[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [xcbf] X9.84 Revision
We test this with our compiler and it compiles OK. Regards, Ed Day Objective Systems, Inc. REAL WORLD ASN.1 AND XML SOLUTIONS Tel: +1 (484) 875-3020 Fax: +1 (484) 875-2913 Toll-free: (877) 307-6855 (USA only) mailto:eday@obj-sys.com http://www.obj-sys.com ----- Original Message ----- From: "Phil Griffin" <phil.griffin@asn-1.com> To: "Bancroft Scott" <baos@oss.com> Cc: "xcbf" <xcbf@lists.oasis-open.org> Sent: Tuesday, August 06, 2002 10:37 PM Subject: Re: [xcbf] X9.84 Revision > Bancroft, > > Appreciate the help. I've been solely focused on the > design of the X9.84 revision that I've neglected to > update the schema modules. Best to wait on checking > the CMS module until I update it to conform with the > latest X9.73/IETF work. > > But here's the base X9.84 code with supporting stubs > and OID module that compiles using your ASN.1 schema > checker with no errors. > > Please verify that my results can be duplicated and > post your results to this list. > > And please vote on accepting this base module if you > then find this base module acceptable. > > Phil > > > > Bancroft Scott wrote: > > > On Tue, 6 Aug 2002, Phil Griffin wrote: > > > > > >> > >>Bancroft Scott wrote: > >> > >> > >>>On Tue, 6 Aug 2002, Phil Griffin wrote: > >>> > >>> > >>> > >>>>Bancroft, > >>>> > >>>>I have not finished writing these yet. But the most > >>>>current OID module is in the XCBF document in the > >>>>private area of the XCBF site. It is almost > >>>>certainly complete. > >>>> > >>>> > >>>No, it has at least one syntax error (missing ::=). It would be good if > >>>the modules were syntax checked using tools such as the free syntax > >>>checker from OSS or France Telecom. > >>> > >>At which line number(s)? > >> > > > > EllipiticCurves ALGORITHM { ... } > > > > However, I don't know if that is the only problem. I recommend that you > > use a syntax checker to verify its correctness instead of trying to do it > > by eye. Even with languages such as C that I have been using for over two > > decades I can never be sure that I've caught all syntax errors when I rely > > my eyes. ASN.1 is no different. > > > > > >>>>The CMS module is in a bit of > >>>>flux if you're using sophisticated tools. I've > >>>>hand coded this stuff twice before and did again > >>>>for my XCBF tools - I find that the encoding is > >>>>not too complex and it is the cryptographic > >>>>processing and key management that are most > >>>>important. > >>>> > >>>> > >>>It is good that it can be hand-coded, but it would be great if the syntax > >>>were clean enough so that it can be verified by machine. > >>> > >>Well it certainly must be before it is finished. > >>But you know, in all fairness, I AM working on > >>this without much if any assistance. > >> > > > > I'm trying to help .... > > > > > >>>>Completion of the CMS module has been awaiting two > >>>>events that I thought it best we coordinate with. > >>>>One is the latest revision of the IETF SMIME RFC, > >>>>and the other is the reballoting version of X9.73. > >>>>It is desirable, long term, for these two standards > >>>>and XCBF to all use the same identifier and type > >>>>names for common types such as SignedData. > >>>> > >>>>SMIME is nearly through their review process. X9.73 > >>>>was changed to its final version last week in Redondo > >>>>Beach. Over the next week or so, I'll try to complete > >>>>the revision of our XCBF module and incorporate this > >>>>into the XCBF document. > >>>> > >>>>So, are you voting to move ahead with the new X9.84? > >>>> > >>>> > >>>I leave that to Alessandro to make that decision for OSS. > >>> > >>Technically, my understanding is that each TC member > >>has one vote, and "company" has no meaning. Not sure > >>that I really believe this, but that is what I've > >>been lead to believe are the rules. > >> > > > >>From the summary of the corrections to X9.84 it is a definite improvement > > on the first version, but I prefer to have a schema that I know is in > > order before I accept it. > > > > > >>>However, the ASN.1 spec that you have provided needs more work. I have > >>>been struggling to get it to cleanly compile, cutting here, pasting there. > >>>A real hassle. I've given up until we have something more solid. > >>> > >>Then you'll just have to be patient and wait for > >>me to complete the work. > >> > > > > No problem. I was reacting to John's request. > > > > > >>>BTW, the XER encoding that you have at the bottom of x984.htm is invalid. > >>>If you cut the encoding and paste it to a file named, say, x984.xml, then > >>>use a basic XML syntax checker such as Internet Explorer to open the file > >>>you will see that it contains syntax errors. > >>> > >>You will recall that I stated clearly that it > >>was WIP and had not been checked using my > >>product. > >> > > > > Okay. > > > > > >>>>I have had no intention of publishing every single > >>>>type needed to compile the XCBF ASN.1. The likes of > >>>>DomainCertificate and Certificate and such are not > >>>>really ours to control. > >>>> > >>>> > >>>I am not suggesting that you publish these. However, if you reference the > >>>types then it would help much if you were to precisely identify where the > >>>types are defined so as to minimize the effort that everyone has to make > >>>to try and get a complete set of definitions. A set of URLs pointing to > >>>the resources that define all directly and indirectly imported types would > >>>be great. > >>> > >>If you know of such URLs please advise and I will > >>be happy to include them. X.509 is likely available > >>on Olivier's site. But I doubt that you will find > >>the others. > >> > > > > No, I don't know what they are, or I would not be stumbling around looking > > for them. However, you are referencing these other ASN.1 modules, what is > > the URL that points to the ones that you are working with? > > > > > >>>>But I'm open to considering > >>>>this, perhaps as annex materials. Note that I leave > >>>>comments in the IMPORTS statements to tell readers > >>>>where to find the appropriate modules. > >>>> > >>>> > >>>I saw those. They are no doubt very meaningful to you, but for me > >>>they just tell me what to enter in google to start my hunt. URLs > >>>of some sort would be much better. > >>> > >>Please then DO suggest URLs or alternate text. Any > >>and all help much appreciated. > >> > > > > See above. > > > > > >>>>For your compiler, I would suggest that you test by > >>>>stubbing out missing types, using the likes of > >>>> > >>>> Certificate ::= SEQUENCE {} > >>>> DomainCertificate ::= SEQUENCE {} > >>>> > >>>> > >>>If only it were that simple. > >>> > >>>Where is CBEFF-Formats defined? I see that it is an information object > >>>set of class "BIOMETRIC", but this class is locally defined. Does the > >>>module that defines CBEFF-Formats (i.e., X9-84-Identifiers) import > >>>BIOMETRIC from this module (X9-84-Biometrics), or does it redefine this > >>>class? > >>> > >>CBEFF-Formats is defined in the XCBF document at > >>lines 475 and 607. Once in the text and again in > >>the schema module. > >> > > > > OKAY! Now I see what I was doing wrong. I was grabbing the modules that > > you have on the XCBF site at: > > > > XCBF ASN.1 Schema for XML Markup March 31, 2002 > > (http://oasis-open.org/committees/xcbf/docs/schema.zip) > > > > The modules defined here are outdated. > > > > I should have been working with the document, "XCBF XML Common Biometric > > Format June 13 2002.doc" that you mailed to us in June. > > > > I'll take another stab tomorrow using the modules from this document. > > > > > >>>It is hard to tell if x984.htm is syntactically correct without a > >>>complete ASN.1 schema. > >>> > >>Hah! If you look at it closely you will see that it > >>contains placeholde text where actual values should > >>be present. And as I said, it is not complete. > >> > > > > Yes, I did notice that. I took it into consideration. > > > > > >>My recollection was that Alessandro agreed to provide > >>encoded examples. I am working these out on my website > >>for the purpose of providing general information. I > >>will of course try to integrate this effort into the > >>XCBF if examples are not forthcoming from other sources. > >> > >>Hope that helps. > >> > > > > Yup. I suspect that most of the problems will disappear once I try using > > the right set of modules. > > > > Do let me know if you prefer for me to hold off on looking at this until > > you are finished. I'm more than willing to do what I can to help in those > > area where I have expertise. > > > > Bancroft > > > > > > > > ---------------------------------------------------------------- > > To subscribe or unsubscribe from this elist use the subscription > > manager: <http://lists.oasis-open.org/ob/adm.pl> > > > > ---------------------------------------------------------------------------- ---- > > X9-84-Biometrics { > iso(1) identified-organization(3) tc68(133) country(16) x9(840) > x9Standards(9) x9-84(84) module(0) biometrics(1) rev(1) } > DEFINITIONS AUTOMATIC TAGS ::= BEGIN > > -- EXPORTS All; > > IMPORTS > > -- X9.84 Biometrics Information Management and Security IDs -- > > BiometricTypes, CBEFF-Formats, IBIA-Formats, MatchingAIDs, > ProcessingAIDs, X9-Formats > FROM X9-84-Identifiers { > iso(1) identified-organization(3) tc68(133) country(16) > x9(840) x9Standards(9) x9-84(84) module(0) > ids(3) rev(1) } > > -- X9.84 Biometrics Information Management and Security CMS -- > > AuthenticatedData, EncryptedData, EnvelopedData, > MACAlgorithmIdentifier, SignatureAlgorithmIdentifier, > SignedData > FROM X9-84-CMS { > iso(1) identified-organization(3) tc68(133) country(16) > x9(840) x9Standards(9) x9-84(84) module(0) > cms(2) rev(1) } ; > > > BiometricSyntaxSets ::= SEQUENCE SIZE(1..MAX) OF BiometricSyntax > > BiometricSyntax ::= CHOICE { > biometricObjects BiometricObjects, > integrityObjects IntegrityObjects, > privacyObjects PrivacyObjects, > privacyAndIntegrityObjects PrivacyAndIntegrityObjects > } > > BiometricObjects ::= SEQUENCE SIZE(1..MAX) OF BiometricObject > > BiometricObject ::= SEQUENCE { > biometricHeader BiometricHeader, > biometricData BiometricData > } > > -- > -- All of the cryptographic processing in this standard is performed > -- on a value of type EncodedBiometricObjects. This is a sequence of > -- one or more values of type BiometricObject in its encoded form. > -- > > EncodedBiometricObjects ::= BIOMETRIC.&Type( BiometricObjects ) > > BiometricHeader ::= SEQUENCE { > version BiometricVersion DEFAULT hv1, > recordType RecordType OPTIONAL, > dataType DataType OPTIONAL, > purpose Purpose OPTIONAL, > quality Quality OPTIONAL, > validityPeriod ValidityPeriod OPTIONAL, > format Format OPTIONAL > } > > BiometricVersion ::= INTEGER { hv1(0) } (0..MAX) > > RecordType ::= BIOMETRIC.&name({BiometricTypes}) > > DataType ::= ENUMERATED { > raw (0), > intermediate (1), > processed (2) > } > > Purpose ::= ENUMERATED { > verify (1), > identify (2), > enroll (3), > enrollVerify (4), > enrollIdentity (5), > audit (6), > > ... -- Expect other values -- > } > > Quality ::= INTEGER { > lowest ( 0), > highest (100), > notSet ( -1), > notSupported ( -2) > } (-2..100,...) > > ValidityPeriod ::= SEQUENCE { > notBefore DateTime OPTIONAL, > notAfter DateTime OPTIONAL > } > (ALL EXCEPT({ -- none; at least one component is present -- })) > > DateTime ::= RELATIVE-OID -- { yyyy mm dd hh mm ss z } -- > > Format ::= SEQUENCE { > formatOwner BIOMETRIC.&name({Owner}), > formatType BIOMETRIC.&Type({Owner}{@formatOwner}) OPTIONAL > } > > Owner BIOMETRIC ::= { > CBEFF-Formats | -- http://www.nist.gov -- > IBIA-Formats | -- http://www.ibia.org -- > X9-Formats, -- http://www.x9.org -- > > ... -- expect additional vendor specific formats -- > } > > -- Integrity -- > > IntegrityObjects ::= SEQUENCE { > biometricObjects BiometricObjects, > integrityBlock IntegrityBlock > } > > IntegrityBlock ::= CHOICE { > digitalSignature DigitalSignature, > messageAuthenticationCode MessageAuthenticationCode, > signedData SignedData, > authenticatedData AuthenticatedData > } > > DigitalSignature ::= SIGNATURE { EncodedBiometricObjects } > > MessageAuthenticationCode ::= MAC { EncodedBiometricObjects } > > -- Privacy -- > > PrivacyObjects ::= SEQUENCE { > biometricHeaders BiometricHeaders OPTIONAL, > privacyBlock PrivacyBlock > } > > BiometricHeaders ::= SEQUENCE SIZE(1..MAX) OF BiometricHeader > > PrivacyBlock ::= CHOICE { > fixedKey EncryptedData, > namedKey NamedKeyEncryptedData, > establishedKey EnvelopedData > } > > NamedKeyEncryptedData ::= SEQUENCE { > keyName OCTET STRING (SIZE(1..MAX)), > encryptedData EncryptedData > } > > -- Privacy and integrity -- > > PrivacyAndIntegrityObjects ::= SEQUENCE { > biometricHeaders BiometricHeaders OPTIONAL, > privacyBlock PrivacyBlock, > integrityBlock IntegrityBlock > } > > -- Authentication Information (AI) -- > > BiometricInformationSets ::= > SEQUENCE SIZE(1..MAX) OF BiometricInformation > > BiometricInformation ::= SEQUENCE { > processingAlgorithms ProcessingAlgorithms OPTIONAL, > matchingMethods MatchingMethods OPTIONAL > } > (ALL EXCEPT({ -- none; at least one component is present -- })) > > -- Biometric processing algorithms -- > > ProcessingAlgorithms ::= SEQUENCE SIZE(1..MAX) OF ProcessingInformation > > ProcessingInformation ::= SEQUENCE { > id BIOMETRIC.&name({ProcessingAIDs}), > parms BIOMETRIC.&Type({ProcessingAIDs}{@id}) OPTIONAL > } > > -- Biometric matching methods -- > > MatchingMethods ::= SEQUENCE SIZE(1..MAX) OF MatchingInformation > > MatchingInformation ::= SEQUENCE { > id BIOMETRIC.&name({MatchingAIDs}), > parms BIOMETRIC.&Type({MatchingAIDs}{@id}) OPTIONAL > } > > BiometricData ::= OCTET STRING(SIZE(1..MAX)) > > -- Biometrics information object class -- > > BIOMETRIC ::= CLASS { > &name BIOMETRIC-IDENTIFIER UNIQUE, > &Type OPTIONAL > } > WITH SYNTAX { BIOMETRIC &name [ DATA &Type ] } > > BIOMETRIC-IDENTIFIER ::= CHOICE { > oid OBJECT IDENTIFIER, -- complete object identifier > id RELATIVE-OID -- object identifier fragment > } > > -- Parameterized types -- > > SIGNATURE { ToBeSigned } ::= SEQUENCE { > algorithmID SignatureAlgorithmIdentifier, > signature BIT STRING( CONSTRAINED BY { > -- signature on a value of -- ToBeSigned }) > } > > MAC { ToBeMACed } ::= SEQUENCE { > keyName OCTET STRING OPTIONAL, > algorithmID MACAlgorithmIdentifier, > mac OCTET STRING (CONSTRAINED BY { > -- MAC or HMAC on a value of -- ToBeMACed }) > } > > END -- X9-84-Biometrics -- > > > -- STUB -- > > X9-84-CMS DEFINITIONS IMPLICIT TAGS ::= BEGIN > > AuthenticatedData ::= SEQUENCE {} > > EncryptedData ::= SEQUENCE {} > > EnvelopedData ::= SEQUENCE {} > > MACAlgorithmIdentifier ::= AlgorithmIdentifier {{MACAlgorithms}} > > MACAlgorithms ALGORITHM ::= { ... } > > SignatureAlgorithmIdentifier ::= > AlgorithmIdentifier {{SignatureAlgorithms}} > > SignatureAlgorithms ALGORITHM ::= { ... } > > SignedData ::= SEQUENCE {} > > ALGORITHM ::= CLASS { > &id OBJECT IDENTIFIER UNIQUE, > &Type OPTIONAL > } > WITH SYNTAX { OID &id [PARMS &Type] } > > AlgorithmIdentifier { ALGORITHM:IOSet } ::= SEQUENCE { > algorithm ALGORITHM.