[xcbf] Technical Change

["Phillip H. Griffin" <phil.griffin@asn-1.com>]

Due to a mix up in an IETF standard, the published NIST algorithm
objects for the SHA-2 algorithms were incorrectly specified to have
NULL parameters rather than have the parameters component of 
type AlgorithmIdentifier absent. When this error was made, the RFC
authors also decided that the NULL parameters long understood to
always be present were allowed to be absent. 

There was a comment made on the recently passed X9.84:2003 
revision to align that standard with the IETF work, and I have just
now made this change to the ASN.1 schema in that standard. So
that XCBF is consistent with X9.84:2003, we also need to make
this change, even though doing so will break some current XML 
encodings and tools. 

Here are the changes that need to be made:

The statement 

   SHA-Algorithms
ALGORITHM ::= {
      { OID id-sha1    PARMS NoIV }  |
       { OID id-sha256             }  |
       { OID id-sha384             }  |
       { OID id-sha512             },

       ...  -- Expect others --
    }
   
should be replaced by

SHA-Algorithms ALGORITHM
::= {

  
-- The parameters associated with id-sha1, id-sha256, id-sha384,  --
   -- and id-sha512 should be omitted, but if present, shall have    --
   -- a value of ASN.1 type NULL. This is to align with the original --
   -- NIST definitions. For these SHA algorithms, implementations    --
   -- shall accept AlgorithmIdentifier values with NULL parameters   --
   -- and with the optional parameters component not present.        --


   { OID id-sha1           PARMS NullParms }  |
   { OID id-sha256         PARMS NullParms }  |
   { OID id-sha384         PARMS NullParms }  |
   { OID id-sha512         PARMS NullParms },

   ...  -- Expect additional algorithms --
}

The statement

   NoIV ::=
NULL  -- No initialization vector

should be changed to

   NullParms ::= NULL

Phil