[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [xcbf] X9.84 Revision
We test this with our compiler and it compiles OK.
Regards,
Ed Day
Objective Systems, Inc.
REAL WORLD ASN.1 AND XML SOLUTIONS
Tel: +1 (484) 875-3020
Fax: +1 (484) 875-2913
Toll-free: (877) 307-6855 (USA only)
mailto:eday@obj-sys.com
http://www.obj-sys.com
----- Original Message -----
From: "Phil Griffin" <phil.griffin@asn-1.com>
To: "Bancroft Scott" <baos@oss.com>
Cc: "xcbf" <xcbf@lists.oasis-open.org>
Sent: Tuesday, August 06, 2002 10:37 PM
Subject: Re: [xcbf] X9.84 Revision
> Bancroft,
>
> Appreciate the help. I've been solely focused on the
> design of the X9.84 revision that I've neglected to
> update the schema modules. Best to wait on checking
> the CMS module until I update it to conform with the
> latest X9.73/IETF work.
>
> But here's the base X9.84 code with supporting stubs
> and OID module that compiles using your ASN.1 schema
> checker with no errors.
>
> Please verify that my results can be duplicated and
> post your results to this list.
>
> And please vote on accepting this base module if you
> then find this base module acceptable.
>
> Phil
>
>
>
> Bancroft Scott wrote:
>
> > On Tue, 6 Aug 2002, Phil Griffin wrote:
> >
> >
> >>
> >>Bancroft Scott wrote:
> >>
> >>
> >>>On Tue, 6 Aug 2002, Phil Griffin wrote:
> >>>
> >>>
> >>>
> >>>>Bancroft,
> >>>>
> >>>>I have not finished writing these yet. But the most
> >>>>current OID module is in the XCBF document in the
> >>>>private area of the XCBF site. It is almost
> >>>>certainly complete.
> >>>>
> >>>>
> >>>No, it has at least one syntax error (missing ::=). It would be good if
> >>>the modules were syntax checked using tools such as the free syntax
> >>>checker from OSS or France Telecom.
> >>>
> >>At which line number(s)?
> >>
> >
> > EllipiticCurves ALGORITHM { ... }
> >
> > However, I don't know if that is the only problem. I recommend that you
> > use a syntax checker to verify its correctness instead of trying to do
it
> > by eye. Even with languages such as C that I have been using for over
two
> > decades I can never be sure that I've caught all syntax errors when I
rely
> > my eyes. ASN.1 is no different.
> >
> >
> >>>>The CMS module is in a bit of
> >>>>flux if you're using sophisticated tools. I've
> >>>>hand coded this stuff twice before and did again
> >>>>for my XCBF tools - I find that the encoding is
> >>>>not too complex and it is the cryptographic
> >>>>processing and key management that are most
> >>>>important.
> >>>>
> >>>>
> >>>It is good that it can be hand-coded, but it would be great if the
syntax
> >>>were clean enough so that it can be verified by machine.
> >>>
> >>Well it certainly must be before it is finished.
> >>But you know, in all fairness, I AM working on
> >>this without much if any assistance.
> >>
> >
> > I'm trying to help ....
> >
> >
> >>>>Completion of the CMS module has been awaiting two
> >>>>events that I thought it best we coordinate with.
> >>>>One is the latest revision of the IETF SMIME RFC,
> >>>>and the other is the reballoting version of X9.73.
> >>>>It is desirable, long term, for these two standards
> >>>>and XCBF to all use the same identifier and type
> >>>>names for common types such as SignedData.
> >>>>
> >>>>SMIME is nearly through their review process. X9.73
> >>>>was changed to its final version last week in Redondo
> >>>>Beach. Over the next week or so, I'll try to complete
> >>>>the revision of our XCBF module and incorporate this
> >>>>into the XCBF document.
> >>>>
> >>>>So, are you voting to move ahead with the new X9.84?
> >>>>
> >>>>
> >>>I leave that to Alessandro to make that decision for OSS.
> >>>
> >>Technically, my understanding is that each TC member
> >>has one vote, and "company" has no meaning. Not sure
> >>that I really believe this, but that is what I've
> >>been lead to believe are the rules.
> >>
> >
> >>From the summary of the corrections to X9.84 it is a definite
improvement
> > on the first version, but I prefer to have a schema that I know is in
> > order before I accept it.
> >
> >
> >>>However, the ASN.1 spec that you have provided needs more work. I have
> >>>been struggling to get it to cleanly compile, cutting here, pasting
there.
> >>>A real hassle. I've given up until we have something more solid.
> >>>
> >>Then you'll just have to be patient and wait for
> >>me to complete the work.
> >>
> >
> > No problem. I was reacting to John's request.
> >
> >
> >>>BTW, the XER encoding that you have at the bottom of x984.htm is
invalid.
> >>>If you cut the encoding and paste it to a file named, say, x984.xml,
then
> >>>use a basic XML syntax checker such as Internet Explorer to open the
file
> >>>you will see that it contains syntax errors.
