Data Formatting & Validation
Features & Functionality
- Software development kit with example programs and documentation
- Provides FIPS 201-compliant file packing, unpacking and reformatting
- Conversion from proprietary
formats to FIPS 201 format
- Import/export of common
- File content verification
- Signing and verifying of digital signatures
- Easy to use and understand
- Programmable in C/C++, Java, VB, and .NET
- Supports CBEFF, face image and finger minutiae data sets
- Ensures file structure and integrity
- Fully featured C Language API
- C#/.NET wrappers
- Example programs with source
- Java Native Interface support
- Microsoft Windows and Linux Support
FIPS 201-Compliant PIV Card Reading, Personalization, and Middleware
PIVPack™ is an SDK that enables a software application with formatting, validating, and parsing of biometric, biographic, and security object data in compliance with FIPS 201 and companion documents SP 800-76 and SP 800-73. PIVPack includes Security Library and also Smart Card Library, a NIST-certified PIV Middleware API.
PIVPack can be used to incorporate data formatting and security functionality into PIV registration, personalization, and card reader applications. PIVPack can also be used to create equivalent XML files, such as for registration data transport.
The PIVPack SDK is designed upon Aware’s experience building software tools to support other biometric data interchange standards, several of which form the basis of FIPS 201 and its companion biometric standards. (See NISTPack, ICAOPack, M1Pack).
PIVPack is certified by US GSA as compliant with the product category of PIV Middleware. It is listed on the GSA Approved Products List (APL).
Biometric Data Formatting
PIVPack enables designers to build compliant data formatting and parsing into system workflow through a simple API. All data formatting, reading, and writing performed by PIVPack is managed by XML-based configuration files that describe the details of the data object to be created, parsed or validated. The biometric facial image may optionally be retained and/or stored on the card, in which case it must be compliant with ANSI/INCITS 385. The fingerprint images must be compliant with ANSI/INCITS 381 and retained for archival purposes. The fingerprint templates stored on the card must be compliant with ANSI/INCITS 378. Each object must be “wrapped” with a PIV Patron Format variant of CBEFF.
Biometric Security Library
Several of the data containers on the PIV card must be signed. To address this requirement, PIVPack includes a supplemental library called “Biometric Security Library” which implements compliant encryption and hashing algorithms to verify the signatures and the SOd. PIVPack parses the data and accesses the certificates for use by the Biometric Security Library. Additionally, the Biometric Security Library can utilize the document signing certificates and the private keys provided by the PKI to sign the data objects.
PIVPack includes several components useful for enrollment, personalization, and card reading:
- Data collection and error checking according to SP 800-73 and SP 800-76
- PIV file formatting and reading in full compliance with SP 800-73 and SP 800-76 for PIV ID card personalization
- Fingerprint minutiae extraction (optional add-on) and template creation in compliance with ANSI/INCITS 378 (MINEX certification pending)
- Security object generation and PKI authentication in compliance with SP 800-73
- Certified PIV middleware API
- PC/SC smart card interface
The SDK includes example programs with source code that are useful as a guide to proper usage and integration into a larger system. Also included are FBI-certified WSQ, JPEG, and JPEG 2000 for compression and decompression of fingerprint and facial images. Aware’s JPEG 2000 implementation includes region of interest (ROI) compression as recommended in SP 800-76 for optional storage of facial images on ID card memory.
Other Aware Products for PIV
PIVPack can be used seamlessly with other Aware software components:
- PreFace, used to analyze and optimize facial images and assure
their compliance with ANSI/INCITS 385
- FastCapture with Live Scan API for automated tenprint capture using a live scan device
- NISTPack to generate standards-compliant biometric transactions
- AwareXM to generate MINEX-certified finger templates from finger images
- BiometricServicePlatform (BioSP) to centrally administrate workflow and transport and storage of enrollment data
PIVPack is included in Aware's PIVSuite family of SDKs.