[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [xcbf] X9.84 Revision
Bancroft,
Appreciate the help. I've been solely focused on the
design of the X9.84 revision that I've neglected to
update the schema modules. Best to wait on checking
the CMS module until I update it to conform with the
latest X9.73/IETF work.
But here's the base X9.84 code with supporting stubs
and OID module that compiles using your ASN.1 schema
checker with no errors.
Please verify that my results can be duplicated and
post your results to this list.
And please vote on accepting this base module if you
then find this base module acceptable.
Phil
Bancroft Scott wrote:
> On Tue, 6 Aug 2002, Phil Griffin wrote:
>
>
>>
>>Bancroft Scott wrote:
>>
>>
>>>On Tue, 6 Aug 2002, Phil Griffin wrote:
>>>
>>>
>>>
>>>>Bancroft,
>>>>
>>>>I have not finished writing these yet. But the most
>>>>current OID module is in the XCBF document in the
>>>>private area of the XCBF site. It is almost
>>>>certainly complete.
>>>>
>>>>
>>>No, it has at least one syntax error (missing ::=). It would be good if
>>>the modules were syntax checked using tools such as the free syntax
>>>checker from OSS or France Telecom.
>>>
>>At which line number(s)?
>>
>
> EllipiticCurves ALGORITHM { ... }
>
> However, I don't know if that is the only problem. I recommend that you
> use a syntax checker to verify its correctness instead of trying to do it
> by eye. Even with languages such as C that I have been using for over two
> decades I can never be sure that I've caught all syntax errors when I rely
> my eyes. ASN.1 is no different.
>
>
>>>>The CMS module is in a bit of
>>>>flux if you're using sophisticated tools. I've
>>>>hand coded this stuff twice before and did again
>>>>for my XCBF tools - I find that the encoding is
>>>>not too complex and it is the cryptographic
>>>>processing and key management that are most
>>>>important.
>>>>
>>>>
>>>It is good that it can be hand-coded, but it would be great if the syntax
>>>were clean enough so that it can be verified by machine.
>>>
>>Well it certainly must be before it is finished.
>>But you know, in all fairness, I AM working on
>>this without much if any assistance.
>>
>
> I'm trying to help ....
>
>
>>>>Completion of the CMS module has been awaiting two
>>>>events that I thought it best we coordinate with.
>>>>One is the latest revision of the IETF SMIME RFC,
>>>>and the other is the reballoting version of X9.73.
>>>>It is desirable, long term, for these two standards
>>>>and XCBF to all use the same identifier and type
>>>>names for common types such as SignedData.
>>>>
>>>>SMIME is nearly through their review process. X9.73
>>>>was changed to its final version last week in Redondo
>>>>Beach. Over the next week or so, I'll try to complete
>>>>the revision of our XCBF module and incorporate this
>>>>into the XCBF document.
>>>>
>>>>So, are you voting to move ahead with the new X9.84?
>>>>
>>>>
>>>I leave that to Alessandro to make that decision for OSS.
>>>
>>Technically, my understanding is that each TC member
>>has one vote, and "company" has no meaning. Not sure
>>that I really believe this, but that is what I've
>>been lead to believe are the rules.
>>
>
>>From the summary of the corrections to X9.84 it is a definite improvement
> on the first version, but I prefer to have a schema that I know is in
> order before I accept it.
>
>
>>>However, the ASN.1 spec that you have provided needs more work. I have
>>>been struggling to get it to cleanly compile, cutting here, pasting there.
>>>A real hassle. I've given up until we have something more solid.
>>>
>>Then you'll just have to be patient and wait for
>>me to complete the work.
>>
>
> No problem. I was reacting to John's request.
>
>
>>>BTW, the XER encoding that you have at the bottom of x984.htm is invalid.
>>>If you cut the encoding and paste it to a file named, say, x984.xml, then
>>>use a basic XML syntax checker such as Internet Explorer to open the file
>>>you will see that it contains syntax errors.
>>>
>>You will recall that I stated clearly that it
>>was WIP and had not been checked using my
>>product.
>>
>
> Okay.
>
>
>>>>I have had no intention of publishing every single
>>>>type needed to compile the XCBF ASN.1. The likes of
>>>>DomainCertificate and Certificate and such are not
>>>>really ours to control.
>>>>
>>>>
>>>I am not suggesting that you publish these. However, if you reference the
>>>types then it would help much if you were to precisely identify where the
>>>types are defined so as to minimize the effort that everyone has to make
>>>to try and get a complete set of definitions. A set of URLs pointing to
>>>the resources that define all directly and indirectly imported types would
>>>be great.