> >>>
> >>You will recall that I stated clearly that it
> >>was WIP and had not been checked using my
> >>product.
> >>
> >
> > Okay.
> >
> >
> >>>>I have had no intention of publishing every single
> >>>>type needed to compile the XCBF ASN.1. The likes of
> >>>>DomainCertificate and Certificate and such are not
> >>>>really ours to control.
> >>>>
> >>>>
> >>>I am not suggesting that you publish these. However, if you reference
the
> >>>types then it would help much if you were to precisely identify where
the
> >>>types are defined so as to minimize the effort that everyone has to
make
> >>>to try and get a complete set of definitions. A set of URLs pointing
to
> >>>the resources that define all directly and indirectly imported types
would
> >>>be great.
> >>>
> >>If you know of such URLs please advise and I will
> >>be happy to include them. X.509 is likely available
> >>on Olivier's site. But I doubt that you will find
> >>the others.
> >>
> >
> > No, I don't know what they are, or I would not be stumbling around
looking
> > for them. However, you are referencing these other ASN.1 modules, what
is
> > the URL that points to the ones that you are working with?
> >
> >
> >>>>But I'm open to considering
> >>>>this, perhaps as annex materials. Note that I leave
> >>>>comments in the IMPORTS statements to tell readers
> >>>>where to find the appropriate modules.
> >>>>
> >>>>
> >>>I saw those. They are no doubt very meaningful to you, but for me
> >>>they just tell me what to enter in google to start my hunt. URLs
> >>>of some sort would be much better.
> >>>
> >>Please then DO suggest URLs or alternate text. Any
> >>and all help much appreciated.
> >>
> >
> > See above.
> >
> >
> >>>>For your compiler, I would suggest that you test by
> >>>>stubbing out missing types, using the likes of
> >>>>
> >>>> Certificate ::= SEQUENCE {}
> >>>> DomainCertificate ::= SEQUENCE {}
> >>>>
> >>>>
> >>>If only it were that simple.
> >>>
> >>>Where is CBEFF-Formats defined? I see that it is an information object
> >>>set of class "BIOMETRIC", but this class is locally defined. Does the
> >>>module that defines CBEFF-Formats (i.e., X9-84-Identifiers) import
> >>>BIOMETRIC from this module (X9-84-Biometrics), or does it redefine this
> >>>class?
> >>>
> >>CBEFF-Formats is defined in the XCBF document at
> >>lines 475 and 607. Once in the text and again in
> >>the schema module.
> >>
> >
> > OKAY! Now I see what I was doing wrong. I was grabbing the modules
that
> > you have on the XCBF site at:
> >
> > XCBF ASN.1 Schema for XML Markup March 31, 2002
> > (http://oasis-open.org/committees/xcbf/docs/schema.zip)
> >
> > The modules defined here are outdated.
> >
> > I should have been working with the document, "XCBF XML Common Biometric
> > Format June 13 2002.doc" that you mailed to us in June.
> >
> > I'll take another stab tomorrow using the modules from this document.
> >
> >
> >>>It is hard to tell if x984.htm is syntactically correct without a
> >>>complete ASN.1 schema.
> >>>
> >>Hah! If you look at it closely you will see that it
> >>contains placeholde text where actual values should
> >>be present. And as I said, it is not complete.
> >>
> >
> > Yes, I did notice that. I took it into consideration.
> >
> >
> >>My recollection was that Alessandro agreed to provide
> >>encoded examples. I am working these out on my website
> >>for the purpose of providing general information. I
> >>will of course try to integrate this effort into the
> >>XCBF if examples are not forthcoming from other sources.
> >>
> >>Hope that helps.
> >>
> >
> > Yup. I suspect that most of the problems will disappear once I try
using
> > the right set of modules.
> >
> > Do let me know if you prefer for me to hold off on looking at this until
> > you are finished. I'm more than willing to do what I can to help in
those
> > area where I have expertise.
