# IDencode cryptograph data structure
@startebnf
CRYPTOGRAPH = [T5_SIGNATURE_HEADER], (PK_HEADER | T5_HEADER), PAYLOAD;
PK_HEADER = 0x504B;
T5_HEADER = 0xFF55, EXPIRATION_DATE;
EXPIRATION_DATE = "4 bytes" (*Unsigned integer in Little-Endian byte order, representing the number of seconds since January 1, 1970*);
T5_SIGNATURE_HEADER = 0xFF01, KEY_ID, SIGNATURE;
KEY_ID = "1 byte" (*Unsigned integer, except 0, JWK key reference to a key at a JWKS, signature algorithm is derived from the JWK 'alg' property" \n(https://www.rfc-editor.org/rfc/rfc7517#section-4.1)*);
SIGNATURE = "S(Ks, H([PK_HEADER|T5_HEADER] + PAYLOAD)" (*
Signature size is dependent on key type and size
\n\n
e.g. \n
EC P-256 => ceil(256bits / 8) * 2 = ceil(32) * 2 = 32 * 2 = 64 bytes \n
EC P-521 => ceil(521bits / 8) * 2 = ceil(65.125) * 2 = 66 * 2 = 132 bytes \n
RSA 2048 => 2058buts = 256 bytes
*);
PAYLOAD = TLV, {TLV};
TLV = TLV_TYPE, TLV_LENGTH, TLV_PAYLOAD;
(*2 bytes in Big-Endian representation of record type*)
TLV_TYPE =
0x0300 (* 3 - face_template*)|
0x0400 (* 4 - compressed_image*)|
0x3500 (* 53 - finger_template_r1*)|
0x3700 (* 55 - finger_template_r2*)|
0x3900 (* 57 - finger_template_r3*)|
0x3B00 (* 59 - finger_template_r4*)|
0x3D00 (* 61 - finger_template_r5*)|
0x4000 (* 64 - finger_template_l1*)|
0x4200 (* 66 - finger_template_l2*)|
0x4400 (* 68 - finger_template_l3*)|
0x4600 (* 70 - finger_template_l4*)|
0x4800 (* 72 - finger_template_l5*)|
0x6600 (* 102 - iris_template_r*)|
0x6800 (* 104 - iris_template_l*)|
0x9800 (* 152 - voice_template*)|
0x903E (* 1001 - extra*)|
0xA03E (* 1002 - demog*)|
0xB03E (* 1003 - digital_signature*)|
0xC03E (* 1004 - binary_blob*)|
0xE03E (* 1006 - cryptograph_id*);
TLV_LENGTH = "2 bytes, in Big-Endian representation of TLV_PAYLOAD length";
TLV_PAYLOAD = "TLV_LENGTH bytes";
@endebnf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
# Example 1 - With expiration date
The data contains expiration date (05/08/2032 @ 7:30pm (UTC)), two records extra with value ASCII text HELLO and binary_blob with value byte array 10 11 12:
FF 55 F0 11 48 75 03 E9 00 05 48 45 4C 4C 4F 03 EC 00 03 10 11 12
1
| BYTES | Meaning |
|---|---|
| T5_Header | |
FF 55 | T5_Header |
| Expiration Date | |
F0 11 48 75 | 05/08/2032 @ 7:30pm (UTC). 1967657456 (in Little-Endian) seconds since seconds since Jan 01 1970. |
| First TLV | |
03 E9 | 1001 (in Big-Endian). Record type 'extra' |
00 05 | 5 (in Big-Endian). Length of payload is 5 |
48 45 4C 4C 4F | Payload 5 bytes. ASCII text 'HELLO' |
| Second TLV | |
03 EC | 1004 (in Big-Endian). Record type 'binary_blob' |
00 03 | 3 (in Big-Endian). Length of payload is 3 |
10 11 12 | Payload 3 bytes. Raw binary is 0x10, 0x11, 0x12 |
NOTE In this example the total length of the data is even, so there isn't Alignment Byte