>>>
>>If you know of such URLs please advise and I will
>>be happy to include them. X.509 is likely available
>>on Olivier's site. But I doubt that you will find
>>the others.
>>
>
> No, I don't know what they are, or I would not be stumbling around looking
> for them. However, you are referencing these other ASN.1 modules, what is
> the URL that points to the ones that you are working with?
>
>
>>>>But I'm open to considering
>>>>this, perhaps as annex materials. Note that I leave
>>>>comments in the IMPORTS statements to tell readers
>>>>where to find the appropriate modules.
>>>>
>>>>
>>>I saw those. They are no doubt very meaningful to you, but for me
>>>they just tell me what to enter in google to start my hunt. URLs
>>>of some sort would be much better.
>>>
>>Please then DO suggest URLs or alternate text. Any
>>and all help much appreciated.
>>
>
> See above.
>
>
>>>>For your compiler, I would suggest that you test by
>>>>stubbing out missing types, using the likes of
>>>>
>>>> Certificate ::= SEQUENCE {}
>>>> DomainCertificate ::= SEQUENCE {}
>>>>
>>>>
>>>If only it were that simple.
>>>
>>>Where is CBEFF-Formats defined? I see that it is an information object
>>>set of class "BIOMETRIC", but this class is locally defined. Does the
>>>module that defines CBEFF-Formats (i.e., X9-84-Identifiers) import
>>>BIOMETRIC from this module (X9-84-Biometrics), or does it redefine this
>>>class?
>>>
>>CBEFF-Formats is defined in the XCBF document at
>>lines 475 and 607. Once in the text and again in
>>the schema module.
>>
>
> OKAY! Now I see what I was doing wrong. I was grabbing the modules that
> you have on the XCBF site at:
>
> XCBF ASN.1 Schema for XML Markup March 31, 2002
> (http://oasis-open.org/committees/xcbf/docs/schema.zip)
>
> The modules defined here are outdated.
>
> I should have been working with the document, "XCBF XML Common Biometric
> Format June 13 2002.doc" that you mailed to us in June.
>
> I'll take another stab tomorrow using the modules from this document.
>
>
>>>It is hard to tell if x984.htm is syntactically correct without a
>>>complete ASN.1 schema.
>>>
>>Hah! If you look at it closely you will see that it
>>contains placeholde text where actual values should
>>be present. And as I said, it is not complete.
>>
>
> Yes, I did notice that. I took it into consideration.
>
>
>>My recollection was that Alessandro agreed to provide
>>encoded examples. I am working these out on my website
>>for the purpose of providing general information. I
>>will of course try to integrate this effort into the
>>XCBF if examples are not forthcoming from other sources.
>>
>>Hope that helps.
>>
>
> Yup. I suspect that most of the problems will disappear once I try using
> the right set of modules.
>
> Do let me know if you prefer for me to hold off on looking at this until
> you are finished. I'm more than willing to do what I can to help in those
> area where I have expertise.
>
> Bancroft
>
>
>
> ----------------------------------------------------------------
> To subscribe or unsubscribe from this elist use the subscription
> manager: <http://lists.oasis-open.org/ob/adm.pl>
>
X9-84-Biometrics {
iso(1) identified-organization(3) tc68(133) country(16) x9(840)
x9Standards(9) x9-84(84) module(0) biometrics(1) rev(1) }
DEFINITIONS AUTOMATIC TAGS ::= BEGIN
-- EXPORTS All;
IMPORTS
-- X9.84 Biometrics Information Management and Security IDs --
BiometricTypes, CBEFF-Formats, IBIA-Formats, MatchingAIDs,
ProcessingAIDs, X9-Formats
FROM X9-84-Identifiers {
iso(1) identified-organization(3) tc68(133) country(16)
x9(840) x9Standards(9) x9-84(84) module(0)
ids(3) rev(1) }
-- X9.84 Biometrics Information Management and Security CMS --
AuthenticatedData, EncryptedData, EnvelopedData,
MACAlgorithmIdentifier, SignatureAlgorithmIdentifier,
SignedData
FROM X9-84-CMS {
iso(1) identified-organization(3) tc68(133) country(16)
x9(840) x9Standards(9) x9-84(84) module(0)
cms(2) rev(1) } ;
BiometricSyntaxSets ::= SEQUENCE SIZE(1..MAX) OF BiometricSyntax
BiometricSyntax ::= CHOICE {
biometricObjects BiometricObjects,
integrityObjects IntegrityObjects,
privacyObjects PrivacyObjects,
privacyAndIntegrityObjects PrivacyAndIntegrityObjects
}
BiometricObjects ::= SEQUENCE SIZE(1..MAX) OF BiometricObject
BiometricObject ::= SEQUENCE {
biometricHeader BiometricHeader,
biometricData BiometricData
}
--
-- All of the cryptographic processing in this standard is performed
-- on a value of type EncodedBiometricObjects. This is a sequence of
-- one or more values of type BiometricObject in its encoded form.
