-- ASN module extracted from ITU-T X.1084 (05/2008)
-- ASN.1 definitions for modified TLS extension protocol
TSM {itu-t(0) recommendation(0) x(24) tsm-1(1084) modules(0) protocol(0) version1(1)}
DEFINITIONS AUTOMATIC TAGS ::=
BEGIN
IMPORTS
BioAPI-BFP-SCHEMA,BioAPI-BSP-SCHEMA,BioAPI-FMR,BioAPI-BIR,
BioAPI-BIR-BIOMETRIC-TYPE
FROM BIP {joint-iso-itu-t(2) bip(41) modules(0) bip(0) version1(1)}
BiometricCertificate
FROM TAI {itu-t(0) recommendation(0) x(24) tai(1089) modules(0) framework(0) version1(1)}
SignedData
FROM X9-84-CMS {iso(1) identified-organization(3) tc68(133) country(16) x9(840) x9Standards(9) x9-84(84) module(0) cms(2) rev(1)} -- OASIS X9.84-CMS (2003), XML Common Biometric Format
SignedDataACBio, ACBioContentInformation
FROM AuthenticationContextForBiometrics {iso(1) standard(0) acbio(24761) module(1) acbio(2) version1(1)}
DistinguishedName,Name
FROM InformationFramework {joint-iso-itu-t ds(5) module(1) informationFramework(1) 5}
Certificate, CertificateSerialNumber
FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1) authenticationFramework(7) 5};
UINT8 ::= INTEGER(0..255)
UINT16 ::= INTEGER(0..65535)
UINT24 ::= INTEGER(0..16777215)
UINT32 ::= INTEGER(0..4294967295)
UINT64 ::= INTEGER(0..18446744073709551615)
Opaque ::= OCTET STRING
BiometricType ::= BioAPI-BIR-BIOMETRIC-TYPE
SampleData ::= BioAPI-BIR
HandshakeType ::= INTEGER {
hello-request (0),
client-hello (1),
server-hello (2),
certificate-list (11),
server-key-exchange (12),
certificate-request (13),
server-hello-done (14),
certificate-verify (15),
client-key-exchange (16),
finished (20),
biometric-client-hello (100),
biometric-server-hello (101)
} (0..255)
HANDSHAKE ::= CLASS {
&Type,
&id HandshakeType UNIQUE}
WITH SYNTAX {
&Type IDENTIFIED-BY &id
}
Handshake ::= SEQUENCE {
type HANDSHAKE.&id({Handshakes}),
value HANDSHAKE.&Type({Handshakes}{@type})
}
Handshakes HANDSHAKE ::= {
helloRequest|
clientHello |
serverHello |
certificateList |
serverKeyExchange |
certificateRequest |
serverHelloDone |
certificateVerify |
clientKeyExchange |
finished |
biometricClientHello |
biometricServerHello,
...
}
biometricClientHello HANDSHAKE ::= {
BiometricClientHello IDENTIFIED-BY biometric-client-hello
}
BiometricClientHello ::= SEQUENCE(SIZE(1..MAX)) OF BiometricMethod
BiometricMethod ::= SEQUENCE {
biometricType BiometricType,
biometricFunctionProvider BSP-BFP-Schema,
networkAuthenticationModel NetworkAuthenticationModel,
thirdPartyInfo UTF8String
}
BSP-BFP-Schema ::= CHOICE {
bSPSchema BioAPI-BSP-SCHEMA,
bFPSchema BioAPI-BFP-SCHEMA
}
BSP-BFP-Schemas ::= SEQUENCE(SIZE(1..MAX)) OF BSP-BFP-Schema
NetworkAuthenticationModel ::= ENUMERATED {
no-value (0), -- no selection --
local-model (1),
download-model (2),
attached-model (3),
center-model (4),
ref-onttp-for-local-model (5),
ref-onttp-for-center-model (6),
comparison-outsourcing-by-client-model (7),
comparison-outsourcing-by-server-model (8),
storage-comparison-outsourcing-by-client-model (9),
storage-comparison-outsourcing-by-server-model (10),
...
