iaik.x509.extensions.qualified.structures
Class BiometricData

java.lang.Object
  |
  +--iaik.x509.extensions.qualified.structures.BiometricData

All Implemented Interfaces:

ASN1Type

public class BiometricData

extends Object

implements ASN1Type

This class implements the BiometricData type of the PKIX Qualified Certificate Profile.

The BiometricData is used for including biometric information into a qualified certificate by means of the private BiometricInfo extension. The biometric information is provided by a hash of a biometric template:

 BiometricData ::= SEQUENCE {
   typeOfBiometricData TypeOfBiometricData,
   hashAlgorithm       AlgorithmIdentifier,
   biometricDataHash   OCTET STRING,
   sourceDataUri       IA5String OPTIONAL }
 

The biometric information corresponding to the included hash value is not supplied. However, an URI may be specified pointing to the location where the biometric information can be obtained.
The type of biometric data may either be a predefined one or an arbitrary one, latter incated by an object identifier:

 TypeOfBiometricData ::= CHOICE {
   predefinedBiometricType PredefinedBiometricType,
   biometricDataOid        OBJECT IDENTIFIER }
 

 PredefinedBiometricType ::= INTEGER {
  picture(0), handwritten-signature(1)}
  (picture|handwritten-signature)
 

For more information about the BiometricData type please refer to the actual Qualified Certificate Profile draft.

This class provides two constructors for supplying the type of biometric data: BiometricData(int predefinedBiometricType) may be used when creating a BiometricData object of predefined type and BiometricData(ObjectID biometricDataOid) for creating a BiometricData object where the type is indicated by an object identifier. In the first case use the static variables picture respectively handwritten_signature for indicating the desired predefined type, e.g.:

 BiometricData biometricData = new BiometricData(BiometricData.picture);
 

After having created a BiometricData object you may choose among three ways for setting hash algorithm and biometric data hash. When calling method setBiometricDataHash(AlgorithmID hashAlgorithm, String sourceDataUri) a connection is established to the given source data uri for obtaining the biometric data to be hashed and subsequently setting the calcualted biometric data hash value, e.g. (please note that this method only may be used for HTTP urls):

 
 BiometricData biometricData = new BiometricData(BiometricData.picture);
 String sourceDaraUri = "http://jcewww.iaik.at/images/PE03257A.gif";
 biometricData.setBiometricDataHash(AlgorithmID.sha, sourceDataUri);
 

When using method setBiometricDataHash(AlgorithmID hashAlgorithm, InputStream is) the biometric data is calculated over the data supplied from the input stream. An applicatin using method setBiometricDataHash(AlgorithmID hashAlgorithm, byte[]) has to calculate the biometric data hash by itself. In both cases method setSourceDataUri may be used to set the optional source data uri field:

 String sourceDataUri = ...;
 biometricData.setSourceDataUri(sourceDataUri);
 

Use method setBiometricDatas for adding BiometricData objects to a BiometricInfo extension.

When verifying the biometric data hash(es) included in a qualified certificate an application may use one of the following two methods obtaining the data to be hashed from the inherent source data uri or from the given input stream, respectively:

• verifyBiometricDataHash
• verifyBiometricDataHash(InputStream)

Version:

File Revision 15

Field Summary

static int	handwritten_signature The predefined biometric data type handwritten-signature.
static int	picture The predefined biometric data type picture.

Constructor Summary

BiometricData()
Empty default constructor.

BiometricData(ASN1Object obj)
Creates a BiometricData object from an ASN1Object.

BiometricData(int predefinedBiometricType)
Creates a BiometricData object from predefined biometric type.

BiometricData(ObjectID biometricDataOid)
Creates a BiometricData object from the given object identifier.

Method Summary

void	decode(ASN1Object obj) Decodes this BiometricData from an ASN1Object.
byte[]	getBiometricDataHash() Gets the biometric data hash value.
String	getBiometricDataHashAsString() Gets a string representation of the biometric data hash value.
AlgorithmID	getHashAlgorithm() Gets the hash algorithm.
String	getSourceDataUri() Gets source data uri.
ASN1Object	getTypeOfBiometricData() Gets the type of biometric data.
void	setBiometricDataHash(AlgorithmID hashAlgorithm, byte[] biometricDataHash) Sets hash algorithm and hash value of this BiometricData object.
void	setBiometricDataHash(AlgorithmID hashAlgorithm, InputStream is) Calculates and sets the biometric data hash over the data supplied from an input stream.
void	setBiometricDataHash(AlgorithmID hashAlgorithm, String sourceDataUri) Sets hash algorithm and biometric data hash value calculated from the given source data uri.
void	setSourceDataUri(String sourceDataUri) Sets the optional sourceDataUri field of this BiometricData object.
ASN1Object	toASN1Object() Returns this BiometricData as ASN1Object.
String	toString() Returns a string giving some information about this BiometricData object.
boolean	verifyBiometricDataHash() Verifies the biometric data hash.
boolean	verifyBiometricDataHash(InputStream is) Verifies the biometric data hash.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

picture

public static final int picture

The predefined biometric data type picture. The picture type indicates that the source picture is a displayable graphical image of the subject.

handwritten_signature

public static final int handwritten_signature

The predefined biometric data type handwritten-signature. The handwritten-signature type indicates that the source picture is a displayable graphical image of the subject´s handwritten signature.

Constructor Detail

BiometricData

public BiometricData()

Empty default constructor. Only for dynamic object creation. Shall not ne used by an application.

BiometricData

public BiometricData(int predefinedBiometricType)
              throws IllegalArgumentException

Creates a BiometricData object from predefined biometric type.