--
EncodedBiometricObjects ::= BIOMETRIC.&Type( BiometricObjects )
BiometricHeader ::= SEQUENCE {
version BiometricVersion DEFAULT hv1,
recordType RecordType OPTIONAL,
dataType DataType OPTIONAL,
purpose Purpose OPTIONAL,
quality Quality OPTIONAL,
validityPeriod ValidityPeriod OPTIONAL,
format Format OPTIONAL
}
BiometricVersion ::= INTEGER { hv1(0) } (0..MAX)
RecordType ::= BIOMETRIC.&name({BiometricTypes})
DataType ::= ENUMERATED {
raw (0),
intermediate (1),
processed (2)
}
Purpose ::= ENUMERATED {
verify (1),
identify (2),
enroll (3),
enrollVerify (4),
enrollIdentity (5),
audit (6),
... -- Expect other values --
}
Quality ::= INTEGER {
lowest ( 0),
highest (100),
notSet ( -1),
notSupported ( -2)
} (-2..100,...)
ValidityPeriod ::= SEQUENCE {
notBefore DateTime OPTIONAL,
notAfter DateTime OPTIONAL
}
(ALL EXCEPT({ -- none; at least one component is present -- }))
DateTime ::= RELATIVE-OID -- { yyyy mm dd hh mm ss z } --
Format ::= SEQUENCE {
formatOwner BIOMETRIC.&name({Owner}),
formatType BIOMETRIC.&Type({Owner}{@formatOwner}) OPTIONAL
}
Owner BIOMETRIC ::= {
CBEFF-Formats | -- http://www.nist.gov --
IBIA-Formats | -- http://www.ibia.org --
X9-Formats, -- http://www.x9.org --
... -- expect additional vendor specific formats --
}
-- Integrity --
IntegrityObjects ::= SEQUENCE {
biometricObjects BiometricObjects,
integrityBlock IntegrityBlock
}
IntegrityBlock ::= CHOICE {
digitalSignature DigitalSignature,
messageAuthenticationCode MessageAuthenticationCode,
signedData SignedData,
authenticatedData AuthenticatedData
}
DigitalSignature ::= SIGNATURE { EncodedBiometricObjects }
MessageAuthenticationCode ::= MAC { EncodedBiometricObjects }
-- Privacy --
PrivacyObjects ::= SEQUENCE {
biometricHeaders BiometricHeaders OPTIONAL,
privacyBlock PrivacyBlock
}
BiometricHeaders ::= SEQUENCE SIZE(1..MAX) OF BiometricHeader
PrivacyBlock ::= CHOICE {
fixedKey EncryptedData,
namedKey NamedKeyEncryptedData,
establishedKey EnvelopedData
}
NamedKeyEncryptedData ::= SEQUENCE {
keyName OCTET STRING (SIZE(1..MAX)),
encryptedData EncryptedData
}
-- Privacy and integrity --
PrivacyAndIntegrityObjects ::= SEQUENCE {
biometricHeaders BiometricHeaders OPTIONAL,
privacyBlock PrivacyBlock,
integrityBlock IntegrityBlock
}
-- Authentication Information (AI) --
BiometricInformationSets ::=
SEQUENCE SIZE(1..MAX) OF BiometricInformation
BiometricInformation ::= SEQUENCE {
processingAlgorithms ProcessingAlgorithms OPTIONAL,
matchingMethods MatchingMethods OPTIONAL
}
(ALL EXCEPT({ -- none; at least one component is present -- }))
-- Biometric processing algorithms --
ProcessingAlgorithms ::= SEQUENCE SIZE(1..MAX) OF ProcessingInformation
ProcessingInformation ::= SEQUENCE {
id BIOMETRIC.&name({ProcessingAIDs}),
parms BIOMETRIC.&Type({ProcessingAIDs}{@id}) OPTIONAL
}
-- Biometric matching methods --
MatchingMethods ::= SEQUENCE SIZE(1..MAX) OF MatchingInformation
MatchingInformation ::= SEQUENCE {
