RSA BSAFE ® Cert-J 2.1.1 JAVA COMPONENTS: Class BiometricInfo

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.rsa.certj.cert.extensions

Class BiometricInfo

java.lang.Object
  |
  +--com.rsa.certj.cert.extensions.X509V3Extension
        |
        +--com.rsa.certj.cert.extensions.BiometricInfo

All Implemented Interfaces:: CertExtension, Cloneable, Serializable

public class BiometricInfo
extends X509V3Extension
implements Cloneable, Serializable, CertExtension

This class builds and holds the BiometricInfo extension. This extension is used for storage of biometric information. Biometric information is stored in the form of a hash of a biometric template.

The purpose of this extension is to provide means for authentication of biometric information. The biometric information that corresponds to the stored hash is not stored in this extension, but the extension MAY include an URI pointing to a location where this information can be obtained. If included, this URI does not imply that this is the only way to access this information.

It is RECOMMENDED that biometric information in this extension is limited to information types suitable for human verification, i.e., where the decision of whether the information is an accurate representation of the subject is naturally performed by a person. This implies a usage where the biometric information is represented by, for example, a graphical image displayed to the relying party, which MAY be used by the relying party to enhance identification of the subject.

This extension MUST NOT be marked critical.

The ASN.1 definition is defined as follows:

    biometricInfo  EXTENSION ::= {
        SYNTAX             BiometricSyntax
        IDENTIFIED BY      id-pe-biometricInfo }

    id-pe-biometricInfo OBJECT IDENTIFIER  ::= {id-pe 2}
    id-pe  OBJECT IDENTIFIER  ::=  { id-pkix 1 }
    id-pkix  OBJECT IDENTIFIER  ::=
              { iso(1) identified-organization(3) dod(6) internet(1)
                      security(5) mechanisms(5) pkix(7) }
    BiometricSyntax ::= SEQUENCE OF BiometricData

    BiometricData ::= SEQUENCE {
       typeOfBiometricData  TypeOfBiometricData,
       hashAlgorithm        AlgorithmIdentifier,
       biometricDataHash    OCTET STRING,
       sourceDataUri        IA5String OPTIONAL }

    TypeOfBiometricData ::= CHOICE {
        predefinedBiometricType    PredefinedBiometricType,
        biometricDataID            OBJECT IDENTIFIER }

    PredefinedBiometricType ::= INTEGER { picture(0),
        handwritten-signature(1)} (picture|handwritten-signature,...)

See Also: Serialized Form

Fields inherited from class com.rsa.certj.cert.extensions.X509V3Extension

ARCHIVE_CUTOFF, ARCHIVE_CUTOFF_OID, AUTHORITY_INFO_ACCESS, AUTHORITY_INFO_OID, AUTHORITY_KEY_ID, BASIC_CONSTRAINTS, BIO_INFO, BIO_INFO_OID, CERT_POLICIES, CERTIFICATE_ISSUER, CRL_DISTRIBUTION_POINTS, CRL_NUMBER, CRL_REFERENCE, CRL_REFERENCE_OID, DELTA_CRL_INDICATOR, EXTENDED_KEY_USAGE, HOLD_INSTRUCTION_CODE, INHIBIT_ANY_POLICY, INVALIDITY_DATE, ISSUER_ALT_NAME, ISSUING_DISTRIBUTION_POINT, KEY_USAGE, NAME_CONSTRAINTS, NETSCAPE_BASE_URL, NETSCAPE_BASE_URL_OID, NETSCAPE_CA_POLICY_URL, NETSCAPE_CA_POLICY_URL_OID, NETSCAPE_CA_REVOCATION_URL, NETSCAPE_CA_REVOCATION_URL_OID, NETSCAPE_CERT_RENEWAL_URL, NETSCAPE_CERT_RENEWAL_URL_OID, NETSCAPE_CERT_TYPE, NETSCAPE_CERT_TYPE_OID, NETSCAPE_COMMENT, NETSCAPE_COMMENT_OID, NETSCAPE_REVOCATION_URL, NETSCAPE_REVOCATION_URL_OID, NETSCAPE_SSL_SERVER_NAME, NETSCAPE_SSL_SERVER_NAME_OID, NON_STANDARD_EXTENSION, OCSP_ACCEPTABLE_RESPONSES, OCSP_ACCEPTABLE_RESPONSES_OID, OCSP_NOCHECK, OCSP_NOCHECK_OID, OCSP_NONCE, OCSP_NONCE_OID, OCSP_SERVICE_LOCATOR, OCSP_SERVICE_LOCATOR_OID, POLICY_CONSTRAINTS, POLICY_MAPPINGS, PRIVATE_KEY_USAGE_PERIOD, QC_STATEMENTS, QC_STATEMENTS_OID, REASON_CODE, SUBJECT_ALT_NAME, SUBJECT_DIRECTORY_ATTRIBUTES, SUBJECT_KEY_ID, VERISIGN_CZAG, VERISIGN_CZAG_OID, VERISIGN_FIDELITY_ID, VERISIGN_FIDELITY_ID_OID, VERISIGN_JURISDICTION_HASH, VERISIGN_JURISDICTION_HASH_OID, VERISIGN_NETSCAPE_INBOX_V1, VERISIGN_NETSCAPE_INBOX_V1_OID, VERISIGN_NETSCAPE_INBOX_V2, VERISIGN_NETSCAPE_INBOX_V2_OID, VERISIGN_NON_VERIFIED, VERISIGN_NON_VERIFIED_OID, VERISIGN_SERIAL_NUMBER, VERISIGN_SERIAL_NUMBER_OID, VERISIGN_TOKEN_TYPE, VERISIGN_TOKEN_TYPE_OID