> >
> > Bancroft
> >
> >
> >
> > ----------------------------------------------------------------
> > To subscribe or unsubscribe from this elist use the subscription
> > manager: <http://lists.oasis-open.org/ob/adm.pl>
> >
>
>
----------------------------------------------------------------------------
----
>
> X9-84-Biometrics {
> iso(1) identified-organization(3) tc68(133) country(16) x9(840)
> x9Standards(9) x9-84(84) module(0) biometrics(1) rev(1) }
> DEFINITIONS AUTOMATIC TAGS ::= BEGIN
>
> -- EXPORTS All;
>
> IMPORTS
>
> -- X9.84 Biometrics Information Management and Security IDs --
>
> BiometricTypes, CBEFF-Formats, IBIA-Formats, MatchingAIDs,
> ProcessingAIDs, X9-Formats
> FROM X9-84-Identifiers {
> iso(1) identified-organization(3) tc68(133) country(16)
> x9(840) x9Standards(9) x9-84(84) module(0)
> ids(3) rev(1) }
>
> -- X9.84 Biometrics Information Management and Security CMS --
>
> AuthenticatedData, EncryptedData, EnvelopedData,
> MACAlgorithmIdentifier, SignatureAlgorithmIdentifier,
> SignedData
> FROM X9-84-CMS {
> iso(1) identified-organization(3) tc68(133) country(16)
> x9(840) x9Standards(9) x9-84(84) module(0)
> cms(2) rev(1) } ;
>
>
> BiometricSyntaxSets ::= SEQUENCE SIZE(1..MAX) OF BiometricSyntax
>
> BiometricSyntax ::= CHOICE {
> biometricObjects BiometricObjects,
> integrityObjects IntegrityObjects,
> privacyObjects PrivacyObjects,
> privacyAndIntegrityObjects PrivacyAndIntegrityObjects
> }
>
> BiometricObjects ::= SEQUENCE SIZE(1..MAX) OF BiometricObject
>
> BiometricObject ::= SEQUENCE {
> biometricHeader BiometricHeader,
> biometricData BiometricData
> }
>
> --
> -- All of the cryptographic processing in this standard is performed
> -- on a value of type EncodedBiometricObjects. This is a sequence of
> -- one or more values of type BiometricObject in its encoded form.
> --
>
> EncodedBiometricObjects ::= BIOMETRIC.&Type( BiometricObjects )
>
> BiometricHeader ::= SEQUENCE {
> version BiometricVersion DEFAULT hv1,
> recordType RecordType OPTIONAL,
> dataType DataType OPTIONAL,
> purpose Purpose OPTIONAL,
> quality Quality OPTIONAL,
> validityPeriod ValidityPeriod OPTIONAL,
> format Format OPTIONAL
> }
>
> BiometricVersion ::= INTEGER { hv1(0) } (0..MAX)
>
> RecordType ::= BIOMETRIC.&name({BiometricTypes})
>
> DataType ::= ENUMERATED {
> raw (0),
> intermediate (1),
> processed (2)
> }
>
> Purpose ::= ENUMERATED {
> verify (1),
> identify (2),
> enroll (3),
> enrollVerify (4),
> enrollIdentity (5),
> audit (6),
>
> ... -- Expect other values --
> }
>
> Quality ::= INTEGER {
> lowest ( 0),
> highest (100),
> notSet ( -1),
> notSupported ( -2)
> } (-2..100,...)
>
> ValidityPeriod ::= SEQUENCE {
> notBefore DateTime OPTIONAL,
> notAfter DateTime OPTIONAL
> }
> (ALL EXCEPT({ -- none; at least one component is present -- }))
>
> DateTime ::= RELATIVE-OID -- { yyyy mm dd hh mm ss z } --
>
> Format ::= SEQUENCE {
> formatOwner BIOMETRIC.&name({Owner}),
> formatType BIOMETRIC.&Type({Owner}{@formatOwner}) OPTIONAL
> }
>
> Owner BIOMETRIC ::= {
> CBEFF-Formats | -- http://www.nist.gov --
> IBIA-Formats | -- http://www.ibia.org --
> X9-Formats, -- http://www.x9.org --
>
> ... -- expect additional vendor specific formats --
> }
>
> -- Integrity --
>
> IntegrityObjects ::= SEQUENCE {
> biometricObjects BiometricObjects,
> integrityBlock IntegrityBlock
> }
>
> IntegrityBlock ::= CHOICE {
> digitalSignature DigitalSignature,
> messageAuthenticationCode MessageAuthenticationCode,
> signedData SignedData,
> authenticatedData AuthenticatedData
> }
>
> DigitalSignature ::= SIGNATURE { EncodedBiometricObjects }
>