id BIOMETRIC.&name({MatchingAIDs}),
parms BIOMETRIC.&Type({MatchingAIDs}{@id}) OPTIONAL
}
BiometricData ::= OCTET STRING(SIZE(1..MAX))
-- Biometrics information object class --
BIOMETRIC ::= CLASS {
&name BIOMETRIC-IDENTIFIER UNIQUE,
&Type OPTIONAL
}
WITH SYNTAX { BIOMETRIC &name [ DATA &Type ] }
BIOMETRIC-IDENTIFIER ::= CHOICE {
oid OBJECT IDENTIFIER, -- complete object identifier
id RELATIVE-OID -- object identifier fragment
}
-- Parameterized types --
SIGNATURE { ToBeSigned } ::= SEQUENCE {
algorithmID SignatureAlgorithmIdentifier,
signature BIT STRING( CONSTRAINED BY {
-- signature on a value of -- ToBeSigned })
}
MAC { ToBeMACed } ::= SEQUENCE {
keyName OCTET STRING OPTIONAL,
algorithmID MACAlgorithmIdentifier,
mac OCTET STRING (CONSTRAINED BY {
-- MAC or HMAC on a value of -- ToBeMACed })
}
END -- X9-84-Biometrics --
-- STUB --
X9-84-CMS DEFINITIONS IMPLICIT TAGS ::= BEGIN
AuthenticatedData ::= SEQUENCE {}
EncryptedData ::= SEQUENCE {}
EnvelopedData ::= SEQUENCE {}
MACAlgorithmIdentifier ::= AlgorithmIdentifier {{MACAlgorithms}}
MACAlgorithms ALGORITHM ::= { ... }
SignatureAlgorithmIdentifier ::=
AlgorithmIdentifier {{SignatureAlgorithms}}
SignatureAlgorithms ALGORITHM ::= { ... }
SignedData ::= SEQUENCE {}
ALGORITHM ::= CLASS {
&id OBJECT IDENTIFIER UNIQUE,
&Type OPTIONAL
}
WITH SYNTAX { OID &id [PARMS &Type] }
AlgorithmIdentifier { ALGORITHM:IOSet } ::= SEQUENCE {
algorithm ALGORITHM.&id( {IOSet} ),
parameters ALGORITHM.&Type( {IOSet}{@algorithm} ) OPTIONAL
}
END -- X9-84-CMS Stub --
X9-84-Identifiers {
iso(1) identified-organization(3) tc68(133) country(16) x9(840)
x9Standards(9) x9-84(84) module(0) ids(3) rev(1) }
DEFINITIONS AUTOMATIC TAGS ::= BEGIN
-- EXPORTS All;
IMPORTS
-- X9.84 Biometrics Information Management and Security --
BIOMETRIC, BiometricInformationSets
FROM X9-84-Biometrics {
iso(1) identified-organization(3) tc68(133) country(16)
x9(840) x9Standards(9) x9-84(84) module(0)
biometrics(1) rev(1) }
-- X9.84 Biometrics Information Management and Security CMS --
ALGORITHM
FROM X9-84-CMS {
iso(1) identified-organization(3) tc68(133) country(16)
x9(840) x9Standards(9) x9-84(84) module(0)
cms(2) rev(1) };
OID ::= OBJECT IDENTIFIER -- Alias
RelOID ::= RELATIVE-OID -- Alias
-- x9-84 { 1 3 133 16 840 9 84 }
-- x9-84-Module { 1 3 133 16 840 9 84 0 }
-- x9-84-Biometrics { 1 3 133 16 840 9 84 0 1 }
-- x9-84-CMS { 1 3 133 16 840 9 84 0 2 }
-- x9-84-Identifiers { 1 3 133 16 840 9 84 0 3 }
-- biometric { 1 3 133 16 840 9 84 1 }
-- id-unknown-Type { 1 3 133 16 840 9 84 1 0 }
-- id-body-Odor { 1 3 133 16 840 9 84 1 1 }
-- id-dna { 1 3 133 16 840 9 84 1 2 }
-- id-ear-Shape { 1 3 133 16 840 9 84 1 3 }
-- id-facial-Features { 1 3 133 16 840 9 84 1 4 }
-- id-finger-Image { 1 3 133 16 840 9 84 1 5 }
-- id-finger-Geometry { 1 3 133 16 840 9 84 1 6 }
-- id-hand-Geometry { 1 3 133 16 840 9 84 1 7 }
-- id-iris-Features { 1 3 133 16 840 9 84 1 8 }
-- id-keystroke-Dynamics { 1 3 133 16 840 9 84 1 9 }