Constructor Summary

BiometricInfo()

Constructs an empty BiometricInfo object.

BiometricInfo(BiometricData bioData, boolean criticality)

Constructs a BiometricInfo object and initializes it with the given values and the specified criticality.

Method Summary

void
addBioData(BiometricData bioData)

Adds a new bio data to this extension.

Object
clone()

Overrrides the default clone method to get a deeper clone.

void
decodeValue(byte[] valueBER, int offset)

Decode the value.

int
derEncodeValue(byte[] encoding, int offset)

Place the encoding of the value into encoding, beginning at offset.

int
derEncodeValueInit()

Initialize for encoding the value.

BiometricData
getBioData(int index)

Gets the biometric data at the specified index

int
getBioDataCount()

Gets the number of different biometric data ojects stored in this extension

Methods inherited from class com.rsa.certj.cert.extensions.X509V3Extension

extend, getCriticality, getDEREncoding, getDERLen, getExtensionType, getExtensionTypeString, getInstance, getNextBEROffset, isExtensionType, setCriticality, setEncoding, setSpecialOID, setStandardOID

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

BiometricInfo

public BiometricInfo()

Constructs an empty BiometricInfo object.

BiometricInfo

public BiometricInfo(BiometricData bioData,
                     boolean criticality)

Constructs a BiometricInfo object and initializes it with the given values and the specified criticality.

Parameters

	`bioData`		biometric data stored in form of a hash of a biometric template
	`criticality`		The user-specified criticality.

Method Detail

addBioData

public void addBioData(BiometricData bioData)

Adds a new bio data to this extension.

Parameters

bioData

biometric data stored in form of a hash of a biometric template

getBioDataCount

public int getBioDataCount()

Gets the number of different biometric data ojects stored in this extension

Returns: The number of biometric data ojects in this extension.

getBioData

public BiometricData getBioData(int index)
                         throws CertificateException

Gets the biometric data at the specified index

Returns: the biometric data at the specified index
Throws: CertificateException - if specified index is invalid

decodeValue

public void decodeValue(byte[] valueBER,
                        int offset)
                 throws CertificateException

Decode the value. The input is the BER encoding that was wrapped in the OCTET STRING.

Overrides: decodeValue in class X509V3Extension

Throws: CertificateException - If the encoding is invalid for this extension.

derEncodeValueInit

public int derEncodeValueInit()

Initialize for encoding the value.

Overrides: derEncodeValueInit in class X509V3Extension

Returns: How many bytes the encoding will be. It returns 0 if there is an error in encoding

derEncodeValue

public int derEncodeValue(byte[] encoding,
                          int offset)

Place the encoding of the value into encoding, beginning at offset. This is the actual contents that are wrapped in the OCTET STRING (not the surrounding OCTET STRING tag and length).

Overrides: derEncodeValue in class X509V3Extension

Returns: The number of bytes actually placed into encoding.

clone

public Object clone()
             throws CloneNotSupportedException

Overrrides the default clone method to get a deeper clone.

Overrides: clone in class X509V3Extension

Returns: A new BiometricInfo object, a copy of this object.
Throws: CloneNotSupportedException - If the cloning operation is not successful.