Parameters:

predefinedBiometricType - the predefined biometric type (either 0 for picture or 1 for handwritten-signature)

Throws:

IllegalArgumentException - if the given predefined biometric type is not 0 (picture) or 1 (handwritten-signature)

BiometricData

public BiometricData(ObjectID biometricDataOid)

Creates a BiometricData object from the given object identifier.

Parameters:

biometricDataOid - the object identifier indicating the type of biometric data

BiometricData

public BiometricData(ASN1Object obj)
              throws CodingException

Creates a BiometricData object from an ASN1Object.

The given ASN1Object represents an already existing BiometricData that may have been created by using method toASN1Object().

Parameters:

obj - the BiometricData as ASN1Object

Throws:

X509ExtensionException - if the BiometricData cannot be parsed

Method Detail

decode

public void decode(ASN1Object obj)
            throws CodingException

Decodes this BiometricData from an ASN1Object.

The given ASN1Object represents an already existing BiometricData that may have been created by using method toASN1Object().

Specified by:

decode in interface ASN1Type

Parameters:

obj - the BiometricData as ASN1Object

Throws:

X509ExtensionException - if the BiometricData cannot be parsed

toASN1Object

public ASN1Object toASN1Object()
                        throws CodingException

Returns this BiometricData as ASN1Object. The BiometricData type is represented as an ASN.1 SEQUENCE consisting of a biometric data type, a hash algorithm ID, a hash value and an optional source data uri.

Specified by:

toASN1Object in interface ASN1Type

Returns:

this BiometricData as ASN1Object

setSourceDataUri

public void setSourceDataUri(String sourceDataUri)

Sets the optional sourceDataUri field of this BiometricData object. The sourceDataUri field, if present, represents an URI that points to a location where the biometric information corresponding to the stored hash value can be found.

Parameters:

sourceDataUri - the source data URI

setBiometricDataHash

public void setBiometricDataHash(AlgorithmID hashAlgorithm,
                                 byte[] biometricDataHash)

Sets hash algorithm and hash value of this BiometricData object.

Parameters:

hashAlgorithm - the hash algorithm

biometricDataHash - the hash value

setBiometricDataHash

public void setBiometricDataHash(AlgorithmID hashAlgorithm,
                                 InputStream is)
                          throws IOException,
                                 NoSuchAlgorithmException

Calculates and sets the biometric data hash over the data supplied from an input stream.

Parameters:

hashAlgorithm - the hash algorithm to be used

is - the input stream from which to read the data

Throws:

IOException - if an error occurs while reading the data

NoSuchAlgorithmException - if the requested hash algorithm is not supported

setBiometricDataHash

public void setBiometricDataHash(AlgorithmID hashAlgorithm,
                                 String sourceDataUri)
                          throws IOException,
                                 NoSuchAlgorithmException

Sets hash algorithm and biometric data hash value calculated from the given source data uri.

This method tries to connect to the supplied (HTTP) source data uri to get the biometric data to be hashed. If successful, the given hash algorithm is used for calcuting and setting the biometric data hash value. Note that this method only may be used for HTTP urls.

If for some reason this method fails in setting the biometric data hash an application may calculate the hash itself and may use method setBiometricDataHash(AlgorithmID, byte[]) for explicitly setting the biometric data hash value (or supply the data to be hashed from an input stream and call method setBiometricDataHash(AlgorithmID, InputStream) for calculating and setting the biometric data hash.

Parameters:

hashAlgorithm - the hash algorithm to be used

sourceDataUri - the (HTTP) URL from where to get the biometric data to be hashed

Throws:

IOException - if an error occurs when trying to get the data

NoSuchAlgorithm - if the requested hash algorithm is not supported

verifyBiometricDataHash

public boolean verifyBiometricDataHash()
                                throws IOException

Verifies the biometric data hash.

If a source dara uri is included, this method tries to connect to it for getting the biometric data to be hashed. If successful a hash value is calculated over the data obatained and compared with the inherent biometric data hash. Note that this method only may be used for HTTP urls.

If for some reason this method fails in verifying the biometric data hash an application may obtain the data and calculate a hash itself for comparing it against the biometric data hash got by getBiometricDataHash (or use method verifyBiometricDataHash(InputStream is) for supplying the biometric data to be hashed and verified from an input stream).

Returns:

true if the biometric data hash is ok, false otherwise

Throws:

IOException - if an error occurs when trying to get the data or computing the hash to be verifiied

verifyBiometricDataHash

public boolean verifyBiometricDataHash(InputStream is)
                                throws IOException

Verifies the biometric data hash.

This method calculates a hash value over the data supplied from the given input stream and compares it against the inherent biometric data hash.

Returns:

true if the biometric data hash is ok, false otherwise

Throws:

IOException - if an error occurs when reading the data or computing the hash to be verifiied

getTypeOfBiometricData

public ASN1Object getTypeOfBiometricData()

Gets the type of biometric data.

Returns:

the type of biometric data, either as ASN.1 INETEGER (when predefined), or as ASN.1 ObjectID

getHashAlgorithm

public AlgorithmID getHashAlgorithm()

Gets the hash algorithm.

Returns:

hash algorithm

getBiometricDataHash

public byte[] getBiometricDataHash()

Gets the biometric data hash value.

Returns:

the biometric data hash value

getBiometricDataHashAsString

public String getBiometricDataHashAsString()

Gets a string representation of the biometric data hash value.

Returns:

a string representation of the biometric data hash value

getSourceDataUri

public String getSourceDataUri()

Gets source data uri.

Returns:

source data uri if present

toString

public String toString()

Returns a string giving some information about this BiometricData object.

Overrides:

toString in class Object

Returns:

the string representation