-- id-palm { 1 3 133 16 840 9 84 1 10 }
-- id-retina { 1 3 133 16 840 9 84 1 11 }
-- id-signature { 1 3 133 16 840 9 84 1 12 }
-- id-speech-Pattern { 1 3 133 16 840 9 84 1 13 }
-- id-thermal-Image { 1 3 133 16 840 9 84 1 14 }
-- id-vein-Pattern { 1 3 133 16 840 9 84 1 15 }
-- id-thermal-Face-Image { 1 3 133 16 840 9 84 1 16 }
-- id-thermal-Hand-Image { 1 3 133 16 840 9 84 1 17 }
-- id-lip-Movement { 1 3 133 16 840 9 84 1 18 }
-- id-gait { 1 3 133 16 840 9 84 1 19 }
-- processing-algorithm { 1 3 133 16 840 9 84 2 }
-- matching-method { 1 3 133 16 840 9 84 3 }
-- format-Owner { 1 3 133 16 840 9 84 4 }
-- cbeff-Owner { 1 3 133 16 840 9 84 4 0 }
-- ibia-Owner { 1 3 133 16 840 9 84 4 1 }
-- id-ibia-SAFLINK { 1 3 133 16 840 9 84 4 1 1 }
-- id-ibia-Bioscrypt { 1 3 133 16 840 9 84 4 1 2 }
-- id-ibia-Visionics { 1 3 133 16 840 9 84 4 1 3 }
-- id-ibia-InfineonTechnologiesAG { 1 3 133 16 840 9 84 4 1 4 }
-- id-ibia-IridianTechnologies { 1 3 133 16 840 9 84 4 1 5 }
-- id-ibia-Veridicom { 1 3 133 16 840 9 84 4 1 6 }
-- id-ibia-CyberSIGN { 1 3 133 16 840 9 84 4 1 7 }
-- id-ibia-eCryp { 1 3 133 16 840 9 84 4 1 8 }
-- id-ibia-FingerprintCardsAB { 1 3 133 16 840 9 84 4 1 9 }
-- id-ibia-SecuGen { 1 3 133 16 840 9 84 4 1 10 }
-- id-ibia-PreciseBiometric { 1 3 133 16 840 9 84 4 1 11 }
-- id-ibia-Identix { 1 3 133 16 840 9 84 4 1 12 }
-- id-ibia-DERMALOG { 1 3 133 16 840 9 84 4 1 13 }
-- x9-Owner { 1 3 133 16 840 9 84 4 2 }
-- X9.84 arc; base object identifier --
x9-84 OID ::= {
iso(1) identified-organization(3) tc68(133) country(16)
x9(840) x9Standards(9) x9-84(84)
}
-- X9.84 ASN.1 modules --
x9-84-Module OID ::= { x9-84 modules(0) }
-- PHG added rev(1) to the following three module OIDs
x9-84-Biometrics OID ::= { x9-84-Module biometrics(1) rev(1) }
x9-84-CMS OID ::= { x9-84-Module cms(2) rev(1) }
x9-84-Identifiers OID ::= { x9-84-Module ids(3) rev(1) }
-- X9.84 biometric technologies --
biometric OID ::= { x9-84 biometrics(1) }
id-unknown-Type OID ::= { biometric unknownType(0) }
id-body-Odor OID ::= { biometric bodyOdor(1) }
id-dna OID ::= { biometric dna(2) }
id-ear-Shape OID ::= { biometric ear-Shape(3) }
id-facial-Features OID ::= { biometric earShape(4) }
id-finger-Image OID ::= { biometric facialFeatures(5) }
id-finger-Geometry OID ::= { biometric fingerImage(6) }
id-hand-Geometry OID ::= { biometric handGeometry(7) }
id-iris-Features OID ::= { biometric irisFeatures(8) }
id-keystroke-Dynamics OID ::= { biometric keystrokeDynamics(9) }
id-palm OID ::= { biometric palm(10) }
id-retina OID ::= { biometric retina(11) }
id-signature OID ::= { biometric signature(12) }
id-speech-Pattern OID ::= { biometric speech-Pattern(13) }
id-thermal-Image OID ::= { biometric thermalImage(14) }
id-vein-Pattern OID ::= { biometric veinPattern(15) }
id-thermal-Face-Image OID ::= { biometric thermalFaceImage(16) }
id-thermal-Hand-Image OID ::= { biometric thermalHandImage(17) }
id-lip-Movement OID ::= { biometric lipMovement(18) }