> MessageAuthenticationCode ::= MAC { EncodedBiometricObjects }
>
> -- Privacy --
>
> PrivacyObjects ::= SEQUENCE {
> biometricHeaders BiometricHeaders OPTIONAL,
> privacyBlock PrivacyBlock
> }
>
> BiometricHeaders ::= SEQUENCE SIZE(1..MAX) OF BiometricHeader
>
> PrivacyBlock ::= CHOICE {
> fixedKey EncryptedData,
> namedKey NamedKeyEncryptedData,
> establishedKey EnvelopedData
> }
>
> NamedKeyEncryptedData ::= SEQUENCE {
> keyName OCTET STRING (SIZE(1..MAX)),
> encryptedData EncryptedData
> }
>
> -- Privacy and integrity --
>
> PrivacyAndIntegrityObjects ::= SEQUENCE {
> biometricHeaders BiometricHeaders OPTIONAL,
> privacyBlock PrivacyBlock,
> integrityBlock IntegrityBlock
> }
>
> -- Authentication Information (AI) --
>
> BiometricInformationSets ::=
> SEQUENCE SIZE(1..MAX) OF BiometricInformation
>
> BiometricInformation ::= SEQUENCE {
> processingAlgorithms ProcessingAlgorithms OPTIONAL,
> matchingMethods MatchingMethods OPTIONAL
> }
> (ALL EXCEPT({ -- none; at least one component is present -- }))
>
> -- Biometric processing algorithms --
>
> ProcessingAlgorithms ::= SEQUENCE SIZE(1..MAX) OF ProcessingInformation
>
> ProcessingInformation ::= SEQUENCE {
> id BIOMETRIC.&name({ProcessingAIDs}),
> parms BIOMETRIC.&Type({ProcessingAIDs}{@id}) OPTIONAL
> }
>
> -- Biometric matching methods --
>
> MatchingMethods ::= SEQUENCE SIZE(1..MAX) OF MatchingInformation
>
> MatchingInformation ::= SEQUENCE {
> id BIOMETRIC.&name({MatchingAIDs}),
> parms BIOMETRIC.&Type({MatchingAIDs}{@id}) OPTIONAL
> }
>
> BiometricData ::= OCTET STRING(SIZE(1..MAX))
>
> -- Biometrics information object class --
>
> BIOMETRIC ::= CLASS {
> &name BIOMETRIC-IDENTIFIER UNIQUE,
> &Type OPTIONAL
> }
> WITH SYNTAX { BIOMETRIC &name [ DATA &Type ] }
>
> BIOMETRIC-IDENTIFIER ::= CHOICE {
> oid OBJECT IDENTIFIER, -- complete object identifier
> id RELATIVE-OID -- object identifier fragment
> }
>
> -- Parameterized types --
>
> SIGNATURE { ToBeSigned } ::= SEQUENCE {
> algorithmID SignatureAlgorithmIdentifier,
> signature BIT STRING( CONSTRAINED BY {
> -- signature on a value of -- ToBeSigned })
> }
>
> MAC { ToBeMACed } ::= SEQUENCE {
> keyName OCTET STRING OPTIONAL,
> algorithmID MACAlgorithmIdentifier,
> mac OCTET STRING (CONSTRAINED BY {
> -- MAC or HMAC on a value of -- ToBeMACed })
> }
>
> END -- X9-84-Biometrics --
>
>
> -- STUB --
>
> X9-84-CMS DEFINITIONS IMPLICIT TAGS ::= BEGIN
>
> AuthenticatedData ::= SEQUENCE {}
>
> EncryptedData ::= SEQUENCE {}
>
> EnvelopedData ::= SEQUENCE {}
>
> MACAlgorithmIdentifier ::= AlgorithmIdentifier {{MACAlgorithms}}
>
> MACAlgorithms ALGORITHM ::= { ... }
>
> SignatureAlgorithmIdentifier ::=
> AlgorithmIdentifier {{SignatureAlgorithms}}
>
> SignatureAlgorithms ALGORITHM ::= { ... }
>
> SignedData ::= SEQUENCE {}
>
> ALGORITHM ::= CLASS {
> &id OBJECT IDENTIFIER UNIQUE,
> &Type OPTIONAL
> }
> WITH SYNTAX { OID &id [PARMS &Type] }
>
> AlgorithmIdentifier { ALGORITHM:IOSet } ::= SEQUENCE {
> algorithm ALGORITHM.&id( {IOSet} ),
> parameters ALGORITHM.&Type( {IOSet}{@algorithm} ) OPTIONAL
> }
>
> END -- X9-84-CMS Stub --
>
>
> X9-84-Identifiers {
> iso(1) identified-organization(3) tc68(133) country(16) x9(840)
> x9Standards(9) x9-84(84) module(0) ids(3) rev(1) }
> DEFINITIONS AUTOMATIC TAGS ::= BEGIN
>
> -- EXPORTS All;
>
> IMPORTS
>
> -- X9.84 Biometrics Information Management and Security --
>
> BIOMETRIC, BiometricInformationSets
> FROM X9-84-Biometrics {
> iso(1) identified-organization(3) tc68(133) country(16)
> x9(840) x9Standards(9) x9-84(84) module(0)
> biometrics(1) rev(1) }
>
> -- X9.84 Biometrics Information Management and Security CMS --