}
biometricServerHello HANDSHAKE ::= {
BiometricServerHello IDENTIFIED-BY biometric-server-hello
}
BiometricServerHello ::= SEQUENCE {
request BiometricAuthenticationRequest
}
Quality ::= INTEGER(0..100)
BiometricAuthenticationRequest ::= SEQUENCE {
biometricMethod BiometricMethod,
requestFMR BioAPI-FMR,
-- (32-bit integer value:requestFMR/231-1)
requestTrialNumber INTEGER(1..15),
requestQuality Quality,
requestTemplateData XtsmTemplate OPTIONAL
-- for download model (no value available)
}
Alert ::= SEQUENCE {
level AlertLevel,
description AlertDescription
}
AlertLevel ::= ENUMERATED {
warning (1),
fatal (2)
}
AlertDescription ::= ENUMERATED {
close-notify (0),
unexpected-message (10),
bad-record-mac (20),
decryption-failed (21),
record-overflow (22),
decompression-failure (30),
handshake-failure (40),
-- 41 is not defined, for historical reasons
bad-certificate (42),
unsupported-certificate (43),
certificate-revoked (44),
certificate-expired (45),
certificate-unknown (46),
illegal-parameter (47),
unknown-ca (48),
access-denied (49),
decode-error (50),
decrypt-error (51),
export-restriction (60),
protocol-version (70),
insufficient-security (71),
internal-error (80),
user-canceled (90),
no-renegotiation (100),
unsupported-extension (110),
certificate-unobtainable (111),
unrecognized-name (112),
bad-certificate-status-response (113),
bad-certificate-hash-value (114),
unacceptable-model (115), -- Extension item for TSM
unacceptable-biometrics (116), -- Extension item for TSM
unsupported-biometrics (117) -- Extension item for TSM
}
TSMPlainText ::= SEQUENCE {
protocolID ProtocolIdentifier,
version ProtocolVersion,
fragment CHOICE {
change-cipher-spec-opaque ChangeCipherSpec,
alert-opaque Alert,
biometric-handshake-opaque Handshake,
application-data-opaque ApplicationData
}
}
ProtocolIdentifier ::= UINT8
ProtocolVersion ::= SEQUENCE {
major UINT8,
minor UINT8
}
ChangeCipherSpec ::= ENUMERATED {
change-cipher-spec(1),
...
}
ApplicationData ::= Opaque
TSMCipherText ::= SEQUENCE {
protocolID ProtocolIdentifier,
type ContentType,
version ProtocolVersion,
fragment CHOICE {
stream GenericStreamCipher,
block GenericBlockCipher
}
}
ContentType ::= ENUMERATED {
change-cipher-spec (20),
alert (21),
handshake (22),
application-data (23),
...
}
GenericStreamCipher ::= SEQUENCE {
content Opaque(SIZE(0..65535)),
mAC HASH{Opaque}
}
GenericBlockCipher ::= SEQUENCE {
content Opaque(SIZE(0..65535)),
mAC HASH{Opaque},
padding Opaque(SIZE(0..255))
(CONSTRAINED BY {-- each octet contains the number of
-- padding octets minus 1 to obtain
-- a length multiple of block length
GenericBlockCipher})
}
HASH{ToBeHashed} ::= Opaque(SIZE(0..255))
(CONSTRAINED BY {ToBeHashed})
helloRequest HANDSHAKE ::= {
HelloRequest IDENTIFIED-BY hello-request
}
HelloRequest ::= NULL
clientHello HANDSHAKE ::= {
ClientHello IDENTIFIED-BY client-hello
}
ClientHello ::= SEQUENCE {
client-version ProtocolVersion,
random ClientRandom,
session-id SessionID,
cipher-suites CipherSuites,
compression-methods CompressionMethods,
...,
...,
client-hello-extension-list ExtensionValues
}
EXTENSION ::= CLASS {
&id ExtensionType UNIQUE,
&Type
}
WITH SYNTAX {
&Type IDENTIFIED-BY &id
}
ExtensionType ::= INTEGER(0..66535)
Extensions EXTENSION ::= {
...