id-gait OID ::= { biometric gait(19) }
-- X9.84 biometric technology object identifier fragments --
unknown-Type RelOID ::= { unknownType(0) }
body-Odor RelOID ::= { bodyOdor(1) }
dna RelOID ::= { dna(2) }
ear-Shape RelOID ::= { earShape(3) }
facial-Features RelOID ::= { facialFeatures(4) }
finger-Image RelOID ::= { fingerImage(5) }
finger-Geometry RelOID ::= { fingerGeometry(6) }
hand-Geometry RelOID ::= { handGeometry(7) }
iris-Features RelOID ::= { irisFeatures(8) }
keystroke-Dynamics RelOID ::= { keystrokeDynamics(9) }
palm RelOID ::= { palm(10) }
retina RelOID ::= { retina(11) }
signature RelOID ::= { signature(12) }
speech-Pattern RelOID ::= { speechPattern(13) }
thermal-Image RelOID ::= { thermalImage(14) }
vein-Pattern RelOID ::= { veinPattern(15) }
thermal-Face-Image RelOID ::= { thermalFaceImage(16) }
thermal-Hand-Image RelOID ::= { thermalHandImage(17) }
lip-Movement RelOID ::= { lipMovement(18) }
gait RelOID ::= { gait(19) }
BiometricTypes BIOMETRIC ::= {
{ BIOMETRIC id : unknown-Type } |
{ BIOMETRIC id : body-Odor } |
{ BIOMETRIC id : dna } |
{ BIOMETRIC id : ear-Shape } |
{ BIOMETRIC id : facial-Features } |
{ BIOMETRIC id : finger-Image } |
{ BIOMETRIC id : finger-Geometry } |
{ BIOMETRIC id : hand-Geometry } |
{ BIOMETRIC id : iris-Features } |
{ BIOMETRIC id : keystroke-Dynamics } |
{ BIOMETRIC id : palm } |
{ BIOMETRIC id : retina } |
{ BIOMETRIC id : signature } |
{ BIOMETRIC id : speech-Pattern } |
{ BIOMETRIC id : thermal-Image } |
{ BIOMETRIC id : vein-Pattern } |
{ BIOMETRIC id : thermal-Face-Image } |
{ BIOMETRIC id : thermal-Hand-Image } |
{ BIOMETRIC id : lip-Movement } |
{ BIOMETRIC id : gait },
... -- expect additional biometric types --
}
-- X9.84 biometric processing algorithms --
processing-algorithm OID ::= { x9-84 processingAlgorithms(2) }
-- X9.84 biometric matching methods --
matching-method OID ::= { x9-84 matchingMethods(3) }
-- X9.84 vendor specific formats --
format-Owner OID ::= { x9-84 format-owners(4) }
cbeff-Owner OID ::= { format-Owner cbeff(0) }
ibia-Owner OID ::= { format-Owner ibia(1) }
x9-Owner OID ::= { format-Owner x9(2) }
-- IBIA vendor specific formats registered at http://www.ibia.org
id-ibia-SAFLINK OID ::= { ibia-Owner 1 }
id-ibia-Bioscrypt OID ::= { ibia-Owner 2 }
id-ibia-Visionics OID ::= { ibia-Owner 3 }
id-ibia-InfineonTechnologiesAG OID ::= { ibia-Owner 4 }
id-ibia-IridianTechnologies OID ::= { ibia-Owner 5 }
id-ibia-Veridicom OID ::= { ibia-Owner 6 }
id-ibia-CyberSIGN OID ::= { ibia-Owner 7 }
id-ibia-eCryp OID ::= { ibia-Owner 8 }
id-ibia-FingerprintCardsAB OID ::= { ibia-Owner 9 }
id-ibia-SecuGen OID ::= { ibia-Owner 10 }
id-ibia-PreciseBiometric OID ::= { ibia-Owner 11 }
id-ibia-Identix OID ::= { ibia-Owner 12 }
id-ibia-DERMALOG OID ::= { ibia-Owner 13 }
-- When represented as values of type OBJECT IDENTIFIER, these
-- IBIA vendor specific formats may be associated with any ASN.1
-- type.
