Приложение А (обязательное). Модуль АСН.1 для формата блока защиты информации. Национальный стандарт РФ ГОСТ Р ИСО/МЭК 19785-4-2012 "Информационные технологии. Биометрия. Единая структура форматов обмена биометрическими данными. Часть 4. Спецификация формата блока защиты информации" (утв. приказом Федерального агентства по техническому регулированию и метрологии от 24.10.2012 N 554-ст)

Приложение А
(обязательное)

Модуль АСН.1 для формата блока защиты информации

Данный модуль АСН.1 был проверен на наличие ошибок с помощью специального инструмента АСН.1, предназначенного для синтаксической проверки.

CBEFF-GENERAL-PURPOSE-SECURITY-BLOCK

{iso(1) standard(0) cbeff(19785) module(0) sb(16) rev(0)}

DEFINITIONS AUTOMATIC TAGS ::= BEGIN

IMPORTS

--RFC 5911 ASN.1 Module for RFC 3852 Cryptographic Message Syntax

ContentEncryptionAlgorithmldentifier,

Signerlnfos, MessageAuthenticationCodeAlgorithm,

DigestAlgorithmldentifier, AuthAttributes, MessageAuthenticationCode,

Originatorlnfo, Recipientlnfos

FROM CryptographicMessageSyntax2004 {

iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)

pkcs-9(9) smime(16) modules(0) cms-2004(24)}

-- ISO/IEC 24761 Authentication context for biometrics

ACBiolnstance, CertificateSet, RevocationlnfoChoices

FROM AuthenticationContextForBiometrics {

iso(1) standard(0) acbio(24761) module(1) acbio(2) rev(0)};

CONTENT-TYPE ::= TYPE-IDENTIFIER

CBEFFSecurityBlock ::= SEQUENCE OF CBEFFSecurityBlockElement

CBEFFSecurityBlockElement ::= CHOICE {

elementCBEFFSBContentlnfoCBEFFSB,

subBlockForACBioSubBlockForACBio,

accumulatedACBiolnstancesACBiolnstances

}

ContentlnfoCBEFFSB ::= SEQUENCE {

contentTypeCONTENT-TYPE.&id({ContentTypeCBEFF}),

content [0] EXPLICIT CONTENT-TYPE.&Type

({ContentTypeCBEFF}{@contentType})

}

ContentTypeCBEFF CONTENT-TYPE ::= {envelopeRelatedData | encryptionRelatedData |

signatureRelatedData | authenticationRelatedData}

EnvelopeRelatedData::= SEQUENCE {

version CBEFFSBVersion DEFAULT v0,

originatorlnfo [0] IMPLICIT Originatorlnfo OPTIONAL,

recipientlnfos Recipientlnfos,

contentEncryptionAlgorithmContentEncryptionAlgorithmldentifier

}

CBEFFSBVersion ::= INTEGER {v0(0)} ( v0,...)

EncryptionRelatedData ::= SEQUENCE {

version CBEFFSBVersion DEFAULT v0,

contentEncryptionAlgorithmContentEncryptionAlgorithmldentifier

}

SignatureRelatedData::= SEQUENCE {

version CBEFFSBVersion DEFAULT v0,

digestAlgorithms SET OF DigestAlgorithmldentifier,

certificates [0] IMPLICIT CertificateSet OPTIONAL,

crls [1] IMPLICIT RevocationlnfoChoices OPTIONAL,

signerlnfos Signerlnfos

}

AuthenticationRelatedData ::= SEQUENCE {

version CBEFFSBVersion DEFAULT vO,

originatorlnfo [0] IMPLICIT Originatorlnfo OPTIONAL,

recipientlnfos Recipientlnfos,

macAlgorithm MessageAuthenticationCodeAlgorithm,

mac MessageAuthenticationCode

}

SubBlockForACBio ::= SEQUENCE {

bpulOlndex INTEGER,

acbiolnstance ACBiolnstance

}

ACBiolnstances::= SEQUENCE OF ACBiolnstance

- - contentType object identifiers

id-envelopeRelatedData OBJECT IDENTIFIER ::= {

iso(1) standard(O) cbeff(19785) contentType(1) envelopeRelatedData(1)

}

id-encryptionRelatedData OBJECT IDENTIFIER ::= {

iso(1) standard(0) cbeff(19785) contentType(1) encryptionRelatedData(2)

}

id-signatureRelatedData OBJECT IDENTIFIER ::= {

iso(1) standard(0) cbeff(19785) contentType(1) signatureRelatedData(3)

}

id-authenticationRelatedData OBJECT IDENTIFIER ::= {

iso(1) standard(0) cbeff(19785) contentType(1) authenticationRelatedData(4)

}

- - ContentType objects

envelopeRelatedData CONTENT-TYPE ::= {

EnvelopeRelated Data

IDENTIFIED BY id-envelopeRelatedData

}

encryptionRelatedData CONTENT-TYPE ::= {

EncryptionRelatedData

IDENTIFIED BY id-encryptionRelatedData

}

signatureRelatedData CONTENT-TYPE ::= {

SignatureRelatedData

IDENTIFIED BY id-signatureRelatedData

}

authenticationRelatedData CONTENT-TYPE ::= {

AuthenticationRelatedData

IDENTIFIED BY id-authenticationRelatedData

}

END - - CBEFF-SECURITY-BLOCK