>
> ALGORITHM
> FROM X9-84-CMS {
> iso(1) identified-organization(3) tc68(133) country(16)
> x9(840) x9Standards(9) x9-84(84) module(0)
> cms(2) rev(1) };
>
>
> OID ::= OBJECT IDENTIFIER -- Alias
>
> RelOID ::= RELATIVE-OID -- Alias
>
> -- x9-84 { 1 3 133 16 840 9 84 }
> -- x9-84-Module { 1 3 133 16 840 9 84 0 }
> -- x9-84-Biometrics { 1 3 133 16 840 9 84 0 1 }
> -- x9-84-CMS { 1 3 133 16 840 9 84 0 2 }
> -- x9-84-Identifiers { 1 3 133 16 840 9 84 0 3 }
> -- biometric { 1 3 133 16 840 9 84 1 }
> -- id-unknown-Type { 1 3 133 16 840 9 84 1 0 }
> -- id-body-Odor { 1 3 133 16 840 9 84 1 1 }
> -- id-dna { 1 3 133 16 840 9 84 1 2 }
> -- id-ear-Shape { 1 3 133 16 840 9 84 1 3 }
> -- id-facial-Features { 1 3 133 16 840 9 84 1 4 }
> -- id-finger-Image { 1 3 133 16 840 9 84 1 5 }
> -- id-finger-Geometry { 1 3 133 16 840 9 84 1 6 }
> -- id-hand-Geometry { 1 3 133 16 840 9 84 1 7 }
> -- id-iris-Features { 1 3 133 16 840 9 84 1 8 }
> -- id-keystroke-Dynamics { 1 3 133 16 840 9 84 1 9 }
> -- id-palm { 1 3 133 16 840 9 84 1 10 }
> -- id-retina { 1 3 133 16 840 9 84 1 11 }
> -- id-signature { 1 3 133 16 840 9 84 1 12 }
> -- id-speech-Pattern { 1 3 133 16 840 9 84 1 13 }
> -- id-thermal-Image { 1 3 133 16 840 9 84 1 14 }
> -- id-vein-Pattern { 1 3 133 16 840 9 84 1 15 }
> -- id-thermal-Face-Image { 1 3 133 16 840 9 84 1 16 }
> -- id-thermal-Hand-Image { 1 3 133 16 840 9 84 1 17 }
> -- id-lip-Movement { 1 3 133 16 840 9 84 1 18 }
> -- id-gait { 1 3 133 16 840 9 84 1 19 }
> -- processing-algorithm { 1 3 133 16 840 9 84 2 }
> -- matching-method { 1 3 133 16 840 9 84 3 }
> -- format-Owner { 1 3 133 16 840 9 84 4 }
> -- cbeff-Owner { 1 3 133 16 840 9 84 4 0 }
> -- ibia-Owner { 1 3 133 16 840 9 84 4 1 }
> -- id-ibia-SAFLINK { 1 3 133 16 840 9 84 4 1 1 }
> -- id-ibia-Bioscrypt { 1 3 133 16 840 9 84 4 1 2 }
> -- id-ibia-Visionics { 1 3 133 16 840 9 84 4 1 3 }
> -- id-ibia-InfineonTechnologiesAG { 1 3 133 16 840 9 84 4 1 4 }
> -- id-ibia-IridianTechnologies { 1 3 133 16 840 9 84 4 1 5 }
> -- id-ibia-Veridicom { 1 3 133 16 840 9 84 4 1 6 }
> -- id-ibia-CyberSIGN { 1 3 133 16 840 9 84 4 1 7 }
> -- id-ibia-eCryp { 1 3 133 16 840 9 84 4 1 8 }
> -- id-ibia-FingerprintCardsAB { 1 3 133 16 840 9 84 4 1 9 }
> -- id-ibia-SecuGen { 1 3 133 16 840 9 84 4 1 10 }
> -- id-ibia-PreciseBiometric { 1 3 133 16 840 9 84 4 1 11 }
> -- id-ibia-Identix { 1 3 133 16 840 9 84 4 1 12 }
> -- id-ibia-DERMALOG { 1 3 133 16 840 9 84 4 1 13 }
> -- x9-Owner { 1 3 133 16 840 9 84 4 2 }
>
> -- X9.84 arc; base object identifier --
>
> x9-84 OID ::= {
> iso(1) identified-organization(3) tc68(133) country(16)
> x9(840) x9Standards(9) x9-84(84)
> }
>
> -- X9.84 ASN.1 modules --
>
> x9-84-Module OID ::= { x9-84 modules(0) }
>
> -- PHG added rev(1) to the following three module OIDs
>
> x9-84-Biometrics OID ::= { x9-84-Module biometrics(1) rev(1) }
>
> x9-84-CMS OID ::= { x9-84-Module cms(2) rev(1) }
>
> x9-84-Identifiers OID ::= { x9-84-Module ids(3) rev(1) }
>
> -- X9.84 biometric technologies --
>
> biometric OID ::= { x9-84 biometrics(1) }
>
> id-unknown-Type OID ::= { biometric unknownType(0) }
> id-body-Odor OID ::= { biometric bodyOdor(1) }
> id-dna OID ::= { biometric dna(2) }
> id-ear-Shape OID ::= { biometric ear-Shape(3) }
> id-facial-Features OID ::= { biometric earShape(4) }
> id-finger-Image OID ::= { biometric facialFeatures(5) }
> id-finger-Geometry OID ::= { biometric fingerImage(6) }
> id-hand-Geometry OID ::= { biometric handGeometry(7) }
> id-iris-Features OID ::= { biometric irisFeatures(8) }
> id-keystroke-Dynamics OID ::= { biometric keystrokeDynamics(9) }
> id-palm OID ::= { biometric palm(10) }
> id-retina OID ::= { biometric retina(11) }
> id-signature OID ::= { biometric signature(12) }
> id-speech-Pattern OID ::= { biometric speech-Pattern(13) }
> id-thermal-Image OID ::= { biometric thermalImage(14) }
> id-vein-Pattern OID ::= { biometric veinPattern(15) }
> id-thermal-Face-Image OID ::= { biometric thermalFaceImage(16) }
> id-thermal-Hand-Image OID ::= { biometric thermalHandImage(17) }
> id-lip-Movement OID ::= { biometric lipMovement(18) }
> id-gait OID ::= { biometric gait(19) }
>
> -- X9.84 biometric technology object identifier fragments --
>
> unknown-Type RelOID ::= { unknownType(0) }
> body-Odor RelOID ::= { bodyOdor(1) }
> dna RelOID ::= { dna(2) }
> ear-Shape RelOID ::= { earShape(3) }
> facial-Features RelOID ::= { facialFeatures(4) }
> finger-Image RelOID ::= { fingerImage(5) }
> finger-Geometry RelOID ::= { fingerGeometry(6) }
> hand-Geometry RelOID ::= { handGeometry(7) }
> iris-Features RelOID ::= { irisFeatures(8) }
> keystroke-Dynamics RelOID ::= { keystrokeDynamics(9) }
> palm RelOID ::= { palm(10) }
> retina RelOID ::= { retina(11) }
> signature RelOID ::= { signature(12) }
> speech-Pattern RelOID ::= { speechPattern(13) }
> thermal-Image RelOID ::= { thermalImage(14) }
> vein-Pattern RelOID ::= { veinPattern(15) }
> thermal-Face-Image RelOID ::= { thermalFaceImage(16) }
> thermal-Hand-Image RelOID ::= { thermalHandImage(17) }
> lip-Movement RelOID ::= { lipMovement(18) }
> gait RelOID ::= { gait(19) }
>
> BiometricTypes BIOMETRIC ::= {
> { BIOMETRIC id : unknown-Type } |
> { BIOMETRIC id : body-Odor } |
> { BIOMETRIC id : dna } |
> { BIOMETRIC id : ear-Shape } |
> { BIOMETRIC id : facial-Features } |
> { BIOMETRIC id : finger-Image } |
> { BIOMETRIC id : finger-Geometry } |
> { BIOMETRIC id : hand-Geometry } |
> { BIOMETRIC id : iris-Features } |
> { BIOMETRIC id : keystroke-Dynamics } |
> { BIOMETRIC id : palm } |
> { BIOMETRIC id : retina } |
> { BIOMETRIC id : signature } |
> { BIOMETRIC id : speech-Pattern } |
> { BIOMETRIC id : thermal-Image } |
> { BIOMETRIC id : vein-Pattern } |
> { BIOMETRIC id : thermal-Face-Image } |
> { BIOMETRIC id : thermal-Hand-Image } |
> { BIOMETRIC id : lip-Movement } |
> { BIOMETRIC id : gait },
>
> ... -- expect additional biometric types --
> }
>
>
> -- X9.84 biometric processing algorithms --
>
> processing-algorithm OID ::= { x9-84 processingAlgorithms(2) }
>
> -- X9.84 biometric matching methods --
>
> matching-method OID ::= { x9-84 matchingMethods(3) }
>
> -- X9.84 vendor specific formats --
>
> format-Owner OID ::= { x9-84 format-owners(4) }
>
> cbeff-Owner OID ::= { format-Owner cbeff(0) }
>
> ibia-Owner OID ::= { format-Owner ibia(1) }
>
> x9-Owner OID ::= { format-Owner x9(2) }
>
> -- IBIA vendor specific formats registered at http://www.ibia.org
>
> id-ibia-SAFLINK OID ::= { ibia-Owner 1 }
> id-ibia-Bioscrypt OID ::= { ibia-Owner 2 }
> id-ibia-Visionics OID ::= { ibia-Owner 3 }
> id-ibia-InfineonTechnologiesAG OID ::= { ibia-Owner 4 }
> id-ibia-IridianTechnologies OID ::= { ibia-Owner 5 }
> id-ibia-Veridicom OID ::= { ibia-Owner 6 }
> id-ibia-CyberSIGN OID ::= { ibia-Owner 7 }
> id-ibia-eCryp OID ::= { ibia-Owner 8 }
> id-ibia-FingerprintCardsAB OID ::= { ibia-Owner 9 }
> id-ibia-SecuGen OID ::= { ibia-Owner 10 }
> id-ibia-PreciseBiometric OID ::= { ibia-Owner 11 }
> id-ibia-Identix OID ::= { ibia-Owner 12 }
> id-ibia-DERMALOG OID ::= { ibia-Owner 13 }
>
> -- When represented as values of type OBJECT IDENTIFIER, these
> -- IBIA vendor specific formats may be associated with any ASN.1
> -- type.
>
> IBIAoidFormats BIOMETRIC ::= {
> { BIOMETRIC oid : id-ibia-SAFLINK DATA Any } |
> { BIOMETRIC oid : id-ibia-Bioscrypt DATA Any } |
> { BIOMETRIC oid : id-ibia-Visionics DATA Any } |
> { BIOMETRIC oid : id-ibia-InfineonTechnologiesAG DATA Any } |
> { BIOMETRIC oid : id-ibia-IridianTechnologies DATA Any } |
> { BIOMETRIC oid : id-ibia-Veridicom DATA Any } |
> { BIOMETRIC oid : id-ibia-CyberSIGN DATA Any } |
> { BIOMETRIC oid : id-ibia-eCryp DATA Any } |
> { BIOMETRIC oid : id-ibia-FingerprintCardsAB DATA Any } |
> { BIOMETRIC oid : id-ibia-SecuGen DATA Any } |
> { BIOMETRIC oid : id-ibia-PreciseBiometric DATA Any } |
> { BIOMETRIC oid : id-ibia-Identix DATA Any } |
> { BIOMETRIC oid : id-ibia-DERMALOG DATA Any },
>
> ... -- Expect additional vendor specific formats --
> }
>
> Any ::= TYPE-IDENTIFIER.&Type -- Application constrained
>
> -- Relative object identifier representations of the identical
> -- IBIA vendor specific formats defined as OBJECT IDENTIFIER
> -- values above are used to identify these formats when they must
> -- comply with the fixed format requirements of the BioAPI 1.1
> -- specification and are associated with a two byte integer value.
>
> ibia-SAFLINK RelOID ::= { 1 }
> ibia-Bioscrypt RelOID ::= { 2 }
> ibia-Visionics RelOID ::= { 3 }
> ibia-InfineonTechnologiesAG RelOID ::= { 4 }
> ibia-IridianTechnologies RelOID ::= { 5 }
> ibia-Veridicom RelOID ::= { 6 }
> ibia-CyberSIGN RelOID ::= { 7 }
> ibia-eCryp RelOID ::= { 8 }
> ibia-FingerprintCardsAB RelOID ::= { 9 }
> ibia-SecuGen RelOID ::= { 10 }
> ibia-PreciseBiometric RelOID ::= { 11 }
> ibia-Identix RelOID ::= { 12 }
> ibia-DERMALOG RelOID ::= { 13 }
>
>
> IBIAidFormats BIOMETRIC ::= {
> { BIOMETRIC id : ibia-SAFLINK DATA BirInt16 } |
> { BIOMETRIC id : ibia-Bioscrypt DATA BirInt16 } |
> { BIOMETRIC id : ibia-Visionics DATA BirInt16 } |
> { BIOMETRIC id : ibia-InfineonTechnologiesAG DATA BirInt16 } |
> { BIOMETRIC id : ibia-IridianTechnologies DATA BirInt16 } |
> { BIOMETRIC id : ibia-Veridicom DATA BirInt16 } |
> { BIOMETRIC id : ibia-CyberSIGN DATA BirInt16 } |
> { BIOMETRIC id : ibia-eCryp DATA BirInt16 } |
> { BIOMETRIC id : ibia-FingerprintCardsAB DATA BirInt16 } |
> { BIOMETRIC id : ibia-SecuGen DATA BirInt16 } |
> { BIOMETRIC id : ibia-PreciseBiometric DATA BirInt16 } |
> { BIOMETRIC id : ibia-Identix DATA BirInt16 } |
> { BIOMETRIC id : ibia-DERMALOG DATA BirInt16 },
>
> ... -- Expect others --
> }
>
> BirInt16 ::= INTEGER (0..65535)
>
>
> IBIA-Formats BIOMETRIC ::= {
>
> IBIAoidFormats | -- Complete object identifiers
>
> IBIAidFormats, -- Object identifier fragments
>
> ... -- Expect additional IBIA vendor specific formats --
> }
>
> id-x984BioInfo OID ::= { cbeff-Owner x984BioInfo(0) }
>
>
> CBEFFoidFormats BIOMETRIC ::= {
> { BIOMETRIC oid : id-x984BioInfo DATA BiometricInformationSets },
>
> ... -- Expect other objects --
> }
>
> x984BioInfo RelOID ::= { x984BioInfo(0) } -- CBEFF owner
>
> CBEFFidFormats BIOMETRIC ::= {
> { BIOMETRIC id : x984BioInfo DATA BiometricInformationSets },
>
> ... -- Expect other objects --
> }
>
> CBEFF-Formats BIOMETRIC ::= {
>
> CBEFFoidFormats | -- Complete object identifiers
>
> CBEFFidFormats, -- Object identifier fragments
>
> ... -- Expect additional CBEFF vendor specific formats --
> }
>
> MatchingAIDs BIOMETRIC ::= {
>
> ... -- Expect CBEFF assignments in BiometricInformationSets --
> }
>
> ProcessingAIDs BIOMETRIC ::= {
>
> ... -- Expect CBEFF assignments in BiometricInformationSets --
> }
>
> X9-Formats BIOMETRIC ::= {
>
> ... -- Expect additional X9 vendor specific formats --
> }
>
> -- Security object identifiers
>
> -- id-sha1 { 1 3 14 3 2 26 }
> -- sha2Algorithm { 2 16 840 1 101 3 4 2 }
> -- id-sha256 { 2 16 840 1 101 3 4 2 1 }
> -- id-sha384 { 2 16 840 1 101 3 4 2 2 }
> -- id-sha512 { 2 16 840 1 101 3 4 2 3 }
>
>
> -- FIPS 180-1 and FIPS 180-2 Secure Hash Algorithm --
>
> id-sha1 OID ::= {
> iso(1) identified-organization(3) oiw(14) secsig(3)
> algorithm(2) 26
> }
>
> sha2Algorithm OID ::= {
> joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)
> csor(3) nistAlgorithm(4) hashAlgs(2)
> }
>
> id-sha256 OID ::= { sha2Algorithm sha256(1) }
>
> id-sha384 OID ::= { sha2Algorithm sha384(2) }
>
> id-sha512 OID ::= { sha2Algorithm sha512(3) }
>
> SHA-Algorithms ALGORITHM ::= {
> { OID id-sha1 PARMS NoIV } |
> { OID id-sha256 } |
> { OID id-sha384 } |
> { OID id-sha512 },
>
> ... -- Expect others --
> }
>
> NoIV ::= NULL -- No initialization vector
>
> -- X9.57 DSA signature generated with SHA-1 hash (DSA X9.30)
>
> dsa-with-sha1 OID ::= {
> iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) 3
> }
>
> -- RSA PKCS #1 public key and signatures
>
> pkcs-1 OID ::= {
> iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1
> }
>
> -- RSA public keys
>
> rsaEncryption OID ::= { pkcs-1 1 }
>
> -- RSA signature generated with SHA-1 hash
>
> sha1WithRSAEncryption OID ::= { pkcs-1 5 }
>
> -- X9.42 Diffie-Hellman Keys
>
> dhpublicnumber OID ::= {
> iso(1) member-body(2) us(840) ansi-x942(10046) number-type(2) 1 }
>
> -- ANS X9.52 Triple DES Modes of Operation --
>
> des-ede3-cbc OBJECT IDENTIFIER ::= {
> iso(1) member-body(2) us(840) rsadsi(113549)
> encryptionAlgorithm(3) 7
> }
>
> CBCParameter ::= OCTET STRING (SIZE(8))
>
> -- X9.62 Elliptic Curve Keys, Signatures, and Curves
>
> ansi-X9-62 OID ::= {
> iso(1) member-body(2) us(840) ansi-x962(10045) }
>
> -- X9.62 ECDSA signatures with SHA-1
>
> ecdsa-with-SHA1 OID ::= { ansi-X9-62 signatures(4) 1 }
>
> -- X9.62 Named elliptic curves
>
> EllipiticCurves ALGORITHM ::= { ... }
>
> ellipticCurve OID ::= { ansi-X9-62 curves(3) }
>
> c-TwoCurve OID ::= {
> ellipticCurve characteristicTwo(0) }
>
> c2pnb163v1 OID ::= { c-TwoCurve 1 }
> c2pnb163v2 OID ::= { c-TwoCurve 2 }
> c2pnb163v3 OID ::= { c-TwoCurve 3 }
> c2pnb176w1 OID ::= { c-TwoCurve 4 }
> c2tnb191v1 OID ::= { c-TwoCurve 5 }
> c2tnb191v2 OID ::= { c-TwoCurve 6 }
> c2tnb191v3 OID ::= { c-TwoCurve 7 }
> c2onb191v4 OID ::= { c-TwoCurve 8 }
> c2onb191v5 OID ::= { c-TwoCurve 9 }
> c2pnb208w1 OID ::= { c-TwoCurve 10 }
> c2tnb239v1 OID ::= { c-TwoCurve 11 }
> c2tnb239v2 OID ::= { c-TwoCurve 12 }
> c2tnb239v3 OID ::= { c-TwoCurve 13 }
> c2onb239v4 OID ::= { c-TwoCurve 14 }
> c2onb239v5 OID ::= { c-TwoCurve 15 }
> c2pnb272w1 OID ::= { c-TwoCurve 16 }
> c2pnb304w1 OID ::= { c-TwoCurve 17 }
> c2tnb359v1 OID ::= { c-TwoCurve 18 }
> c2pnb368w1 OID ::= { c-TwoCurve 19 }
> c2tnb431r1 OID ::= { c-TwoCurve 20 }
>
> primeCurve OID ::= { ellipticCurve prime(1) }
>
> prime192v1 OID ::= { primeCurve 1 }
> prime192v2 OID ::= { primeCurve 2 }
> prime192v3 OID ::= { primeCurve 3 }
> prime239v1 OID ::= { primeCurve 4 }
> prime239v2 OID ::= { primeCurve 5 }
> prime239v3 OID ::= { primeCurve 6 }
> prime256v1 OID ::= { primeCurve 7 }
>
> id-data OID ::= {
> iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
> pkcs7(7) data(1)
> }
>
>
> END -- X9-84-Identifiers --
>
>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC