SignedData

internal final class SignedData

SignedData is a class representing data contained in a signed data structure found in eMRTD SOD data group.

The ASN.1 data structure SignedData is defined as follows:

SignedData ::= SEQUENCE {
    INTEGER version CMSVersion,
    SET digestAlgorithms DigestAlgorithmIdentifiers,
    SEQUENCE encapContentInfo EncapsulatedContentInfo,
    certificates [0] IMPLICIT CertificateSet OPTIONAL,
    crls [1] IMPLICIT RevocationInfoChoices OPTIONAL,
    SET signerInfos SignerInfos
}

DigestAlgorithmIdentifiers ::= AlgorithmIdentifier

AlgorithmIdentifier ::= SEQUENCE {
    algorithm OBJECT IDENTIFIER,
    parameters ANY OPTIONAL
}

EncapsulatedContentInfo ::= SEQUENCE {
    eContentType ContentType,
    eContent [0] EXPLICIT OCTET STRING OPTIONAL
}

ContentType ::= OBJECT IDENTIFIER

SignerInfos ::= SET OF SignerInfo

SignerInfo ::= SEQUENCE {
    version CMSVersion,
    sid SignerIdentifier,
    digestAlgorithm DigestAlgorithmIdentifier,
    signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL,
    signatureAlgorithm SignatureAlgorithmIdentifier,
    signature SignatureValue,
    unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL
}

SignerIdentifier ::= CHOICE {
    issuerAndSerialNumber IssuerAndSerialNumber,
    subjectKeyIdentifier [0] SubjectKeyIdentifier
}

SignedAttributes ::= SET SIZE (1..MAX) OF Attribute
UnsignedAttributes ::= SET SIZE (1..MAX) OF Attribute

Attribute ::= SEQUENCE {
    attrType OBJECT IDENTIFIER,
    attrValues SET OF AttributeValue
}

AttributeValue ::= ANY
SignatureValue ::= OCTET STRING

In addition, the class allows to verify the signed data against the stored certificate.

See also

SOD and PassiveAuthenticationHandler

  • Declaration

    Swift

    typealias DataGroupHash = [UInt8]

  • The hash algorithm used for signing.

    Declaration

    Swift

    private(set) var digestAlgorithm: HashAlgorithm? { get }

  • A dictionary representing encapsulated content information, where the key is the DGTag and the value is the data group hash.

    Declaration

    Swift

    private(set) var encapContentInfo: [DGTag : DataGroupHash] { get }

  • Declaration

    Swift

    internal lazy var isSignedDataValid: Bool { get set }

  • Initialize a SignedData instance with an ASN.1 node collection.

    Throws

    An error if there is an issue decoding the signed data.

    Declaration

    Swift

    internal init(data: ASN1NodeCollection) throws

    Parameters

    content

    The ASN.1 node collection containing the signed data.

  • Decode the signed data from the ASN.1 node collection.

    Throws

    An error if there is an issue decoding the data.

    Declaration

    Swift

    internal func decode(data: ASN1NodeCollection) throws

    Parameters

    data

    The ASN.1 node collection containing decodable signed data.

  • Verify the integrity and authenticity of the signed data.

    This method verifies whether the signed data is valid and has not been tampered with. It also checks the authenticity of the signature using the CMS (Cryptographic Message Syntax) standard.

    Throws

    An error if the verification fails or if there are issues during the verification process.

    Declaration

    Swift

    internal func verify() throws