IBIAoidFormats BIOMETRIC ::= {
{ BIOMETRIC oid : id-ibia-SAFLINK DATA Any } |
{ BIOMETRIC oid : id-ibia-Bioscrypt DATA Any } |
{ BIOMETRIC oid : id-ibia-Visionics DATA Any } |
{ BIOMETRIC oid : id-ibia-InfineonTechnologiesAG DATA Any } |
{ BIOMETRIC oid : id-ibia-IridianTechnologies DATA Any } |
{ BIOMETRIC oid : id-ibia-Veridicom DATA Any } |
{ BIOMETRIC oid : id-ibia-CyberSIGN DATA Any } |
{ BIOMETRIC oid : id-ibia-eCryp DATA Any } |
{ BIOMETRIC oid : id-ibia-FingerprintCardsAB DATA Any } |
{ BIOMETRIC oid : id-ibia-SecuGen DATA Any } |
{ BIOMETRIC oid : id-ibia-PreciseBiometric DATA Any } |
{ BIOMETRIC oid : id-ibia-Identix DATA Any } |
{ BIOMETRIC oid : id-ibia-DERMALOG DATA Any },
... -- Expect additional vendor specific formats --
}
Any ::= TYPE-IDENTIFIER.&Type -- Application constrained
-- Relative object identifier representations of the identical
-- IBIA vendor specific formats defined as OBJECT IDENTIFIER
-- values above are used to identify these formats when they must
-- comply with the fixed format requirements of the BioAPI 1.1
-- specification and are associated with a two byte integer value.
ibia-SAFLINK RelOID ::= { 1 }
ibia-Bioscrypt RelOID ::= { 2 }
ibia-Visionics RelOID ::= { 3 }
ibia-InfineonTechnologiesAG RelOID ::= { 4 }
ibia-IridianTechnologies RelOID ::= { 5 }
ibia-Veridicom RelOID ::= { 6 }
ibia-CyberSIGN RelOID ::= { 7 }
ibia-eCryp RelOID ::= { 8 }
ibia-FingerprintCardsAB RelOID ::= { 9 }
ibia-SecuGen RelOID ::= { 10 }
ibia-PreciseBiometric RelOID ::= { 11 }
ibia-Identix RelOID ::= { 12 }
ibia-DERMALOG RelOID ::= { 13 }
IBIAidFormats BIOMETRIC ::= {
{ BIOMETRIC id : ibia-SAFLINK DATA BirInt16 } |
{ BIOMETRIC id : ibia-Bioscrypt DATA BirInt16 } |
{ BIOMETRIC id : ibia-Visionics DATA BirInt16 } |
{ BIOMETRIC id : ibia-InfineonTechnologiesAG DATA BirInt16 } |
{ BIOMETRIC id : ibia-IridianTechnologies DATA BirInt16 } |
{ BIOMETRIC id : ibia-Veridicom DATA BirInt16 } |
{ BIOMETRIC id : ibia-CyberSIGN DATA BirInt16 } |
{ BIOMETRIC id : ibia-eCryp DATA BirInt16 } |
{ BIOMETRIC id : ibia-FingerprintCardsAB DATA BirInt16 } |
{ BIOMETRIC id : ibia-SecuGen DATA BirInt16 } |
{ BIOMETRIC id : ibia-PreciseBiometric DATA BirInt16 } |
{ BIOMETRIC id : ibia-Identix DATA BirInt16 } |
{ BIOMETRIC id : ibia-DERMALOG DATA BirInt16 },
... -- Expect others --
}
BirInt16 ::= INTEGER (0..65535)
IBIA-Formats BIOMETRIC ::= {
IBIAoidFormats | -- Complete object identifiers
IBIAidFormats, -- Object identifier fragments
... -- Expect additional IBIA vendor specific formats --
}
id-x984BioInfo OID ::= { cbeff-Owner x984BioInfo(0) }
CBEFFoidFormats BIOMETRIC ::= {
{ BIOMETRIC oid : id-x984BioInfo DATA BiometricInformationSets },
... -- Expect other objects --
}
x984BioInfo RelOID ::= { x984BioInfo(0) } -- CBEFF owner
CBEFFidFormats BIOMETRIC ::= {
{ BIOMETRIC id : x984BioInfo DATA BiometricInformationSets },
... -- Expect other objects --
}
CBEFF-Formats BIOMETRIC ::= {
CBEFFoidFormats | -- Complete object identifiers
CBEFFidFormats, -- Object identifier fragments
... -- Expect additional CBEFF vendor specific formats --
}
MatchingAIDs BIOMETRIC ::= {
... -- Expect CBEFF assignments in BiometricInformationSets --
}
ProcessingAIDs BIOMETRIC ::= {
... -- Expect CBEFF assignments in BiometricInformationSets --
}
X9-Formats BIOMETRIC ::= {
... -- Expect additional X9 vendor specific formats --
}
-- Security object identifiers
-- id-sha1 { 1 3 14 3 2 26 }
-- sha2Algorithm { 2 16 840 1 101 3 4 2 }
-- id-sha256 { 2 16 840 1 101 3 4 2 1 }
-- id-sha384 { 2 16 840 1 101 3 4 2 2 }
-- id-sha512 { 2 16 840 1 101 3 4 2 3 }
-- FIPS 180-1 and FIPS 180-2 Secure Hash Algorithm --
id-sha1 OID ::= {
iso(1) identified-organization(3) oiw(14) secsig(3)
algorithm(2) 26
}
sha2Algorithm OID ::= {
joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)
csor(3) nistAlgorithm(4) hashAlgs(2)
}
id-sha256 OID ::= { sha2Algorithm sha256(1) }
id-sha384 OID ::= { sha2Algorithm sha384(2) }
id-sha512 OID ::= { sha2Algorithm sha512(3) }
SHA-Algorithms ALGORITHM ::= {
{ OID id-sha1 PARMS NoIV } |
{ OID id-sha256 } |
{ OID id-sha384 } |
{ OID id-sha512 },
... -- Expect others --
}
NoIV ::= NULL -- No initialization vector
-- X9.57 DSA signature generated with SHA-1 hash (DSA X9.30)
dsa-with-sha1 OID ::= {
iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) 3
}
-- RSA PKCS #1 public key and signatures
pkcs-1 OID ::= {
iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1
}
-- RSA public keys
rsaEncryption OID ::= { pkcs-1 1 }
-- RSA signature generated with SHA-1 hash
sha1WithRSAEncryption OID ::= { pkcs-1 5 }
-- X9.42 Diffie-Hellman Keys
dhpublicnumber OID ::= {
iso(1) member-body(2) us(840) ansi-x942(10046) number-type(2) 1 }
-- ANS X9.52 Triple DES Modes of Operation --
des-ede3-cbc OBJECT IDENTIFIER ::= {
iso(1) member-body(2) us(840) rsadsi(113549)
encryptionAlgorithm(3) 7
}
CBCParameter ::= OCTET STRING (SIZE(8))
-- X9.62 Elliptic Curve Keys, Signatures, and Curves
ansi-X9-62 OID ::= {
iso(1) member-body(2) us(840) ansi-x962(10045) }
-- X9.62 ECDSA signatures with SHA-1
ecdsa-with-SHA1 OID ::= { ansi-X9-62 signatures(4) 1 }
-- X9.62 Named elliptic curves
EllipiticCurves ALGORITHM ::= { ... }
ellipticCurve OID ::= { ansi-X9-62 curves(3) }
c-TwoCurve OID ::= {
ellipticCurve characteristicTwo(0) }
c2pnb163v1 OID ::= { c-TwoCurve 1 }
c2pnb163v2 OID ::= { c-TwoCurve 2 }
c2pnb163v3 OID ::= { c-TwoCurve 3 }
c2pnb176w1 OID ::= { c-TwoCurve 4 }
c2tnb191v1 OID ::= { c-TwoCurve 5 }
c2tnb191v2 OID ::= { c-TwoCurve 6 }
c2tnb191v3 OID ::= { c-TwoCurve 7 }
c2onb191v4 OID ::= { c-TwoCurve 8 }
c2onb191v5 OID ::= { c-TwoCurve 9 }
c2pnb208w1 OID ::= { c-TwoCurve 10 }
c2tnb239v1 OID ::= { c-TwoCurve 11 }
c2tnb239v2 OID ::= { c-TwoCurve 12 }
c2tnb239v3 OID ::= { c-TwoCurve 13 }
c2onb239v4 OID ::= { c-TwoCurve 14 }
c2onb239v5 OID ::= { c-TwoCurve 15 }
c2pnb272w1 OID ::= { c-TwoCurve 16 }
c2pnb304w1 OID ::= { c-TwoCurve 17 }
c2tnb359v1 OID ::= { c-TwoCurve 18 }
c2pnb368w1 OID ::= { c-TwoCurve 19 }
c2tnb431r1 OID ::= { c-TwoCurve 20 }
primeCurve OID ::= { ellipticCurve prime(1) }
prime192v1 OID ::= { primeCurve 1 }
prime192v2 OID ::= { primeCurve 2 }
prime192v3 OID ::= { primeCurve 3 }
prime239v1 OID ::= { primeCurve 4 }
prime239v2 OID ::= { primeCurve 5 }
prime239v3 OID ::= { primeCurve 6 }
prime256v1 OID ::= { primeCurve 7 }
id-data OID ::= {
iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
pkcs7(7) data(1)
}
END -- X9-84-Identifiers --
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC