Security Core

The ObjectIdentifier structure represents an Object Identifier (OID) commonly used in various encoding and security protocols.

An OID is a sequence of integers separated by periods, used to uniquely identify objects in a hierarchical naming structure.

• Tip: The structure provides methods for creating, encoding, and working with OIDs. It also supports basic operations such as concatenation and checking if one OID starts with another.

The SubjectPublicKeyInfo class represents a data structure defined by the ASN.1 notation. It is used to encapsulate information related to a public key.

According to the ASN.1 definition, a SubjectPublicKeyInfo consists of two components: an AlgorithmIdentifier and a subjectPublicKey of type BIT STRING.

The data structures SubjectPublicKeyInfo and AlgorithmIdentifier are defined as follows:

 SubjectPublicKeyInfo ::= SEQUENCE {
    algorithm  AlgorithmIdentifier,
    subjectPublicKey    BIT STRING
 }

 AlgorithmIdentifier ::= SEQUENCE {
    algorithm OBJECT IDENTIFIER,
    parameters ANY DEFINED BY algorithm OPTIONAL
 }

A base class for representing security information contained in an ASN.1 structure.

The SecurityInfo class serves as a base class for various security information objects used in the ASN.1 structure. It provides the foundation for decoding and extracting security information. Subclasses should be created to handle specific types of security information.

The ASN.1 data structure SecurityInfos indicates supported security protocols and is provided by the eMRTD chip. The data structures SecurityInfos and SecurityInfo are defined as follows:

 SecurityInfos ::= SET OF SecurityInfo

 SecurityInfo ::= SEQUENCE {
    protocol OBJECT IDENTIFIER,
    requiredData ANY DEFINED BY protocol,
    optionalData ANY DEFINED BY protocol OPTIONAL
 }

The SecurityInfo components represent:

• protocol: An object identifier that identifies the supported protocol.
• requiredData: An open type that contains protocol-specific mandatory data.
• optionalData: An open type that contains protocol-specific optional data.

Subclasses of SecurityInfo should override the decode(_:) method to handle the specific decoding logic for their respective security information types.

The getInstance(node:) method is used to instantiate the appropriate subclass of SecurityInfo based on the ObjectIdentifier (OID) found in the ASN.1 structure.

SecurityInfoDecoder is a class responsible for decoding security information based on the provided ObjectIdentifier. It maps specific object identifiers to their corresponding SecurityInfo types.

The SecurityObjectIdentifiers structure defines a set of ObjectIdentifier (OIDs) used to represent various security-related standards and specifications. These OIDs are commonly used in security protocols and digital certificates to uniquely identify security algorithms and features.

The structure contains a set of private constants that define the components of OIDs and then constructs various OIDs based on those components.

The OIDs included in this structure are organized into different categories, such as ICAO ASN.1 Specifications and BSI TR 03111 ASN.1 Specifications, and are used to represent specific security protocols, algorithms, and identifiers.

The SecurityProtocol protocol defines a set of requirements for security protocol implementations.

Implementations of this protocol must provide an ObjectIdentifier (oid) value that represents the identifier of the security protocol.