# Example 2 - With alignment byte
The data contains one record extra with value ASCII text HELLO:
50 4B 03 E9 00 05 48 45 4C 4C 4F 00
1
| BYTES | Meaning |
|---|---|
| PK_Header | |
50 4B | PK_Header |
| First TLV | |
03 E9 | 1001 (in Big-Endian). Record type 'extra' |
00 05 | 5 (in Big-Endian). Length of payload is 5 |
48 45 4C 4C 4F | Payload 5 bytes. ASCII text 'HELLO' |
| Alignment byte | |
00 | Due to total length of data is odd |
# Example 3 - Without expiration date
The data contains two records extra with value ASCII text HELLO and binary_blob with value byte array 10 11 12:
50 4B 03 E9 00 05 48 45 4C 4C 4F 03 EC 00 03 10 11 12
1
| BYTES | Meaning |
|---|---|
| PK_Header | |
50 4B | PK_Header |
| First TLV | |
03 E9 | 1001 (in Big-Endian). Record type 'extra' |
00 05 | 5 (in Big-Endian). Length of payload is 5 |
48 45 4C 4C 4F | Payload 5 bytes. ASCII text 'HELLO' |
| Second TLV | |
03 EC | 1004 (in Big-Endian). Record type 'binary_blob' |
00 03 | 3 (in Big-Endian). Length of payload is 3 |
10 11 12 | Payload 3 bytes. Raw binary is 0x10, 0x11, 0x12 |
NOTE In this example the total length of the data is even, so there isn't Alignment Byte
# Example 4 -With digital signature
The data contains two records extra with value ASCII text HELLO and binary_blob with value byte array 10 11 12:
ff 01 03 XX...XX 50 4B 03 E9 00 05 48 45 4C 4C 4F 03 EC 00 03 10 11 12
1
| BYTES | Meaning |
|---|---|
| T5_SIGNATURE_HEADER | |
FF 01 | T5_SIGNATURE_HEADER |
04 | Key identifier |
XX..XX | Signature value |
| PK_HEADER | |
50 4B | PK_Header |
| First TLV | |
03 E9 | 1001 (in Big-Endian). Record type 'extra' |
00 05 | 5 (in Big-Endian). Length of payload is 5 |
48 45 4C 4C 4F | Payload 5 bytes. ASCII text 'HELLO' |
| Second TLV | |
03 EC | 1004 (in Big-Endian). Record type 'binary_blob' |
00 03 | 3 (in Big-Endian). Length of payload is 3 |
10 11 12 | Payload 3 bytes. Raw binary is 0x10, 0x11, 0x12 |
# Example 4 -With digital signature
The data contains two records extra with value ASCII text HELLO and binary_blob with value byte array 10 11 12:
ff 01 03 XX...XX FF 55 F0 11 48 75 03 E9 00 05 48 45 4C 4C 4F 03 EC 00 03 10 11 12
1
| BYTES | Meaning |
|---|---|
| T5_SIGNATURE_HEADER | |
FF 01 | T5_SIGNATURE_HEADER |
04 | Key identifier |
XX..XX | Signature value |
| T5_Header | |
FF 55 | T5_Header |
| Expiration Date | |
F0 11 48 75 | 05/08/2032 @ 7:30pm (UTC). 1967657456 (in Little-Endian) seconds since seconds since Jan 01 1970. |
| First TLV | |
03 E9 | 1001 (in Big-Endian). Record type 'extra' |
00 05 | 5 (in Big-Endian). Length of payload is 5 |
48 45 4C 4C 4F | Payload 5 bytes. ASCII text 'HELLO' |
| Second TLV | |
03 EC | 1004 (in Big-Endian). Record type 'binary_blob' |
00 03 | 3 (in Big-Endian). Length of payload is 3 |
10 11 12 | Payload 3 bytes. Raw binary is 0x10, 0x11, 0x12 |