform Resource Identifier ETSI ETSI TS 119 164-5 V1.1.1 (2016-06)7 4 ASiC additional container conformity test specification overview The present document complements ETSI TS 119 164-4 5 (conformance testing of ASiC baseline containers) by specifying tests to be performed for testing conformance
35、 of ASiC containers supporting specific requirements not supported by ASiC baseline containers but still complying with the ASiC building blocks specified in ETSI EN 319 162-1 1. This clause describes the overall approach used for testing conformance of these additional containers. In particular ASi
36、C additional containers, in scope of the present document, shall be: 1) ASiC additional containers obtained by expanding in scope ASiC baseline containers, in conformance to the ASiC building blocks specified in ETSI EN 319 162-1 1 clause 4 and allowing use of extended CAdES signatures (ETSI EN 319
37、122-2 i.4) and extended CAdES signatures (ETSI EN 319 132-2 i.5); or 2) ASiC additional containers specified in ETSI EN 319 162-2 2. The conformance test are defined: extending ETSI TS 119 164-4 5 with conformance tests defined for extended CAdES digital signatures in ETSI TS 119 124-5 3 and conform
38、ance tests defined for extended XAdES digital signatures defined in ETSI TS 119 134-5 4; and defining conformance tests considering the additional container types specified in ETSI EN 319 162-2 2. The conformance test definitions are based on test assertions work produced by OASIS in “Test Assertion
39、s Guidelines Version 1.0“ i.1. Each test assertion includes the following information: 1) Unique identifier for further referencing. 2) Reference to the Normative source for the test. 3) The Target of the assertion. 4) The Prerequisite specifies the conditions under which the TA is applicable/can be
40、 performed. 5) Predicate fully and unambiguously defining the assertion to be tested. 6) Prescription level: Three levels are defined: mandatory, recommended and permitted, whose semantics is to be interpreted as described in clause 3.1.2 of i.1. 7) Tag: information on the element tested by the asse
41、rtion. 5 Testing Simple Associated Signature Containers (ASiC-S) 5.1 Test Assertions for ASiC-S 5.1.1 ASiC-S test assertions for Additional Container Structure All the test assertions related to the first conformance layer, the Additional Container Structure (ACS), are grouped in a Test Assertion Li
42、st defined as follows: TA List id: TAL/ASiC-S/ACS List Description: all TAs describing ACS requirements for ASiC-S additional containers List Members: TA/ASiC-S/ACS/1 . 6 ETSI ETSI TS 119 164-5 V1.1.1 (2016-06)8 The Test Assertions that belong to this Test Assertion List are specified as follows: TA
43、 id: TA/ASiC-S/ACS/1 Normative Source: ASiC ETSI EN 319 162-1 1 clause 4.2 item 1 and 2 Target: ASiC generator claiming conformance to ASiC-S additional container Predicate: The ZIP format, with the limitations specified in the Normative Source referred above, shall be used to bind the contained obj
44、ects into a single container Prescription Level: mandatory Tag: conformance layer = 1 (ACS); Container type = ASiC-S additional container TA id: TA/ASiC-S/ACS/2 Normative Source: ETSI EN 319 162-1 1 clause 4.3.3.1 item 2 Target: ASiC generator claiming conformance to ASiC-S additional container Pred
45、icate: ASiC File extension is “.asics” or “.scs” if the operating systems and/or file systems do not allow more than 3 characters file extensions or “.zip”. Prescription Level: mandatory Tag: conformance layer = 1 (ACS); Container type = ASiC-S additional container TA id: TA/ASiC-S/ACS/3 Normative S
46、ource: ETSI EN 319 162-1 1 clause 4.3.3.1 item 3 Target: ASiC generator claiming conformance to ASiC-S additional container Predicate: The comment field in the ZIP file header is set with “mimetype=” followed by the media type of the data held in the file. Prescription Level: permitted Tag: conforma
47、nce layer = 1 (ACS); Container type = ASiC-S additional container TA id: TA/ASiC-S/ACS/4 Normative Source: ETSI EN 319 162-1 1 clause 4.3.3.1 item 1 and clause A.1 Target: ASiC generator claiming conformance to ASiC-S additional container Predicate: mimetype is encoded as specified in ETSI EN 319 16
48、2-1 1 clause A.1 and is set according to clause 4.3.3.1 item 1. Prescription Level: mandatory if file extension is “.zip”; else recommended Tag: conformance layer = 1 (ACS); Container type = ASiC-S additional container TA id: TA/ASiC-S/ACS/5 Normative Source: ETSI EN 319 162-1 1 clause 4.4.3.2 item
49、3 and 4 Target: ASiC generator claiming conformance to ASiC-S additional container Predicate: META-INF folder is present and contains one file named timestamp.tst, signature.p7s, signatures.xml, “evidencerecord.ers“ or “evidencerecord.xml“. Prescription Level: mandatory Tag: conformance layer = 1 (ACS); Container type = ASiC-S additional container TA id: ASiC-S/ACS/6 Normative Source: ETSI EN 319 162-1 1 clause 4.4.3.2 item 2 Target: ASiC generator claiming conformance to