}
ExtensionValues ::= SEQUENCE OF ExtensionValue
ExtensionValue ::= SEQUENCE {
extension-type EXTENSION.&id({Extensions}),
extension-data EXTENSION.&Type({Extensions}{@extension-type})
}
ClientRandom ::= SEQUENCE {
gmt-unix-time UINT32,
random-bytes Opaque(SIZE(28))
}
SessionID ::= UINT32
CipherSuites ::= SEQUENCE(SIZE(1..32767)) OF CipherSuite
CipherSuite ::= ENUMERATED {
tls-null-with-null-null (0),
tls-rsa-with-null-md5 (1),
tls-rsa-with-null-sha (2),
tls-rsa-export-with-rc4-40-md5 (3),
tls-rsa-with-rc4-128-md5 (4),
tls-rsa-with-rc4-128-sha (5),
tls-rsa-export-with-rc2-cbc-40-md5 (6),
tls-rsa-with-idea-cbc-sha (7),
tls-rsa-export-with-des40-cbc-sha (8),
tls-rsa-with-des-cbc-sha (9),
tls-rsa-with-3des-ede-cbc-sha (10),
tls-dh-dss-export-with-des40-cbc-sha (11),
tls-dh-dss-with-des-cbc-sha (12),
tls-dh-dss-with-3des-ede-cbc-sha (13),
tls-dh-rsa-export-with-des40-cbc-sha (14),
tls-dh-rsa-with-des-cbc-sha (15),
tls-dh-rsa-with-3des-ede-cbc-sha (16),
tls-dhe-dss-export-with-des40-cbc-sha (17),
tls-dhe-dss-with-des-cbc-sha (18),
tls-dhe-dss-with-3des-ede-cbc-sha (19),
tls-dhe-rsa-export-with-des40-cbc-sha (20),
tls-dhe-rsa-with-des-cbc-sha (21),
tls-dhe-rsa-with-3des-ede-cbc-sha (22),
tls-dh-anon-export-rc4-40-md5 (23),
tls-dh-anon-with-rc4-128-md5 (24),
tls-dh-anon-export-with-des40-cbc-sha (25),
tls-dh-anon-with-des-cbc-sha (26),
tls-dh-anon-with-3des-ede-cbc-sha (27),
-- numbers 28 and 29 are reserved to prevent confusion with SSLv3
tls-krb5-with-des-cbc-sha (30),
tls-krb5-with-3des-ede-cbc-sha (31),
tls-krb5-with-rc4-128-sha (32),
tls-krb5-with-idea-cbc-sha (33),
tls-krb5-with-des-cbc-md5 (34),
tls-krb5-with-3des-ede-cbc-md5 (35),
tls-krb5-with-rc4-128-md5 (36),
tls-krb5-with-idea-cbc-md5 (37),
tls-krb5-export-with-des-cbc-40-sha (38),
tls-krb5-export-with-rc2-cbc-40-sha (39),
tls-krb5-export-with-rc4-40-sha (40),
tls-krb5-export-with-des-cbc-40-md5 (41),
tls-krb5-export-with-rc2-cbc-40-md5 (42),
tls-krb5-export-with-rc4-40-md5 (43),
tls-psk-with-null-sha (44),
tls-dhe-psk-with-null-sha (45),
tls-rsa-psk-with-null-sha (46),
tls-rsa-with-aes-128-cbc-sha (47),
tls-dh-dss-with-aes-128-cbc-sha (48),
tls-dh-rsa-with-aes-128-cbc-sha (49),
tls-dhe-dss-with-aes-128-cbc-sha (50),
tls-dhe-rsa-with-aes-128-cbc-sha (51),
tls-dh-anon-with-aes-128-cnc-sha (52),
tls-rsa-with-aes-256-cbc-sha (53),
tls-dh-dss-with-aes-256-cbc-sha (54),
tls-dh-rsa-with-aes-256-cbc-sha (55),
tls-dhe-dss-with-aes-256-cbc-sha (56),
tls-dhe-rsa-with-aes-256-cbc-sha (57),
tls-dh-anon-with-aes-256-cbc-sha (58),
-- numbers 59 to 64 are not allocated --
tls-rsa-with-camellia-128-cbc-sha (65),
tls-dh-dss-with-camellia-128-cbc-sha (66),
tls-dh-rsa-with-camellia-128-cbc-sha (67),
tls-dhe-dss-with-camellia-128-cbc-sha (68),
tls-dhe-rsa-with-camellia-128-cbc-sha (69),
tls-dh-anon-with-camellia-128-cbc-sha (70),
-- numbers 71 to 131 are reserved or used by some implementations --
tls-rsa-with-camellia-256-cbc-sha (132),
tls-dh-dss-with-camellia-256-cbc-sha (133),
tls-dh-rsa-with-camellia-256-cbc-sha (134),
tls-dhe-dss-with-camellia-256-cbc-sha (135),
tls-dhe-rsa-with-camellia-256-cbc-sha (136),
tls-dh-anon-with-camellia-256-cbc-sha (137),
tls-psk-with-rc4-128-sha (138),
