|
|
|
|
|
| |
|
|
|
| |
A group of segments containing lists of certificates or public keys. The group shall be used to group together certificates of similar status - i.e., which are still valid, or which may be invalid for some reason.
|
| |
|
|
|
| |
A group of segments containing the data necessary to validate the security methods applied to the message/package, when asymmetric algorithms are used (as defined in Part 5 of ISO 9735). This group shall be used in the delivery of lists of keys or certificates of similar status.
|
|
|
|
|
|
| |
To identify a security algorithm, the technical usage made of it, and to contain the technical parameters required.
Notes:
1. S503, provides space for one parameter. The number of repetitions of S503 actually used will depend on the algorithm used. The order of the parameters is arbitrary but, in each case, the actual value is preceded by a coded algorithm parameter qualifier.
|
|
|
DE
|
|
|
St
|
|
|
| |
|
|
|
M
|
|
|
| |
|
|
|
M
|
*
|
|
| |
|
|
Cryptographic mode of operation, coded |
|
|
R
|
*
|
|
|
|
DSMR |
|
Specification of the cryptographic mode of operation used for the algorithm. |
|
|
Note: The cryptographic mode of operation are the security functions authenticity, integrity and non-repudiation of origin. The digital signature includes all three security functions. |
|
|
| |
|
|
Mode of operation code list identifier |
|
|
R
|
*
|
|
| |
|
|
|
R
|
|
|
|
|
RSA |
|
|
|
ECC |
|
Identification of the algorithm in order to generate the digital signature. The algorithms above are recommended. |
|
|
| |
|
|
Algorithm code list identifier |
|
|
R
|
*
|
|
| |
|
|
|
R
|
*
|
|
|
|
ISO 9796 #2 padding |
|
Note: "ISO 9796 #2 padding" specifies the technical standard which is facilitating the security service "digital signature scheme giving message recovery" specified in DE 0525. |
|
|
| |
|
|
Padding mechanism code list identifier |
|
|
R
|
*
|
|
| |
|
|
|
O
|
|
|
| |
|
|
Algorithm parameter qualifier |
|
|
M
|
*
|
|
13 |
|
Exponent |
|
Identifies the algorithm parameter value as the exponent of a public key which is to be used according to the function defined by the use of algorithm. |
|
|
| |
|
|
Algorithm parameter value |
|
|
M
|
|
|
Value of the exponent of the a public key. |
|
|
| |
|
|
|
C
|
|
|
| |
|
|
Algorithm parameter qualifier |
|
|
M
|
*
|
|
| |
|
|
Algorithm parameter value |
|
|
M
|
|
|
Specification of the public key |
|
|
This segment is used to identify a security algorithm, the technical usage made of it, and contains the technical parameters required in order to generate the digital signature. |
At least one occurrence of this segment is mandatory. |
Please note that the DEG S503 is repeated twice according to EDIFACT syntax 4 rules, as repetition separator the asterisk (*) is used. |
Example: |
|
|
Example: |
USA+6:16:1:10:1:7:1+13:X' |
Example: |
USA+6:16:1:10:1:7:1+13:010001*12:CF8516555.........7E7406D7' |
|