&id( {IOSet} ), > parameters ALGORITHM.&Type( {IOSet}{@algorithm} ) OPTIONAL > } > > END -- X9-84-CMS Stub -- > > > X9-84-Identifiers { > iso(1) identified-organization(3) tc68(133) country(16) x9(840) > x9Standards(9) x9-84(84) module(0) ids(3) rev(1) } > DEFINITIONS AUTOMATIC TAGS ::= BEGIN > > -- EXPORTS All; > > IMPORTS > > -- X9.84 Biometrics Information Management and Security -- > > BIOMETRIC, BiometricInformationSets > FROM X9-84-Biometrics { > iso(1) identified-organization(3) tc68(133) country(16) > x9(840) x9Standards(9) x9-84(84) module(0) > biometrics(1) rev(1) } > > -- X9.84 Biometrics Information Management and Security CMS -- > > ALGORITHM > FROM X9-84-CMS { > iso(1) identified-organization(3) tc68(133) country(16) > x9(840) x9Standards(9) x9-84(84) module(0) > cms(2) rev(1) }; > > > OID ::= OBJECT IDENTIFIER -- Alias > > RelOID ::= RELATIVE-OID -- Alias > > -- x9-84 { 1 3 133 16 840 9 84 } > -- x9-84-Module { 1 3 133 16 840 9 84 0 } > -- x9-84-Biometrics { 1 3 133 16 840 9 84 0 1 } > -- x9-84-CMS { 1 3 133 16 840 9 84 0 2 } > -- x9-84-Identifiers { 1 3 133 16 840 9 84 0 3 } > -- biometric { 1 3 133 16 840 9 84 1 } > -- id-unknown-Type { 1 3 133 16 840 9 84 1 0 } > -- id-body-Odor { 1 3 133 16 840 9 84 1 1 } > -- id-dna { 1 3 133 16 840 9 84 1 2 } > -- id-ear-Shape { 1 3 133 16 840 9 84 1 3 } > -- id-facial-Features { 1 3 133 16 840 9 84 1 4 } > -- id-finger-Image { 1 3 133 16 840 9 84 1 5 } > -- id-finger-Geometry { 1 3 133 16 840 9 84 1 6 } > -- id-hand-Geometry { 1 3 133 16 840 9 84 1 7 } > -- id-iris-Features { 1 3 133 16 840 9 84 1 8 } > -- id-keystroke-Dynamics { 1 3 133 16 840 9 84 1 9 } > -- id-palm { 1 3 133 16 840 9 84 1 10 } > -- id-retina { 1 3 133 16 840 9 84 1 11 } > -- id-signature { 1 3 133 16 840 9 84 1 12 } > -- id-speech-Pattern { 1 3 133 16 840 9 84 1 13 } > -- id-thermal-Image { 1 3 133 16 840 9 84 1 14 } > -- id-vein-Pattern { 1 3 133 16 840 9 84 1 15 } > -- id-thermal-Face-Image { 1 3 133 16 840 9 84 1 16 } > -- id-thermal-Hand-Image { 1 3 133 16 840 9 84 1 17 } > -- id-lip-Movement { 1 3 133 16 840 9 84 1 18 } > -- id-gait { 1 3 133 16 840 9 84 1 19 } > -- processing-algorithm { 1 3 133 16 840 9 84 2 } > -- matching-method { 1 3 133 16 840 9 84 3 } > -- format-Owner { 1 3 133 16 840 9 84 4 } > -- cbeff-Owner { 1 3 133 16 840 9 84 4 0 } > -- ibia-Owner { 1 3 133 16 840 9 84 4 1 } > -- id-ibia-SAFLINK { 1 3 133 16 840 9 84 4 1 1 } > -- id-ibia-Bioscrypt { 1 3 133 16 840 9 84 4 1 2 } > -- id-ibia-Visionics { 1 3 133 16 840 9 84 4 1 3 } > -- id-ibia-InfineonTechnologiesAG { 1 3 133 16 840 9 84 4 1 4 } > -- id-ibia-IridianTechnologies { 1 3 133 16 840 9 84 4 1 5 } > -- id-ibia-Veridicom { 1 3 133 16 840 9 84 4 1 6 } > -- id-ibia-CyberSIGN { 1 3 133 16 840 9 84 4 1 7 } > -- id-ibia-eCryp { 1 3 133 16 840 9 84 4 1 8 } > -- id-ibia-FingerprintCardsAB { 1 3 133 16 840 9 84 4 1 9 } > -- id-ibia-SecuGen { 1 3 133 16 840 9 84 4 1 10 } > -- id-ibia-PreciseBiometric { 1 3 133 16 840 9 84 4 1 11 } > -- id-ibia-Identix { 1 3 133 16 840 9 84 4 1 12 } > -- id-ibia-DERMALOG { 1 3 133 16 840 9 84 4 1 13 } > -- x9-Owner { 1 3 133 16 840 9 84 4 2 } > > -- X9.84 arc; base object identifier -- > > x9-84 OID ::= { > iso(1) identified-organization(3) tc68(133) country(16) > x9(840) x9Standards(9) x9-84(84) > } > > -- X9.84 ASN.1 modules -- > > x9-84-Module OID ::= { x9-84 modules(0) } > > -- PHG added rev(1) to the following three module OIDs > > x9-84-Biometrics OID ::= { x9-84-Module biometrics(1) rev(1) } > > x9-84-CMS OID ::= { x9-84-Module