tls-psk-with-3des-ede-cbc-sha (139),
tls-psk-with-aes-128-cbc-sha (140),
tls-psk-with-aes-256-cbc-sha (141),
tls-dhe-psk-with-rc4-128-sha (142),
tls-dhe-psk-with-3des-ede-cbc-sha (143),
tls-dhe-psk-with-aes-128-cbc-sha (144),
tls-dhe-psk-with-aes-256-cbc-sha (145),
tls-rsa-psk-with-rc4-128-sha (146),
tls-rsa-psk-with-3des-ede-cbc-sha (147),
tls-rsa-psk-with-aes-128-cbc-sha (148),
tls-rsa-psk-with-aes-256-cbc-sha (149),
tls-rsa-with-seed-cbc-sha (150),
tls-dh-dss-with-seed-cbc-sha (151),
tls-dh-rsa-with-seed-cbc-sha (152),
tls-dhe-dss-with-seed-cbc-sha (153),
tls-dhe-rsa-with-seed-cbc-sha (154),
tls-dh-anon-with-seed-cbc-sha (155),
-- unallocated numbers --
tls-ecdh-ecdsa-with-null-sha (49153),
tls-ecdh-ecdsa-with-rc4-128-sha (49154),
tls-ecdh-ecdsa-with-3des-ede-cbc-sha (49155),
tls-ecdh-ecdsa-with-aes-128-cbc-sha (49156),
tls-ecdh-ecdsa-with-aes-256-cbc-sha (49157),
tls-ecdhe-ecdsa-with-null-sha (49158),
tls-ecdhe-ecdsa-with-rc4-128-sha (49159),
tls-ecdhe-ecdsa-with-3des-ede-cbc-sha (49160),
tls-ecdhe-ecdsa-with-aes-128-cbc-sha (49161),
tls-ecdhe-ecdsa-with-aes-256-cbc-sha (49162),
tls-ecdh-rsa-with-null-sha (49163),
tls-ecdh-rsa-with-rc4-128-sha (49164),
tls-ecdh-rsa-with-3des-ede-cbc-sha (49165),
tls-ecdh-rsa-with-aes-128-cbc-sha (49166),
tls-ecdh-rsa-with-aes-256-cbc-sha (49167),
tls-ecdhe-rsa-with-null-sha (49168),
tls-ecdhe-rsa-with-rc4-128-sha (49169),
tls-ecdhe-rsa-with-3des-ede-cbc-sha (49170),
tls-ecdhe-rsa-with-aes-128-cbc-sha (49171),
tls-ecdhe-rsa-with-aes-256-cbc-sha (49172),
tls-ecdh-anon-with-null-sha (49173),
tls-ecdh-anon-with-rc4-128-sha (49174),
tls-ecdh-anon-with-3des-ede-cbc-sha (49175),
tls-ecdh-anon-with-aes-128-cbc-sha (49176),
tls-ecdh-anon-with-aes-256-cbc-sha (49177),
...
}
CompressionMethods ::= SEQUENCE(SIZE(1..255)) OF CompressionMethod
CompressionMethod ::= ENUMERATED {
null,
...
}
serverHello HANDSHAKE ::= {
ServerHello IDENTIFIED-BY server-hello
}
ServerHello ::= SEQUENCE {
server-version ProtocolVersion,
random ServerRandom,
session-id SessionID,
cipher-suite CipherSuite,
compression-method CompressionMethod,
...,
...,
server-hello-extension-list ExtensionValues
}
ServerRandom ::= SEQUENCE {
gmt-unix-time UINT32,
random-bytes Opaque(SIZE(57))
}
certificateList HANDSHAKE ::= {
CertificateList IDENTIFIED-BY certificate-list
}
CertificateList ::= SEQUENCE {
certificates Certificates
}
Certificates ::= SEQUENCE OF X509Certificate
X509Certificate ::= OCTET STRING(CONTAINING Certificate ENCODED BY der)
der OBJECT IDENTIFIER ::= {joint-iso-itu-t asn1(1) ber-derived(2) distinguished-encoding(1)}
serverKeyExchange HANDSHAKE ::= {
ServerKeyExchange IDENTIFIED-BY server-key-exchange
}
ServerKeyExchange ::= CHOICE {
rsa SEQUENCE {
params ServerRSAParams,
signed-params Signature
},
diffie-hellman SEQUENCE {
params ServerDHParams,
signed-params Signature
},
...
}
ServerDHParams ::= SEQUENCE {
dh-p INTEGER(1..65535),
dh-g INTEGER(1..65535),
dh-Ys INTEGER(1..65535)
}
ServerRSAParams ::= SEQUENCE {
rsa-modulus INTEGER(1..65535),
rsa-exponent INTEGER(1..65535)
}
Signature ::= CHOICE {
anonymous NULL,
rsa SEQUENCE {
md5-hash Opaque(SIZE(16)),
sha-hash Opaque(SIZE(20))
},
dsa SEQUENCE {
sha-hash Opaque(SIZE(20))
},
...
}
certificateRequest HANDSHAKE ::= {
CertificateRequest IDENTIFIED-BY certificate-request
}
CertificateRequest ::= SEQUENCE {
certificate-types ClientCertificateTypes,
certificate-authorities DistinguishedNames
}
ClientCertificateTypes ::= SEQUENCE OF ClientCertificateType
ClientCertificateType ::= ENUMERATED {
rsa-sign (1),
dss-sign (2),
rsa-fixed-dh (3),
dss-fixed-dn (4),
...
}
DistinguishedNames ::= SEQUENCE OF DistinguishedName
serverHelloDone HANDSHAKE ::= {
ServerHelloDone IDENTIFIED-BY server-hello-done
}
ServerHelloDone ::= NULL
clientKeyExchange HANDSHAKE ::= {
ClientKeyExchange IDENTIFIED-BY client-key-exchange
}
ClientKeyExchange ::= Opaque(SIZE(0..65535))
PreMasterSecret ::= SEQUENCE {
client-version ProtocolVersion,
random Opaque(SIZE(46))
}
EncryptedPreMasterSecret ::= ENCRYPTED{PreMasterSecret}
ClientDiffieHellmanPublic ::= CHOICE {
implicit NULL,
explicit Opaque(SIZE(1..65535))
}
ENCRYPTED{ToBeEnciphered} ::= OCTET STRING(SIZE(0..255))
(CONSTRAINED BY {ToBeEnciphered})
certificateVerify HANDSHAKE ::= {
CertificateVerify IDENTIFIED-BY certificate-verify
}
CertificateVerify ::= SEQUENCE {
signature Signature
}
finished HANDSHAKE ::= {
Finished IDENTIFIED-BY finished
}
Finished ::= SEQUENCE {
verify-data Opaque(SIZE(12))
}
XtsmTemplate ::= BiometricCertificate -- Import from TAI
SignedDatabyClient ::= CHOICE {
digital-signature [0] SignedData,
--import from X9.84-CMS
aCBioOnClient [1] SignedDataACBio
--import from ISO/IEC 24761
}
BDforLocalModel ::= SEQUENCE {
biometricClientProcess BiometricClientProcess,
digitalSignature SignedData,
aCforBioOnClient ACBioContentInformation OPTIONAL
-- see ISO/IEC 24761
}
BiometricClientProcess ::= SEQUENCE {
bFPSchema BSP-BFP-Schemas,
templateID TemplateID,
sampleQuality Quality,
score BioAPI-FMR
}
TemplateID ::= SEQUENCE {
certificateIssuer Name, -- see Rec. ITU-T X.509
serialNumber CertificateSerialNumber, -- see Rec. ITU-T X.509
templateInfo TemplateInfo
}
TemplateInfo ::= SEQUENCE {
biometricType BiometricType,
creator UTF8String,
createdBFPSchema BSP-BFP-Schema,
templateID CertificateIDInformation
-- such as CertificateSerialNumber (no value available)
}
CertificateIDInformation ::= CertificateSerialNumber
BDforDownloadModel ::= SEQUENCE {
biometricClientProcess BiometricClientProcess,
digitalSignature SignedData,
aCforBioOnClient ACBioContentInformation OPTIONAL
-- see ISO/IEC 24761
}
BDforAttachedModel ::= SEQUENCE {
templateData XtsmTemplate,
sampleData SampleData, -- BIR: BioAPI defined format --
digitalSignature SignedData,
aCforBioOnClient ACBioContentInformation OPTIONAL
-- see ISO/IEC 24761
}
BDforCenterModel ::= SEQUENCE {
sampleData SampleData, -- BIR: BioAPI defined format --
digitalSignature SignedData,
aCforBioOnClient ACBioContentInformation OPTIONAL
-- see ISO/IEC 24761
}
BDforRefOnTTPforLocalModel ::= SEQUENCE {
thirdPartyInfo UTF8String,
biometricClientProcess BiometricClientProcess,
aCforBioOnTTP ACBioContentInformation,
digitalSignaturebyClient SignedData,
aCforBioOnClient ACBioContentInformation OPTIONAL
-- see ISO/IEC 24761
}
BiometricTTPProcess ::= SEQUENCE {
templateData XtsmTemplate,
digitalSignature SignedData,
aCforBioOnClient ACBioContentInformation OPTIONAL
-- see ISO/IEC 24761
}
BDforRefOnTTPforCenterModel ::= SEQUENCE {
thirdPartyInfo UTF8String,
sampleData SampleData, -- BIR: BioAPI defined format --
digitalSignature SignedData,
aCforBioOnClient ACBioContentInformation OPTIONAL
-- see ISO/IEC 24761
}
TTPRequestRefOnTTPforCenterModel ::= SEQUENCE {
templateID TemplateID
}
TTPResponseRefOnTTPforCenterModel ::= SEQUENCE {
templateData XtsmTemplate,
digitalSignature SignedData,
aCforBioOnTTP ACBioContentInformation OPTIONAL
-- see ISO/IEC 24761
}
TTPRequestCObyClientModel ::= SEQUENCE {
templateData XtsmTemplate,
sampleData SampleData -- BIR: BioAPI defined format --
}
TTPResponseCObyClientModel ::= SEQUENCE {
bFPSchemaOnTTPProcess BSP-BFP-Schemas,
templateID TemplateID,
sampleQuality Quality,
score BioAPI-FMR,
digitalSignature SignedData,
aCforBioTTP ACBioContentInformation OPTIONAL
-- see ISO/IEC 24761
}
BDforCObyClientModel ::= SEQUENCE {
bFPSchemaforClientProcess BSP-BFP-Schemas,
thirdPartyInfo UTF8String,
bFPSchemaforTTPProcess BSP-BFP-Schemas,
templateID TemplateID,
sampleQuality Quality,
score BioAPI-FMR,
digitalSignaturebyClient SignedData,
digitalSignaturebyTTP SignedData,
aCforBioOnClient ACBioContentInformation OPTIONAL,
aCforBioOnTTP ACBioContentInformation OPTIONAL
-- see ISO/IEC 24761
}
BDforCObyServerModel ::= SEQUENCE {
sampleData SampleData, -- BIR: BioAPI defined format --
digitalSignature SignedData,
aCforBiometrics ACBioContentInformation OPTIONAL
-- see ISO/IEC 24761
}
TTPRequestCObyServerModel ::= SEQUENCE {
templateData XtsmTemplate,
sampleData SampleData -- BIR: BIoAPI defined format --
}
TTPResponsebyServer ::= SEQUENCE {
bFPSchema BSP-BFP-Schemas,
templateID TemplateID,
sampleQuality Quality,
score BioAPI-FMR,
digitalSignature SignedData,
aCforBioOnTTP ACBioContentInformation OPTIONAL
-- see ISO/IEC 24761
}
TTPRequestSCObyClientModel ::= SEQUENCE {
sampleData SampleData -- BIR: BioAPI defined format --
}
BDforSCObyCModel2 ::= SEQUENCE {
bFPSchemaForTTPProcess BSP-BFP-Schemas,
templateID TemplateID,
sampleQuality Quality,
score BioAPI-FMR,
digitalSignatureByTTP SignedData,
aCforBioOnTTP ACBioContentInformation OPTIONAL
-- see ISO/IEC 24761
}
BDforSCObyCModel3 ::= SEQUENCE {
bFPSchemaForClientProcess BSP-BFP-Schemas,
thirdPartyInfo UTF8String,
bFPSchemaForTTPProcess BSP-BFP-Schemas,
templateID TemplateID,
sampleQuality Quality,
score BioAPI-FMR,
digitalSignatureByClient SignedData,
digitalSignatureByTTP SignedData,
aCforBioOnClient ACBioContentInformation OPTIONAL,
aCforBioOnTTP ACBioContentInformation OPTIONAL
-- see ISO/IEC 24761
}
BDforSCObySModel ::= SEQUENCE {
sampleData SampleData, -- BIR: BioAPI defined format --
digitalSignatureByClient SignedData,
aCforBioOnClient ACBioContentInformation OPTIONAL
-- see ISO/IEC 24761
}
TTPRequestSCObyServerModel ::= SEQUENCE {
templateID TemplateID,
sampleData SampleData -- BIR: BioAPI defined format --
}
TTPResponseSCObyServer ::= SEQUENCE {
bFPSchemaforTTPProcess BSP-BFP-Schemas,
templateID TemplateID,
sampleQuality Quality,
score BioAPI-FMR,
digitalSignatureByTTP SignedData,
aCforBioOnTTP ACBioContentInformation OPTIONAL
-- see ISO/IEC 24761
}
END