cms(2) rev(1) } > > x9-84-Identifiers OID ::= { x9-84-Module ids(3) rev(1) } > > -- X9.84 biometric technologies -- > > biometric OID ::= { x9-84 biometrics(1) } > > id-unknown-Type OID ::= { biometric unknownType(0) } > id-body-Odor OID ::= { biometric bodyOdor(1) } > id-dna OID ::= { biometric dna(2) } > id-ear-Shape OID ::= { biometric ear-Shape(3) } > id-facial-Features OID ::= { biometric earShape(4) } > id-finger-Image OID ::= { biometric facialFeatures(5) } > id-finger-Geometry OID ::= { biometric fingerImage(6) } > id-hand-Geometry OID ::= { biometric handGeometry(7) } > id-iris-Features OID ::= { biometric irisFeatures(8) } > id-keystroke-Dynamics OID ::= { biometric keystrokeDynamics(9) } > id-palm OID ::= { biometric palm(10) } > id-retina OID ::= { biometric retina(11) } > id-signature OID ::= { biometric signature(12) } > id-speech-Pattern OID ::= { biometric speech-Pattern(13) } > id-thermal-Image OID ::= { biometric thermalImage(14) } > id-vein-Pattern OID ::= { biometric veinPattern(15) } > id-thermal-Face-Image OID ::= { biometric thermalFaceImage(16) } > id-thermal-Hand-Image OID ::= { biometric thermalHandImage(17) } > id-lip-Movement OID ::= { biometric lipMovement(18) } > id-gait OID ::= { biometric gait(19) } > > -- X9.84 biometric technology object identifier fragments -- > > unknown-Type RelOID ::= { unknownType(0) } > body-Odor RelOID ::= { bodyOdor(1) } > dna RelOID ::= { dna(2) } > ear-Shape RelOID ::= { earShape(3) } > facial-Features RelOID ::= { facialFeatures(4) } > finger-Image RelOID ::= { fingerImage(5) } > finger-Geometry RelOID ::= { fingerGeometry(6) } > hand-Geometry RelOID ::= { handGeometry(7) } > iris-Features RelOID ::= { irisFeatures(8) } > keystroke-Dynamics RelOID ::= { keystrokeDynamics(9) } > palm RelOID ::= { palm(10) } > retina RelOID ::= { retina(11) } > signature RelOID ::= { signature(12) } > speech-Pattern RelOID ::= { speechPattern(13) } > thermal-Image RelOID ::= { thermalImage(14) } > vein-Pattern RelOID ::= { veinPattern(15) } > thermal-Face-Image RelOID ::= { thermalFaceImage(16) } > thermal-Hand-Image RelOID ::= { thermalHandImage(17) } > lip-Movement RelOID ::= { lipMovement(18) } > gait RelOID ::= { gait(19) } > > BiometricTypes BIOMETRIC ::= { > { BIOMETRIC id : unknown-Type } | > { BIOMETRIC id : body-Odor } | > { BIOMETRIC id : dna } | > { BIOMETRIC id : ear-Shape } | > { BIOMETRIC id : facial-Features } | > { BIOMETRIC id : finger-Image } | > { BIOMETRIC id : finger-Geometry } | > { BIOMETRIC id : hand-Geometry } | > { BIOMETRIC id : iris-Features } | > { BIOMETRIC id : keystroke-Dynamics } | > { BIOMETRIC id : palm } | > { BIOMETRIC id : retina } | > { BIOMETRIC id : signature } | > { BIOMETRIC id : speech-Pattern } | > { BIOMETRIC id : thermal-Image } | > { BIOMETRIC id : vein-Pattern } | > { BIOMETRIC id : thermal-Face-Image } | > { BIOMETRIC id : thermal-Hand-Image } | > { BIOMETRIC id : lip-Movement } | > { BIOMETRIC id : gait }, > > ... -- expect additional biometric types -- > } > > > -- X9.84 biometric processing algorithms -- > > processing-algorithm OID ::= { x9-84 processingAlgorithms(2) } > > -- X9.84 biometric matching methods -- > > matching-method OID ::= { x9-84 matchingMethods(3) } > > -- X9.84 vendor specific formats -- > > format-Owner OID ::= { x9-84 format-owners(4) } > > cbeff-Owner OID ::= { format-Owner cbeff(0) } > > ibia-Owner OID ::= { format-Owner ibia(1) } > > x9-Owner OID ::= { format-Owner x9(2) } > > -- IBIA vendor specific formats registered at http://www.ibia.org > > id-ibia-SAFLINK OID ::= { ibia-Owner 1 } > id-ibia-Bioscrypt OID ::= { ibia-Owner 2 } > id-ibia-Visionics OID ::= { ibia-Owner 3 } > id-ibia-InfineonTechnologiesAG OID ::= { ibia-Owner 4 } > id-ibia-IridianTechnologies OID ::= { ibia-Owner 5 } > id-ibia-Veridicom OID ::= { ibia-Owner 6 } > id-ibia-CyberSIGN OID ::= { ibia-Owner 7 } > id-ibia-eCryp OID ::= { ibia-Owner 8 } > id-ibia-FingerprintCardsAB OID ::= { ibia-Owner 9 } > id-ibia-SecuGen OID ::= { ibia-Owner 10 } > id-ibia-PreciseBiometric OID ::= { ibia-Owner 11 } > id-ibia-Identix OID ::= { ibia-Owner 12 } > id-ibia-DERMALOG OID ::= { ibia-Owner 13 } > > -- When represented as values of type OBJECT IDENTIFIER, these > -- IBIA vendor specific formats may be associated with any ASN.1 > -- type. > > IBIAoidFormats BIOMETRIC ::= { > { BIOMETRIC oid : id-ibia-SAFLINK DATA Any } | > { BIOMETRIC oid : id-ibia-Bioscrypt DATA Any } | > { BIOMETRIC oid : id-ibia-Visionics DATA Any } | > { BIOMETRIC oid : id-ibia-InfineonTechnologiesAG DATA Any } | > { BIOMETRIC oid : id-ibia-IridianTechnologies DATA Any } | > { BIOMETRIC oid : id-ibia-Veridicom DATA Any } | > { BIOMETRIC oid : id-ibia-CyberSIGN DATA Any } | > { BIOMETRIC oid : id-ibia-eCryp DATA Any } | > { BIOMETRIC oid : id-ibia-FingerprintCardsAB DATA Any } | > { BIOMETRIC oid : id-ibia-SecuGen DATA Any } | > { BIOMETRIC oid : id-ibia-PreciseBiometric DATA Any } | > { BIOMETRIC oid : id-ibia-Identix DATA Any } | > { BIOMETRIC oid : id-ibia-DERMALOG DATA Any }, > > ... -- Expect additional vendor specific formats -- > } > > Any ::= TYPE-IDENTIFIER.&Type -- Application constrained > > -- Relative object identifier representations of the identical > -- IBIA vendor specific formats defined as OBJECT IDENTIFIER > -- values above are used to identify these formats when they must > -- comply with the fixed format requirements of the BioAPI 1.1 > -- specification and are associated with a two byte integer value. > > ibia-SAFLINK RelOID ::= { 1 } > ibia-Bioscrypt RelOID ::= { 2 } > ibia-Visionics RelOID ::= { 3 } > ibia-InfineonTechnologiesAG RelOID ::= { 4 } > ibia-IridianTechnologies RelOID ::= { 5 } > ibia-Veridicom RelOID ::= { 6 } > ibia-CyberSIGN RelOID ::= { 7 } > ibia-eCryp RelOID ::= { 8 } > ibia-FingerprintCardsAB RelOID ::= { 9 } > ibia-SecuGen RelOID ::= { 10 } > ibia-PreciseBiometric RelOID ::= { 11 } > ibia-Identix RelOID ::= { 12 } > ibia-DERMALOG RelOID ::= { 13 } > > > IBIAidFormats BIOMETRIC ::= { > { BIOMETRIC id : ibia-SAFLINK DATA BirInt16 } | > { BIOMETRIC id : ibia-Bioscrypt DATA BirInt16 } | > { BIOMETRIC id : ibia-Visionics DATA BirInt16 } | > { BIOMETRIC id : ibia-InfineonTechnologiesAG DATA BirInt16 } | > { BIOMETRIC id : ibia-IridianTechnologies DATA BirInt16 } | > { BIOMETRIC id : ibia-Veridicom DATA BirInt16 } | > { BIOMETRIC id : ibia-CyberSIGN DATA BirInt16 } | > { BIOMETRIC id : ibia-eCryp DATA BirInt16 } | > { BIOMETRIC id : ibia-FingerprintCardsAB DATA BirInt16 } | > { BIOMETRIC id : ibia-SecuGen DATA BirInt16 } | > { BIOMETRIC id : ibia-PreciseBiometric DATA BirInt16 } | > { BIOMETRIC id : ibia-Identix DATA BirInt16 } | > { BIOMETRIC id : ibia-DERMALOG DATA BirInt16 }, > > ... -- Expect others -- > } > > BirInt16 ::= INTEGER (0..65535) > > > IBIA-Formats BIOMETRIC ::= { > > IBIAoidFormats | -- Complete object identifiers > > IBIAidFormats, -- Object identifier fragments > > ... -- Expect additional IBIA vendor specific formats -- > } > > id-x984BioInfo OID ::= { cbeff-Owner x984BioInfo(0) } > > > CBEFFoidFormats BIOMETRIC ::= { > { BIOMETRIC oid : id-x984BioInfo DATA BiometricInformationSets }, > > ... -- Expect other objects -- > } > > x984BioInfo RelOID ::= { x984BioInfo(0) } -- CBEFF owner > > CBEFFidFormats BIOMETRIC ::= { > { BIOMETRIC id : x984BioInfo DATA BiometricInformationSets }, > > ... -- Expect other objects -- > } > > CBEFF-Formats BIOMETRIC ::= { > > CBEFFoidFormats | -- Complete object identifiers > > CBEFFidFormats, -- Object identifier fragments > > ... -- Expect additional CBEFF vendor specific formats -- > } > > MatchingAIDs BIOMETRIC ::= { > > ... -- Expect CBEFF assignments in BiometricInformationSets -- > } > > ProcessingAIDs BIOMETRIC ::= { > > ... -- Expect CBEFF assignments in BiometricInformationSets -- > } > > X9-Formats BIOMETRIC ::= { > > ... -- Expect additional X9 vendor specific formats -- > } > > -- Security object identifiers > > -- id-sha1 { 1 3 14 3 2 26 } > -- sha2Algorithm { 2 16 840 1 101 3 4 2 } > -- id-sha256 { 2 16 840 1 101 3 4 2 1 } > -- id-sha384 { 2 16 840 1 101 3 4 2 2 } > -- id-sha512 { 2 16 840 1 101 3 4 2 3 } > > > -- FIPS 180-1 and FIPS 180-2 Secure Hash Algorithm -- > > id-sha1 OID ::= { > iso(1) identified-organization(3) oiw(14) secsig(3) > algorithm(2) 26 > } > > sha2Algorithm OID ::= { > joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) > csor(3) nistAlgorithm(4) hashAlgs(2) > } > > id-sha256 OID ::= { sha2Algorithm sha256(1) } > > id-sha384 OID ::= { sha2Algorithm sha384(2) } > > id-sha512 OID ::= { sha2Algorithm sha512(3) } > > SHA-Algorithms ALGORITHM ::= { > { OID id-sha1 PARMS NoIV } | > { OID id-sha256 } | > { OID id-sha384 } | > { OID id-sha512 }, > > ... -- Expect others -- > } > > NoIV ::= NULL -- No initialization vector > > -- X9.57 DSA signature generated with SHA-1 hash (DSA X9.30) > > dsa-with-sha1 OID ::= { > iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) 3 > } > > -- RSA PKCS #1 public key and signatures > > pkcs-1 OID ::= { > iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 > } > > -- RSA public keys > > rsaEncryption OID ::= { pkcs-1 1 } > > -- RSA signature generated with SHA-1 hash > > sha1WithRSAEncryption OID ::= { pkcs-1 5 } > > -- X9.42 Diffie-Hellman Keys > > dhpublicnumber OID ::= { > iso(1) member-body(2) us(840) ansi-x942(10046) number-type(2) 1 } > > -- ANS X9.52 Triple DES Modes of Operation -- > > des-ede3-cbc OBJECT IDENTIFIER ::= { > iso(1) member-body(2) us(840) rsadsi(113549) > encryptionAlgorithm(3) 7 > } > > CBCParameter ::= OCTET STRING (SIZE(8)) > > -- X9.62 Elliptic Curve Keys, Signatures, and Curves > > ansi-X9-62 OID ::= { > iso(1) member-body(2) us(840) ansi-x962(10045) } > > -- X9.62 ECDSA signatures with SHA-1 > > ecdsa-with-SHA1 OID ::= { ansi-X9-62 signatures(4) 1 } > > -- X9.62 Named elliptic curves > > EllipiticCurves ALGORITHM ::= { ... } > > ellipticCurve OID ::= { ansi-X9-62 curves(3) } > > c-TwoCurve OID ::= { > ellipticCurve characteristicTwo(0) } > > c2pnb163v1 OID ::= { c-TwoCurve 1 } > c2pnb163v2 OID ::= { c-TwoCurve 2 } > c2pnb163v3 OID ::= { c-TwoCurve 3 } > c2pnb176w1 OID ::= { c-TwoCurve 4 } > c2tnb191v1 OID ::= { c-TwoCurve 5 } > c2tnb191v2 OID ::= { c-TwoCurve 6 } > c2tnb191v3 OID ::= { c-TwoCurve 7 } > c2onb191v4 OID ::= { c-TwoCurve 8 } > c2onb191v5 OID ::= { c-TwoCurve 9 } > c2pnb208w1 OID ::= { c-TwoCurve 10 } > c2tnb239v1 OID ::= { c-TwoCurve 11 } > c2tnb239v2 OID ::= { c-TwoCurve 12 } > c2tnb239v3 OID ::= { c-TwoCurve 13 } > c2onb239v4 OID ::= { c-TwoCurve 14 } > c2onb239v5 OID ::= { c-TwoCurve 15 } > c2pnb272w1 OID ::= { c-TwoCurve 16 } > c2pnb304w1 OID ::= { c-TwoCurve 17 } > c2tnb359v1 OID ::= { c-TwoCurve 18 } > c2pnb368w1 OID ::= { c-TwoCurve 19 } > c2tnb431r1 OID ::= { c-TwoCurve 20 } > > primeCurve OID ::= { ellipticCurve prime(1) } > > prime192v1 OID ::= { primeCurve 1 } > prime192v2 OID ::= { primeCurve 2 } > prime192v3 OID ::= { primeCurve 3 } > prime239v1 OID ::= { primeCurve 4 } > prime239v2 OID ::= { primeCurve 5 } > prime239v3 OID ::= { primeCurve 6 } > prime256v1 OID ::= { primeCurve 7 } > > id-data OID ::= { > iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) > pkcs7(7) data(1) > } > > > END -- X9-84-Identifiers -- > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC