Internet Draft Editor: Paul Hoffman
draft-ietf-smime-examples-09.txt Internet Mail Consortium
November 1, 2002
Expires in six months
Examples of S/MIME Messages
Status of this memo
Internet-Drafts are working documents of the Internet Engineering Task
Force (IETF), its areas, and its working groups. Note that other
groups may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet- Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026.
Abstract
This document gives examples of message bodies formatted using S/MIME.
Specifically, it has examples of Cryptographic Message Syntax (CMS)
objects, S/MIME messages (including the MIME formatting), and Enhanced
Security Services for S/MIME (ESS). It includes examples of most or all
common CMS and ESS formats; in addition, it gives examples that show
common pitfalls in implementing CMS. The purpose of this document is to
help increase interoperability for S/MIME and other protocols that rely
on CMS.
1. Introduction
The examples in this document show the structure and format of CMS
message bodies, as described in [CMS]. They are useful to implementors
who use protocols that rely on CMS, such as the S/MIME message format
protocol. There are also examples of simple S/MIME messages [SMIME-MSG]
(including the MIME headers), and ESS messages [SMIME-ESS].
Every example in this document has been checked by two different
implementors. This strongly indicates (but does not assure) that the
examples are correct. All CMS implementors must read the CMS document
carefully before implementing from it. No one should use the examples
in this document as stand-alone explanations of how to create CMS
message bodies.
This document explicitly does not attempt to cover many PKIX [PKIX]
examples. Documents with examples of that format may be forthcoming.
Also, note that [DVCS], which covers PKIX Data Validation and
Certification Server Protocols, has examples of formats for its
protocol.
This draft is being discussed on the 'ietf-smime-examples' mailing list.
To join the list, send a message to ietf-smime-examples-request@imc.org
with the single word "subscribe" in the body of the message. Also,
there is a Web site for the mailing list at
. Note that S/MIME itself is
discussed in the IETF's S/MIME Working Group; see
for more information.
2. Contributions To This Document
The examples shown here will be created and validated by many different
people. In the example listings in Appendix B, there is a tag with the
initials of the creator of the example, and one or more tags for the
people who validated the example.
Some of the examples are of mis-implementations of CMS and ESS. That
is, if a developer reading the CMS or ESS specification created a
message body that was illegal, and another developer agreed that the
mis-reading was potentially a pitfall for later developers, that
message body is also included here. To make it clear which examples are
bad, they are all put into a single section of this document with
(hopefully) explicit headings.
To contribute an implementation of an unimplemented example listed in
this document, to verify that you got the same results as an example
listed here, or to suggest a new example that should be listed, please
contact the document author at the address listed near the end of the
document.
3. Constants Used in the Examples
This section defines the data used in the rest of the document. The names
of the constants indicate their use. For example, AlicePrivDSSSign is the
private part of Alice's DSS signing key.
- Alice is the creator of the message bodies in this spec.
- Bob is the recipient of the messages.
- Carl is a CA.
- Diane sometimes gets involved with these folks.
- Erica also sometimes gets involved.
3.1 Content of documents
ExContent is the following sentence:
This is some sample content.
That is, it is the string of characters starting with "T" up to and
including the ".".
The hex for ExContent is
5468 6973 2069 7320 736f 6d65 2073 616d 706c 6520 636f 6e74 656e 742e
The MD5 hash of ExContent is
9898 cac8 fab7 691f f89d c207 24e7 4a04
The SHA-1 hash of ExContent is
406a ec08 5279 ba6e 1602 2d9e 0629 c022 9687 dd48
3.2 Private Keys
The following private keys are needed to create the samples.
To find the public keys, see the certificates in the next section.
AlicePrivDSSSign =
0 30 331: SEQUENCE {
4 02 1: INTEGER 0
7 30 299: SEQUENCE {
11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
20 30 286: SEQUENCE {
24 02 129: INTEGER
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4
: 47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94
: E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
: 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A
: E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F
: 2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
: C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D
: B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B
: DB
156 02 21: INTEGER
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B
: 62 8B F7 93 CD
179 02 128: INTEGER
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C
: 76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD
: 9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
: 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D
: EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23
: 85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8
: 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2
: BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39
: }
: }
310 04 23: OCTET STRING, encapsulates {
312 02 21: INTEGER
: 00 BB 44 46 D1 A5 C9 46 07 2E D0 FE 7A D6 92 07
: F0 9A 85 89 3F
: }
: }
AlicePrivRSASign =
0 30 630: SEQUENCE {
4 02 1: INTEGER 0
7 30 13: SEQUENCE {
9 06 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
20 05 0: NULL
: }
22 04 608: OCTET STRING, encapsulates {
26 30 604: SEQUENCE {
30 02 1: INTEGER 0
33 02 129: INTEGER
: 00 E0 89 73 39 8D D8 F5 F5 E8 87 76 39 7F 4E B0
: 05 BB 53 83 DE 0F B7 AB DC 7D C7 75 29 0D 05 2E
: 6D 12 DF A6 86 26 D4 D2 6F AA 58 29 FC 97 EC FA
: 82 51 0F 30 80 BE B1 50 9E 46 44 F1 2C BB D8 32
: CF C6 68 6F 07 D9 B0 60 AC BE EE 34 09 6A 13 F5
: F7 05 05 93 DF 5E BA 35 56 D9 61 FF 19 7F C9 81
: E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 9F 2D FA 55
: 3A B9 99 77 02 A6 48 52 8C 4E F3 57 38 57 74 57
: 5F
165 02 3: INTEGER 65537
170 02 128: INTEGER
: 00 A4 03 C3 27 47 76 34 34 6C A6 86 B5 79 49 01
: 4B 2E 8A D2 C8 62 B2 C7 D7 48 09 6A 8B 91 F7 36
: F2 75 D6 E8 CD 15 90 60 27 31 47 35 64 4D 95 CD
: 67 63 CE B4 9F 56 AC 2F 37 6E 1C EE 0E BF 28 2D
: F4 39 90 6F 34 D8 6E 08 5B D5 65 6A D8 41 F3 13
: D7 2D 39 5E FE 33 CB FF 29 E4 03 0B 3D 05 A2 8F
: B7 F1 8E A2 76 37 B0 79 57 D3 2F 2B DE 87 06 22
: 7D 04 66 5E C9 1B AF 8B 1A C3 EC 91 44 AB 7F 21
301 02 65: INTEGER
: 00 F6 D6 E0 22 21 4C 5F 0A 70 FF 27 FC E5 B3 50
: 6A 9D E5 0F B5 85 96 C6 40 FA A8 0A B4 9B 9B 0C
: 55 C2 01 1D F9 37 82 8A 14 C8 F2 93 0E 92 CD A5
: 66 21 B9 3C D2 06 BF B4 55 31 C9 DC AD CA 98 2D
: D1
368 02 65: INTEGER
: 00 E8 DE B0 11 25 09 D2 02 51 01 DE 8A E8 98 50
: F5 77 77 61 A4 45 93 6B 08 55 96 73 5D F4 C8 5B
: 12 93 22 73 8B 7F D3 70 7F F5 A4 AA BB 74 FD 3C
: 22 6A DA 38 91 2A 86 5B 6C 14 E8 AE 4C 9E FA 8E
: 2F
435 02 65: INTEGER
: 00 97 4C F0 87 9B 17 7F EE 1B 83 1B 14 B6 0B 6A
: 90 5F 86 27 51 E1 B7 A0 7F F5 E4 88 E3 59 B9 F9
: 1E 9B D3 29 77 38 22 48 D7 22 B1 25 98 BA 3D 59
: 53 B7 FA 1E 20 B2 C8 51 16 23 75 93 51 E7 AB CD
: F1
502 02 64: INTEGER
: 2C F0 24 5B FA A0 CD 85 22 EA D0 6E 4F FA 6C CD
: 21 D3 C8 E4 F1 84 44 48 64 73 D7 29 8F 7E 46 8C
: EC 15 DE E4 51 B3 94 E7 2C 99 2D 55 65 7B 24 EA
: A3 62 1F 3E 6C 4D 67 41 11 3B E1 BE E9 83 02 83
568 02 64: INTEGER
: 58 88 D9 A1 50 38 84 6A AB 03 BC BB DF 4B F4 9C
: 6F B8 B4 2A 25 FB F6 E4 05 2F 6E E2 88 89 21 6F
: 4B 25 9E D0 AB 50 93 CA BF 40 71 EC 21 25 C5 7F
: FB 02 E9 21 96 B8 33 CD E2 C6 95 EE 6F 8D 5F 28
: }
: }
: }
BobPrivDHEncrypt =
0 30 355: SEQUENCE {
4 02 1: INTEGER 0
7 30 312: SEQUENCE {
11 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
: (ANSI X9.42 number-type)
20 30 299: SEQUENCE {
24 02 129: INTEGER
: 00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB 23 4D DF 2B
: 25 C1 68 D2 9E A9 45 5B 36 F1 94 89 1A AF 7D 11
: 24 9D 3D B9 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB
: AA CC 9E 28 05 95 A0 B3 17 76 C1 F7 25 35 61 02
: 41 92 27 0C 5E AE 48 E5 F3 6E 38 EF 91 D1 CF 37
: FE 9A 40 97 C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA
: 74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8 7E BC 3A AA
: 43 0A 81 64 FC 63 F0 7B 71 98 FA C0 38 79 10 1A
: 33
156 02 129: INTEGER
: 00 BA 0B D7 74 3D E7 34 E5 4C 13 A7 95 96 BB F1
: E4 61 37 08 FB 12 C7 FB 9C 91 77 06 99 35 F0 48
: 24 96 33 12 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
: 5E 95 86 A2 73 C5 49 46 37 79 60 FD 77 05 09 48
: 9B 70 8D 3C 05 F6 CE 44 2C 7F 7D 1B 2B 15 DD F3
: 05 2F BE 85 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
: 42 62 34 27 27 81 8E 6F 0F 5E 62 85 89 CC ED 21
: C3 91 70 06 54 EE 70 A8 92 55 5B 6E 19 22 4D 62
: A7
288 02 33: INTEGER
: 00 C3 AB 4A 30 79 B3 D3 97 4E CA F5 A2 7D C7 70
: A3 45 F3 B3 A2 86 05 D2 3E 49 F9 9F D9 0A B3 BE
: BD
: }
: }
323 04 34: OCTET STRING, encapsulates {
325 02 32: INTEGER
: 20 FC 67 82 EE CF 4A A6 C8 E5 83 D2 8C 3B 8A D2
: 45 32 11 27 32 6C 86 EC 66 CA 71 AD F0 19 4D F7
: }
: }
BobPrivRSAEncrypt =
0 30 645: SEQUENCE {
4 02 1: INTEGER 0
7 30 13: SEQUENCE {
9 06 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
20 05 0: NULL
: }
22 04 608: OCTET STRING, encapsulates {
26 30 604: SEQUENCE {
30 02 1: INTEGER 0
33 02 129: INTEGER
: 00 A9 E1 67 98 3F 39 D5 5F F2 A0 93 41 5E A6 79
: 89 85 C8 35 5D 9A 91 5B FB 1D 01 DA 19 70 26 17
: 0F BD A5 22 D0 35 85 6D 7A 98 66 14 41 5C CF B7
: B7 08 3B 09 C9 91 B8 19 69 37 6D F9 65 1E 7B D9
: A9 33 24 A3 7F 3B BB AF 46 01 86 36 34 32 CB 07
: 03 59 52 FC 85 8B 31 04 B8 CC 18 08 14 48 E6 4F
: 1C FB 5D 60 C4 E0 5C 1F 53 D3 7F 53 D8 69 01 F1
: 05 F8 7A 70 D1 BE 83 C6 5F 38 CF 1C 2C AA 6A A7
: EB
165 02 3: INTEGER 65537
170 02 128: INTEGER
: 67 CD 48 4C 9A 0D 8F 98 C2 1B 65 FF 22 83 9C 6D
: F0 A6 06 1D BC ED A7 03 88 94 F2 1C 6B 0F 8B 35
: DE 0E 82 78 30 CB E7 BA 6A 56 AD 77 C6 EB 51 79
: 70 79 0A A0 F4 FE 45 E0 A9 B2 F4 19 DA 87 98 D6
: 30 84 74 E4 FC 59 6C C1 C6 77 DC A9 91 D0 7C 30
: A0 A2 C5 08 5E 21 71 43 FC 0D 07 3D F0 FA 6D 14
: 9E 4E 63 F0 17 58 79 1C 4B 98 1C 3D 3D B0 1B DF
: FA 25 3B A3 C0 2C 98 05 F6 10 09 D8 87 DB 03 19
301 02 65: INTEGER
: 00 D0 C3 22 C6 DE A2 99 18 76 8F 8D BC A6 75 D6
: 66 3F D4 8D 45 52 8C 76 F5 72 C4 EB F0 46 9A F1
: 3E 5C AA 55 0B 9B DA DD 6B 6D F8 FC 3B 3C 08 43
: 93 B5 5B FE CE EA FD 68 84 23 62 AF F3 31 C2 B9
: E5
368 02 65: INTEGER
: 00 D0 51 FC 1E 22 B7 5B ED B5 8E 01 C8 D7 AB F2
: 58 D4 F7 82 94 F3 53 A8 19 45 CB 66 CA 28 19 5F
: E2 10 2B F3 8F EC 6A 30 74 F8 4D 11 F4 A7 C4 20
: B5 47 21 DC 49 01 F9 0A 20 29 F0 24 08 84 60 7D
: 8F
435 02 64: INTEGER
: 34 BA 64 C9 48 28 57 74 D7 55 50 DE 6A 48 EF 1B
: 2A 5A 1C 48 7B 1E 21 59 C3 60 3B 9B 97 A9 C0 EF
: 18 66 A9 4E 62 52 38 84 CE E5 09 88 48 94 69 C5
: 20 14 99 5A 57 FE 23 6C E4 A7 23 7B D0 80 B7 85
501 02 65: INTEGER
: 00 9E 2F B3 37 9A FB 0B 06 5D 57 E1 09 06 A4 5D
: D9 90 96 06 05 5F 24 06 40 72 9C 3A 88 85 9C 87
: 0F 9D 62 12 88 16 68 A8 35 1A 1B 43 E8 38 C0 98
: 69 AF 03 0A 48 32 04 4E E9 0F 8F 77 7D 34 30 25
: 07
568 02 64: INTEGER
: 57 18 67 D6 0A D2 B5 AB C2 BA 7A E7 54 DA 9C 05
: 4F 81 D4 EF 01 89 1E 32 3D 69 CB 31 C4 52 C8 54
: 55 25 00 3B 1C 2A 7C 26 50 D5 E9 A6 D7 77 CB CF
: 15 F5 EE 0B D5 8D EE B3 AF 4C A1 7C 63 46 41 F6
: }
: }
634 A0 13: [0] {
636 30 11: SEQUENCE {
638 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
643 31 4: SET {
645 03 2: BIT STRING 0 unused bits
: '00001000'B (bit 3)
: Error: Spurious zero bits in bitstring.
: }
: }
: }
: }
CarlPrivDSSSign =
0 30 330: SEQUENCE {
4 02 1: INTEGER 0
7 30 299: SEQUENCE {
11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
20 30 286: SEQUENCE {
24 02 129: INTEGER
: 00 B6 49 18 3E 8A 44 C1 29 71 94 4C 01 C4 12 C1
: 7A 79 CB 54 4D AB 1E 81 FB C6 4C B3 0E 94 09 06
: EB 01 D4 B1 C8 71 4B C7 45 C0 50 25 5D 9C FC DA
: E4 6D D3 E2 86 48 84 82 7D BA 15 95 4A 16 F6 46
: ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16 7B B9 50 01
: 48 93 8B EB 25 15 51 97 55 DC 8F 53 0E 10 A9 50
: FC 70 B7 CD 30 54 FD DA DE A8 AA 22 B5 A1 AF 8B
: CC 02 88 E7 8B 70 5F B9 AD E1 08 D4 6D 29 2D D6
: E9
156 02 21: INTEGER
: 00 DD C1 2F DF 53 CE 0B 34 60 77 3E 02 A4 BF 8A
: 5D 98 B9 10 D5
179 02 128: INTEGER
: 0C EE 57 9B 4B BD DA B6 07 6A 74 37 4F 55 7F 9D
: ED BC 61 0D EB 46 59 3C 56 0B 2B 5B 0C 91 CE A5
: 62 52 69 CA E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
: AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 87 0B C7 CD
: F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D 5A 51 F5 4F
: 44 79 35 5A 73 AA 7F 46 51 1F A9 42 16 9C 48 EB
: 8A 79 61 B4 D5 2F 53 22 44 63 1F 86 B8 A3 58 06
: 25 F8 29 C0 EF BA E0 75 F0 42 C4 63 65 52 9B 0A
: }
: }
310 04 22: OCTET STRING, encapsulates {
312 02 20: INTEGER
: 19 B3 38 A5 21 62 31 50 E5 7F B9 3E 08 46 78 D1
: 3E B5 E5 72
: }
: }
CarlPrivRSASign =
0 30 630: SEQUENCE {
4 02 1: INTEGER 0
7 30 13: SEQUENCE {
9 06 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
20 05 0: NULL
: }
22 04 608: OCTET STRING, encapsulates {
26 30 604: SEQUENCE {
30 02 1: INTEGER 0
33 02 129: INTEGER
: 00 E4 4B FF 18 B8 24 57 F4 77 FF 6E 73 7B 93 71
: 5C BC 33 1A 92 92 72 23 D8 41 46 D0 CD 11 3A 04
: B3 8E AF 82 9D BD 51 1E 17 7A F2 76 2C 2B 86 39
: A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC A2 36 B1 ED
: E2 50 E2 32 09 8A 3F 9F 99 25 8F B8 4E AB B9 7D
: D5 96 65 DA 16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7
: 29 CB 82 DD AC 44 E9 AA 93 94 29 0E F8 18 D6 C8
: 57 5E F2 76 C4 F2 11 60 38 B9 1B 3C 1D 97 C9 6A
: F1
165 02 3: INTEGER 65537
170 02 129: INTEGER
: 00 AE 73 E4 5B 5F 5B 66 5A C9 D7 C6 EF 38 5F 53
: 21 2A 2F 62 FE DE 29 9A 7A 86 67 36 E7 7D 62 78
: 75 3D 73 A0 BC 29 0E F3 8F BD C3 C9 C9 B6 F8 BA
: D6 13 9B C3 97 7A CA 6A F0 B8 85 65 4E 0F BD A7
: A8 F7 54 06 41 BD EB DC 20 77 90 DF 61 9B 9A 6F
: 74 DE EA 3B D4 9C 87 60 ED 76 84 F1 6A 30 37 D5
: E0 90 16 F8 80 47 C3 19 6B ED 75 77 BA 4A ED 39
: B6 5D 02 47 3B 5F 1B C8 1C AB CB E8 F5 26 3F A4
: 81
302 02 65: INTEGER
: 00 FF DF 09 A0 56 0B 42 52 9E C4 4D 93 B3 B0 49
: BB DE E7 81 7D 28 99 D0 B1 48 BA 0B 39 E1 1C 7B
: 22 18 33 B6 40 F6 BF DC AE 1D D0 A1 AD 04 71 5A
: 61 0A 6E 3B CE 30 DA 36 9F 65 25 29 BB A7 0E 7F
: 0B
369 02 65: INTEGER
: 00 E4 69 68 18 5F F9 57 D0 7C 66 89 0F BA 63 1D
: 72 CB 20 A4 81 76 64 89 CD 7D D1 C2 27 A9 2E AC
: 7A 56 9A 85 07 D9 30 03 A3 03 AB 7F 88 92 50 24
: 01 AA 1B 07 1F 20 4C B7 C9 7B 56 F7 B6 C2 7E AB
: 73
436 02 64: INTEGER
: 57 36 6C 8F 8C 04 76 6C B6 D4 EE 24 44 00 F8 80
: E2 AF 42 01 A9 0F 14 84 F8 E7 00 E0 8F 8C 27 A4
: 2D 5F A2 E5 6D B5 63 C0 AD 44 E9 76 91 A7 19 49
: 2E 46 F8 77 85 4B 3B 87 04 F0 AF D2 D8 54 26 95
502 02 64: INTEGER
: 64 A1 0F AC 55 74 1B BD 0D 61 7B 17 03 CD B0 E6
: A7 19 1D 80 AF F1 41 48 D8 1A B6 88 14 A0 2C 7A
: C5 76 D4 0F 0E 1F 7A 2A B2 6E 37 04 AB 39 45 73
: BA 46 A8 0F 8D 82 5F 22 14 05 CF A2 A3 F3 7C 83
568 02 64: INTEGER
: 26 1E 1D 1C A1 98 2B E4 DB 38 E8 57 6E 6B 73 19
: 88 61 3A FA 74 4A 36 8B 47 68 5D 50 EB 26 E3 EA
: 7D 9B 4E 65 A9 AF 7B AB 4B 2E 76 51 3D A8 D0 11
: AB A3 D6 A8 C0 27 36 1D 54 0B AA A7 D1 6D 8D FA
: }
: }
: }
DianePrivDHEncrypt =
0 30 354: SEQUENCE {
4 02 1: INTEGER 0
7 30 311: SEQUENCE {
11 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
: (ANSI X9.42 number-type)
20 30 298: SEQUENCE {
24 02 129: INTEGER
: 00 CA 6E 91 C2 B0 BD A8 58 F2 31 21 74 BB 1F E4
: 10 BD D0 93 A2 7E 61 E1 3D BA 23 04 16 D0 66 39
: BD 3B CD 05 74 48 F1 03 70 95 F4 05 63 6D 2E BF
: 9A B7 FF 97 FF 39 BB 63 DB 4D A4 71 D8 94 9A B4
: F2 8A 3D 9F B7 5D 8D CA E2 AF B5 0F CF 05 65 82
: 68 6E 43 D2 F4 04 5F 03 8B F9 50 F5 C8 6C 05 26
: BC BF 36 0F 5C C3 51 6A 67 E8 75 32 66 78 91 63
: E8 FE 34 E7 19 B6 70 6C 78 38 36 82 D2 34 36 C2
: DF
156 02 128: INTEGER
: 6E D6 76 36 4B E4 59 07 57 5F 18 9A 10 D2 31 5C
: A6 10 B0 26 96 42 4D 7C A3 A1 D3 9E A5 80 B2 1F
: 37 11 49 7C 8A 99 D8 56 3F 93 51 ED 6E 54 FB 6E
: DB B2 FC 34 C0 E7 CA 1E 58 2B D5 3D 3B DC AE 71
: 21 D9 3B 56 B8 A7 F6 4D 22 52 5F 41 BA D5 1E 82
: 69 6C DD 70 71 CC 6C 3B EF 84 A9 71 8B A9 3B 2A
: 09 F8 BD FD CB 51 BC 2E 2E CA 3E 30 8C FA 54 9E
: 7D 0D 03 E2 DF 63 62 6D F3 50 82 27 DC D1 99 F7
287 02 33: INTEGER
: 00 AA 05 65 FB DD 4E A8 02 F1 34 39 E7 A3 FC 7D
: 46 10 B8 5D F0 2E F2 C5 D1 5E A2 74 4C DA 0F 4E
: 1F
: }
: }
322 04 34: OCTET STRING, encapsulates {
324 02 32: INTEGER
: 58 2E 89 AB 57 34 7D 3C F5 9A 75 CB 7D 99 8A 19
: 2F 3C 7A A6 85 C9 2F 1B 5A 47 03 E3 82 16 E4 9B
: }
: }
DianePrivDSSSign =
0 30 331: SEQUENCE {
4 02 1: INTEGER 0
7 30 299: SEQUENCE {
11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
20 30 286: SEQUENCE {
24 02 129: INTEGER
: 00 B6 49 18 3E 8A 44 C1 29 71 94 4C 01 C4 12 C1
: 7A 79 CB 54 4D AB 1E 81 FB C6 4C B3 0E 94 09 06
: EB 01 D4 B1 C8 71 4B C7 45 C0 50 25 5D 9C FC DA
: E4 6D D3 E2 86 48 84 82 7D BA 15 95 4A 16 F6 46
: ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16 7B B9 50 01
: 48 93 8B EB 25 15 51 97 55 DC 8F 53 0E 10 A9 50
: FC 70 B7 CD 30 54 FD DA DE A8 AA 22 B5 A1 AF 8B
: CC 02 88 E7 8B 70 5F B9 AD E1 08 D4 6D 29 2D D6
: E9
156 02 21: INTEGER
: 00 DD C1 2F DF 53 CE 0B 34 60 77 3E 02 A4 BF 8A
: 5D 98 B9 10 D5
179 02 128: INTEGER
: 0C EE 57 9B 4B BD DA B6 07 6A 74 37 4F 55 7F 9D
: ED BC 61 0D EB 46 59 3C 56 0B 2B 5B 0C 91 CE A5
: 62 52 69 CA E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
: AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 87 0B C7 CD
: F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D 5A 51 F5 4F
: 44 79 35 5A 73 AA 7F 46 51 1F A9 42 16 9C 48 EB
: 8A 79 61 B4 D5 2F 53 22 44 63 1F 86 B8 A3 58 06
: 25 F8 29 C0 EF BA E0 75 F0 42 C4 63 65 52 9B 0A
: }
: }
310 04 23: OCTET STRING, encapsulates {
312 02 21: INTEGER
: 00 96 95 F9 E0 C1 E0 41 2D 32 0F 8B 42 52 93 2A
: E6 1E 0E 21 29
: }
: }
DianePrivRSASignEncrypt =
0 30 631: SEQUENCE {
4 02 1: INTEGER 0
7 30 13: SEQUENCE {
9 06 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
20 05 0: NULL
: }
22 04 609: OCTET STRING, encapsulates {
26 30 605: SEQUENCE {
30 02 1: INTEGER 0
33 02 129: INTEGER
: 00 D6 FD B8 C0 70 C6 4C 25 EC EA CF EA 7C BB A2
: 62 FA F0 E6 32 3A 53 FF B1 92 5A 17 F4 20 E1 99
: 24 82 0A D0 F6 7C FB 44 CA 8B 27 06 F1 7E 26 03
: A9 76 9D CF EC A0 2C 70 96 F2 83 42 F6 D4 B7 28
: 0A BB F8 BF 4A 4C 19 3F 07 DB A0 C1 60 1E B7 7E
: 67 F7 DE B1 C3 60 49 AC 45 D7 F8 C6 EF 08 37 21
: 93 47 EE F0 73 35 72 B0 02 C4 F3 11 C3 5E 47 E5
: 0A B7 83 F1 DB 74 69 64 8B 44 1D 95 5D CD 28 C0
: 85
165 02 3: INTEGER 65537
170 02 128: INTEGER
: 3D BD CD C2 0E 61 14 5B 4B E7 BF 60 23 04 2B C5
: 6B 35 A5 96 45 23 FC 69 7D 93 3C 0F D3 25 96 BA
: 62 52 42 E2 96 CF FE 58 80 8F EB B1 8C BD D4 0D
: 65 D0 3A 77 45 24 9E 0C EB 86 80 C3 AC 21 11 71
: 44 E3 B2 A8 A9 2E AC 17 D2 A3 84 25 63 B5 BC 2F
: 1E DD F6 21 FF 15 20 24 5B F1 80 2F D5 41 0E 32
: 24 F7 D4 4A 32 9E B9 49 D8 19 8E 3F 39 8D 62 BD
: 80 FC 0C 24 92 93 E4 C3 D7 05 91 53 BB 96 B6 41
301 02 65: INTEGER
: 00 F3 B8 3F 4A D1 94 B0 91 60 13 41 92 0D 8D 44
: 3F 77 1D FF 96 23 44 08 D4 0B 70 C9 1A AF E9 90
: 94 F2 B0 D5 5F 4F 19 85 50 A1 90 91 AE BD 05 76
: 52 B3 22 D8 A8 7C 8E 54 7F 00 72 4F 36 75 68 73
: B5
368 02 65: INTEGER
: 00 E1 D2 E7 11 57 06 AE 72 95 22 16 AA 02 B4 5A
: ED 4E 9D 82 11 4F 96 3C 86 C9 10 8D 56 7B 31 75
: 79 69 E7 75 68 38 00 4B 2E D2 26 32 DD B1 E2 E0
: 2C 54 80 0A 75 BA D1 66 96 1B B0 0E A0 7E D2 BB
: 91
435 02 65: INTEGER
: 00 AF B6 BC DB 22 73 43 41 EC B4 B5 67 A9 A1 99
: FC EF D2 8E FD 1D FB E5 29 8B FE 0A DF D4 C8 5E
: 57 25 0A 5D 2B D4 09 A0 56 5B C5 B1 62 FC 20 BE
: 08 2D E3 07 B5 A1 E7 B3 FF C4 C0 A5 5F AC 12 5C
: A9
502 02 65: INTEGER
: 00 B9 98 41 FC 08 50 1F 73 60 8A 01 A2 7C 52 8A
: 20 5A EA 2C 89 D9 A5 19 DD 94 C6 1B C3 25 C0 82
: 51 E4 EE 2B 9A 19 DC 73 ED E9 1D 27 D4 F8 6C 03
: DD AB 1D 08 7B B5 AC 7F E9 82 9B F1 89 8A 71 DB
: 61
569 02 64: INTEGER
: 01 07 21 97 5F 7A 60 A8 FD 5A 5C 07 DF A8 DE F7
: E2 B1 34 7D FC EB 91 BD B0 73 74 C8 C4 BE 3F 58
: 45 30 06 90 B3 AC 69 CC B3 F7 3F 7C AC C7 B8 1B
: 65 A1 16 39 39 B0 E3 74 7D CF CD C5 AC 6C BF E5
: }
: }
: }
EricaPrivDHEncryptBobParam =
0 30 355: SEQUENCE {
4 02 1: INTEGER 0
7 30 312: SEQUENCE {
11 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
: (ANSI X9.42 number-type)
20 30 299: SEQUENCE {
24 02 129: INTEGER
: 00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB 23 4D DF 2B
: 25 C1 68 D2 9E A9 45 5B 36 F1 94 89 1A AF 7D 11
: 24 9D 3D B9 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB
: AA CC 9E 28 05 95 A0 B3 17 76 C1 F7 25 35 61 02
: 41 92 27 0C 5E AE 48 E5 F3 6E 38 EF 91 D1 CF 37
: FE 9A 40 97 C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA
: 74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8 7E BC 3A AA
: 43 0A 81 64 FC 63 F0 7B 71 98 FA C0 38 79 10 1A
: 33
156 02 129: INTEGER
: 00 BA 0B D7 74 3D E7 34 E5 4C 13 A7 95 96 BB F1
: E4 61 37 08 FB 12 C7 FB 9C 91 77 06 99 35 F0 48
: 24 96 33 12 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
: 5E 95 86 A2 73 C5 49 46 37 79 60 FD 77 05 09 48
: 9B 70 8D 3C 05 F6 CE 44 2C 7F 7D 1B 2B 15 DD F3
: 05 2F BE 85 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
: 42 62 34 27 27 81 8E 6F 0F 5E 62 85 89 CC ED 21
: C3 91 70 06 54 EE 70 A8 92 55 5B 6E 19 22 4D 62
: A7
288 02 33: INTEGER
: 00 C3 AB 4A 30 79 B3 D3 97 4E CA F5 A2 7D C7 70
: A3 45 F3 B3 A2 86 05 D2 3E 49 F9 9F D9 0A B3 BE
: BD
: }
: }
323 04 34: OCTET STRING, encapsulates {
325 02 32: INTEGER
: 48 64 11 E4 17 01 12 E6 C1 D3 9C 70 7D 7C A6 97
: 95 BD C8 95 07 F7 CF 41 11 A7 13 91 FB 30 3D 8C
: }
: }
MailListTripleDES =
255e 0d1c 07b6 46df b313 4cc8 43ba 8aa7 1f02 5b7c 0838 251f
MailListRC2 =
b70a 25fb c9d8 6a86 050c e0d7 11ea d4d9
3.3 Certificates
Note that Bob's and Diane's Diffie-Hellman encryption keys do *not*
share Diffie-Hellman parameters; however, Bob and Erica share Diffie-
Hellman parameters.
AliceDSSSignByCarlNoInherit =
0 30 734: SEQUENCE {
4 30 669: SEQUENCE {
8 A0 3: [0] {
10 02 1: INTEGER 2
: }
13 02 2: INTEGER 200
17 30 9: SEQUENCE {
19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
28 30 18: SEQUENCE {
30 31 16: SET {
32 30 14: SEQUENCE {
34 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
39 13 7: PrintableString 'CarlDSS'
: }
: }
: }
48 30 30: SEQUENCE {
50 17 13: UTCTime '990817011049Z'
65 17 13: UTCTime '391231235959Z'
: }
80 30 19: SEQUENCE {
82 31 17: SET {
84 30 15: SEQUENCE {
86 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
91 13 8: PrintableString 'AliceDSS'
: }
: }
: }
101 30 438: SEQUENCE {
105 30 299: SEQUENCE {
109 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
118 30 286: SEQUENCE {
122 02 129: INTEGER
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4
: 47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94
: E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
: 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A
: E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F
: 2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
: C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D
: B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B
: DB
254 02 21: INTEGER
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B
: 62 8B F7 93 CD
277 02 128: INTEGER
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C
: 76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD
: 9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
: 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D
: EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23
: 85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8
: 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2
: BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39
: }
: }
408 03 132: BIT STRING 0 unused bits, encapsulates {
412 02 128: INTEGER
: 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 3F A9 EC AC
: 5E DC BD B7 13 11 34 A6 16 89 28 11 23 D9 34 86
: 67 75 75 13 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
: 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 A5 A0 4A E3
: 85 D6 CE 06 80 3F E8 23 7E 1A F2 24 AB 53 1A B8
: 27 0D 1E EF 08 BF 66 14 80 5C 62 AC 65 FA 15 8B
: F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 32 84 F0 7E
: 41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2 83 E5 B8
: }
: }
543 A3 131: [3] {
546 30 128: SEQUENCE {
549 30 32: SEQUENCE {
551 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
556 04 25: OCTET STRING, encapsulates {
558 30 23: SEQUENCE {
560 81 21: [1] 'aliceDss@examples.com'
: }
: }
: }
583 30 12: SEQUENCE {
585 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
590 01 1: BOOLEAN TRUE
593 04 2: OCTET STRING, encapsulates {
595 30 0: SEQUENCE {}
: }
: }
597 30 14: SEQUENCE {
599 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
604 01 1: BOOLEAN TRUE
607 04 4: OCTET STRING, encapsulates {
609 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
613 30 31: SEQUENCE {
615 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
620 04 24: OCTET STRING, encapsulates {
622 30 22: SEQUENCE {
624 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
: 2B 93 F1 1F
: }
: }
: }
646 30 29: SEQUENCE {
648 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
653 04 22: OCTET STRING
: 04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01
: E2 FD E3 97 FE CD
: }
: }
: }
: }
677 30 9: SEQUENCE {
679 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
688 03 48: BIT STRING 0 unused bits, encapsulates {
691 30 45: SEQUENCE {
693 02 21: INTEGER
: 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A 8F C0 F8 24
: 05 E8 46 94 8E
716 02 20: INTEGER
: 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9 A1 87 C1 A5
: 7F 28 2D BB
: }
: }
: }
AliceRSASignByCarl =
0 30 522: SEQUENCE {
4 30 371: SEQUENCE {
8 A0 3: [0] {
10 02 1: INTEGER 2
: }
13 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
31 30 13: SEQUENCE {
33 06 9: OBJECT IDENTIFIER
: sha1withRSAEncryption (1 2 840 113549 1 1 5)
: (PKCS #1)
44 05 0: NULL
: }
46 30 18: SEQUENCE {
48 31 16: SET {
50 30 14: SEQUENCE {
52 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
57 13 7: PrintableString 'CarlRSA'
: }
: }
: }
66 30 30: SEQUENCE {
68 17 13: UTCTime '990819070000Z'
83 17 13: UTCTime '391231235959Z'
: }
98 30 19: SEQUENCE {
100 31 17: SET {
102 30 15: SEQUENCE {
104 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
109 13 8: PrintableString 'AliceRSA'
: }
: }
: }
119 30 159: SEQUENCE {
122 30 13: SEQUENCE {
124 06 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
135 05 0: NULL
: }
137 03 141: BIT STRING 0 unused bits, encapsulates {
141 30 137: SEQUENCE {
144 02 129: INTEGER
: 00 E0 89 73 39 8D D8 F5 F5 E8 87 76 39 7F 4E B0
: 05 BB 53 83 DE 0F B7 AB DC 7D C7 75 29 0D 05 2E
: 6D 12 DF A6 86 26 D4 D2 6F AA 58 29 FC 97 EC FA
: 82 51 0F 30 80 BE B1 50 9E 46 44 F1 2C BB D8 32
: CF C6 68 6F 07 D9 B0 60 AC BE EE 34 09 6A 13 F5
: F7 05 05 93 DF 5E BA 35 56 D9 61 FF 19 7F C9 81
: E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 9F 2D FA 55
: 3A B9 99 77 02 A6 48 52 8C 4E F3 57 38 57 74 57
: 5F
276 02 3: INTEGER 65537
: }
: }
: }
281 A3 96: [3] {
283 30 94: SEQUENCE {
285 30 12: SEQUENCE {
287 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
292 01 1: BOOLEAN TRUE
295 04 2: OCTET STRING, encapsulates {
297 30 0: SEQUENCE {}
: }
: }
299 30 14: SEQUENCE {
301 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
306 01 1: BOOLEAN TRUE
309 04 4: OCTET STRING, encapsulates {
311 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
315 30 31: SEQUENCE {
317 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
322 04 24: OCTET STRING, encapsulates {
324 30 22: SEQUENCE {
326 80 20: [0]
: E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
42 37 4E 22
: AE 9E 38 BB
: }
: }
: }
348 30 29: SEQUENCE {
350 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
355 04 22: OCTET STRING
: 04 14 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D CE EC
: 3C A0 3A E3 FF 50
: }
: }
: }
: }
379 30 13: SEQUENCE {
381 06 9: OBJECT IDENTIFIER
: sha1withRSAEncryption (1 2 840 113549 1 1 5)
: (PKCS #1)
392 05 0: NULL
: }
394 03 129: BIT STRING 0 unused bits
: 52 FF B3 8B 54 1E 08 BF F3 6D 0C 12 08 7D 8E CB
: 6E 59 EC 56 93 A6 4A 22 40 5F 8B 14 79 7E 83 4F
: F5 3F DE 21 97 16 58 70 76 32 B2 20 51 A3 1A 1F
: 97 48 80 5C 83 B0 B8 93 0B 03 44 AE BF BE A4 8C
: 06 C6 45 E2 81 08 D5 89 58 0C 28 1B 2D A5 8B 1C
: 4A E3 D7 44 34 D4 CB 53 FC BA A9 8B AA B6 E9 B0
: C3 AB 74 F1 2A F1 B0 C6 38 EA 87 02 1E 10 BB 99
: C4 BE 36 C0 08 BA 13 65 37 3E 36 F3 31 42 73 18
: }
BobDHEncryptByCarl =
0 30 866: SEQUENCE {
4 30 801: SEQUENCE {
8 A0 3: [0] {
10 02 1: INTEGER 2
: }
13 02 2: INTEGER 201
17 30 9: SEQUENCE {
19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
28 30 18: SEQUENCE {
30 31 16: SET {
32 30 14: SEQUENCE {
34 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
39 13 7: PrintableString 'CarlDSS'
: }
: }
: }
48 30 30: SEQUENCE {
50 17 13: UTCTime '990817011828Z'
65 17 13: UTCTime '391231235959Z'
: }
80 30 16: SEQUENCE {
82 31 14: SET {
84 30 12: SEQUENCE {
86 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
91 13 5: PrintableString 'bobDH'
: }
: }
: }
98 30 578: SEQUENCE {
102 30 439: SEQUENCE {
106 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
: (ANSI X9.42 number-type)
115 30 426: SEQUENCE {
119 02 129: INTEGER
: 00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB 23 4D DF 2B
: 25 C1 68 D2 9E A9 45 5B 36 F1 94 89 1A AF 7D 11
: 24 9D 3D B9 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB
: AA CC 9E 28 05 95 A0 B3 17 76 C1 F7 25 35 61 02
: 41 92 27 0C 5E AE 48 E5 F3 6E 38 EF 91 D1 CF 37
: FE 9A 40 97 C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA
: 74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8 7E BC 3A AA
: 43 0A 81 64 FC 63 F0 7B 71 98 FA C0 38 79 10 1A
: 33
251 02 129: INTEGER
: 00 BA 0B D7 74 3D E7 34 E5 4C 13 A7 95 96 BB F1
: E4 61 37 08 FB 12 C7 FB 9C 91 77 06 99 35 F0 48
: 24 96 33 12 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
: 5E 95 86 A2 73 C5 49 46 37 79 60 FD 77 05 09 48
: 9B 70 8D 3C 05 F6 CE 44 2C 7F 7D 1B 2B 15 DD F3
: 05 2F BE 85 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
: 42 62 34 27 27 81 8E 6F 0F 5E 62 85 89 CC ED 21
: C3 91 70 06 54 EE 70 A8 92 55 5B 6E 19 22 4D 62
: A7
383 02 33: INTEGER
: 00 C3 AB 4A 30 79 B3 D3 97 4E CA F5 A2 7D C7 70
: A3 45 F3 B3 A2 86 05 D2 3E 49 F9 9F D9 0A B3 BE
: BD
418 02 97: INTEGER
: 01 34 FE C2 33 48 EB F6 3B 97 D9 E4 97 A7 60 A5
: 25 69 34 FB FD 46 2A D6 C9 C4 C5 F7 D6 F4 04 19
: 8D 94 D9 8A 37 68 69 67 55 FB F2 6B 0E 47 C5 5B
: 0B 4B 0E 1C 1A 8B 7B 75 B7 AA C3 AA D7 EB 3B DA
: 2A 8D 02 87 37 47 83 D7 31 B4 25 A8 AC BB 11 88
: 53 1C 11 92 B6 69 E7 2E 90 C1 7A FC 87 F4 F6 D7
: 1A
517 30 26: SEQUENCE {
519 03 21: BIT STRING 0 unused bits
: B9 FF 1C 93 44 67 37 D1 B2 F8 57 9A 32 4A C9 4A
: FF 3B EC 1E
542 02 1: INTEGER 29
: }
: }
: }
545 03 132: BIT STRING 0 unused bits, encapsulates {
549 02 128: INTEGER
: 6F D4 F6 CD 94 9A 6E AF 5B 57 17 96 75 BB 0F B9
: 48 E9 90 37 0D 15 20 C2 55 1E 13 E2 AE 71 17 84
: C3 0E 74 AE 8A 55 7F 28 7D 8B D7 28 22 9C 76 46
: D7 3B 4F 9D D1 4D 1B B2 DB 51 94 C5 6D 54 96 40
: 38 8A 38 81 63 4A 8C C3 1E 09 89 74 A6 58 D5 C8
: 5A 3D CF BB B8 23 7F 9C 1F 7D 78 FA 9E F9 90 9E
: 91 E7 4B C2 A4 BE 45 06 78 42 58 3D 9F 63 2C EF
: 84 D4 67 E5 FB C6 6D A2 36 29 67 90 46 DB 4E 48
: }
: }
680 A3 127: [3] {
682 30 125: SEQUENCE {
684 30 29: SEQUENCE {
686 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
691 04 22: OCTET STRING, encapsulates {
693 30 20: SEQUENCE {
695 81 18: [1] 'bobDh@examples.com'
: }
: }
: }
715 30 12: SEQUENCE {
717 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
722 01 1: BOOLEAN TRUE
725 04 2: OCTET STRING, encapsulates {
727 30 0: SEQUENCE {}
: }
: }
729 30 14: SEQUENCE {
731 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
736 01 1: BOOLEAN TRUE
739 04 4: OCTET STRING, encapsulates {
741 03 2: BIT STRING 3 unused bits
: '10000'B
: }
: }
745 30 31: SEQUENCE {
747 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
752 04 24: OCTET STRING, encapsulates {
754 30 22: SEQUENCE {
756 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
: 2B 93 F1 1F
: }
: }
: }
778 30 29: SEQUENCE {
780 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
785 04 22: OCTET STRING
: 04 14 26 FF 19 48 C3 59 33 68 56 8D 7E C8 80 68
: 5C CF 3C 72 DD 26
: }
: }
: }
: }
809 30 9: SEQUENCE {
811 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
820 03 48: BIT STRING 0 unused bits, encapsulates {
823 30 45: SEQUENCE {
825 02 20: INTEGER
: 15 EA 15 43 E3 49 22 86 C1 BB E5 DA E4 0E B8 09
: E0 D5 72 35
847 02 21: INTEGER
: 00 AE 4F 51 29 73 71 75 A9 81 EB ED 9D 5E 00 19
: 7E F0 DE 5A D6
: }
: }
: }
BobRSASignByCarl =
0 30 512: SEQUENCE {
4 30 365: SEQUENCE {
8 A0 3: [0] {
10 02 1: INTEGER 2
: }
13 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
31 30 9: SEQUENCE {
33 06 5: OBJECT IDENTIFIER sha-1WithRSAEncryption (1 3 14 3 2 29)
: (Oddball OIW OID)
40 05 0: NULL
: }
42 30 18: SEQUENCE {
44 31 16: SET {
46 30 14: SEQUENCE {
48 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
53 13 7: PrintableString 'CarlRSA'
: }
: }
: }
62 30 30: SEQUENCE {
64 17 13: UTCTime '990919010902Z'
79 17 13: UTCTime '391231235959Z'
: }
94 30 17: SEQUENCE {
96 31 15: SET {
98 30 13: SEQUENCE {
100 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
105 13 6: PrintableString 'BobRSA'
: }
: }
: }
113 30 159: SEQUENCE {
116 30 13: SEQUENCE {
118 06 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
129 05 0: NULL
: }
131 03 141: BIT STRING 0 unused bits, encapsulates {
135 30 137: SEQUENCE {
138 02 129: INTEGER
: 00 A9 E1 67 98 3F 39 D5 5F F2 A0 93 41 5E A6 79
: 89 85 C8 35 5D 9A 91 5B FB 1D 01 DA 19 70 26 17
: 0F BD A5 22 D0 35 85 6D 7A 98 66 14 41 5C CF B7
: B7 08 3B 09 C9 91 B8 19 69 37 6D F9 65 1E 7B D9
: A9 33 24 A3 7F 3B BB AF 46 01 86 36 34 32 CB 07
: 03 59 52 FC 85 8B 31 04 B8 CC 18 08 14 48 E6 4F
: 1C FB 5D 60 C4 E0 5C 1F 53 D3 7F 53 D8 69 01 F1
: 05 F8 7A 70 D1 BE 83 C6 5F 38 CF 1C 2C AA 6A A7
: EB
270 02 3: INTEGER 65537
: }
: }
: }
275 A3 96: [3] {
277 30 94: SEQUENCE {
279 30 12: SEQUENCE {
281 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
286 01 1: BOOLEAN TRUE
289 04 2: OCTET STRING, encapsulates {
291 30 0: SEQUENCE {}
: }
: }
293 30 14: SEQUENCE {
295 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
300 01 1: BOOLEAN TRUE
303 04 4: OCTET STRING, encapsulates {
305 03 2: BIT STRING 5 unused bits
: '100'B (bit 2)
: }
: }
309 30 31: SEQUENCE {
311 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
316 04 24: OCTET STRING, encapsulates {
318 30 22: SEQUENCE {
320 80 20: [0]
: E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 4E 22
: AE 9E 38 BB
: }
: }
: }
342 30 29: SEQUENCE {
344 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
349 04 22: OCTET STRING, encapsulates {
351 04 20: OCTET STRING
: E8 F4 B8 67 D8 B3 96 A4 2A F3 11 AA 29 D3 95 5A
: 86 16 B4 24
: }
: }
: }
: }
: }
373 30 9: SEQUENCE {
375 06 5: OBJECT IDENTIFIER sha-1WithRSAEncryption (1 3 14 3 2 29)
: (Oddball OIW OID)
382 05 0: NULL
: }
384 03 129: BIT STRING 0 unused bits
: 09 21 6A 3B 62 50 DF 62 41 5E 12 40 09 14 C3 B5
: E4 28 2E 50 77 FA 56 66 B3 A2 96 B6 0A 01 AE A6
: 38 E5 BD 6B E7 F2 3E 6D B0 A5 EF CC 87 AC AB 25
: A4 BB DA E2 1A 81 B7 B9 15 B3 6C DA D1 13 D5 9F
: 0F D5 4B 7A 8D 54 D8 5A DC 07 01 D1 05 41 0D 0A
: 61 47 80 F1 75 0F F8 22 1B 50 92 33 FE 08 05 50
: 6D 7B 03 00 03 F1 2D 4B FE 20 62 C7 20 77 05 42
: 23 DB A8 C7 AD DE 71 1B D1 2A 99 82 A6 65 EB 7E
: }
CarlDSSSelf =
0 30 667: SEQUENCE {
4 30 602: SEQUENCE {
8 A0 3: [0] {
10 02 1: INTEGER 2
: }
13 02 1: INTEGER 1
16 30 9: SEQUENCE {
18 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
27 30 18: SEQUENCE {
29 31 16: SET {
31 30 14: SEQUENCE {
33 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
38 13 7: PrintableString 'CarlDSS'
: }
: }
: }
47 30 30: SEQUENCE {
49 17 13: UTCTime '990816225050Z'
64 17 13: UTCTime '391231235959Z'
: }
79 30 18: SEQUENCE {
81 31 16: SET {
83 30 14: SEQUENCE {
85 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
90 13 7: PrintableString 'CarlDSS'
: }
: }
: }
99 30 439: SEQUENCE {
103 30 299: SEQUENCE {
107 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
116 30 286: SEQUENCE {
120 02 129: INTEGER
: 00 B6 49 18 3E 8A 44 C1 29 71 94 4C 01 C4 12 C1
: 7A 79 CB 54 4D AB 1E 81 FB C6 4C B3 0E 94 09 06
: EB 01 D4 B1 C8 71 4B C7 45 C0 50 25 5D 9C FC DA
: E4 6D D3 E2 86 48 84 82 7D BA 15 95 4A 16 F6 46
: ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16 7B B9 50 01
: 48 93 8B EB 25 15 51 97 55 DC 8F 53 0E 10 A9 50
: FC 70 B7 CD 30 54 FD DA DE A8 AA 22 B5 A1 AF 8B
: CC 02 88 E7 8B 70 5F B9 AD E1 08 D4 6D 29 2D D6
: E9
252 02 21: INTEGER
: 00 DD C1 2F DF 53 CE 0B 34 60 77 3E 02 A4 BF 8A
: 5D 98 B9 10 D5
275 02 128: INTEGER
: 0C EE 57 9B 4B BD DA B6 07 6A 74 37 4F 55 7F 9D
: ED BC 61 0D EB 46 59 3C 56 0B 2B 5B 0C 91 CE A5
: 62 52 69 CA E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
: AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 87 0B C7 CD
: F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D 5A 51 F5 4F
: 44 79 35 5A 73 AA 7F 46 51 1F A9 42 16 9C 48 EB
: 8A 79 61 B4 D5 2F 53 22 44 63 1F 86 B8 A3 58 06
: 25 F8 29 C0 EF BA E0 75 F0 42 C4 63 65 52 9B 0A
: }
: }
406 03 133: BIT STRING 0 unused bits, encapsulates {
410 02 129: INTEGER
: 00 99 87 74 27 03 66 A0 B1 C0 AD DC 2C 75 BB E1
: 6C 44 9C DA 21 6D 4D 47 6D B1 62 09 E9 D8 AE 1E
: F2 3A B4 94 B1 A3 8E 7A 9B 71 4E 00 94 C9 B4 25
: 4E B9 60 96 19 24 01 F3 62 0C FE 75 C0 FB CE D8
: 68 00 E3 FD D5 70 4F DF 23 96 19 06 94 F4 B1 61
: 8F 3A 57 B1 08 11 A4 0B 26 25 F0 52 76 81 EA 0B
: 62 0D 95 2A E6 86 BA 72 B2 A7 50 83 0B AA 27 CD
: 1B A9 4D 89 9A D7 8D 18 39 84 3F 8B C5 56 4D 80
: 7A
: }
: }
542 A3 66: [3] {
544 30 64: SEQUENCE {
546 30 15: SEQUENCE {
548 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
553 01 1: BOOLEAN TRUE
556 04 5: OCTET STRING, encapsulates {
558 30 3: SEQUENCE {
560 01 1: BOOLEAN TRUE
: }
: }
: }
563 30 14: SEQUENCE {
565 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
570 01 1: BOOLEAN TRUE
573 04 4: OCTET STRING, encapsulates {
575 03 2: BIT STRING 1 unused bits
: '1100001'B
: }
: }
579 30 29: SEQUENCE {
581 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
586 04 22: OCTET STRING
: 04 14 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20
: BC 43 2B 93 F1 1F
: }
: }
: }
: }
610 30 9: SEQUENCE {
612 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
621 03 48: BIT STRING 0 unused bits, encapsulates {
624 30 45: SEQUENCE {
626 02 20: INTEGER
: 6B A9 F0 4E 7A 5A 79 E3 F9 BE 3D 2B C9 06 37 E9
: 11 17 A1 13
648 02 21: INTEGER
: 00 8F 34 69 2A 8B B1 3C 03 79 94 32 4D 12 1F CE
: 89 FB 46 B2 3B
: }
: }
: }
CarlRSASelf =
0 30 491: SEQUENCE {
4 30 340: SEQUENCE {
8 A0 3: [0] {
10 02 1: INTEGER 2
: }
13 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E 9F F2 50 20
31 30 13: SEQUENCE {
33 06 9: OBJECT IDENTIFIER
: sha1withRSAEncryption (1 2 840 113549 1 1 5)
: (PKCS #1)
44 05 0: NULL
: }
46 30 18: SEQUENCE {
48 31 16: SET {
50 30 14: SEQUENCE {
52 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
57 13 7: PrintableString 'CarlRSA'
: }
: }
: }
66 30 30: SEQUENCE {
68 17 13: UTCTime '990818070000Z'
83 17 13: UTCTime '391231235959Z'
: }
98 30 18: SEQUENCE {
100 31 16: SET {
102 30 14: SEQUENCE {
104 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
109 13 7: PrintableString 'CarlRSA'
: }
: }
: }
118 30 159: SEQUENCE {
121 30 13: SEQUENCE {
123 06 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
134 05 0: NULL
: }
136 03 141: BIT STRING 0 unused bits, encapsulates {
140 30 137: SEQUENCE {
143 02 129: INTEGER
: 00 E4 4B FF 18 B8 24 57 F4 77 FF 6E 73 7B 93 71
: 5C BC 33 1A 92 92 72 23 D8 41 46 D0 CD 11 3A 04
: B3 8E AF 82 9D BD 51 1E 17 7A F2 76 2C 2B 86 39
: A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC A2 36 B1 ED
: E2 50 E2 32 09 8A 3F 9F 99 25 8F B8 4E AB B9 7D
: D5 96 65 DA 16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7
: 29 CB 82 DD AC 44 E9 AA 93 94 29 0E F8 18 D6 C8
: 57 5E F2 76 C4 F2 11 60 38 B9 1B 3C 1D 97 C9 6A
: F1
275 02 3: INTEGER 65537
: }
: }
: }
280 A3 66: [3] {
282 30 64: SEQUENCE {
284 30 15: SEQUENCE {
286 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
291 01 1: BOOLEAN TRUE
294 04 5: OCTET STRING, encapsulates {
296 30 3: SEQUENCE {
298 01 1: BOOLEAN TRUE
: }
: }
: }
301 30 14: SEQUENCE {
303 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
308 01 1: BOOLEAN TRUE
311 04 4: OCTET STRING, encapsulates {
313 03 2: BIT STRING 1 unused bits
: '1100001'B
: }
: }
317 30 29: SEQUENCE {
319 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
324 04 22: OCTET STRING
: 04 14 E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37
: 4E 22 AE 9E 38 BB
: }
: }
: }
: }
348 30 13: SEQUENCE {
350 06 9: OBJECT IDENTIFIER
: sha1withRSAEncryption (1 2 840 113549 1 1 5)
: (PKCS #1)
361 05 0: NULL
: }
363 03 129: BIT STRING 0 unused bits
: B7 9E D4 04 D3 ED 29 E4 FF 89 89 15 2E 4C DB 0C
: F0 48 0F 32 61 EE C4 04 EC 12 5D 2D FF 0F 64 59
: 7E 0A C3 ED 18 FD E3 56 40 37 A7 07 B5 F0 38 12
: 61 50 ED EF DD 3F E3 0B B8 61 A5 A4 9B 3C E6 9E
: 9C 54 9A B6 95 D6 DA 6C 3B B5 2D 45 35 9D 49 01
: 76 FA B9 B9 31 F9 F9 6B 12 53 A0 F5 14 60 9B 7D
: CA 3E F2 53 6B B0 37 6F AD E6 74 D7 DB FA 5A EA
: 14 41 63 5D CD BE C8 0E C1 DA 6A 8D 53 34 18 02
: }
DianeDHEncryptByCarl =
0 30 869: SEQUENCE {
4 30 805: SEQUENCE {
8 A0 3: [0] {
10 02 1: INTEGER 2
: }
13 02 2: INTEGER 211
17 30 9: SEQUENCE {
19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
28 30 18: SEQUENCE {
30 31 16: SET {
32 30 14: SEQUENCE {
34 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
39 13 7: PrintableString 'CarlDSS'
: }
: }
: }
48 30 30: SEQUENCE {
50 17 13: UTCTime '990817021657Z'
65 17 13: UTCTime '391231235959Z'
: }
80 30 18: SEQUENCE {
82 31 16: SET {
84 30 14: SEQUENCE {
86 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
91 13 7: PrintableString 'DianeDH'
: }
: }
: }
100 30 577: SEQUENCE {
104 30 438: SEQUENCE {
108 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
: (ANSI X9.42 number-type)
117 30 425: SEQUENCE {
121 02 129: INTEGER
: 00 CA 6E 91 C2 B0 BD A8 58 F2 31 21 74 BB 1F E4
: 10 BD D0 93 A2 7E 61 E1 3D BA 23 04 16 D0 66 39
: BD 3B CD 05 74 48 F1 03 70 95 F4 05 63 6D 2E BF
: 9A B7 FF 97 FF 39 BB 63 DB 4D A4 71 D8 94 9A B4
: F2 8A 3D 9F B7 5D 8D CA E2 AF B5 0F CF 05 65 82
: 68 6E 43 D2 F4 04 5F 03 8B F9 50 F5 C8 6C 05 26
: BC BF 36 0F 5C C3 51 6A 67 E8 75 32 66 78 91 63
: E8 FE 34 E7 19 B6 70 6C 78 38 36 82 D2 34 36 C2
: DF
253 02 128: INTEGER
: 6E D6 76 36 4B E4 59 07 57 5F 18 9A 10 D2 31 5C
: A6 10 B0 26 96 42 4D 7C A3 A1 D3 9E A5 80 B2 1F
: 37 11 49 7C 8A 99 D8 56 3F 93 51 ED 6E 54 FB 6E
: DB B2 FC 34 C0 E7 CA 1E 58 2B D5 3D 3B DC AE 71
: 21 D9 3B 56 B8 A7 F6 4D 22 52 5F 41 BA D5 1E 82
: 69 6C DD 70 71 CC 6C 3B EF 84 A9 71 8B A9 3B 2A
: 09 F8 BD FD CB 51 BC 2E 2E CA 3E 30 8C FA 54 9E
: 7D 0D 03 E2 DF 63 62 6D F3 50 82 27 DC D1 99 F7
384 02 33: INTEGER
: 00 AA 05 65 FB DD 4E A8 02 F1 34 39 E7 A3 FC 7D
: 46 10 B8 5D F0 2E F2 C5 D1 5E A2 74 4C DA 0F 4E
: 1F
419 02 97: INTEGER
: 01 30 CD 03 82 CD 3F 32 3A 5F 16 5E F2 13 5F 52
: 1B DF FF AA 3B 06 3C 7F 81 26 1C B7 0C A0 14 09
: 1B 5D 26 FD 71 33 8C F2 AC 41 7E 0D AC 35 95 90
: 7E A5 AD AB 55 50 80 F0 D2 B9 2A 11 4D 76 45 76
: 3F 0C 38 AE 72 59 C6 EC BD EF E7 6E 60 23 93 B9
: 27 02 44 7E 4A D3 DA 39 3A 9A 63 43 3C 1B 23 C5
: 62
518 30 26: SEQUENCE {
520 03 21: BIT STRING 0 unused bits
: D0 FD D6 E0 46 97 D1 A7 7F BB FF 9A 43 F0 62 64
: B3 7C 97 AB
543 02 1: INTEGER 122
: }
: }
: }
546 03 132: BIT STRING 0 unused bits, encapsulates {
550 02 128: INTEGER
: 60 5E 6E EF 61 55 77 3F 9D 6A 11 10 F4 D3 C9 B8
: 72 A0 1F 89 DF E4 BC 21 FD E4 9F 50 D6 8F 8E F9
: 67 97 14 E0 34 19 8F 3D 58 52 1E DC 5D 05 4E 4F
: C6 88 85 78 AC 01 6C 35 CE 86 6D 90 4B 58 48 2E
: 0F B2 E3 2A 4E 47 C3 B1 4D 2A 7A C9 B7 E5 C6 68
: 8A 73 AE 53 21 B3 CF 09 C4 62 A3 E8 B0 BB DC DE
: 0D 2E 66 48 37 A8 DB A2 4B FB DB FA A6 92 4B 41
: 0A C6 54 0B 8B 1A 9D 2F FF 60 0B 0B 08 D9 42 3F
: }
: }
681 A3 129: [3] {
684 30 127: SEQUENCE {
686 30 31: SEQUENCE {
688 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
693 04 24: OCTET STRING, encapsulates {
695 30 22: SEQUENCE {
697 81 20: [1] 'dianeDh@examples.com'
: }
: }
: }
719 30 12: SEQUENCE {
721 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
726 01 1: BOOLEAN TRUE
729 04 2: OCTET STRING, encapsulates {
731 30 0: SEQUENCE {}
: }
: }
733 30 14: SEQUENCE {
735 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
740 01 1: BOOLEAN TRUE
743 04 4: OCTET STRING, encapsulates {
745 03 2: BIT STRING 3 unused bits
: '10000'B
: }
: }
749 30 31: SEQUENCE {
751 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
756 04 24: OCTET STRING, encapsulates {
758 30 22: SEQUENCE {
760 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
: 2B 93 F1 1F
: }
: }
: }
782 30 29: SEQUENCE {
784 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
789 04 22: OCTET STRING
: 04 14 47 F3 4F CD 75 7D A8 52 21 A8 61 36 57 B5
: F8 9A EE DB 30 46
: }
: }
: }
: }
813 30 9: SEQUENCE {
815 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
824 03 47: BIT STRING 0 unused bits, encapsulates {
827 30 44: SEQUENCE {
829 02 20: INTEGER
: 7D 64 1E 1F 4B F3 EC 6F 34 2C B2 E4 64 70 8F 3E
: 6A C0 72 A2
851 02 20: INTEGER
: 4B EA C1 0C F1 CD F7 7A 9D 76 CA 27 6E D0 BE F2
: D8 9B 6A 6D
: }
: }
: }
DianeDSSSignByCarlInherit =
0 30 442: SEQUENCE {
4 30 377: SEQUENCE {
8 A0 3: [0] {
10 02 1: INTEGER 2
: }
13 02 2: INTEGER 210
17 30 9: SEQUENCE {
19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
28 30 18: SEQUENCE {
30 31 16: SET {
32 30 14: SEQUENCE {
34 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
39 13 7: PrintableString 'CarlDSS'
: }
: }
: }
48 30 30: SEQUENCE {
50 17 13: UTCTime '990817020810Z'
65 17 13: UTCTime '391231235959Z'
: }
80 30 19: SEQUENCE {
82 31 17: SET {
84 30 15: SEQUENCE {
86 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
91 13 8: PrintableString 'DianeDSS'
: }
: }
: }
101 30 147: SEQUENCE {
104 30 9: SEQUENCE {
106 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
: }
115 03 133: BIT STRING 0 unused bits, encapsulates {
119 02 129: INTEGER
: 00 A0 00 17 78 2C EE 7E 81 53 2E 2E 61 08 0F A1
: 9B 51 52 1A DA 59 A8 73 2F 12 25 B6 08 CB CA EF
: 2A 44 76 8A 52 09 EA BD 05 22 D5 0F F6 FD 46 D7
: AF 99 38 09 0E 13 CB 4F 2C DD 1C 34 F7 1C BF 25
: FF 23 D3 3B 59 E7 82 97 37 BE 31 24 D8 18 C8 F3
: 49 39 5B B7 E2 E5 27 7E FC 8C 45 72 5B 7E 3E 8F
: 68 4D DD 46 7A 22 BE 8E FF CC DA 39 29 A3 39 E5
: 9F 43 E9 55 C9 D7 5B A6 81 67 CC C0 AA CD 2E C5
: 23
: }
: }
251 A3 131: [3] {
254 30 128: SEQUENCE {
257 30 32: SEQUENCE {
259 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
264 04 25: OCTET STRING, encapsulates {
266 30 23: SEQUENCE {
268 81 21: [1] 'dianeDss@examples.com'
: }
: }
: }
291 30 12: SEQUENCE {
293 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
298 01 1: BOOLEAN TRUE
301 04 2: OCTET STRING, encapsulates {
303 30 0: SEQUENCE {}
: }
: }
305 30 14: SEQUENCE {
307 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
312 01 1: BOOLEAN TRUE
315 04 4: OCTET STRING, encapsulates {
317 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
321 30 31: SEQUENCE {
323 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
328 04 24: OCTET STRING, encapsulates {
330 30 22: SEQUENCE {
332 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
: 2B 93 F1 1F
: }
: }
: }
354 30 29: SEQUENCE {
356 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
361 04 22: OCTET STRING
: 04 14 64 30 99 7D 5C DC 45 0B 99 3A 52 2F 16 BF
: 58 50 DD CE 2B 18
: }
: }
: }
: }
385 30 9: SEQUENCE {
387 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
396 03 48: BIT STRING 0 unused bits, encapsulates {
399 30 45: SEQUENCE {
401 02 20: INTEGER
: 7E 0C 0C 81 17 B4 9A 54 B2 C3 30 EB 8A C4 3C C2
: 52 36 9E 95
423 02 21: INTEGER
: 00 C6 9F 17 C2 71 4B AC 2E 39 8D 3D 10 1F 9A B3
: 4D B6 F9 11 A3
: }
: }
: }
DianeRSASignEncryptByCarl =
0 30 522: SEQUENCE {
4 30 371: SEQUENCE {
8 A0 3: [0] {
10 02 1: INTEGER 2
: }
13 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E D5 9A 30 90
31 30 13: SEQUENCE {
33 06 9: OBJECT IDENTIFIER
: sha1withRSAEncryption (1 2 840 113549 1 1 5)
: (PKCS #1)
44 05 0: NULL
: }
46 30 18: SEQUENCE {
48 31 16: SET {
50 30 14: SEQUENCE {
52 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
57 13 7: PrintableString 'CarlRSA'
: }
: }
: }
66 30 30: SEQUENCE {
68 17 13: UTCTime '990819070000Z'
83 17 13: UTCTime '391231235959Z'
: }
98 30 19: SEQUENCE {
100 31 17: SET {
102 30 15: SEQUENCE {
104 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
109 13 8: PrintableString 'DianeRSA'
: }
: }
: }
119 30 159: SEQUENCE {
122 30 13: SEQUENCE {
124 06 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
135 05 0: NULL
: }
137 03 141: BIT STRING 0 unused bits, encapsulates {
141 30 137: SEQUENCE {
144 02 129: INTEGER
: 00 D6 FD B8 C0 70 C6 4C 25 EC EA CF EA 7C BB A2
: 62 FA F0 E6 32 3A 53 FF B1 92 5A 17 F4 20 E1 99
: 24 82 0A D0 F6 7C FB 44 CA 8B 27 06 F1 7E 26 03
: A9 76 9D CF EC A0 2C 70 96 F2 83 42 F6 D4 B7 28
: 0A BB F8 BF 4A 4C 19 3F 07 DB A0 C1 60 1E B7 7E
: 67 F7 DE B1 C3 60 49 AC 45 D7 F8 C6 EF 08 37 21
: 93 47 EE F0 73 35 72 B0 02 C4 F3 11 C3 5E 47 E5
: 0A B7 83 F1 DB 74 69 64 8B 44 1D 95 5D CD 28 C0
: 85
276 02 3: INTEGER 65537
: }
: }
: }
281 A3 96: [3] {
283 30 94: SEQUENCE {
285 30 12: SEQUENCE {
287 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
292 01 1: BOOLEAN TRUE
295 04 2: OCTET STRING, encapsulates {
297 30 0: SEQUENCE {}
: }
: }
299 30 14: SEQUENCE {
301 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
306 01 1: BOOLEAN TRUE
309 04 4: OCTET STRING, encapsulates {
311 03 2: BIT STRING 5 unused bits
: '111'B
: }
: }
315 30 31: SEQUENCE {
317 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
322 04 24: OCTET STRING, encapsulates {
324 30 22: SEQUENCE {
326 80 20: [0]
: E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
42 37 4E 22
: AE 9E 38 BB
: }
: }
: }
348 30 29: SEQUENCE {
350 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
355 04 22: OCTET STRING
: 04 14 8C F3 CB 75 0E 8D 31 F6 D4 29 DA 44 92 75
: B8 FE ED 4F 39 0C
: }
: }
: }
: }
379 30 13: SEQUENCE {
381 06 9: OBJECT IDENTIFIER
: sha1withRSAEncryption (1 2 840 113549 1 1 5)
: (PKCS #1)
392 05 0: NULL
: }
394 03 129: BIT STRING 0 unused bits
: 1D B3 51 B1 99 96 F0 44 A8 EB 14 EA FC C2 DF B8
: 33 4B 02 3C 41 DF E3 53 7F EA 34 7F FC D5 11 0D
: 00 04 88 B8 ED BC 23 45 03 6E F1 53 B2 C0 3B 19
: 62 DC DC E1 8A FE A7 FC A5 D7 97 DB 25 7C F3 30
: C5 63 A7 38 4A AB 25 21 24 80 C7 D8 78 82 8C 53
: EA 3E 2F 63 10 66 D3 27 55 9A DC EF 35 5E F6 23
: 71 E6 FF 78 7B A9 4F 7B 7F 2E B9 C4 42 73 57 4F
: AA F8 04 B4 0D C7 53 88 C4 F0 92 28 33 44 50 A1
: }
EricaDHEncryptByCarl =
0 30 745: SEQUENCE {
4 30 680: SEQUENCE {
8 A0 3: [0] {
10 02 1: INTEGER 2
: }
13 02 2: INTEGER 212
17 30 9: SEQUENCE {
19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
28 30 18: SEQUENCE {
30 31 16: SET {
32 30 14: SEQUENCE {
34 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
39 13 7: PrintableString 'CarlDSS'
: }
: }
: }
48 30 30: SEQUENCE {
50 17 13: UTCTime '990817021716Z'
65 17 13: UTCTime '391231235959Z'
: }
80 30 18: SEQUENCE {
82 31 16: SET {
84 30 14: SEQUENCE {
86 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
91 13 7: PrintableString 'EricaDH'
: }
: }
: }
100 30 452: SEQUENCE {
104 30 312: SEQUENCE {
108 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
: (ANSI X9.42 number-type)
117 30 299: SEQUENCE {
121 02 129: INTEGER
: 00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB 23 4D DF 2B
: 25 C1 68 D2 9E A9 45 5B 36 F1 94 89 1A AF 7D 11
: 24 9D 3D B9 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB
: AA CC 9E 28 05 95 A0 B3 17 76 C1 F7 25 35 61 02
: 41 92 27 0C 5E AE 48 E5 F3 6E 38 EF 91 D1 CF 37
: FE 9A 40 97 C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA
: 74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8 7E BC 3A AA
: 43 0A 81 64 FC 63 F0 7B 71 98 FA C0 38 79 10 1A
: 33
253 02 129: INTEGER
: 00 BA 0B D7 74 3D E7 34 E5 4C 13 A7 95 96 BB F1
: E4 61 37 08 FB 12 C7 FB 9C 91 77 06 99 35 F0 48
: 24 96 33 12 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
: 5E 95 86 A2 73 C5 49 46 37 79 60 FD 77 05 09 48
: 9B 70 8D 3C 05 F6 CE 44 2C 7F 7D 1B 2B 15 DD F3
: 05 2F BE 85 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
: 42 62 34 27 27 81 8E 6F 0F 5E 62 85 89 CC ED 21
: C3 91 70 06 54 EE 70 A8 92 55 5B 6E 19 22 4D 62
: A7
385 02 33: INTEGER
: 00 C3 AB 4A 30 79 B3 D3 97 4E CA F5 A2 7D C7 70
: A3 45 F3 B3 A2 86 05 D2 3E 49 F9 9F D9 0A B3 BE
: BD
: }
: }
420 03 133: BIT STRING 0 unused bits, encapsulates {
424 02 129: INTEGER
: 00 D1 2B E4 1D 3E BA 18 CF 75 20 C6 C7 5E C3 C4
: 6C EA F3 23 D9 09 1F 46 98 F4 CE 59 B9 B6 CE E8
: 3A C6 18 F8 59 77 1B 99 B0 DA DC C0 9D 09 E4 AF
: F9 61 91 2C 47 CC 47 5E DF 2B 33 76 F3 67 EC 77
: E8 2C 37 30 A1 89 5D F3 C8 F6 5C 16 4A E4 B7 8C
: F5 7B D5 38 FD 14 AC E8 7A C2 7D EE 07 90 27 0A
: 7C 87 A8 A2 E2 70 35 EA 6E DE 9E 50 31 6B E9 09
: DA 25 1A 01 8E E3 FF 26 1C 75 F5 C3 CE 5A F5 9E
: 85
: }
: }
556 A3 129: [3] {
559 30 127: SEQUENCE {
561 30 31: SEQUENCE {
563 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
568 04 24: OCTET STRING, encapsulates {
570 30 22: SEQUENCE {
572 81 20: [1] 'ericaDh@examples.com'
: }
: }
: }
594 30 12: SEQUENCE {
596 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
601 01 1: BOOLEAN TRUE
604 04 2: OCTET STRING, encapsulates {
606 30 0: SEQUENCE {}
: }
: }
608 30 14: SEQUENCE {
610 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
615 01 1: BOOLEAN TRUE
618 04 4: OCTET STRING, encapsulates {
620 03 2: BIT STRING 3 unused bits
: '10000'B
: }
: }
624 30 31: SEQUENCE {
626 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
631 04 24: OCTET STRING, encapsulates {
633 30 22: SEQUENCE {
635 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
: 2B 93 F1 1F
: }
: }
: }
657 30 29: SEQUENCE {
659 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
664 04 22: OCTET STRING
: 04 14 8D 53 1D 61 55 7F 60 35 6D A6 36 A2 C5 93
: F8 9A FD C0 75 74
: }
: }
: }
: }
688 30 9: SEQUENCE {
690 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
699 03 48: BIT STRING 0 unused bits, encapsulates {
702 30 45: SEQUENCE {
704 02 20: INTEGER
: 3E 51 42 08 E3 52 2E AA BB 8F BD 18 38 71 CB 98
: 83 BE 47 9E
726 02 21: INTEGER
: 00 B4 B3 15 85 99 11 06 40 1F 40 59 8D D4 1B 2D
: CD 81 F1 E8 68
: }
: }
: }
3.4 CRLs
CarlCRL is a CRL from Carl that contains three revocations.
CarlDSSCRLForAll =
0 30 216: SEQUENCE {
3 30 153: SEQUENCE {
6 30 9: SEQUENCE {
8 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
17 30 18: SEQUENCE {
19 31 16: SET {
21 30 14: SEQUENCE {
23 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
28 13 7: PrintableString 'CarlDSS'
: }
: }
: }
37 17 13: UTCTime '990827070000Z'
52 30 105: SEQUENCE {
54 30 19: SEQUENCE {
56 02 2: INTEGER 200
60 17 13: UTCTime '990822070000Z'
: }
75 30 19: SEQUENCE {
77 02 2: INTEGER 201
81 17 13: UTCTime '990822070000Z'
: }
96 30 19: SEQUENCE {
98 02 2: INTEGER 211
102 17 13: UTCTime '990822070000Z'
: }
117 30 19: SEQUENCE {
119 02 2: INTEGER 210
123 17 13: UTCTime '990822070000Z'
: }
138 30 19: SEQUENCE {
140 02 2: INTEGER 212
144 17 13: UTCTime '990824070000Z'
: }
: }
: }
159 30 9: SEQUENCE {
161 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
170 03 47: BIT STRING 0 unused bits, encapsulates {
173 30 44: SEQUENCE {
175 02 20: INTEGER
: 7E 65 52 76 33 FE 34 73 17 D1 F7 96 F9 A0 D4 D8
: 6D 5C 7D 3D
197 02 20: INTEGER
: 02 7A 5B B7 D5 5B 18 C1 CF 87 EF 7E DA 24 F3 2A
: 83 9C 35 A1
: }
: }
: }
CarlDSSCRLForCarl =
0 30 131: SEQUENCE {
3 30 68: SEQUENCE {
5 30 9: SEQUENCE {
7 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
16 30 18: SEQUENCE {
18 31 16: SET {
20 30 14: SEQUENCE {
22 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
27 13 7: PrintableString 'CarlDSS'
: }
: }
: }
36 17 13: UTCTime '990825070000Z'
51 30 20: SEQUENCE {
53 30 18: SEQUENCE {
55 02 1: INTEGER 1
58 17 13: UTCTime '990822070000Z'
: }
: }
: }
73 30 9: SEQUENCE {
75 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
84 03 48: BIT STRING 0 unused bits, encapsulates {
87 30 45: SEQUENCE {
89 02 21: INTEGER
: 00 B3 1F C5 4F 7A 3D EC 76 D5 60 F9 DE 79 22 EC
: 4F B0 90 FE 97
112 02 20: INTEGER
: 5A 8B C3 84 BC 66 87 1B BF 79 82 5B 0A 5D 07 F6
: BA A9 05 29
: }
: }
: }
CarlDSSCRLEmpty =
0 30 109: SEQUENCE {
2 30 46: SEQUENCE {
4 30 9: SEQUENCE {
6 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
15 30 18: SEQUENCE {
17 31 16: SET {
19 30 14: SEQUENCE {
21 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
26 13 7: PrintableString 'CarlDSS'
: }
: }
: }
35 17 13: UTCTime '990820070000Z'
: }
50 30 9: SEQUENCE {
52 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
61 03 48: BIT STRING 0 unused bits, encapsulates {
64 30 45: SEQUENCE {
66 02 20: INTEGER
: 62 3F 36 17 31 58 2E 67 50 79 F5 09 4B 8C AD D4
: 6B F4 64 9F
88 02 21: INTEGER
: 00 B5 3B 4E A1 4C 7B FD 0F C3 8D 9B B6 FE C3 5D
: 6F DE 65 28 7D
: }
: }
: }
CarlRSACRLForAll =
0 30 307: SEQUENCE {
4 30 157: SEQUENCE {
7 30 13: SEQUENCE {
9 06 9: OBJECT IDENTIFIER
: md5withRSAEncryption (1 2 840 113549 1 1 4)
: (PKCS #1)
20 05 0: NULL
: }
22 30 18: SEQUENCE {
24 31 16: SET {
26 30 14: SEQUENCE {
28 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
33 13 7: PrintableString 'CarlRSA'
: }
: }
: }
42 17 13: UTCTime '990827070000Z'
57 30 105: SEQUENCE {
59 30 33: SEQUENCE {
61 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
79 17 13: UTCTime '990822070000Z'
: }
94 30 33: SEQUENCE {
96 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E D5 9A 30 90
114 17 13: UTCTime '990822070000Z'
: }
129 30 33: SEQUENCE {
131 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
149 17 13: UTCTime '990824070000Z'
: }
: }
: }
164 30 13: SEQUENCE {
166 06 9: OBJECT IDENTIFIER md5withRSAEncryption (1 2 840
113549 1 1 4)
: (PKCS #1)
177 05 0: NULL
: }
179 03 129: BIT STRING 0 unused bits
: BF B3 97 AA 53 F0 32 21 16 2B 77 92 7A 6B BB 97
: C8 DC EA F1 FA 66 16 30 0E B5 9E 5C F0 81 D4 5E
: B3 6E C1 88 6B 8C D4 5E C5 4D FB 47 5E 66 F3 5D
: AB E5 B4 18 36 60 A8 4D 9C 3C 89 EC 6F 27 BF 35
: 50 71 81 C2 B9 44 5B 62 89 19 12 31 A9 7B 9A D3
: CC 66 CB 11 D9 0B 10 47 77 AD 4F 22 D9 E5 7F 30
: F2 5B FC 94 51 A5 58 76 3B 1F A8 46 A6 1F F6 A1
: DE 55 A1 ED 31 88 69 97 0F 08 D3 D4 0C 60 5B 1E
: }
CarlRSACRLForCarl =
0 30 236: SEQUENCE {
3 30 87: SEQUENCE {
5 30 13: SEQUENCE {
7 06 9: OBJECT IDENTIFIER
: md5withRSAEncryption (1 2 840 113549 1 1 4)
: (PKCS #1)
18 05 0: NULL
: }
20 30 18: SEQUENCE {
22 31 16: SET {
24 30 14: SEQUENCE {
26 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
31 13 7: PrintableString 'CarlRSA'
: }
: }
: }
40 17 13: UTCTime '990825070000Z'
55 30 35: SEQUENCE {
57 30 33: SEQUENCE {
59 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E 9F F2 50 20
77 17 13: UTCTime '990822070000Z'
: }
: }
: }
92 30 13: SEQUENCE {
94 06 9: OBJECT IDENTIFIER md5withRSAEncryption (1 2 840
113549 1 1 4)
: (PKCS #1)
105 05 0: NULL
: }
107 03 129: BIT STRING 0 unused bits
: 21 EF 21 D4 C1 1A 85 95 49 6B CA 45 62 DC D7 09
: FF A9 51 2E 8E D9 47 18 FA F8 E5 72 DD 4F ED 74
: 74 E3 F3 65 32 65 28 2C 9A 1D 57 E5 D5 26 06 EA
: D5 E6 23 95 84 8D 0E 89 9E EE 9B 0C 2F CE 07 F7
: A3 D1 6B 85 4C 0F FF E6 DD FC DC CD 73 2C 1E 7D
: DC B0 71 C5 4C FC 01 6E 52 57 69 1E 39 63 DF 12
: 22 30 C7 13 55 94 05 6E 2A 00 A9 5B C4 2A 66 94
: 62 CE 36 33 C2 2B 63 47 25 9D F3 DE 70 EE 00 56
: }
CarlRSACRLEmpty =
0 30 199: SEQUENCE {
3 30 50: SEQUENCE {
5 30 13: SEQUENCE {
7 06 9: OBJECT IDENTIFIER
: md5withRSAEncryption (1 2 840 113549 1 1 4)
: (PKCS #1)
18 05 0: NULL
: }
20 30 18: SEQUENCE {
22 31 16: SET {
24 30 14: SEQUENCE {
26 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
31 13 7: PrintableString 'CarlRSA'
: }
: }
: }
40 17 13: UTCTime '990820070000Z'
: }
55 30 13: SEQUENCE {
57 06 9: OBJECT IDENTIFIER md5withRSAEncryption (1 2 840
113549 1 1 4)
: (PKCS #1)
68 05 0: NULL
: }
70 03 129: BIT STRING 0 unused bits
: A9 C5 21 B8 13 7C 74 F3 B5 11 EC 04 F3 20 45 86
: 1E 0B 6E 7F 83 6D 5F F4 34 76 06 59 25 0E 04 3D
: 88 09 88 81 37 C4 DC 20 98 FA 17 81 0B 37 94 AC
: B4 8F 7B 51 89 14 A4 CB 72 73 14 07 BC 22 9C 40
: A1 07 FC 44 7C 85 0F 0B 88 D1 EE E1 0E AF F6 16
: 74 AD A1 AF C1 00 75 00 64 EA A5 9A F6 0B 08 A2
: DB 95 19 5F A6 A7 B9 39 45 25 0A 0E F6 5E 84 E7
: F8 B9 5A C9 18 C2 0E B8 A0 96 BE 81 3A 80 6D C9
: }
4. Trivial Examples
This section covers examples of small CMS types.
4.1 ContentInfo with Data type, BER
The object is a ContentInfo containing a Data object in BER format that is
ExContent.
0 30 NDEF: SEQUENCE {
2 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
13 A0 NDEF: [0] {
15 24 NDEF: OCTET STRING {
17 04 4: OCTET STRING
: 54 68 69 73
23 04 24: OCTET STRING
: 20 69 73 20 73 6F 6D 65 20 73 61 6D 70 6C 65 20
: 63 6F 6E 74 65 6E 74 2E
: }
: }
: }
4.2 ContentInfo with Data type, DER
The object is a ContentInfo containing a Data object in DER format that is
ExContent.
0 30 43: SEQUENCE {
2 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
13 A0 30: [0] {
15 04 28: OCTET STRING
: 54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
: 70 6C 65 20 63 6F 6E 74 65 6E 74 2E
: }
: }
5. Signed-data
5.1 Basic signed content, DSS
A SignedData with no attribute certificates, signed by Alice using
DSS, just her certificate (not Carl's root cert), no CRL. The
message is ExContent, and is included in the eContent. There are no
signed or unsigned attributes.
0 30 923: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 908: [0] {
19 30 904: SEQUENCE {
23 02 1: INTEGER 1
26 31 9: SET {
28 30 7: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
: }
37 30 43: SEQUENCE {
39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
50 A0 30: [0] {
52 04 28: OCTET STRING 'This is some sample content.'
: }
: }
82 A0 738: [0] {
86 30 734: SEQUENCE {
90 30 669: SEQUENCE {
94 A0 3: [0] {
96 02 1: INTEGER 2
: }
99 02 2: INTEGER 200
103 30 9: SEQUENCE {
105 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
114 30 18: SEQUENCE {
116 31 16: SET {
118 30 14: SEQUENCE {
120 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
125 13 7: PrintableString 'CarlDSS'
: }
: }
: }
134 30 30: SEQUENCE {
136 17 13: UTCTime '990817011049Z'
151 17 13: UTCTime '391231235959Z'
: }
166 30 19: SEQUENCE {
168 31 17: SET {
170 30 15: SEQUENCE {
172 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
177 13 8: PrintableString 'AliceDSS'
: }
: }
: }
187 30 438: SEQUENCE {
191 30 299: SEQUENCE {
195 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
204 30 286: SEQUENCE {
208 02 129: INTEGER
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4
: 47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94
: E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
: 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A
: E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F
: 2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
: C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D
: B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B
: DB
340 02 21: INTEGER
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B
: 62 8B F7 93 CD
363 02 128: INTEGER
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C
: 76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD
: 9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
: 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D
: EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23
: 85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8
: 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2
: BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39
: }
: }
494 03 132: BIT STRING 0 unused bits, encapsulates {
498 02 128: INTEGER
: 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 3F A9 EC AC
: 5E DC BD B7 13 11 34 A6 16 89 28 11 23 D9 34 86
: 67 75 75 13 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
: 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 A5 A0 4A E3
: 85 D6 CE 06 80 3F E8 23 7E 1A F2 24 AB 53 1A B8
: 27 0D 1E EF 08 BF 66 14 80 5C 62 AC 65 FA 15 8B
: F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 32 84 F0 7E
: 41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2 83 E5 B8
: }
: }
629 A3 131: [3] {
632 30 128: SEQUENCE {
635 30 32: SEQUENCE {
637 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
642 04 25: OCTET STRING, encapsulates {
644 30 23: SEQUENCE {
646 81 21: [1] 'aliceDss@examples.com'
: }
: }
: }
669 30 12: SEQUENCE {
671 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
676 01 1: BOOLEAN TRUE
679 04 2: OCTET STRING, encapsulates {
681 30 0: SEQUENCE {}
: }
: }
683 30 14: SEQUENCE {
685 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
690 01 1: BOOLEAN TRUE
693 04 4: OCTET STRING, encapsulates {
695 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
699 30 31: SEQUENCE {
701 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
706 04 24: OCTET STRING, encapsulates {
708 30 22: SEQUENCE {
710 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43
: 2B 93 F1 1F
: }
: }
: }
732 30 29: SEQUENCE {
734 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
739 04 22: OCTET STRING, encapsulates {
741 04 20: OCTET STRING
: BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01 E2 FD
: E3 97 FE CD
: }
: }
: }
: }
: }
763 30 9: SEQUENCE {
765 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
774 03 48: BIT STRING 0 unused bits, encapsulates {
777 30 45: SEQUENCE {
779 02 21: INTEGER
: 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A 8F C0 F8 24
: 05 E8 46 94 8E
802 02 20: INTEGER
: 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9 A1 87 C1 A5
: 7F 28 2D BB
: }
: }
: }
: }
824 31 101: SET {
826 30 99: SEQUENCE {
828 02 1: INTEGER 1
831 30 24: SEQUENCE {
833 30 18: SEQUENCE {
835 31 16: SET {
837 30 14: SEQUENCE {
839 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
844 13 7: PrintableString 'CarlDSS'
: }
: }
: }
853 02 2: INTEGER 200
: }
857 30 7: SEQUENCE {
859 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
866 30 9: SEQUENCE {
868 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
: }
877 04 48: OCTET STRING, encapsulates {
879 30 46: SEQUENCE {
881 02 21: INTEGER
: 00 9A C1 8F 6B 29 98 77 BD 1E 01 DD D2 49 77 5B
: 88 A9 A9 88 5E
904 02 21: INTEGER
: 00 8F 8F 64 B9 77 C6 47 59 25 BB 71 05 2F 90 61
: 6B 89 3E AD C5
: }
: }
: }
: }
: }
: }
: }
5.2 Basic signed content, RSA
Same as 5.1, except using RSA signatures. A SignedData with no
attribute certificates, signed by Alice using RSA, just her certificate
(not Carl's root cert), no CRL. The message is ExContent, and is
included in the eContent. There are no signed or unsigned attributes.
0 30 816: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 801: [0] {
19 30 797: SEQUENCE {
23 02 1: INTEGER 1
26 31 11: SET {
28 30 9: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
37 05 0: NULL
: }
: }
39 30 43: SEQUENCE {
41 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
52 A0 30: [0] {
54 04 28: OCTET STRING
: 54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
: 70 6C 65 20 63 6F 6E 74 65 6E 74 2E
: }
: }
84 A0 526: [0] {
88 30 522: SEQUENCE {
92 30 371: SEQUENCE {
96 A0 3: [0] {
98 02 1: INTEGER 2
: }
101 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
119 30 13: SEQUENCE {
121 06 9: OBJECT IDENTIFIER
: sha1withRSAEncryption (1 2 840 113549 1 1 5)
: (PKCS #1)
132 05 0: NULL
: }
134 30 18: SEQUENCE {
136 31 16: SET {
138 30 14: SEQUENCE {
140 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
145 13 7: PrintableString 'CarlRSA'
: }
: }
: }
154 30 30: SEQUENCE {
156 17 13: UTCTime '990819070000Z'
171 17 13: UTCTime '391231235959Z'
: }
186 30 19: SEQUENCE {
188 31 17: SET {
190 30 15: SEQUENCE {
192 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
197 13 8: PrintableString 'AliceRSA'
: }
: }
: }
207 30 159: SEQUENCE {
210 30 13: SEQUENCE {
212 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
223 05 0: NULL
: }
225 03 141: BIT STRING 0 unused bits, encapsulates {
229 30 137: SEQUENCE {
232 02 129: INTEGER
: 00 E0 89 73 39 8D D8 F5 F5 E8 87 76
39 7F 4E B0
: 05 BB 53 83 DE 0F B7 AB DC 7D C7 75
29 0D 05 2E
: 6D 12 DF A6 86 26 D4 D2 6F AA 58 29
FC 97 EC FA
: 82 51 0F 30 80 BE B1 50 9E 46 44 F1
2C BB D8 32
: CF C6 68 6F 07 D9 B0 60 AC BE EE 34
09 6A 13 F5
: F7 05 05 93 DF 5E BA 35 56 D9 61 FF
19 7F C9 81
: E6 F8 6C EA 87 40 70 EF AC 6D 2C 74
9F 2D FA 55
: 3A B9 99 77 02 A6 48 52 8C 4E F3 57
38 57 74 57
: 5F
364 02 3: INTEGER 65537
: }
: }
: }
369 A3 96: [3] {
371 30 94: SEQUENCE {
373 30 12: SEQUENCE {
375 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
380 01 1: BOOLEAN TRUE
383 04 2: OCTET STRING, encapsulates {
385 30 0: SEQUENCE {}
: }
: }
387 30 14: SEQUENCE {
389 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
394 01 1: BOOLEAN TRUE
397 04 4: OCTET STRING, encapsulates {
399 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
403 30 31: SEQUENCE {
405 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
410 04 24: OCTET STRING, encapsulates {
412 30 22: SEQUENCE {
414 80 20: [0]
: E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
42 37 4E 22
: AE 9E 38 BB
: }
: }
: }
436 30 29: SEQUENCE {
438 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
443 04 22: OCTET STRING
: 04 14 77 D2 B4 D1 B7 4C 8A 8A A3 CE
45 9D CE EC
: 3C A0 3A E3 FF 50
: }
: }
: }
: }
467 30 13: SEQUENCE {
469 06 9: OBJECT IDENTIFIER
: sha1withRSAEncryption (1 2 840 113549 1 1 5)
: (PKCS #1)
480 05 0: NULL
: }
482 03 129: BIT STRING 0 unused bits
: 52 FF B3 8B 54 1E 08 BF F3 6D 0C 12 08 7D 8E CB
: 6E 59 EC 56 93 A6 4A 22 40 5F 8B 14 79 7E 83 4F
: F5 3F DE 21 97 16 58 70 76 32 B2 20 51 A3 1A 1F
: 97 48 80 5C 83 B0 B8 93 0B 03 44 AE BF BE A4 8C
: 06 C6 45 E2 81 08 D5 89 58 0C 28 1B 2D A5 8B 1C
: 4A E3 D7 44 34 D4 CB 53 FC BA A9 8B AA B6 E9 B0
: C3 AB 74 F1 2A F1 B0 C6 38 EA 87 02 1E 10 BB 99
: C4 BE 36 C0 08 BA 13 65 37 3E 36 F3 31 42 73 18
: }
: }
614 31 203: SET {
617 30 200: SEQUENCE {
620 02 1: INTEGER 1
623 30 38: SEQUENCE {
625 30 18: SEQUENCE {
627 31 16: SET {
629 30 14: SEQUENCE {
631 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
636 13 7: PrintableString 'CarlRSA'
: }
: }
: }
645 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
: }
663 30 9: SEQUENCE {
665 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
672 05 0: NULL
: }
674 30 13: SEQUENCE {
676 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
687 05 0: NULL
: }
689 04 128: OCTET STRING
: 2F 23 82 D2 F3 09 5F B8 0C 58 EB 4E 9D BF 89 9A
: 81 E5 75 C4 91 3D D3 D0 D5 7B B6 D5 FE 94 A1 8A
: AC E3 C4 84 F5 CD 60 4E 27 95 F6 CF 00 86 76 75
: 3F 2B F0 E7 D4 02 67 A7 F5 C7 8D 16 04 A5 B3 B5
: E7 D9 32 F0 24 EF E7 20 44 D5 9F 07 C5 53 24 FA
: CE 01 1D 0F 17 13 A7 2A 95 9D 2B E4 03 95 14 0B
: E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6 55 13 D4 68
: 6F D0 07 D7 A2 B1 62 4C E3 8F AF FD E0 D5 5D C7
: }
: }
: }
: }
: }
5.3 Basic signed content, detached content
Same as 5.1, except with no eContent. A SignedData with no attribute
certificates, signed by Alice using DSS, just her certificate (not
Carl's root cert), no CRL. The message is ExContent, but the eContent
is not included. There are no signed or unsigned attributes.
0 30 890: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 875: [0] {
19 30 871: SEQUENCE {
23 02 1: INTEGER 1
26 31 9: SET {
28 30 7: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
: }
37 30 11: SEQUENCE {
39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
: }
50 A0 738: [0] {
54 30 734: SEQUENCE {
58 30 669: SEQUENCE {
62 A0 3: [0] {
64 02 1: INTEGER 2
: }
67 02 2: INTEGER 200
71 30 9: SEQUENCE {
73 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
82 30 18: SEQUENCE {
84 31 16: SET {
86 30 14: SEQUENCE {
88 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
93 13 7: PrintableString 'CarlDSS'
: }
: }
: }
102 30 30: SEQUENCE {
104 17 13: UTCTime '990817011049Z'
119 17 13: UTCTime '391231235959Z'
: }
134 30 19: SEQUENCE {
136 31 17: SET {
138 30 15: SEQUENCE {
140 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
145 13 8: PrintableString 'AliceDSS'
: }
: }
: }
155 30 438: SEQUENCE {
159 30 299: SEQUENCE {
163 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
172 30 286: SEQUENCE {
176 02 129: INTEGER
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4
: 47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94
: E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
: 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A
: E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F
: 2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
: C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D
: B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B
: DB
308 02 21: INTEGER
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B
: 62 8B F7 93 CD
331 02 128: INTEGER
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C
: 76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD
: 9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
: 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D
: EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23
: 85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8
: 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2
: BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39
: }
: }
462 03 132: BIT STRING 0 unused bits, encapsulates {
466 02 128: INTEGER
: 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 3F A9 EC AC
: 5E DC BD B7 13 11 34 A6 16 89 28 11 23 D9 34 86
: 67 75 75 13 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
: 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 A5 A0 4A E3
: 85 D6 CE 06 80 3F E8 23 7E 1A F2 24 AB 53 1A B8
: 27 0D 1E EF 08 BF 66 14 80 5C 62 AC 65 FA 15 8B
: F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 32 84 F0 7E
: 41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2 83 E5 B8
: }
: }
597 A3 131: [3] {
600 30 128: SEQUENCE {
603 30 32: SEQUENCE {
605 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
610 04 25: OCTET STRING, encapsulates {
612 30 23: SEQUENCE {
614 81 21: [1] 'aliceDss@examples.com'
: }
: }
: }
637 30 12: SEQUENCE {
639 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
644 01 1: BOOLEAN TRUE
647 04 2: OCTET STRING, encapsulates {
649 30 0: SEQUENCE {}
: }
: }
651 30 14: SEQUENCE {
653 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
658 01 1: BOOLEAN TRUE
661 04 4: OCTET STRING, encapsulates {
663 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
667 30 31: SEQUENCE {
669 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
674 04 24: OCTET STRING, encapsulates {
676 30 22: SEQUENCE {
678 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43
: 2B 93 F1 1F
: }
: }
: }
700 30 29: SEQUENCE {
702 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
707 04 22: OCTET STRING, encapsulates {
709 04 20: OCTET STRING
: BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01 E2 FD
: E3 97 FE CD
: }
: }
: }
: }
: }
731 30 9: SEQUENCE {
733 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
742 03 48: BIT STRING 0 unused bits, encapsulates {
745 30 45: SEQUENCE {
747 02 21: INTEGER
: 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A 8F C0 F8 24
: 05 E8 46 94 8E
770 02 20: INTEGER
: 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9 A1 87 C1 A5
: 7F 28 2D BB
: }
: }
: }
: }
792 31 100: SET {
794 30 98: SEQUENCE {
796 02 1: INTEGER 1
799 30 24: SEQUENCE {
801 30 18: SEQUENCE {
803 31 16: SET {
805 30 14: SEQUENCE {
807 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
812 13 7: PrintableString 'CarlDSS'
: }
: }
: }
821 02 2: INTEGER 200
: }
825 30 7: SEQUENCE {
827 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
834 30 9: SEQUENCE {
836 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
: }
845 04 47: OCTET STRING, encapsulates {
847 30 45: SEQUENCE {
849 02 20: INTEGER
: 1F A0 70 B1 4F 3D 79 9E 3C B3 5F 14 5D D4 B9 92
: 38 7C 14 8E
871 02 21: INTEGER
: 00 A2 92 A6 46 22 72 2D FB 02 19 67 0F 6D BF A8
: 50 F3 DE D6 F6
: }
: }
: }
: }
: }
: }
: }
5.4 Fancier signed content
Same as 5.1, but includes Carl's root cert, Carl's CRL, some signed and
unsigned attributes (Countersignature by Diane). A SignedData with no
attribute certificates, signed by Alice using DSS, her certificate
and Carl's root cert, Carl's DSS CRL. The message is ExContent, and is
included in the eContent. The signed attributes are Content Type,
Message Digest and Signing Time; the unsigned attributes are content
hint and counter signature.
0 30 2724: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 2709: [0] {
19 30 2705: SEQUENCE {
23 02 1: INTEGER 1
26 31 9: SET {
28 30 7: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
: }
37 30 43: SEQUENCE {
39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
50 A0 30: [0] {
52 04 28: OCTET STRING 'This is some sample content.'
: }
: }
82 A0 1927: [0] {
86 30 514: SEQUENCE {
90 30 367: SEQUENCE {
94 A0 3: [0] {
96 02 1: INTEGER 2
: }
99 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
117 30 9: SEQUENCE {
119 06 5: OBJECT IDENTIFIER
: sha-1WithRSAEncryption (1 3 14 3 2 29)
: (Oddball OIW OID)
126 05 0: NULL
: }
128 30 18: SEQUENCE {
130 31 16: SET {
132 30 14: SEQUENCE {
134 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
139 13 7: PrintableString 'CarlRSA'
: }
: }
: }
148 30 30: SEQUENCE {
150 17 13: UTCTime '990919010847Z'
165 17 13: UTCTime '391231235959Z'
: }
180 30 19: SEQUENCE {
182 31 17: SET {
184 30 15: SEQUENCE {
186 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
191 13 8: PrintableString 'AliceRSA'
: }
: }
: }
201 30 159: SEQUENCE {
204 30 13: SEQUENCE {
206 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
217 05 0: NULL
: }
219 03 141: BIT STRING 0 unused bits, encapsulates {
223 30 137: SEQUENCE {
226 02 129: INTEGER
: 00 E0 89 73 39 8D D8 F5 F5 E8 87 76 39 7F 4E B0
: 05 BB 53 83 DE 0F B7 AB DC 7D C7 75 29 0D 05 2E
: 6D 12 DF A6 86 26 D4 D2 6F AA 58 29 FC 97 EC FA
: 82 51 0F 30 80 BE B1 50 9E 46 44 F1 2C BB D8 32
: CF C6 68 6F 07 D9 B0 60 AC BE EE 34 09 6A 13 F5
: F7 05 05 93 DF 5E BA 35 56 D9 61 FF 19 7F C9 81
: E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 9F 2D FA 55
: 3A B9 99 77 02 A6 48 52 8C 4E F3 57 38 57 74 57
: 5F
358 02 3: INTEGER 65537
: }
: }
: }
363 A3 96: [3] {
365 30 94: SEQUENCE {
367 30 12: SEQUENCE {
369 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
374 01 1: BOOLEAN TRUE
377 04 2: OCTET STRING, encapsulates {
379 30 0: SEQUENCE {}
: }
: }
381 30 14: SEQUENCE {
383 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
388 01 1: BOOLEAN TRUE
391 04 4: OCTET STRING, encapsulates {
393 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
397 30 31: SEQUENCE {
399 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
404 04 24: OCTET STRING, encapsulates {
406 30 22: SEQUENCE {
408 80 20: [0]
: E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 4E 22
: AE 9E 38 BB
: }
: }
: }
430 30 29: SEQUENCE {
432 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
437 04 22: OCTET STRING, encapsulates {
439 04 20: OCTET STRING
: 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D CE EC 3C A0
: 3A E3 FF 50
: }
: }
: }
: }
: }
461 30 9: SEQUENCE {
463 06 5: OBJECT IDENTIFIER
: sha-1WithRSAEncryption (1 3 14 3 2 29)
: (Oddball OIW OID)
470 05 0: NULL
: }
472 03 129: BIT STRING 0 unused bits
: BF 34 32 E6 FC 6A 88 41 7D F0 5C 99 A1 93 B7 49
: B7 02 52 1E CB 84 AC 93 D7 58 2B 00 A1 9C C4 48
: 48 99 DD 02 C3 C6 05 F8 D2 25 F1 A3 9C C9 33 01
: 8A 76 0E 6F 77 43 A3 BF E1 E6 B3 6A 04 79 39 EE
: E1 E9 E5 9D 50 07 8B 22 DC 12 50 E3 F3 B4 3D 9E
: E5 93 9E B1 CD 33 F9 E0 AB 98 71 09 F8 EB B0 FC
: 9C EC F1 88 D8 AE 03 D1 FE 60 E1 62 14 B1 A2 23
: D2 C8 8D 18 1F 5E EE 9B 72 02 27 C2 85 3D 04 2E
: }
604 30 667: SEQUENCE {
608 30 602: SEQUENCE {
612 A0 3: [0] {
614 02 1: INTEGER 2
: }
617 02 1: INTEGER 1
620 30 9: SEQUENCE {
622 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
631 30 18: SEQUENCE {
633 31 16: SET {
635 30 14: SEQUENCE {
637 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
642 13 7: PrintableString 'CarlDSS'
: }
: }
: }
651 30 30: SEQUENCE {
653 17 13: UTCTime '990816225050Z'
668 17 13: UTCTime '391231235959Z'
: }
683 30 18: SEQUENCE {
685 31 16: SET {
687 30 14: SEQUENCE {
689 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
694 13 7: PrintableString 'CarlDSS'
: }
: }
: }
703 30 439: SEQUENCE {
707 30 299: SEQUENCE {
711 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
720 30 286: SEQUENCE {
724 02 129: INTEGER
: 00 B6 49 18 3E 8A 44 C1 29 71 94 4C 01 C4 12 C1
: 7A 79 CB 54 4D AB 1E 81 FB C6 4C B3 0E 94 09 06
: EB 01 D4 B1 C8 71 4B C7 45 C0 50 25 5D 9C FC DA
: E4 6D D3 E2 86 48 84 82 7D BA 15 95 4A 16 F6 46
: ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16 7B B9 50 01
: 48 93 8B EB 25 15 51 97 55 DC 8F 53 0E 10 A9 50
: FC 70 B7 CD 30 54 FD DA DE A8 AA 22 B5 A1 AF 8B
: CC 02 88 E7 8B 70 5F B9 AD E1 08 D4 6D 29 2D D6
: E9
856 02 21: INTEGER
: 00 DD C1 2F DF 53 CE 0B 34 60 77 3E 02 A4 BF 8A
: 5D 98 B9 10 D5
879 02 128: INTEGER
: 0C EE 57 9B 4B BD DA B6 07 6A 74 37 4F 55 7F 9D
: ED BC 61 0D EB 46 59 3C 56 0B 2B 5B 0C 91 CE A5
: 62 52 69 CA E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
: AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 87 0B C7 CD
: F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D 5A 51 F5 4F
: 44 79 35 5A 73 AA 7F 46 51 1F A9 42 16 9C 48 EB
: 8A 79 61 B4 D5 2F 53 22 44 63 1F 86 B8 A3 58 06
: 25 F8 29 C0 EF BA E0 75 F0 42 C4 63 65 52 9B 0A
: }
: }
1010 03 133: BIT STRING 0 unused bits, encapsulates {
1014 02 129: INTEGER
: 00 99 87 74 27 03 66 A0 B1 C0 AD DC 2C 75 BB E1
: 6C 44 9C DA 21 6D 4D 47 6D B1 62 09 E9 D8 AE 1E
: F2 3A B4 94 B1 A3 8E 7A 9B 71 4E 00 94 C9 B4 25
: 4E B9 60 96 19 24 01 F3 62 0C FE 75 C0 FB CE D8
: 68 00 E3 FD D5 70 4F DF 23 96 19 06 94 F4 B1 61
: 8F 3A 57 B1 08 11 A4 0B 26 25 F0 52 76 81 EA 0B
: 62 0D 95 2A E6 86 BA 72 B2 A7 50 83 0B AA 27 CD
: 1B A9 4D 89 9A D7 8D 18 39 84 3F 8B C5 56 4D 80
: 7A
: }
: }
1146 A3 66: [3] {
1148 30 64: SEQUENCE {
1150 30 15: SEQUENCE {
1152 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
1157 01 1: BOOLEAN TRUE
1160 04 5: OCTET STRING, encapsulates {
1162 30 3: SEQUENCE {
1164 01 1: BOOLEAN TRUE
: }
: }
: }
1167 30 14: SEQUENCE {
1169 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
1174 01 1: BOOLEAN TRUE
1177 04 4: OCTET STRING, encapsulates {
1179 03 2: BIT STRING 1 unused bits
: '1100001'B
: }
: }
1183 30 29: SEQUENCE {
1185 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
1190 04 22: OCTET STRING, encapsulates {
1192 04 20: OCTET STRING
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43
: 2B 93 F1 1F
: }
: }
: }
: }
: }
1214 30 9: SEQUENCE {
1216 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
1225 03 48: BIT STRING 0 unused bits, encapsulates {
1228 30 45: SEQUENCE {
1230 02 20: INTEGER
: 6B A9 F0 4E 7A 5A 79 E3 F9 BE 3D 2B C9 06 37 E9
: 11 17 A1 13
1252 02 21: INTEGER
: 00 8F 34 69 2A 8B B1 3C 03 79 94 32 4D 12 1F CE
: 89 FB 46 B2 3B
: }
: }
: }
1275 30 734: SEQUENCE {
1279 30 669: SEQUENCE {
1283 A0 3: [0] {
1285 02 1: INTEGER 2
: }
1288 02 2: INTEGER 200
1292 30 9: SEQUENCE {
1294 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
1303 30 18: SEQUENCE {
1305 31 16: SET {
1307 30 14: SEQUENCE {
1309 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
1314 13 7: PrintableString 'CarlDSS'
: }
: }
: }
1323 30 30: SEQUENCE {
1325 17 13: UTCTime '990817011049Z'
1340 17 13: UTCTime '391231235959Z'
: }
1355 30 19: SEQUENCE {
1357 31 17: SET {
1359 30 15: SEQUENCE {
1361 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
1366 13 8: PrintableString 'AliceDSS'
: }
: }
: }
1376 30 438: SEQUENCE {
1380 30 299: SEQUENCE {
1384 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
1393 30 286: SEQUENCE {
1397 02 129: INTEGER
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4
: 47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94
: E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
: 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A
: E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F
: 2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
: C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D
: B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B
: DB
1529 02 21: INTEGER
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B
: 62 8B F7 93 CD
1552 02 128: INTEGER
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C
: 76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD
: 9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
: 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D
: EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23
: 85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8
: 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2
: BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39
: }
: }
1683 03 132: BIT STRING 0 unused bits, encapsulates {
1687 02 128: INTEGER
: 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 3F A9 EC AC
: 5E DC BD B7 13 11 34 A6 16 89 28 11 23 D9 34 86
: 67 75 75 13 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
: 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 A5 A0 4A E3
: 85 D6 CE 06 80 3F E8 23 7E 1A F2 24 AB 53 1A B8
: 27 0D 1E EF 08 BF 66 14 80 5C 62 AC 65 FA 15 8B
: F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 32 84 F0 7E
: 41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2 83 E5 B8
: }
: }
1818 A3 131: [3] {
1821 30 128: SEQUENCE {
1824 30 32: SEQUENCE {
1826 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
1831 04 25: OCTET STRING, encapsulates {
1833 30 23: SEQUENCE {
1835 81 21: [1] 'aliceDss@examples.com'
: }
: }
: }
1858 30 12: SEQUENCE {
1860 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
1865 01 1: BOOLEAN TRUE
1868 04 2: OCTET STRING, encapsulates {
1870 30 0: SEQUENCE {}
: }
: }
1872 30 14: SEQUENCE {
1874 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
1879 01 1: BOOLEAN TRUE
1882 04 4: OCTET STRING, encapsulates {
1884 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
1888 30 31: SEQUENCE {
1890 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
1895 04 24: OCTET STRING, encapsulates {
1897 30 22: SEQUENCE {
1899 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43
: 2B 93 F1 1F
: }
: }
: }
1921 30 29: SEQUENCE {
1923 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
1928 04 22: OCTET STRING, encapsulates {
1930 04 20: OCTET STRING
: BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01 E2 FD
: E3 97 FE CD
: }
: }
: }
: }
: }
1952 30 9: SEQUENCE {
1954 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
1963 03 48: BIT STRING 0 unused bits, encapsulates {
1966 30 45: SEQUENCE {
1968 02 21: INTEGER
: 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A 8F C0 F8 24
: 05 E8 46 94 8E
1991 02 20: INTEGER
: 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9 A1 87 C1 A5
: 7F 28 2D BB
: }
: }
: }
: }
2013 A1 219: [1] {
2016 30 216: SEQUENCE {
2019 30 153: SEQUENCE {
2022 30 9: SEQUENCE {
2024 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
2033 30 18: SEQUENCE {
2035 31 16: SET {
2037 30 14: SEQUENCE {
2039 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
2044 13 7: PrintableString 'CarlDSS'
: }
: }
: }
2053 17 13: UTCTime '990827070000Z'
2068 30 105: SEQUENCE {
2070 30 19: SEQUENCE {
2072 02 2: INTEGER 200
2076 17 13: UTCTime '990822070000Z'
: }
2091 30 19: SEQUENCE {
2093 02 2: INTEGER 201
2097 17 13: UTCTime '990822070000Z'
: }
2112 30 19: SEQUENCE {
2114 02 2: INTEGER 211
2118 17 13: UTCTime '990822070000Z'
: }
2133 30 19: SEQUENCE {
2135 02 2: INTEGER 210
2139 17 13: UTCTime '990822070000Z'
: }
2154 30 19: SEQUENCE {
2156 02 2: INTEGER 212
2160 17 13: UTCTime '990824070000Z'
: }
: }
: }
2175 30 9: SEQUENCE {
2177 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
2186 03 47: BIT STRING 0 unused bits, encapsulates {
2189 30 44: SEQUENCE {
2191 02 20: INTEGER
: 7E 65 52 76 33 FE 34 73 17 D1 F7 96 F9 A0 D4 D8
: 6D 5C 7D 3D
2213 02 20: INTEGER
: 02 7A 5B B7 D5 5B 18 C1 CF 87 EF 7E DA 24 F3 2A
: 83 9C 35 A1
: }
: }
: }
: }
2235 31 489: SET {
2239 30 485: SEQUENCE {
2243 02 1: INTEGER 1
2246 30 24: SEQUENCE {
2248 30 18: SEQUENCE {
2250 31 16: SET {
2252 30 14: SEQUENCE {
2254 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
2259 13 7: PrintableString 'CarlDSS'
: }
: }
: }
2268 02 2: INTEGER 200
: }
2272 30 7: SEQUENCE {
2274 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
2281 A0 93: [0] {
2283 30 24: SEQUENCE {
2285 06 9: OBJECT IDENTIFIER
: contentType (1 2 840 113549 1 9 3)
: (PKCS #9 (1 2 840 113549 1 9))
2296 31 11: SET {
2298 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
: }
: }
2309 30 28: SEQUENCE {
2311 06 9: OBJECT IDENTIFIER
: signingTime (1 2 840 113549 1 9 5)
: (PKCS #9 (1 2 840 113549 1 9))
2322 31 15: SET {
2324 17 13: UTCTime '020415153200Z'
: }
: }
2339 30 35: SEQUENCE {
2341 06 9: OBJECT IDENTIFIER
: messageDigest (1 2 840 113549 1 9 4)
: (PKCS #9 (1 2 840 113549 1 9))
2352 31 22: SET {
2354 04 20: OCTET STRING
: 40 6A EC 08 52 79 BA 6E 16 02 2D 9E 06 29 C0 22
: 96 87 DD 48
: }
: }
: }
2376 30 9: SEQUENCE {
2378 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
: }
2387 04 47: OCTET STRING, encapsulates {
2389 30 45: SEQUENCE {
2391 02 20: INTEGER
: 37 1F 4D 63 0C 13 BB F8 A6 1F 9F E0 D2 1A D1 E7
: E1 F2 0B 7D
2413 02 21: INTEGER
: 00 9E 9D 75 4C FE E6 43 2F 63 E7 1D 3C 49 0B A3
: D4 9A 8B 8E 79
: }
: }
2436 A1 288: [1] {
2440 30 284: SEQUENCE {
2444 06 9: OBJECT IDENTIFIER
: countersignature (1 2 840 113549 1 9 6)
: (PKCS #9 (1 2 840 113549 1 9))
2455 31 269: SET {
2459 30 265: SEQUENCE {
2463 02 1: INTEGER 1
2466 30 38: SEQUENCE {
2468 30 18: SEQUENCE {
2470 31 16: SET {
2472 30 14: SEQUENCE {
2474 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
2479 13 7: PrintableString 'CarlRSA'
: }
: }
: }
2488 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
: }
2506 30 7: SEQUENCE {
2508 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
2515 A0 67: [0] {
2517 30 28: SEQUENCE {
2519 06 9: OBJECT IDENTIFIER
: signingTime (1 2 840 113549 1 9 5)
: (PKCS #9 (1 2 840 113549 1 9))
2530 31 15: SET {
2532 17 13: UTCTime '020415153200Z'
: }
: }
2547 30 35: SEQUENCE {
2549 06 9: OBJECT IDENTIFIER
: messageDigest (1 2 840 113549 1 9 4)
: (PKCS #9 (1 2 840 113549 1 9))
2560 31 22: SET {
2562 04 20: OCTET STRING
: 9E 73 DD CD 60 F5 E8 BC 31 0B 66 07 FF 0D C2 A5
: BD 89 40 C9
: }
: }
: }
2584 30 11: SEQUENCE {
2586 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
: }
2597 04 128: OCTET STRING
: 3D 99 6A 76 74 74 1E 5F 8C AD 24 94 38 3A 27 69
: C9 CB D4 09 F4 9B 05 D6 2D 52 88 F9 25 35 1D FD
: 55 47 EF EE 72 DC C0 DE 23 71 8B 44 8C BD 46 27
: 25 80 CD 30 7A 06 9E C9 92 EF 02 BC 17 04 65 1E
: 7D C3 0D 26 88 C3 CB 45 81 F5 7C BE C0 D0 35 51
: F6 5E 1D 8E DB 7C 17 4F 0E AC 40 67 27 0D E8 84
: 5D 06 0D D7 D1 6B F7 8D B7 A4 80 99 5E 2F 0F 79
: 98 37 F7 B7 67 5E 21 54 71 0D 07 8E 56 0A 4D 52
: }
: }
: }
: }
: }
: }
: }
: }
: }
5.5 All RSA signed message
Same as 5.2, but includes Carl's RSA root cert (but no CRL). A
SignedData with no attribute certificates, signed by Alice using RSA,
her certificate and Carl's root cert, no CRL. The message is ExContent,
and is included in the eContent. There are no signed or unsigned
attributes.
0 30 NDEF: SEQUENCE {
2 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
13 A0 NDEF: [0] {
15 30 NDEF: SEQUENCE {
17 02 1: INTEGER 1
20 31 11: SET {
22 30 9: SEQUENCE {
24 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
31 05 0: NULL
: }
: }
33 30 NDEF: SEQUENCE {
35 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
46 A0 NDEF: [0] {
48 24 NDEF: OCTET STRING {
50 04 4: OCTET STRING
: 54 68 69 73
56 04 24: OCTET STRING
: 20 69 73 20 73 6F 6D 65 20 73 61 6D 70 6C 65 20
: 63 6F 6E 74 65 6E 74 2E
: }
: }
: }
88 A0 1021: [0] {
92 30 491: SEQUENCE {
96 30 340: SEQUENCE {
100 A0 3: [0] {
102 02 1: INTEGER 2
: }
105 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E 9F F2 50 20
123 30 13: SEQUENCE {
125 06 9: OBJECT IDENTIFIER
: sha1withRSAEncryption (1 2 840 113549 1 1 5)
: (PKCS #1)
136 05 0: NULL
: }
138 30 18: SEQUENCE {
140 31 16: SET {
142 30 14: SEQUENCE {
144 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
149 13 7: PrintableString 'CarlRSA'
: }
: }
: }
158 30 30: SEQUENCE {
160 17 13: UTCTime '990818070000Z'
175 17 13: UTCTime '391231235959Z'
: }
190 30 18: SEQUENCE {
192 31 16: SET {
194 30 14: SEQUENCE {
196 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
201 13 7: PrintableString 'CarlRSA'
: }
: }
: }
210 30 159: SEQUENCE {
213 30 13: SEQUENCE {
215 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
226 05 0: NULL
: }
228 03 141: BIT STRING 0 unused bits, encapsulates {
232 30 137: SEQUENCE {
235 02 129: INTEGER
: 00 E4 4B FF 18 B8 24 57 F4 77 FF 6E
73 7B 93 71
: 5C BC 33 1A 92 92 72 23 D8 41 46 D0
CD 11 3A 04
: B3 8E AF 82 9D BD 51 1E 17 7A F2 76
2C 2B 86 39
: A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC
A2 36 B1 ED
: E2 50 E2 32 09 8A 3F 9F 99 25 8F B8
4E AB B9 7D
: D5 96 65 DA 16 A0 C5 BE 0E AE 44 5B
EF 5E F4 A7
: 29 CB 82 DD AC 44 E9 AA 93 94 29 0E
F8 18 D6 C8
: 57 5E F2 76 C4 F2 11 60 38 B9 1B 3C
1D 97 C9 6A
: F1
367 02 3: INTEGER 65537
: }
: }
: }
372 A3 66: [3] {
374 30 64: SEQUENCE {
376 30 15: SEQUENCE {
378 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
383 01 1: BOOLEAN TRUE
386 04 5: OCTET STRING, encapsulates {
388 30 3: SEQUENCE {
390 01 1: BOOLEAN TRUE
: }
: }
: }
393 30 14: SEQUENCE {
395 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
400 01 1: BOOLEAN TRUE
403 04 4: OCTET STRING, encapsulates {
405 03 2: BIT STRING 1 unused bits
: '1100001'B
: }
: }
409 30 29: SEQUENCE {
411 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
416 04 22: OCTET STRING
: 04 14 E9 E0 90 27 AC 78 20 7A 9A D3
4C F2 42 37
: 4E 22 AE 9E 38 BB
: }
: }
: }
: }
440 30 13: SEQUENCE {
442 06 9: OBJECT IDENTIFIER
: sha1withRSAEncryption (1 2 840 113549 1 1 5)
: (PKCS #1)
453 05 0: NULL
: }
455 03 129: BIT STRING 0 unused bits
: B7 9E D4 04 D3 ED 29 E4 FF 89 89 15 2E 4C DB 0C
: F0 48 0F 32 61 EE C4 04 EC 12 5D 2D FF 0F 64 59
: 7E 0A C3 ED 18 FD E3 56 40 37 A7 07 B5 F0 38 12
: 61 50 ED EF DD 3F E3 0B B8 61 A5 A4 9B 3C E6 9E
: 9C 54 9A B6 95 D6 DA 6C 3B B5 2D 45 35 9D 49 01
: 76 FA B9 B9 31 F9 F9 6B 12 53 A0 F5 14 60 9B 7D
: CA 3E F2 53 6B B0 37 6F AD E6 74 D7 DB FA 5A EA
: 14 41 63 5D CD BE C8 0E C1 DA 6A 8D 53 34 18 02
: }
587 30 522: SEQUENCE {
591 30 371: SEQUENCE {
595 A0 3: [0] {
597 02 1: INTEGER 2
: }
600 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
618 30 13: SEQUENCE {
620 06 9: OBJECT IDENTIFIER
: sha1withRSAEncryption (1 2 840 113549 1 1 5)
: (PKCS #1)
631 05 0: NULL
: }
633 30 18: SEQUENCE {
635 31 16: SET {
637 30 14: SEQUENCE {
639 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
644 13 7: PrintableString 'CarlRSA'
: }
: }
: }
653 30 30: SEQUENCE {
655 17 13: UTCTime '990819070000Z'
670 17 13: UTCTime '391231235959Z'
: }
685 30 19: SEQUENCE {
687 31 17: SET {
689 30 15: SEQUENCE {
691 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
696 13 8: PrintableString 'AliceRSA'
: }
: }
: }
706 30 159: SEQUENCE {
709 30 13: SEQUENCE {
711 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
722 05 0: NULL
: }
724 03 141: BIT STRING 0 unused bits, encapsulates {
728 30 137: SEQUENCE {
731 02 129: INTEGER
: 00 E0 89 73 39 8D D8 F5 F5 E8 87 76
39 7F 4E B0
: 05 BB 53 83 DE 0F B7 AB DC 7D C7 75
29 0D 05 2E
: 6D 12 DF A6 86 26 D4 D2 6F AA 58 29
FC 97 EC FA
: 82 51 0F 30 80 BE B1 50 9E 46 44 F1
2C BB D8 32
: CF C6 68 6F 07 D9 B0 60 AC BE EE 34
09 6A 13 F5
: F7 05 05 93 DF 5E BA 35 56 D9 61 FF
19 7F C9 81
: E6 F8 6C EA 87 40 70 EF AC 6D 2C 74
9F 2D FA 55
: 3A B9 99 77 02 A6 48 52 8C 4E F3 57
38 57 74 57
: 5F
863 02 3: INTEGER 65537
: }
: }
: }
868 A3 96: [3] {
870 30 94: SEQUENCE {
872 30 12: SEQUENCE {
874 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
879 01 1: BOOLEAN TRUE
882 04 2: OCTET STRING, encapsulates {
884 30 0: SEQUENCE {}
: }
: }
886 30 14: SEQUENCE {
888 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
893 01 1: BOOLEAN TRUE
896 04 4: OCTET STRING, encapsulates {
898 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
902 30 31: SEQUENCE {
904 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
909 04 24: OCTET STRING, encapsulates {
911 30 22: SEQUENCE {
913 80 20: [0]
: E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
42 37 4E 22
: AE 9E 38 BB
: }
: }
: }
935 30 29: SEQUENCE {
937 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
942 04 22: OCTET STRING
: 04 14 77 D2 B4 D1 B7 4C 8A 8A A3 CE
45 9D CE EC
: 3C A0 3A E3 FF 50
: }
: }
: }
: }
966 30 13: SEQUENCE {
968 06 9: OBJECT IDENTIFIER
: sha1withRSAEncryption (1 2 840 113549 1 1 5)
: (PKCS #1)
979 05 0: NULL
: }
981 03 129: BIT STRING 0 unused bits
: 52 FF B3 8B 54 1E 08 BF F3 6D 0C 12 08 7D 8E CB
: 6E 59 EC 56 93 A6 4A 22 40 5F 8B 14 79 7E 83 4F
: F5 3F DE 21 97 16 58 70 76 32 B2 20 51 A3 1A 1F
: 97 48 80 5C 83 B0 B8 93 0B 03 44 AE BF BE A4 8C
: 06 C6 45 E2 81 08 D5 89 58 0C 28 1B 2D A5 8B 1C
: 4A E3 D7 44 34 D4 CB 53 FC BA A9 8B AA B6 E9 B0
: C3 AB 74 F1 2A F1 B0 C6 38 EA 87 02 1E 10 BB 99
: C4 BE 36 C0 08 BA 13 65 37 3E 36 F3 31 42 73 18
: }
: }
1113 31 203: SET {
1116 30 200: SEQUENCE {
1119 02 1: INTEGER 1
1122 30 38: SEQUENCE {
1124 30 18: SEQUENCE {
1126 31 16: SET {
1128 30 14: SEQUENCE {
1130 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
1135 13 7: PrintableString 'CarlRSA'
: }
: }
: }
1144 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
: }
1162 30 9: SEQUENCE {
1164 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
1171 05 0: NULL
: }
1173 30 13: SEQUENCE {
1175 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
1186 05 0: NULL
: }
1188 04 128: OCTET STRING
: 2F 23 82 D2 F3 09 5F B8 0C 58 EB 4E 9D BF 89 9A
: 81 E5 75 C4 91 3D D3 D0 D5 7B B6 D5 FE 94 A1 8A
: AC E3 C4 84 F5 CD 60 4E 27 95 F6 CF 00 86 76 75
: 3F 2B F0 E7 D4 02 67 A7 F5 C7 8D 16 04 A5 B3 B5
: E7 D9 32 F0 24 EF E7 20 44 D5 9F 07 C5 53 24 FA
: CE 01 1D 0F 17 13 A7 2A 95 9D 2B E4 03 95 14 0B
: E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6 55 13 D4 68
: 6F D0 07 D7 A2 B1 62 4C E3 8F AF FD E0 D5 5D C7
: }
: }
: }
: }
: }
5.6 Multiple signers
Similar to 5.1, but the message is also signed by Diane. Two
signerInfos (one for Alice, one for Diane) with no attribute
certificates, each signed using DSS, Alice's and Diane's certificate
(not Carl's root cert), no CRL. The message is ExContent, and is
included in the eContent. There are no signed or unsigned attributes.
0 30 1470: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 1455: [0] {
19 30 1451: SEQUENCE {
23 02 1: INTEGER 1
26 31 9: SET {
28 30 7: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
: }
37 30 43: SEQUENCE {
39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
50 A0 30: [0] {
52 04 28: OCTET STRING 'This is some sample content.'
: }
: }
82 A0 1184: [0] {
86 30 442: SEQUENCE {
90 30 377: SEQUENCE {
94 A0 3: [0] {
96 02 1: INTEGER 2
: }
99 02 2: INTEGER 210
103 30 9: SEQUENCE {
105 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
114 30 18: SEQUENCE {
116 31 16: SET {
118 30 14: SEQUENCE {
120 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
125 13 7: PrintableString 'CarlDSS'
: }
: }
: }
134 30 30: SEQUENCE {
136 17 13: UTCTime '990817020810Z'
151 17 13: UTCTime '391231235959Z'
: }
166 30 19: SEQUENCE {
168 31 17: SET {
170 30 15: SEQUENCE {
172 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
177 13 8: PrintableString 'DianeDSS'
: }
: }
: }
187 30 147: SEQUENCE {
190 30 9: SEQUENCE {
192 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
: }
201 03 133: BIT STRING 0 unused bits, encapsulates {
205 02 129: INTEGER
: 00 A0 00 17 78 2C EE 7E 81 53 2E 2E 61 08 0F A1
: 9B 51 52 1A DA 59 A8 73 2F 12 25 B6 08 CB CA EF
: 2A 44 76 8A 52 09 EA BD 05 22 D5 0F F6 FD 46 D7
: AF 99 38 09 0E 13 CB 4F 2C DD 1C 34 F7 1C BF 25
: FF 23 D3 3B 59 E7 82 97 37 BE 31 24 D8 18 C8 F3
: 49 39 5B B7 E2 E5 27 7E FC 8C 45 72 5B 7E 3E 8F
: 68 4D DD 46 7A 22 BE 8E FF CC DA 39 29 A3 39 E5
: 9F 43 E9 55 C9 D7 5B A6 81 67 CC C0 AA CD 2E C5
: 23
: }
: }
337 A3 131: [3] {
340 30 128: SEQUENCE {
343 30 32: SEQUENCE {
345 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
350 04 25: OCTET STRING, encapsulates {
352 30 23: SEQUENCE {
354 81 21: [1] 'dianeDss@examples.com'
: }
: }
: }
377 30 12: SEQUENCE {
379 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
384 01 1: BOOLEAN TRUE
387 04 2: OCTET STRING, encapsulates {
389 30 0: SEQUENCE {}
: }
: }
391 30 14: SEQUENCE {
393 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
398 01 1: BOOLEAN TRUE
401 04 4: OCTET STRING, encapsulates {
403 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
407 30 31: SEQUENCE {
409 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
414 04 24: OCTET STRING, encapsulates {
416 30 22: SEQUENCE {
418 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43
: 2B 93 F1 1F
: }
: }
: }
440 30 29: SEQUENCE {
442 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
447 04 22: OCTET STRING, encapsulates {
449 04 20: OCTET STRING
: 64 30 99 7D 5C DC 45 0B 99 3A 52 2F 16 BF 58 50
: DD CE 2B 18
: }
: }
: }
: }
: }
471 30 9: SEQUENCE {
473 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
482 03 48: BIT STRING 0 unused bits, encapsulates {
485 30 45: SEQUENCE {
487 02 20: INTEGER
: 7E 0C 0C 81 17 B4 9A 54 B2 C3 30 EB 8A C4 3C C2
: 52 36 9E 95
509 02 21: INTEGER
: 00 C6 9F 17 C2 71 4B AC 2E 39 8D 3D 10 1F 9A B3
: 4D B6 F9 11 A3
: }
: }
: }
532 30 734: SEQUENCE {
536 30 669: SEQUENCE {
540 A0 3: [0] {
542 02 1: INTEGER 2
: }
545 02 2: INTEGER 200
549 30 9: SEQUENCE {
551 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
560 30 18: SEQUENCE {
562 31 16: SET {
564 30 14: SEQUENCE {
566 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
571 13 7: PrintableString 'CarlDSS'
: }
: }
: }
580 30 30: SEQUENCE {
582 17 13: UTCTime '990817011049Z'
597 17 13: UTCTime '391231235959Z'
: }
612 30 19: SEQUENCE {
614 31 17: SET {
616 30 15: SEQUENCE {
618 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
623 13 8: PrintableString 'AliceDSS'
: }
: }
: }
633 30 438: SEQUENCE {
637 30 299: SEQUENCE {
641 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
650 30 286: SEQUENCE {
654 02 129: INTEGER
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4
: 47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94
: E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
: 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A
: E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F
: 2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
: C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D
: B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B
: DB
786 02 21: INTEGER
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B
: 62 8B F7 93 CD
809 02 128: INTEGER
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C
: 76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD
: 9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
: 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D
: EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23
: 85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8
: 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2
: BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39
: }
: }
940 03 132: BIT STRING 0 unused bits, encapsulates {
944 02 128: INTEGER
: 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 3F A9 EC AC
: 5E DC BD B7 13 11 34 A6 16 89 28 11 23 D9 34 86
: 67 75 75 13 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
: 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 A5 A0 4A E3
: 85 D6 CE 06 80 3F E8 23 7E 1A F2 24 AB 53 1A B8
: 27 0D 1E EF 08 BF 66 14 80 5C 62 AC 65 FA 15 8B
: F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 32 84 F0 7E
: 41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2 83 E5 B8
: }
: }
1075 A3 131: [3] {
1078 30 128: SEQUENCE {
1081 30 32: SEQUENCE {
1083 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
1088 04 25: OCTET STRING, encapsulates {
1090 30 23: SEQUENCE {
1092 81 21: [1] 'aliceDss@examples.com'
: }
: }
: }
1115 30 12: SEQUENCE {
1117 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
1122 01 1: BOOLEAN TRUE
1125 04 2: OCTET STRING, encapsulates {
1127 30 0: SEQUENCE {}
: }
: }
1129 30 14: SEQUENCE {
1131 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
1136 01 1: BOOLEAN TRUE
1139 04 4: OCTET STRING, encapsulates {
1141 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
1145 30 31: SEQUENCE {
1147 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
1152 04 24: OCTET STRING, encapsulates {
1154 30 22: SEQUENCE {
1156 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43
: 2B 93 F1 1F
: }
: }
: }
1178 30 29: SEQUENCE {
1180 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
1185 04 22: OCTET STRING, encapsulates {
1187 04 20: OCTET STRING
: BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01 E2 FD
: E3 97 FE CD
: }
: }
: }
: }
: }
1209 30 9: SEQUENCE {
1211 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
1220 03 48: BIT STRING 0 unused bits, encapsulates {
1223 30 45: SEQUENCE {
1225 02 21: INTEGER
: 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A 8F C0 F8 24
: 05 E8 46 94 8E
1248 02 20: INTEGER
: 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9 A1 87 C1 A5
: 7F 28 2D BB
: }
: }
: }
: }
1270 31 201: SET {
1273 30 98: SEQUENCE {
1275 02 1: INTEGER 1
1278 30 24: SEQUENCE {
1280 30 18: SEQUENCE {
1282 31 16: SET {
1284 30 14: SEQUENCE {
1286 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
1291 13 7: PrintableString 'CarlDSS'
: }
: }
: }
1300 02 2: INTEGER 210
: }
1304 30 7: SEQUENCE {
1306 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
1313 30 9: SEQUENCE {
1315 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
: }
1324 04 47: OCTET STRING, encapsulates {
1326 30 45: SEQUENCE {
1328 02 20: INTEGER
: 1F 48 E2 B8 E8 67 C0 90 91 E8 C3 22 A3 5D EA BE
: D0 83 1A 30
1350 02 21: INTEGER
: 00 D8 A1 6F 05 B9 D4 92 01 5D EA 72 49 9B E9 AC
: A4 59 80 0E ED
: }
: }
: }
1373 30 99: SEQUENCE {
1375 02 1: INTEGER 1
1378 30 24: SEQUENCE {
1380 30 18: SEQUENCE {
1382 31 16: SET {
1384 30 14: SEQUENCE {
1386 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
1391 13 7: PrintableString 'CarlDSS'
: }
: }
: }
1400 02 2: INTEGER 200
: }
1404 30 7: SEQUENCE {
1406 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
1413 30 9: SEQUENCE {
1415 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
: }
1424 04 48: OCTET STRING, encapsulates {
1426 30 46: SEQUENCE {
1428 02 21: INTEGER
: 00 92 2A AE 92 59 22 9F 0B 4F AC 7A 70 9B 60 7E
: 2D 7B C5 03 5E
1451 02 21: INTEGER
: 00 90 3E 5D 14 BA D6 04 4D 83 3B 60 FF 8A 2A C7
: 1B 0C 9D 33 79
: }
: }
: }
: }
: }
: }
: }
5.7 Signing using SKI
Same as 5.1, but the signature uses the SKI instead of the
issuer/serial number in the cert. A SignedData with no attribute
certificates, signed by Alice using DSS, just her certificate (not
Carl's root cert), identified by the SKI, no CRL. The message is
ExContent, and is included in the eContent. There are no signed or
unsigned attributes.
0 30 917: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 902: [0] {
19 30 898: SEQUENCE {
23 02 1: INTEGER 3
26 31 9: SET {
28 30 7: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
: }
37 30 43: SEQUENCE {
39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
50 A0 30: [0] {
52 04 28: OCTET STRING 'This is some sample content.'
: }
: }
82 A0 738: [0] {
86 30 734: SEQUENCE {
90 30 669: SEQUENCE {
94 A0 3: [0] {
96 02 1: INTEGER 2
: }
99 02 2: INTEGER 200
103 30 9: SEQUENCE {
105 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
114 30 18: SEQUENCE {
116 31 16: SET {
118 30 14: SEQUENCE {
120 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
125 13 7: PrintableString 'CarlDSS'
: }
: }
: }
134 30 30: SEQUENCE {
136 17 13: UTCTime '990817011049Z'
151 17 13: UTCTime '391231235959Z'
: }
166 30 19: SEQUENCE {
168 31 17: SET {
170 30 15: SEQUENCE {
172 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
177 13 8: PrintableString 'AliceDSS'
: }
: }
: }
187 30 438: SEQUENCE {
191 30 299: SEQUENCE {
195 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
204 30 286: SEQUENCE {
208 02 129: INTEGER
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4
: 47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94
: E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
: 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A
: E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F
: 2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
: C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D
: B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B
: DB
340 02 21: INTEGER
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B
: 62 8B F7 93 CD
363 02 128: INTEGER
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C
: 76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD
: 9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
: 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D
: EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23
: 85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8
: 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2
: BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39
: }
: }
494 03 132: BIT STRING 0 unused bits, encapsulates {
498 02 128: INTEGER
: 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 3F A9 EC AC
: 5E DC BD B7 13 11 34 A6 16 89 28 11 23 D9 34 86
: 67 75 75 13 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
: 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 A5 A0 4A E3
: 85 D6 CE 06 80 3F E8 23 7E 1A F2 24 AB 53 1A B8
: 27 0D 1E EF 08 BF 66 14 80 5C 62 AC 65 FA 15 8B
: F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 32 84 F0 7E
: 41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2 83 E5 B8
: }
: }
629 A3 131: [3] {
632 30 128: SEQUENCE {
635 30 32: SEQUENCE {
637 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
642 04 25: OCTET STRING, encapsulates {
644 30 23: SEQUENCE {
646 81 21: [1] 'aliceDss@examples.com'
: }
: }
: }
669 30 12: SEQUENCE {
671 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
676 01 1: BOOLEAN TRUE
679 04 2: OCTET STRING, encapsulates {
681 30 0: SEQUENCE {}
: }
: }
683 30 14: SEQUENCE {
685 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
690 01 1: BOOLEAN TRUE
693 04 4: OCTET STRING, encapsulates {
695 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
699 30 31: SEQUENCE {
701 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
706 04 24: OCTET STRING, encapsulates {
708 30 22: SEQUENCE {
710 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43
: 2B 93 F1 1F
: }
: }
: }
732 30 29: SEQUENCE {
734 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
739 04 22: OCTET STRING, encapsulates {
741 04 20: OCTET STRING
: BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01 E2 FD
: E3 97 FE CD
: }
: }
: }
: }
: }
763 30 9: SEQUENCE {
765 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
774 03 48: BIT STRING 0 unused bits, encapsulates {
777 30 45: SEQUENCE {
779 02 21: INTEGER
: 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A 8F C0 F8 24
: 05 E8 46 94 8E
802 02 20: INTEGER
: 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9 A1 87 C1 A5
: 7F 28 2D BB
: }
: }
: }
: }
824 31 95: SET {
826 30 93: SEQUENCE {
828 02 1: INTEGER 3
831 80 20: [0]
: BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01 E2 FD
: E3 97 FE CD
853 30 7: SEQUENCE {
855 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
862 30 9: SEQUENCE {
864 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
: }
873 04 46: OCTET STRING, encapsulates {
875 30 44: SEQUENCE {
877 02 20: INTEGER
: 6D 8E 5A CD 28 A0 1F D9 86 AD 7A E9 DF AC D7 BE
: EC BE 3F F8
899 02 20: INTEGER
: 7C 8A 06 1E FC A4 41 35 7E F7 24 14 FD 3D C0 56
: B7 05 27 D5
: }
: }
: }
: }
: }
: }
: }
5.8 S/MIME multipart/signed message
A full S/MIME message, including MIME, that includes the body part from
5.3 and the body containing the content of the message.
MIME-Version: 1.0
To: User2@examples.com
From: aliceDss@examples.com
Subject: Example 5.8
Message-Id: <020906002550300.249@examples.com>
Date: Fri, 06 Sep 2002 00:25:21 -0300
Content-Type: multipart/signed;
micalg=SHA1;
boundary="----=_NextBoundry____Fri,_06_Sep_2002_00:25:21";
protocol="application/pkcs7-signature"
This is a multi-part message in MIME format.
------=_NextBoundry____Fri,_06_Sep_2002_00:25:21
This is some sample content.
------=_NextBoundry____Fri,_06_Sep_2002_00:25:21
Content-Type: application/pkcs7-signature; name=smime.p7s
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=smime.p7s
MIIDeQYJKoZIhvcNAQcCoIIDajCCA2YCAQExCTAHBgUrDgMCGjALBgkqhkiG9w0BBwGggg
LiMIIC3jCCAp2gAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4X
DTk5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1Mwgg
G2MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE//
lOFzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6
iLVPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6Ya
RWa4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dm1
nizaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB80jhbgvMAF8
bUmJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GEAAKBgFzjuV
p1FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyohs+JH09B41b
Y8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTSljf2YUeyxD
KE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GDMIGAMCAGA1UdEQQZMBeBFWFsaWNlRHNzQGV4YW1w
bGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD
6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wCQYH
KoZIzjgEAwMwADAtAhUAmLDGP89xR1o1qUqPwPgkBehGlI4CFFufSMCMocECnETq6aGHwa
V/KC27MWMwYQIBATAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaMAkGByqG
SM44BAEELjAsAhQz+YZ/qCSCn1nRe1F0aKYl4H8HFQIUYUUmrBhG3VZhwg5CgaJqjCobNU
g=
------=_NextBoundry____Fri,_06_Sep_2002_00:25:21--
5.9 S/MIME application/pkcs7-mime signed message
A full S/MIME message, including MIME, that includes the body part from
5.1.
MIME-Version: 1.0
To: User2@examples.com
From: aliceDss@examples.com
Subject: Example 5.9
Message-Id: <021031164540300.304@examples.com>
Date: Thu, 31 Oct 2002 16:45:14 -0300
Content-Type: application/pkcs7-mime; smime-type=signed-data;
name=smime.p7m
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=smime.p7m
MIIDmwYJKoZIhvcNAQcCoIIDjDCCA4gCAQExCTAHBgUrDgMCGjAtBgkqhkiG9w0BBwGgIA
QeDQpUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIIC4jCCAt4wggKdoAMCAQICAgDI
MAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUzAeFw05OTA4MTcwMTEwNDlaFw0zOT
EyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlRFNTMIIBtjCCASsGByqGSM44BAEwggEe
AoGBAIGNze2D6gqeOT7CSCij5EeT3Q7XqA7sU8WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+
HZMMg23j+bv7dM3F9piuR10DcMkQiVm96nXvn89J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UI
ddU5dhDEeL3/nbCElzfy5FEbteQJllzzflvbAhUA4kemGkVmuBPG2o+4NyErYov3k80CgY
AmONAUiTKqOfs+bdlLWWpMdiM5BAI1XPLLGjDDHlBd3ZtZ4s2qBT1YwHuiNrhuB699ikIl
p/R1z0oIXks+kPht6pzJIYo7dhTpzi5dowfNI4W4LzABfG1JiRGJNkS9+MiVSlNWteL5c+
waYTYfEX/Cve3RUP+YdMLRgUpgObo2OQOBhAACgYBc47ladRSWC6l63eM/qeysXty9txMR
NKYWiSgRI9k0hmd1dRMSPUNbb+VRv/qJ8qIbPiR9PQeNW2PIu0WloErjhdbOBoA/6CN+Gv
Ikq1MauCcNHu8Iv2YUgFxirGX6FYvxuzTU0pY39mFHssQyhPB+QUD9RqdjTjPypeL08oPl
uKOBgzCBgDAgBgNVHREEGTAXgRVhbGljZURzc0BleGFtcGxlcy5jb20wDAYDVR0TAQH/BA
IwADAOBgNVHQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8w
HQYDVR0OBBYEFL5sobPjwfftQ3CkzhMB4v3jl/7NMAkGByqGSM44BAMDMAAwLQIVAJiwxj
/PcUdaNalKj8D4JAXoRpSOAhRbn0jAjKHBApxE6umhh8GlfygtuzFjMGECAQEwGDASMRAw
DgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGjAJBgcqhkjOOAQBBC4wLAIUPVxJboshQX
N5eV7dgjlIpIF6v+wCFCYKruz8JMUc4SOABJ5SNsynHmDo
5.10 SignedData With Attributes
A SignedData message with the following list of signedAttributes:
- contentIdentifier
- contentReference
- contentHints
- smimeCapabilities
- sMIMEEncryptionKeyPreference
- unknown OID.
0 30 1303: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 1288: [0] {
19 30 1284: SEQUENCE {
23 02 1: INTEGER 1
26 31 9: SET {
28 30 7: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
: }
37 30 43: SEQUENCE {
39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
50 A0 30: [0] {
52 04 28: OCTET STRING
: 54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
: 70 6C 65 20 63 6F 6E 74 65 6E 74 2E
: }
: }
82 31 1221: SET {
86 30 1217: SEQUENCE {
90 02 1: INTEGER 1
93 30 24: SEQUENCE {
95 30 18: SEQUENCE {
97 31 16: SET {
99 30 14: SEQUENCE {
101 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
106 13 7: PrintableString 'CarlDSS'
: }
: }
: }
115 02 2: INTEGER 200
: }
119 30 7: SEQUENCE {
121 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
128 A0 1116: [0] {
132 30 24: SEQUENCE {
134 06 9: OBJECT IDENTIFIER
: contentType (1 2 840 113549 1 9 3)
: (PKCS #9 (1 2 840 113549 1 9))
145 31 11: SET {
147 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
: }
: }
158 30 35: SEQUENCE {
160 06 9: OBJECT IDENTIFIER
: messageDigest (1 2 840 113549 1 9 4)
: (PKCS #9 (1 2 840 113549 1 9))
171 31 22: SET {
173 04 20: OCTET STRING
: 40 6A EC 08 52 79 BA 6E 16 02 2D 9E
06 29 C0 22
: 96 87 DD 48
: }
: }
195 30 56: SEQUENCE {
197 06 3: OBJECT IDENTIFIER '1 2 5555'
202 31 49: SET {
204 04 47: OCTET STRING
: 54 68 69 73 20 69 73 20 61 20 74 65
73 74 20 47
: 65 6E 65 72 61 6C 20 41 53 4E 20 41
74 74 72 69
: 62 75 74 65 2C 20 6E 75 6D 62 65 72 20 31 2E
: }
: }
253 30 58: SEQUENCE {
255 06 11: OBJECT IDENTIFIER
: id-aa-contentHint (1 2 840 113549 1 9 16 2 4)
: (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
268 31 43: SET {
270 30 41: SEQUENCE {
272 0C 32: UTF8String 'Content Hints Description Buffer'
306 06 5: OBJECT IDENTIFIER '1 2 3 6 5 4'
: }
: }
: }
313 30 74: SEQUENCE {
315 06 9: OBJECT IDENTIFIER
: sMIMECapabilities (1 2 840 113549 1 9 15)
: (PKCS #9 (1 2 840 113549 1 9).
326 31 61: SET {
328 30 59: SEQUENCE {
330 30 7: SEQUENCE {
332 06 5: OBJECT IDENTIFIER '1 2 3 4 5 6'
: }
339 30 48: SEQUENCE {
341 06 6: OBJECT IDENTIFIER '1 2 3 4 5 6 77'
349 04 38: OCTET STRING
: 53 6D 69 6D 65 20 43 61 70 61 62 69
6C 69 74 69
: 65 73 20 70 61 72 61 6D 65 74 65 72
73 20 62 75
: 66 66 65 72 20 32
: }
: }
: }
: }
389 30 109: SEQUENCE {
391 06 11: OBJECT IDENTIFIER
: id-aa-securityLabel (1 2 840 113549 1 9 16 2 2)
: (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
404 31 94: SET {
406 31 92: SET {
408 02 1: INTEGER 1
411 06 7: OBJECT IDENTIFIER '1 2 3 4 5 6 7 8'
420 31 49: SET {
422 30 47: SEQUENCE {
424 80 8: [0]
: 2A 03 04 05 06 07 86 78
434 A1 35: [1] {
436 13 33: PrintableString 'THIS IS A
TEST SECURITY-CATEGORY.'
: }
: }
: }
471 13 27: PrintableString 'THIS IS A PRIVACY MARK TEST'
: }
: }
: }
500 30 111: SEQUENCE {
502 06 11: OBJECT IDENTIFIER
: id-aa-contentReference (1 2 840 113549
1 9 16 2 10)
: (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
515 31 96: SET {
517 30 94: SEQUENCE {
519 06 5: OBJECT IDENTIFIER '1 2 3 4 5 6'
526 04 43: OCTET STRING
: 43 6F 6E 74 65 6E 74 20 52 65 66 65
72 65 6E 63
: 65 20 43 6F 6E 74 65 6E 74 20 49 64
65 6E 74 69
: 66 69 65 72 20 42 75 66 66 65 72
571 04 40: OCTET STRING
: 43 6F 6E 74 65 6E 74 20 52 65 66 65
72 65 6E 63
: 65 20 53 69 67 6E 61 74 75 72 65 20
56 61 6C 75
: 65 20 42 75 66 66 65 72
: }
: }
: }
613 30 115: SEQUENCE {
615 06 11: OBJECT IDENTIFIER '1 2 840 113549 1 9 16 2 11'
628 31 100: SET {
630 A0 98: [0] {
632 30 90: SEQUENCE {
634 31 11: SET {
636 30 9: SEQUENCE {
638 06 3: OBJECT IDENTIFIER countryName (2 5 4 6)
: (X.520 id-at (2 5 4))
643 13 2: PrintableString 'US'
: }
: }
647 31 22: SET {
649 30 20: SEQUENCE {
651 06 3: OBJECT IDENTIFIER
: organizationName (2 5 4 10)
: (X.520 id-at (2 5 4))
656 13 13: PrintableString 'US Government'
: }
: }
671 31 17: SET {
673 30 15: SEQUENCE {
675 06 3: OBJECT IDENTIFIER
: organizationalUnitName (2 5 4 11)
: (X.520 id-at (2 5 4))
680 13 8: PrintableString 'VDA Site'
: }
: }
690 31 12: SET {
692 30 10: SEQUENCE {
694 06 3: OBJECT IDENTIFIER
: organizationalUnitName (2 5 4 11)
: (X.520 id-at (2 5 4))
699 13 3: PrintableString 'VDA'
: }
: }
704 31 18: SET {
706 30 16: SEQUENCE {
708 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
713 13 9: PrintableString 'Daisy RSA'
: }
: }
: }
724 02 4: INTEGER 173360179
: }
: }
: }
730 30 253: SEQUENCE {
733 06 11: OBJECT IDENTIFIER
: id-aa-mlExpandHistory (1 2 840 113549
1 9 16 2 3)
: (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
746 31 237: SET {
749 30 234: SEQUENCE {
752 30 231: SEQUENCE {
755 04 7: OCTET STRING
: 35 37 33 38 32 39 39
764 18 16: GeneralizedTime '199903111044330Z'
782 A1 201: [1] {
785 30 198: SEQUENCE {
788 A4 97: [4] {
790 30 95: SEQUENCE {
792 31 11: SET {
794 30 9: SEQUENCE {
796 06 3: OBJECT IDENTIFIER
: countryName (2 5 4 6)
: (X.520 id-at (2 5 4))
801 13 2: PrintableString 'US'
: }
: }
805 31 22: SET {
807 30 20: SEQUENCE {
809 06 3: OBJECT IDENTIFIER
: organizationName (2 5 4 10)
: (X.520 id-at (2 5 4))
814 13 13: PrintableString 'US Government'
: }
: }
829 31 17: SET {
831 30 15: SEQUENCE {
833 06 3: OBJECT IDENTIFIER
: organizationalUnitName (2 5 4 11)
: (X.520 id-at (2 5 4))
838 13 8: PrintableString 'VDA Site'
: }
: }
848 31 12: SET {
850 30 10: SEQUENCE {
852 06 3: OBJECT IDENTIFIER
: organizationalUnitName (2 5 4 11)
: (X.520 id-at (2 5 4))
857 13 3: PrintableString 'VDA'
: }
: }
862 31 23: SET {
864 30 21: SEQUENCE {
866 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
871 13 14: PrintableString 'Bugs Bunny DSA'
: }
: }
: }
: }
887 A4 97: [4] {
889 30 95: SEQUENCE {
891 31 11: SET {
893 30 9: SEQUENCE {
895 06 3: OBJECT IDENTIFIER
: countryName (2 5 4 6)
: (X.520 id-at (2 5 4))
900 13 2: PrintableString 'US'
: }
: }
904 31 22: SET {
906 30 20: SEQUENCE {
908 06 3: OBJECT IDENTIFIER
: organizationName (2 5 4 10)
: (X.520 id-at (2 5 4))
913 13 13: PrintableString 'US Government'
: }
: }
928 31 17: SET {
930 30 15: SEQUENCE {
932 06 3: OBJECT IDENTIFIER
: organizationalUnitName (2 5 4 11)
: (X.520 id-at (2 5 4))
937 13 8: PrintableString 'VDA Site'
: }
: }
947 31 12: SET {
949 30 10: SEQUENCE {
951 06 3: OBJECT IDENTIFIER
: organizationalUnitName (2 5 4 11)
: (X.520 id-at (2 5 4))
956 13 3: PrintableString 'VDA'
: }
: }
961 31 23: SET {
963 30 21: SEQUENCE {
965 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
970 13 14: PrintableString 'Elmer Fudd DSA'
: }
: }
: }
: }
: }
: }
: }
: }
: }
: }
986 30 258: SEQUENCE {
990 06 11: OBJECT IDENTIFIER
: id-aa-equivalentLabels (1 2 840 113549
1 9 16 2 9)
: (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
1003 31 242: SET {
1006 30 239: SEQUENCE {
1009 31 114: SET {
1011 02 1: INTEGER 1
1014 06 7: OBJECT IDENTIFIER '1 2 3 4 5 6 7 9'
1023 31 60: SET {
1025 30 58: SEQUENCE {
1027 80 8: [0]
: 2A 03 04 05 06 07 86 78
1037 A1 46: [1] {
1039 13 44: PrintableString
: 'EQUIVALENT THIS IS A TEST SECURITY-CATEGORY.'
: }
: }
: }
1085 13 38: PrintableString 'EQUIVALENT THIS IS
A PRIVACY MARK TEST'
: }
1125 31 121: SET {
1127 02 1: INTEGER 1
1130 06 7: OBJECT IDENTIFIER '1 2 3 4 5 6 7 10'
1139 31 60: SET {
1141 30 58: SEQUENCE {
1143 80 8: [0]
: 2A 03 04 05 06 07 86 78
1153 A1 46: [1] {
1155 13 44: PrintableString
: 'EQUIVALENT THIS IS A TEST SECURITY-CATEGORY.'
: }
: }
: }
1201 13 45: PrintableString
: 'EQUIVALENT THIS IS A SECOND PRIVACY
MARK TEST'
: }
: }
: }
: }
: }
1248 30 9: SEQUENCE {
1250 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
: }
1259 04 46: OCTET STRING, encapsulates {
1261 30 44: SEQUENCE {
1263 02 20: INTEGER
: 04 ED DC 50 4E 39 C2 DA A6 7B 0E 1F
2A B2 8C 85
: 72 62 0F 33
1285 02 20: INTEGER
: 18 74 5A 6E E0 2C 53 EB 51 0F 27 E4
85 9D E5 97
: C9 F2 78 94
: }
: }
: }
: }
: }
: }
: }
5.11 SignedData with Certificates Only
CA SignedData message with no content or signature, containing only
Alices's and Carl's certificates.
0 30 1674: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 1659: [0] {
19 30 1655: SEQUENCE {
23 02 1: INTEGER 1
26 31 0: SET {}
28 30 11: SEQUENCE {
30 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
: }
41 A0 1409: [0] {
45 30 667: SEQUENCE {
49 30 602: SEQUENCE {
53 A0 3: [0] {
55 02 1: INTEGER 2
: }
58 02 1: INTEGER 1
61 30 9: SEQUENCE {
63 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
72 30 18: SEQUENCE {
74 31 16: SET {
76 30 14: SEQUENCE {
78 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
83 13 7: PrintableString 'CarlDSS'
: }
: }
: }
92 30 30: SEQUENCE {
94 17 13: UTCTime '990816225050Z'
109 17 13: UTCTime '391231235959Z'
: }
124 30 18: SEQUENCE {
126 31 16: SET {
128 30 14: SEQUENCE {
130 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
135 13 7: PrintableString 'CarlDSS'
: }
: }
: }
144 30 439: SEQUENCE {
148 30 299: SEQUENCE {
152 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
161 30 286: SEQUENCE {
165 02 129: INTEGER
: 00 B6 49 18 3E 8A 44 C1 29 71 94 4C
01 C4 12 C1
: 7A 79 CB 54 4D AB 1E 81 FB C6 4C B3
0E 94 09 06
: EB 01 D4 B1 C8 71 4B C7 45 C0 50 25
5D 9C FC DA
: E4 6D D3 E2 86 48 84 82 7D BA 15 95
4A 16 F6 46
: ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16
7B B9 50 01
: 48 93 8B EB 25 15 51 97 55 DC 8F 53
0E 10 A9 50
: FC 70 B7 CD 30 54 FD DA DE A8 AA 22
B5 A1 AF 8B
: CC 02 88 E7 8B 70 5F B9 AD E1 08 D4
6D 29 2D D6
: [ Another 1 bytes skipped ]
297 02 21: INTEGER
: 00 DD C1 2F DF 53 CE 0B 34 60 77 3E
02 A4 BF 8A
: 5D 98 B9 10 D5
320 02 128: INTEGER
: 0C EE 57 9B 4B BD DA B6 07 6A 74 37
4F 55 7F 9D
: ED BC 61 0D EB 46 59 3C 56 0B 2B 5B
0C 91 CE A5
: 62 52 69 CA E1 6D 3E BD BF FE E1 B7
B9 2B 61 3C
: AD CB AE 45 E3 06 AC 8C 22 9D 9C 44
87 0B C7 CD
: F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D
5A 51 F5 4F
: 44 79 35 5A 73 AA 7F 46 51 1F A9 42
16 9C 48 EB
: 8A 79 61 B4 D5 2F 53 22 44 63 1F 86
B8 A3 58 06
: 25 F8 29 C0 EF BA E0 75 F0 42 C4 63
65 52 9B 0A
: }
: }
451 03 133: BIT STRING 0 unused bits, encapsulates {
455 02 129: INTEGER
: 00 99 87 74 27 03 66 A0 B1 C0 AD DC
2C 75 BB E1
: 6C 44 9C DA 21 6D 4D 47 6D B1 62 09
E9 D8 AE 1E
: F2 3A B4 94 B1 A3 8E 7A 9B 71 4E 00
94 C9 B4 25
: 4E B9 60 96 19 24 01 F3 62 0C FE 75
C0 FB CE D8
: 68 00 E3 FD D5 70 4F DF 23 96 19 06
94 F4 B1 61
: 8F 3A 57 B1 08 11 A4 0B 26 25 F0 52
76 81 EA 0B
: 62 0D 95 2A E6 86 BA 72 B2 A7 50 83
0B AA 27 CD
: 1B A9 4D 89 9A D7 8D 18 39 84 3F 8B
C5 56 4D 80
: [ Another 1 bytes skipped ]
: }
: }
587 A3 66: [3] {
589 30 64: SEQUENCE {
591 30 15: SEQUENCE {
593 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
598 01 1: BOOLEAN TRUE
601 04 5: OCTET STRING, encapsulates {
603 30 3: SEQUENCE {
605 01 1: BOOLEAN TRUE
: }
: }
: }
608 30 14: SEQUENCE {
610 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
615 01 1: BOOLEAN TRUE
618 04 4: OCTET STRING, encapsulates {
620 03 2: BIT STRING 1 unused bits
: '1100001'B
: }
: }
624 30 29: SEQUENCE {
626 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
631 04 22: OCTET STRING
: 04 14 70 44 3E 82 2E 6F 87 DE 4A D3
75 E3 3D 20
: BC 43 2B 93 F1 1F
: }
: }
: }
: }
655 30 9: SEQUENCE {
657 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
666 03 48: BIT STRING 0 unused bits, encapsulates {
669 30 45: SEQUENCE {
671 02 20: INTEGER
: 6B A9 F0 4E 7A 5A 79 E3 F9 BE 3D 2B
C9 06 37 E9
: 11 17 A1 13
693 02 21: INTEGER
: 00 8F 34 69 2A 8B B1 3C 03 79 94 32
4D 12 1F CE
: 89 FB 46 B2 3B
: }
: }
: }
716 30 734: SEQUENCE {
720 30 669: SEQUENCE {
724 A0 3: [0] {
726 02 1: INTEGER 2
: }
729 02 2: INTEGER 200
733 30 9: SEQUENCE {
735 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
744 30 18: SEQUENCE {
746 31 16: SET {
748 30 14: SEQUENCE {
750 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
755 13 7: PrintableString 'CarlDSS'
: }
: }
: }
764 30 30: SEQUENCE {
766 17 13: UTCTime '990817011049Z'
781 17 13: UTCTime '391231235959Z'
: }
796 30 19: SEQUENCE {
798 31 17: SET {
800 30 15: SEQUENCE {
802 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
807 13 8: PrintableString 'AliceDSS'
: }
: }
: }
817 30 438: SEQUENCE {
821 30 299: SEQUENCE {
825 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
834 30 286: SEQUENCE {
838 02 129: INTEGER
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2
48 28 A3 E4
: 47 93 DD 0E D7 A8 0E EC 53 C5 AB 84
08 4F FF 94
: E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F
AF A4 A1 89
: 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
DC 5F 69 8A
: E4 75 D0 37 0C 91 08 95 9B DE A7 5E
F9 FC F4 9F
: 2F DD 43 A8 8B 54 F1 3F B0 07 08 47
4D 5D 88 C3
: C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
78 BD FF 9D
: B0 84 97 37 F2 E4 51 1B B5 E4 09 96
5C F3 7E 5B
: [ Another 1 bytes skipped ]
970 02 21: INTEGER
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
B8 37 21 2B
: 62 8B F7 93 CD
993 02 128: INTEGER
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9
4B 59 6A 4C
: 76 23 39 04 02 35 5C F2 CB 1A 30 C3
1E 50 5D DD
: 9B 59 E2 CD AA 05 3D 58 C0 7B A2 36
B8 6E 07 AF
: 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
3E 90 F8 6D
: EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D
A3 07 CD 23
: 85 B8 2F 30 01 7C 6D 49 89 11 89 36
44 BD F8 C8
: 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
1F 11 7F C2
: BD ED D1 50 FF 98 74 C2 D1 81 4A 60
39 BA 36 39
: }
: }
1124 03 132: BIT STRING 0 unused bits, encapsulates {
1128 02 128: INTEGER
: 5C E3 B9 5A 75 14 96 0B A9 7A DD E3
3F A9 EC AC
: 5E DC BD B7 13 11 34 A6 16 89 28 11
23 D9 34 86
: 67 75 75 13 12 3D 43 5B 6F E5 51 BF
FA 89 F2 A2
: 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
A5 A0 4A E3
: 85 D6 CE 06 80 3F E8 23 7E 1A F2 24
AB 53 1A B8
: 27 0D 1E EF 08 BF 66 14 80 5C 62 AC
65 FA 15 8B
: F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
32 84 F0 7E
: 41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4
F2 83 E5 B8
: }
: }
1259 A3 131: [3] {
1262 30 128: SEQUENCE {
1265 30 32: SEQUENCE {
1267 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
1272 04 25: OCTET STRING, encapsulates {
1274 30 23: SEQUENCE {
1276 81 21: [1] 'aliceDss@examples.com'
: }
: }
: }
1299 30 12: SEQUENCE {
1301 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
1306 01 1: BOOLEAN TRUE
1309 04 2: OCTET STRING, encapsulates {
1311 30 0: SEQUENCE {}
: }
: }
1313 30 14: SEQUENCE {
1315 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
1320 01 1: BOOLEAN TRUE
1323 04 4: OCTET STRING, encapsulates {
1325 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
1329 30 31: SEQUENCE {
1331 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
1336 04 24: OCTET STRING, encapsulates {
1338 30 22: SEQUENCE {
1340 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
: 2B 93 F1 1F
: }
: }
: }
1362 30 29: SEQUENCE {
1364 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
1369 04 22: OCTET STRING
: 04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70
A4 CE 13 01
: E2 FD E3 97 FE CD
: }
: }
: }
: }
1393 30 9: SEQUENCE {
1395 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
1404 03 48: BIT STRING 0 unused bits, encapsulates {
1407 30 45: SEQUENCE {
1409 02 21: INTEGER
: 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A
8F C0 F8 24
: 05 E8 46 94 8E
1432 02 20: INTEGER
: 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9
A1 87 C1 A5
: 7F 28 2D BB
: }
: }
: }
: }
1454 A1 219: [1] {
1457 30 216: SEQUENCE {
1460 30 153: SEQUENCE {
1463 30 9: SEQUENCE {
1465 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
1474 30 18: SEQUENCE {
1476 31 16: SET {
1478 30 14: SEQUENCE {
1480 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
1485 13 7: PrintableString 'CarlDSS'
: }
: }
: }
1494 17 13: UTCTime '990827070000Z'
1509 30 105: SEQUENCE {
1511 30 19: SEQUENCE {
1513 02 2: INTEGER 200
1517 17 13: UTCTime '990822070000Z'
: }
1532 30 19: SEQUENCE {
1534 02 2: INTEGER 201
1538 17 13: UTCTime '990822070000Z'
: }
1553 30 19: SEQUENCE {
1555 02 2: INTEGER 211
1559 17 13: UTCTime '990822070000Z'
: }
1574 30 19: SEQUENCE {
1576 02 2: INTEGER 210
1580 17 13: UTCTime '990822070000Z'
: }
1595 30 19: SEQUENCE {
1597 02 2: INTEGER 212
1601 17 13: UTCTime '990824070000Z'
: }
: }
: }
1616 30 9: SEQUENCE {
1618 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
1627 03 47: BIT STRING 0 unused bits, encapsulates {
1630 30 44: SEQUENCE {
1632 02 20: INTEGER
: 7E 65 52 76 33 FE 34 73 17 D1 F7 96
F9 A0 D4 D8
: 6D 5C 7D 3D
1654 02 20: INTEGER
: 02 7A 5B B7 D5 5B 18 C1 CF 87 EF 7E
DA 24 F3 2A
: 83 9C 35 A1
: }
: }
: }
: }
1676 31 0: SET {}
: }
: }
: }
6. Enveloped-data
6.1 Basic encrypted content, TripleDES and DH
An EnvelopedData from Alice to Bob of ExContent using TripleDES for
encrypting and Diffie-Hellman for key management. Does not have a
OriginatorInfo or any attributes.
0 30 426: SEQUENCE {
4 06 9: OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
: (PKCS #7)
15 A0 411: [0] {
19 30 407: SEQUENCE {
23 02 1: INTEGER 2
26 31 331: SET {
30 A1 327: [1] {
34 02 1: INTEGER 3
37 A0 149: [0] {
40 A1 146: [1] {
43 30 9: SEQUENCE {
45 06 7: OBJECT IDENTIFIER dhPublicKey (1 2 840 10046 2 1)
: (ANSI X9.42 number type)
: }
54 03 132: BIT STRING 0 unused bits, encapsulates {
58 02 128: INTEGER
: 44 B9 26 32 13 77 AD 88 CD F5 9F 4B 4D A9 6C FF
: 38 60 EB 84 AB 45 E6 A3 F4 E2 94 27 97 F0 8D 29
: A5 EB 1F 21 91 68 58 39 C8 F2 49 D8 99 DB 48 A8
: 9E 47 A5 9E 06 BE B4 F4 A0 86 01 10 C4 50 FB B1
: F5 31 88 12 7B 15 18 70 F8 72 08 65 4F 51 A7 A3
: 96 18 E8 79 B4 A6 6C F1 B7 7A 61 26 F6 AF 4D 34
: 42 22 DD 80 F3 C7 42 CE 6A 1C 8C A6 24 E9 54 6A
: A0 67 B1 80 DE BB B0 C4 FE BC 45 4C D2 EC 35 74
: }
: }
: }
189 A1 66: [1] {
191 04 64: OCTET STRING
: A9 74 C4 E9 AA 79 D3 CE 5C 74 A4 ED A5 DB 65 F5
: C0 37 D6 81 F1 0A 93 5F 24 A1 DB 97 96 EE 87 8B
: 79 DB E9 07 11 23 CE 70 24 84 30 72 02 83 D5 7D
: 60 D3 D4 F6 A7 4D 4C C2 E0 89 FA CD 59 20 A2 93
: }
257 30 30: SEQUENCE {
259 06 11: OBJECT IDENTIFIER
: id-alg-ESDH (1 2 840 113549 1 9 16 3 5)
: (S/MIME Algorithms (1 2 840 113549 1 9 16 3))
272 30 15: SEQUENCE {
274 06 11: OBJECT IDENTIFIER
: id-alg-CMS3DESwrap (1 2 840 113549 1 9 16 3 6)
: (S/MIME Algorithms (1 2 840 113549 1 9 16 3))
287 05 0: NULL
: }
: }
289 30 70: SEQUENCE {
291 30 68: SEQUENCE {
293 30 24: SEQUENCE {
295 30 18: SEQUENCE {
297 31 16: SET {
299 30 14: SEQUENCE {
301 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
306 13 7: PrintableString 'CarlDSS'
: }
: }
: }
315 02 2: INTEGER 201
: }
319 04 40: OCTET STRING
: 97 A2 1C 9B 1D 72 03 4C FA 1F CE DA AE 85 49 E1
: 0D 32 04 97 80 43 CB 00 49 60 36 A7 DD 4B 0E E5
: D6 A8 7B BA 66 94 97 A7
: }
: }
: }
: }
361 30 67: SEQUENCE {
363 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
374 30 20: SEQUENCE {
376 06 8: OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
: (RSADSI encryptionAlgorithm (1 2 840 113549 3))
386 04 8: OCTET STRING
: 37 E7 7E D7 16 17 C8 AC
: }
396 80 32: [0]
: 6A F2 B8 9A 58 65 B2 AD F4 3A A0 31 B2 BD F7 52
: 7A EB 2B FB 04 77 0F E2 59 C6 33 BB 05 FD 0C EA
: }
: }
: }
: }
Some additional information on this example:
3DES CEK
cd 4f 7c 83 73 c4 26 ce 5d b0 cd ea 7c 16 15 cb
2f 8c a8 20 16 0e c8 2a
Ephemeral X (reverse the bytes)
2e 92 4e b9 2a bd ab 1e cb 5b d8 3b c5 6c b0 ef
2d 89 7b 0e e7 d6 33 8c 1f 33 81 6d 2d d1 61 4f
ZZ
de 42 2f c3 fb 44 ab ce 71 3f f6 3a aa dc 09 d1
ca 30 97 22 73 eb de 6a af 87 e1 74 62 60 73 c7
93 1f 2e 26 b3 09 8f 1c 93 31 33 63 5f 0e ad 89
89 f5 1a cb 8c 3f b7 8f 50 b3 9a fe 06 b0 8a 68
c0 f7 b1 fe 20 af 96 f2 a6 cf de 12 1e 74 f9 38
d1 90 da 4d 10 45 b2 6a be 3f f9 3b 61 c0 6d 8f
bc 2e c8 a3 e6 d8 e2 a8 52 ea 58 65 b3 93 99 b7
77 91 67 e6 04 e5 ca ce 46 86 b0 83 17 d9 de 1d
3DES KEK (no parity check)
02 1f 67 5c 92 58 e5 5a 2a fb 3b ed 94 6b 39 8a
b1 38 a7 8c 63 fc d6 14
wrapped key
51 46 57 41 34 1c d6 c7 cd 36 4b a4 93 b7 16 e6
2e f0 58 24 9c 6d 4b e9 90 8b 0f 46 b8 e5 93 19
ff 7c f0 56 4d 4f fa f5
3DES CEK
1c b6 57 1a 25 bc f8 13 5b 01 1a d5 a2 46 31 7a
85 fe 4f 62 45 4a 2a 43
6.2 Basic encrypted content, TripleDES and RSA
Same as 6.1, except with RSA for key management. An EnvelopedData from
Alice to Bob of ExContent using TripleDES for encrypting and RSA for
key management. Does not have a OriginatorInfo.
0 30 286: SEQUENCE {
4 06 9: OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
: (PKCS #7)
15 A0 271: [0] {
19 30 267: SEQUENCE {
23 02 1: INTEGER 0
26 31 192: SET {
29 30 189: SEQUENCE {
32 02 1: INTEGER 0
35 30 38: SEQUENCE {
37 30 18: SEQUENCE {
39 31 16: SET {
41 30 14: SEQUENCE {
43 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
48 13 7: PrintableString 'CarlRSA'
: }
: }
: }
57 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
: }
75 30 13: SEQUENCE {
77 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
88 05 0: NULL
: }
90 04 128: OCTET STRING
: 0B 71 0D E6 71 88 88 98 B6 96 C1 8F 70 FD A2 27
: DE DA E1 EF 24 6C A4 33 DF AC E0 E9 9D A2 D3 2C
: 7A CD 80 B8 99 9E E6 5F B1 41 B3 72 16 83 E7 FA
: 2A 00 8B C7 73 35 78 26 D6 C7 CF 8C 0C 56 DB A5
: 76 9D 08 38 0E F3 F9 D4 91 43 58 78 DC 49 B6 EC
: EE 6C 68 33 A3 21 1D F0 28 78 1F F7 5D F6 07 73
: 4D DF AD 69 31 20 4B 48 A9 75 22 6E 36 79 15 63
: 8F CC EB 9D A3 28 A1 D1 2C 57 F4 DA 1A 2C 75 1F
: }
: }
221 30 67: SEQUENCE {
223 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
234 30 20: SEQUENCE {
236 06 8: OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
: (RSADSI encryptionAlgorithm (1 2 840 113549 3))
246 04 8: OCTET STRING
: 2D 68 C5 E9 47 06 51 35
: }
256 80 32: [0]
: 0E C8 92 7F C6 7D 3F 8D CB AD 8E 0E C5 49 3A EB
: 47 2E D6 55 DE 09 21 4E 48 EA 4E 27 B1 6E 57 25
: }
: }
: }
: }
6.3 Basic encrypted content, RC2/40 and RSA
Same as 6.1, except using RC2/40 for encryption and RSA for key
management. An EnvelopedData from Alice to Bob of ExContent using
RC2/40 for encrypting and RSA for key management. Does not have a
OriginatorInfo or any attributes.
0 30 291: SEQUENCE {
4 06 9: OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
: (PKCS #7)
15 A0 276: [0] {
19 30 272: SEQUENCE {
23 02 1: INTEGER 0
26 31 192: SET {
29 30 189: SEQUENCE {
32 02 1: INTEGER 0
35 30 38: SEQUENCE {
37 30 18: SEQUENCE {
39 31 16: SET {
41 30 14: SEQUENCE {
43 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
48 13 7: PrintableString 'CarlRSA'
: }
: }
: }
57 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
: }
75 30 13: SEQUENCE {
77 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
88 05 0: NULL
: }
90 04 128: OCTET STRING
: 85 42 BE E3 0B 2E E5 0F 09 AA 24 CA DE DA C1 D3
: 09 B8 27 2B 25 CB D5 71 FB C9 9C DB F0 B2 6E A0
: 8A 5F 1C 9D 4A ED 98 9D 15 39 26 01 1A 2E 6B F0
: 44 39 89 37 3C 6F C7 4A 61 0B 0B 27 77 AA F9 D4
: 97 A4 D2 21 3F C2 3F 20 D4 DC 10 E9 D6 3F 00 DB
: 9C 82 47 D6 7E 96 FF 12 6E 87 84 A0 BA ED 81 0F
: 56 6D A6 1D EB AB C3 B7 A1 B9 F8 5F 8B CC 1B 4A
: E5 14 36 06 61 D0 C7 64 5F 69 67 91 A9 50 EE D8
: }
: }
221 30 72: SEQUENCE {
223 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
234 30 25: SEQUENCE {
236 06 8: OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2)
: (RSADSI encryptionAlgorithm (1 2 840 113549 3))
246 30 13: SEQUENCE {
248 02 1: INTEGER 58
251 04 8: OCTET STRING
: E8 70 81 E2 EF C5 15 57
: }
: }
261 80 32: [0]
: 06 53 0A 7B 8D 5C 16 0D CC D5 76 D6 8B 59 D6 45
: 8C 1A 1A 0C E6 1E F3 DE 43 56 00 9B 40 8C 38 5D
: }
: }
: }
: }
6.4 Encrypted content, two recipients, no shared keying material
Same as 6.1, except sent to both Bob and Diane. An EnvelopedData from
Alice to Bob and Diane of ExContent using TripleDES for encrypting and
Diffie-Hellman for key management. Does not have a OriginatorInfo or
any attributes.
0 30 615: SEQUENCE {
4 06 9: OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
: (PKCS #7)
15 A0 600: [0] {
19 30 596: SEQUENCE {
23 02 1: INTEGER 2
26 31 520: SET {
30 A1 256: [1] {
34 02 1: INTEGER 3
37 A0 150: [0] {
40 A1 147: [1] {
43 30 9: SEQUENCE {
45 06 7: OBJECT IDENTIFIER
: dhPublicNumber (1 2 840 10046 2 1)
: (ANSI X9.42 number-type)
: }
54 03 133: BIT STRING 0 unused bits
: 02 81 80 03 CA 05 2E 78 63 86 95 7D C6 E3 38 08
: 33 D3 5E 06 FB C5 98 FA DE 66 42 2E 6F BB 35 47
: 73 EE 7F 43 82 83 0C 8D EF 1F 61 8F 52 C6 5C BB
: 85 46 09 CD 0A 1E 75 44 51 AC B8 AB 85 88 C6 B3
: 06 97 C9 47 B2 8A 56 55 8B BE D3 3C C9 3A F0 A8
: D5 4C 3A 56 19 9B 65 75 E9 2B 14 66 D8 BB 66 70
: 2E 64 46 41 BD 33 E1 50 F8 D5 CA A5 74 6A 09 01
: D3 6D 74 85 21 33 53 AB C2 3D 2A 08 40 CF F9 AC
: 2D F7 D0 00
: }
: }
190 30 26: SEQUENCE {
192 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
: (ANSI X9.42 number-type)
201 30 15: SEQUENCE {
203 06 11: OBJECT IDENTIFIER '1 2 840 113549 1 9 16 3 6'
216 05 0: NULL
: }
: }
218 30 70: SEQUENCE {
220 30 68: SEQUENCE {
222 30 24: SEQUENCE {
224 30 18: SEQUENCE {
226 31 16: SET {
228 30 14: SEQUENCE {
230 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
235 13 7: PrintableString 'CarlDSS'
: }
: }
: }
244 02 2: INTEGER 211
: }
248 04 40: OCTET STRING
: 88 24 7C 52 73 C3 02 FF DB 89 49 08 0E BD EE 0E
: 49 18 47 19 B4 95 5F 16 12 B9 ED 34 4F 99 6B 2F
: CA 8E 94 87 56 66 08 51
: }
: }
: }
290 A1 256: [1] {
294 02 1: INTEGER 3
297 A0 150: [0] {
300 A1 147: [1] {
303 30 9: SEQUENCE {
305 06 7: OBJECT IDENTIFIER
: dhPublicNumber (1 2 840 10046 2 1)
: (ANSI X9.42 number-type)
: }
314 03 133: BIT STRING 0 unused bits
: 02 81 80 5C 58 72 3E C6 68 91 0F F8 EB 07 EB C1
: 46 60 13 4B 7A D4 E5 AC 61 0C 67 D1 0D 0A AB E8
: 81 31 25 6A B5 E6 F3 EF 53 9D E7 51 B5 1D A4 E3
: 38 C7 EB 95 D9 80 D8 85 65 76 12 FB 7A 9E F2 B1
: 3F 38 1F EA F2 7C 61 26 63 73 AA 22 E2 FD 15 9A
: 9C 17 31 58 0C 4E A0 DE 84 89 B7 81 70 62 3E 9B
: 45 47 AD B9 FC 94 95 A5 99 F4 86 8D 0B CE 74 EC
: 71 DC CA A6 71 37 31 01 4C 8C 01 59 8C 49 AE FC
: FB 64 EA 00
: }
: }
450 30 26: SEQUENCE {
452 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
: (ANSI X9.42 number-type)
461 30 15: SEQUENCE {
463 06 11: OBJECT IDENTIFIER '1 2 840 113549 1 9 16 3 6'
476 05 0: NULL
: }
: }
478 30 70: SEQUENCE {
480 30 68: SEQUENCE {
482 30 24: SEQUENCE {
484 30 18: SEQUENCE {
486 31 16: SET {
488 30 14: SEQUENCE {
490 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
495 13 7: PrintableString 'CarlDSS'
: }
: }
: }
504 02 2: INTEGER 201
: }
508 04 40: OCTET STRING
: 39 2A 16 D1 21 2B 72 38 0C 40 01 55 A1 17 19 04
: BE FD 24 9B 33 E5 1C BC C5 D8 7B A7 45 15 D2 5B
: E5 5A 09 A5 22 18 7B DF
: }
: }
: }
: }
550 30 67: SEQUENCE {
552 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
563 30 20: SEQUENCE {
565 06 8: OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
: (RSADSI encryptionAlgorithm (1 2 840 113549 3))
575 04 8: OCTET STRING
: 13 E3 41 9C 85 30 15 1F
: }
585 80 32: [0]
: BA 8F 71 D9 C8 92 CE D4 08 A7 F5 73 91 29 6D E1
: 33 08 DE C4 58 C2 A2 7B F0 9A 4B 06 44 EF D6 E5
: }
: }
: }
: }
6.5 Encrypted content, two recipients, shared keying material
Same as 6.4, except sent to Bob and Erica using keys that have shared
parameters so the result does not include the UKMs. An EnvelopedData
from Alice to Bob and Erica of ExContent using TripleDES for encrypting
and Diffie-Hellman for key management. Does not have a OriginatorInfo
or any attributes. Uses BobPubDHSharedEncrypt and
DianePubDHSharedEncrypt for keys.
0 30 426: SEQUENCE {
4 06 9: OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
: (PKCS #7)
15 A0 411: [0] {
19 30 407: SEQUENCE {
23 02 1: INTEGER 2
26 31 331: SET {
30 A1 327: [1] {
34 02 1: INTEGER 3
37 A0 150: [0] {
40 A1 147: [1] {
43 30 9: SEQUENCE {
45 06 7: OBJECT IDENTIFIER
: dhPublicNumber (1 2 840 10046 2 1)
: (ANSI X9.42 number-type)
: }
54 03 133: BIT STRING 0 unused bits
: 02 81 80 1E 6F B8 49 59 86 A9 EE 34 17 29 BC A0
: 5A 84 51 AB CE 9A 41 38 B6 29 A7 7C 49 24 8D 83
: A6 A0 F8 2C 9A 1B 1D A9 86 64 62 89 4B F9 5B 35
: 93 0C 36 D3 F7 06 51 D5 4A 5E AD DC 76 D2 ED 53
: 46 1A D4 0A 84 5B 26 A7 D0 4C 9A D6 24 A1 9E BA
: D2 21 30 7B 45 C5 36 CC 2B 4A 4F 19 77 0D 48 22
: 79 66 D9 EB 51 4A 5A 3B 5D 25 E5 FA 58 79 0F 53
: 49 1B 1F E9 F9 79 73 0D BC 49 61 ED DB 4D 81 67
: 9E 68 A8 00
: }
: }
190 30 26: SEQUENCE {
192 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
: (ANSI X9.42 number-type)
201 30 15: SEQUENCE {
203 06 11: OBJECT IDENTIFIER '1 2 840 113549 1 9 16 3 6'
216 05 0: NULL
: }
: }
218 30 140: SEQUENCE {
221 30 68: SEQUENCE {
223 30 24: SEQUENCE {
225 30 18: SEQUENCE {
227 31 16: SET {
229 30 14: SEQUENCE {
231 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
236 13 7: PrintableString 'CarlDSS'
: }
: }
: }
245 02 2: INTEGER 201
: }
249 04 40: OCTET STRING
: FF 20 83 91 5F 10 CF 38 80 DF 50 20 46 C3 30 3B
: 7D 2B E3 DB C1 18 07 E3 07 85 2B 6C AB 26 07 B9
: 2C E5 DD 89 40 7D E9 D5
: }
291 30 68: SEQUENCE {
293 30 24: SEQUENCE {
295 30 18: SEQUENCE {
297 31 16: SET {
299 30 14: SEQUENCE {
301 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
306 13 7: PrintableString 'CarlDSS'
: }
: }
: }
315 02 2: INTEGER 212
: }
319 04 40: OCTET STRING
: BF 13 C2 4A A2 D4 08 6A 2B 60 4A B8 A1 6D 31 43
: F7 6B AE 35 64 23 D0 E6 80 79 BE 5F 25 2C 51 E3
: B9 0E 44 F3 83 79 B4 0E
: }
: }
: }
: }
361 30 67: SEQUENCE {
363 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
374 30 20: SEQUENCE {
376 06 8: OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
: (RSADSI encryptionAlgorithm (1 2 840 113549 3))
386 04 8: OCTET STRING
: 23 DF 7F DB 3D 98 00 F8
: }
396 80 32: [0]
: 74 29 02 33 4D 51 2E C4 C5 AE 32 D8 7F 9B 01 EB
: D2 CD C2 32 0A AA 90 8D A9 91 F3 21 32 8E 4E 76
: }
: }
: }
: }
6.6 Encrypted content, TripleDES and DH, previously-distributed keys
Same as 6.1, except sent using a previously-distributed key. An
EnvelopedData from Alice to Bob of ExContent using TripleDES for
encrypting and Diffie-Hellman for key management, using the
MailListTripleDES key. Does not have a OriginatorInfo or any
attributes.
Subject: Test subject
MIME-Version: 1.0
Content-Type: application/pkcs7-mime;
name="smime.p7m";
smime-type=enveloped-data
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="smime.p7m"
MIAGCSqGSIb3DQEHA6CAMIACAQIxggFdoYIBBAIBA6CBlaGBkjAJBgcqhkjOPgIBA4
GEAAKBgE348O8WYkb+mh9JywImIJ1j0PIj84SnpKclqO31EcScZzkSiQQP+gqphImf
EwIGh7P7ywuoFuxdot8C2X/nDubhrrKImG3Z96h/FAh6/rgA6P10r2yesV1QvqfGgY
Bh9+o9zq/S1+Q8ssFH9j1nZzTLLL3rrG8W4ztmu4qX+Q89MB8GCyqGSIb3DQEJEAMF
MBAGCyqGSIb3DQEJEAMHAgE6MEYwRDAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDJBC
hTEv/IiYb58fJpBc1MQAJ1FSG33LdFbpRq8QirMU12JiHd9qAJjj9ColMCAQQwEwQR
TWFpbExpc3RUcmlwbGVERVMwDwYLKoZIhvcNAQkQAwYFAAQo/JV25qipslbuubZDLs
lEB93Y4rGtOJHpymNu+u5Fe7bpypVtjw4VWjCABgkqhkiG9w0BBwEwGQYIKoZIhvcN
AwIwDQIBOgQIj3hP9Fg2yEqggAQg4lYLOgn0NuOrSALLvtN4NzeVtYJ07hsW2OZ7Fq
QNmuoAAAAAAAAAAAAA
6.7 Encrypted content, RC2/40 and RSA, previously-distributed keys
Same as 6.1, except sent using a previously-distributed key. An
EnvelopedData from Alice to Bob of ExContent using RC2/40 for
encrypting and RSA for key management, using the MailListRC2 key. Does
not have a OriginatorInfo or any attributes.
0 30 357: SEQUENCE {
4 06 9: OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
: (PKCS #7)
15 A0 342: [0] {
19 30 338: SEQUENCE {
23 02 1: INTEGER 2
26 31 256: SET {
30 30 189: SEQUENCE {
33 02 1: INTEGER 0
36 30 38: SEQUENCE {
38 30 18: SEQUENCE {
40 31 16: SET {
42 30 14: SEQUENCE {
44 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
49 13 7: PrintableString 'CarlRSA'
: }
: }
: }
58 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
: }
76 30 13: SEQUENCE {
78 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
89 05 0: NULL
: }
91 04 128: OCTET STRING
: 94 26 42 88 C6 8B B6 78 20 FF 82 57 2A 41 98 D1
: 68 08 3A 04 A7 CE E4 86 D8 32 7D FD 8D E1 29 AA
: 0F 74 71 3F 1F BC 85 B2 D0 B7 D8 B7 61 C3 30 71
: AA 7E 6A 23 A4 CA A8 CC 6A 54 F4 DD 55 02 D1 70
: 4E 1A FF 87 60 8D C7 05 99 BF 68 5C F1 A2 AF 98
: 39 70 16 B3 9C 65 19 EA D9 C1 33 9C F6 3E 80 62
: 52 B8 A9 7B E7 CE D4 79 49 0F 13 06 39 73 CA D9
: B8 57 BC E0 F9 31 AB 9C 65 4D 40 13 70 E3 B1 30
: }
222 A2 62: [2] {
224 02 1: INTEGER 4
227 30 13: SEQUENCE {
229 04 11: OCTET STRING 'MailListRC2'
: }
242 30 16: SEQUENCE {
244 06 11: OBJECT IDENTIFIER
: id-alg-CMSRC2wrap (1 2 840 113549 1 9 16 3 7)
: (S/MIME Algorithms (1 2 840 113549 1 9 16 3))
257 02 1: INTEGER 58
: }
260 04 24: OCTET STRING
: 77 14 AF 93 12 27 F8 3D 1E 72 55 1E C4 3A 5F 9E
: 95 73 06 1B F8 E7 E8 8D
: }
: }
286 30 73: SEQUENCE {
288 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
299 30 26: SEQUENCE {
301 06 8: OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2)
: (RSADSI encryptionAlgorithm (1 2 840 113549 3))
311 30 14: SEQUENCE {
313 02 2: INTEGER 160
317 04 8: OCTET STRING
: 9C 04 D2 19 2E 2A 55 A1
: }
: }
327 80 32: [0]
: 5E 28 D5 E1 A2 3B 9E 8F 7A 2B 83 D2 ED EE 7F B0
: 5B 13 A1 9E 4C B9 57 9D 2F 4A 9A 18 45 F4 51 CB
: }
: }
: }
: }
6.8 S/MIME application/pkcs7-mime encrypted message
A full S/MIME message, including MIME, that includes the body part from
6.1.
MIME-Version: 1.0
Message-Id: <00103112005203.00349@amyemily.ig.com>
Date: Tue, 31 Oct 2000 12:00:52 -0600 (Central Standard Time)
From: User1
To: User2
Subject: Example 6.8
Content-Type: Application/pkcs7-mime;name=smime.p7m;filename=smime.p7m
Content-Transfer-Encoding: base64
Content-Description: attachment;filename=smime.p7m
MIIEYQYJKoZIhvcNAQcDoIIEUjCCBE4CAQKgggLxoIIC7TCCAukwggKooAMCAQICAgDUMA
kGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUzAeFw05OTA4MTcwMjE3MTZaFw0zOTEy
MzEyMzU5NTlaMBIxEDAOBgNVBAMTB0VyaWNhREgwggHEMIIBOAYHKoZIzj4CATCCASsCgY
EA7CzNpO+aJi9ip7sjTd8rJcFo0p6pRVs28ZSJGq99ESSdPbk8KejXI4Azpp5FAruqzJ4o
BZWgsxd2wfclNWECQZInDF6uSOXzbjjvkdHPN/6aQJfILTWenZPG+BWvP9p0OrfEk7W5u3
ZsH6h+vDqqQwqBZPxj8HtxmPrAOHkQGjMCgYEAugvXdD3nNOVME6eVlrvx5GE3CPsSx/uc
kXcGmTXwSCSWMxIBfo3sC/aywGOnFcVelYaic8VJRjd5YP13BQlIm3CNPAX2zkQsf30bKx
Xd8wUvvoUgj435tKBFdCv0O51CYjQnJ4GObw9eYoWJzO0hw5FwBlTucKiSVVtuGSJNYqcC
IQDDq0owebPTl07K9aJ9x3CjRfOzooYF0j5J+Z/ZCrO+vQOBhQACgYEA0SvkHT66GM91IM
bHXsPEbOrzI9kJH0aY9M5ZubbO6DrGGPhZdxuZsNrcwJ0J5K/5YZEsR8xHXt8rM3bzZ+x3
6Cw3MKGJXfPI9lwWSuS3jPV71Tj9FKzoesJ97geQJwp8h6ii4nA16m7enlAxa+kJ2iUaAY
7j/yYcdfXDzlr1noWjgYEwfzAfBgNVHREEGDAWgRRlcmljYURoQGV4YW1wbGVzLmNvbTAM
BgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIDCDAfBgNVHSMEGDAWgBRwRD6CLm+H3krTde
M9ILxDK5PxHzAdBgNVHQ4EFgQUjVMdYVV/YDVtpjaixZP4mv3AdXQwCQYHKoZIzjgEAwMw
ADAtAhQ+UUII41IuqruPvRg4ccuYg75HngIVALSzFYWZEQZAH0BZjdQbLc2B8ehoMYIBDa
GCAQkCAQOgGjAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDUoYGDBIGAJ9S2hbjOL6X23QgU
dLjyo8uBXzTZNwDsNvWKidLJx6umMnV9PmfRxy1Yb1UDNDP//1Rd+xFYA9EYd8THsNDKdr
YosuLojimdW0xih8BOgn9UXlE/I2msgkJ24mxcUyzvA/u0LTN5aPoRdMYVS61QLPDsvr51
5f5TB2z9KPYVK5MwGgYHKoZIzj4CATAPBgsqhkiG9w0BCRADBgUAMEYwRDAYMBIxEDAOBg
NVBAMTB0NhcmxEU1MCAgDJBCiytQ66TKk5FRNqm13l4cUwtrsv92WphxKHjq0EFCHI35VP
2nLoq2YXMEMGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQI280UIM+ZHBiAIAl3prOldtS3Jw
rzjhCb6aJInx+tKnG5Ec9QDq9XDrm8
6.9 EnvelopedData with All Recipient Types
EnvelopedData message with an example of each recipient type (kari,
ktri, kekri), and has unprotected attributes.
0 30 841: SEQUENCE {
4 06 9: OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
: (PKCS #7)
15 A0 826: [0] {
19 30 822: SEQUENCE {
23 02 1: INTEGER 2
26 31 621: SET {
30 30 189: SEQUENCE {
33 02 1: INTEGER 0
36 30 38: SEQUENCE {
38 30 18: SEQUENCE {
40 31 16: SET {
42 30 14: SEQUENCE {
44 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
49 13 7: PrintableString 'CarlRSA'
: }
: }
: }
58 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
: }
76 30 13: SEQUENCE {
78 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
89 05 0: NULL
: }
91 04 128: OCTET STRING
: 0C 08 70 9E 65 37 ED BD 39 C0 CF 06 C9 40 97 DC
: 5F 03 05 23 08 F9 D7 D2 52 5C 86 58 E4 68 27 00
: 96 DF 89 A8 5F AE C0 7E 03 02 71 EC D6 2B 9B A1
: 8E B3 17 12 C5 43 F7 4A 40 88 27 5E 45 C1 24 C7
: 38 C0 5B 20 64 12 02 BE 27 63 35 7C 70 A3 35 DB
: 81 11 6F 93 97 1D 4A BA 66 D4 5C D6 76 54 B5 95
: 8E A8 7E B8 66 C7 87 07 01 0D 22 7F B3 52 A9 C9
: E1 7D F2 37 95 CB CD 29 8E F4 6E EF 15 30 21 7B
: }
222 A1 328: [1] {
226 02 1: INTEGER 3
229 A0 149: [0] {
232 A1 146: [1] {
235 30 9: SEQUENCE {
237 06 7: OBJECT IDENTIFIER dhPublicKey (1 2 840 10046 2 1)
: (ANSI X9.42 number type)
: }
246 03 132: BIT STRING 0 unused bits, encapsulates {
250 02 128: INTEGER
: 7D 91 66 39 5E 11 FF 09 C3 A0 DA 33 96 9F 47 4E
: 81 71 B2 C2 80 58 95 40 4E 22 4A 08 55 28 60 25
: 17 BC E4 AB 17 D7 C3 31 05 6E 68 08 EC 8B E0 21
: 9B 75 DF 60 A5 B2 4A BE 41 F1 31 33 DB 77 62 DC
: 3A E4 A0 C8 3F DA BE 4E 6A 6B 44 0F F5 09 86 51
: 17 58 D6 F1 46 BA C9 37 AC AD 58 0D DF 6C 32 BF
: AE B5 8F 16 91 A2 0A 93 28 44 E7 55 78 28 5A 9A
: 9D BD DE 8D AF A4 5B 21 BB 12 02 30 17 97 09 61
: }
: }
: }
381 A1 66: [1] {
383 04 64: OCTET STRING
: 67 65 94 10 B2 F2 7F 1D 31 EF 6A 31 76 88 4D E2
: 46 79 43 4B 83 77 34 BE B4 02 E5 F9 CA DE BB CB
: 5F 85 22 07 32 62 E6 8E 51 74 67 C2 D2 FC 2B 73
: 33 2A 9D FF 68 1E 6C 74 8E F4 4D 34 B2 DA 46 07
: }
449 30 31: SEQUENCE {
451 06 11: OBJECT IDENTIFIER
: id-alg-ESDH (1 2 840 113549 1 9 16 3 5)
: (S/MIME Algorithms (1 2 840 113549 1 9 16 3))
464 30 16: SEQUENCE {
466 06 11: OBJECT IDENTIFIER
: id-alg-CMSRC2wrap (1 2 840 113549 1 9 16 3 7)
: (S/MIME Algorithms (1 2 840 113549 1 9 16 3))
479 02 1: INTEGER 58
: }
: }
482 30 70: SEQUENCE {
484 30 68: SEQUENCE {
486 30 24: SEQUENCE {
488 30 18: SEQUENCE {
490 31 16: SET {
492 30 14: SEQUENCE {
494 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
499 13 7: PrintableString 'CarlDSS'
: }
: }
: }
508 02 2: INTEGER 201
: }
512 04 40: OCTET STRING
: 67 01 E1 31 C6 44 D5 CE 6B 38 70 C8 69 96 D8 2C
: E9 C3 3E 4B 7E D2 95 29 CB 4A 0E E2 5C B1 2A 47
: E4 BF 10 EC 6E AC F2 1E
: }
: }
: }
554 A2 95: [2] {
556 02 1: INTEGER 4
559 30 30: SEQUENCE {
561 04 11: OCTET STRING 'MailListRC2'
574 18 15: GeneralizedTime '19951230235959Z'
: }
591 30 16: SEQUENCE {
593 06 11: OBJECT IDENTIFIER
: id-alg-CMSRC2wrap (1 2 840 113549 1 9 16 3 7)
: (S/MIME Algorithms (1 2 840 113549 1 9 16 3))
606 02 1: INTEGER 58
: }
609 04 40: OCTET STRING
: 66 F3 29 29 43 EE 9C A3 96 50 BF 54 AD 4E 5C 28
: 22 1A 9B 13 A1 B4 99 9F E0 7B AD 07 F0 1B 52 34
: E7 BC 00 07 71 6B F9 C1
: }
: }
651 30 72: SEQUENCE {
653 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
664 30 25: SEQUENCE {
666 06 8: OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2)
: (RSADSI encryptionAlgorithm (1 2 840 113549 3))
676 30 13: SEQUENCE {
678 02 1: INTEGER 58
681 04 8: OCTET STRING
: 23 7E 97 B8 3F C1 8E 75
: }
: }
691 80 32: [0]
: 12 E4 41 F6 AA 41 A2 36 81 62 F1 47 3B 68 C7 65
: 12 A7 A6 54 8E D2 0F 4F 98 DE 79 8B A5 9A 8C 55
: }
725 A1 118: [1] {
727 30 56: SEQUENCE {
729 06 3: OBJECT IDENTIFIER '1 2 5555'
734 31 49: SET {
736 04 47: OCTET STRING
: 'This is a test General ASN Attribute, '
: 'number 1.'
: }
: }
785 30 58: SEQUENCE {
787 06 11: OBJECT IDENTIFIER
: id-aa-contentHint (1 2 840 113549 1 9 16 2 4)
: (S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2))
800 31 43: SET {
802 30 41: SEQUENCE {
804 0C 32: UTF8String 'Content Hints Description Buffer'
838 06 5: OBJECT IDENTIFIER '1 2 3 6 5 4'
: }
: }
: }
: }
: }
: }
: }
6.10 EnvelopedData with KARI RC2 Encryption
EnvelopedData message like 6.1 except using the RC2 content encryption
algorithm for both the content and key.
0 30 433: SEQUENCE {
4 06 9: OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
: (PKCS #7)
15 A0 418: [0] {
19 30 414: SEQUENCE {
23 02 1: INTEGER 2
26 31 333: SET {
30 A1 329: [1] {
34 02 1: INTEGER 3
37 A0 150: [0] {
40 A1 147: [1] {
43 30 9: SEQUENCE {
45 06 7: OBJECT IDENTIFIER dhPublicKey (1 2 840 10046 2 1)
: (ANSI X9.42 number type)
: }
54 03 133: BIT STRING 0 unused bits, encapsulates {
58 02 129: INTEGER
: 00 B1 54 32 12 FB 62 53 7D AD 6A E2 C0 52 BB B1
: E7 9E 62 93 4B E0 BF DF D2 7F 25 92 23 69 D7 16
: 80 B4 0C 83 93 A1 63 6E 2F 61 93 6E 0C 78 E2 DC
: C6 C8 50 5F D9 0D 77 6A D5 8F 38 45 C6 22 2B 94
: DC C5 7A 8B E3 48 BC 44 E5 9B 45 6C 17 17 E7 5F
: 81 E5 03 42 16 43 82 1B 96 A4 DC 75 98 B4 5A 0E
: 60 DF 0A EB 0B C7 1D AC 74 19 2F 2E E6 98 A9 38
: 9F D5 AB 23 9F 4A 8C A4 D3 AF 72 2D 6D E6 CC 5A
: 10
: }
: }
: }
190 A1 66: [1] {
192 04 64: OCTET STRING
: 5D BC 4E 4E 3C 48 09 83 DF 6C 0A 45 E8 EC 6E 73
: 3A 7B 2A 93 AB 2E 75 36 48 F4 37 02 7E 2E 07 54
: CB 81 6D 9D AF DB 0B 64 85 AE 45 69 30 8A C7 12
: F1 68 37 1C A1 44 F8 8D 46 81 D3 1F 7A 0F 96 4D
: }
258 30 31: SEQUENCE {
260 06 11: OBJECT IDENTIFIER
: id-alg-ESDH (1 2 840 113549 1 9 16 3 5)
: (S/MIME Algorithms (1 2 840 113549 1 9 16 3))
273 30 16: SEQUENCE {
275 06 11: OBJECT IDENTIFIER
: id-alg-CMSRC2wrap (1 2 840 113549 1 9 16 3 7)
: (S/MIME Algorithms (1 2 840 113549 1 9 16 3))
288 02 1: INTEGER 58
: }
: }
291 30 70: SEQUENCE {
293 30 68: SEQUENCE {
295 30 24: SEQUENCE {
297 30 18: SEQUENCE {
299 31 16: SET {
301 30 14: SEQUENCE {
303 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
308 13 7: PrintableString 'CarlDSS'
: }
: }
: }
317 02 2: INTEGER 201
: }
321 04 40: OCTET STRING
: 32 63 D0 F6 96 76 4D BF 96 25 B4 7F 31 C2 A2 A2
: F5 57 1C D6 4C BF 61 9E 63 9F 65 2B 98 93 2A 74
: 46 AD 35 A3 8E CB 84 F8
: }
: }
: }
: }
363 30 72: SEQUENCE {
365 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
376 30 25: SEQUENCE {
378 06 8: OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2)
: (RSADSI encryptionAlgorithm (1 2 840 113549 3))
388 30 13: SEQUENCE {
390 02 1: INTEGER 58
393 04 8: OCTET STRING
: BE C3 7C 81 57 B1 04 F3
: }
: }
403 80 32: [0]
: 1E 1C EB 3D CC 03 FF 59 BB F7 37 D6 7E F8 EA 27
: 75 91 04 FD B1 8A 82 A0 78 F1 29 E8 29 64 BF E5
: }
: }
: }
: }
6.11 EnvelopedData with KEK 3DES Encryption
EnvelopedData message like 6.7 except using the 3DES content encryption
algorithm for both the content and key.
0 30 193: SEQUENCE {
3 06 9: OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
: (PKCS #7)
14 A0 179: [0] {
17 30 176: SEQUENCE {
20 02 1: INTEGER 2
23 31 102: SET {
25 A2 100: [2] {
27 02 1: INTEGER 4
30 30 36: SEQUENCE {
32 04 17: OCTET STRING
: 4D 61 69 6C 4C 69 73 74 54 72 69 70 6C 65 44 45
: 53
51 18 15: GeneralizedTime '19951230235959Z'
: }
68 30 15: SEQUENCE {
70 06 11: OBJECT IDENTIFIER
: id-alg-CMS3DESwrap (1 2 840 113549 1 9 16 3 6)
: (S/MIME Algorithms (1 2 840 113549 1 9 16 3))
83 05 0: NULL
: }
85 04 40: OCTET STRING
: 74 31 C0 45 51 4C 3C 2D 2E DA 63 50 8B AE D4 AC
: 64 CC 95 AE AF CD 0F 8C B6 48 1F 0B 45 12 4D FB
: A4 AB C7 83 30 4B 69 AD
: }
: }
127 30 67: SEQUENCE {
129 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
140 30 20: SEQUENCE {
142 06 8: OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
: (RSADSI encryptionAlgorithm (1 2 840 113549 3))
152 04 8: OCTET STRING
: 41 1E 70 EC 7D 56 80 D9
: }
162 80 32: [0]
: C0 4C 7E 6E 31 E9 60 44 49 B9 E3 3E 24 A6 D4 58
: 4D 5E 65 07 69 A5 69 A9 38 F3 7D 50 C9 09 B3 C0
: }
: }
: }
: }
7. Digested-data
A DigestedData from Alice to Bob of ExContent using SHA-1.
0 30 94: SEQUENCE {
2 06 9: OBJECT IDENTIFIER digestedData (1 2 840 113549 1 7 5)
: (PKCS #7)
13 A0 81: [0] {
15 30 79: SEQUENCE {
17 02 1: INTEGER 0
20 30 7: SEQUENCE {
22 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
29 30 43: SEQUENCE {
31 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
42 A0 30: [0] {
44 04 28: OCTET STRING 'This is some sample content.'
: }
: }
74 04 20: OCTET STRING
: 40 6A EC 08 52 79 BA 6E 16 02 2D 9E 06 29 C0 22
: 96 87 DD 48
: }
: }
: }
8. Encrypted-data
8.1 Simple EncryptedData
An EncryptedData from Alice to Bob of ExContent with no attributes.
0 30 87: SEQUENCE {
2 06 9: OBJECT IDENTIFIER encryptedData (1 2 840 113549 1 7 6)
: (PKCS #7)
13 A0 74: [0] {
15 30 72: SEQUENCE {
17 02 1: INTEGER 0
20 30 67: SEQUENCE {
22 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
33 30 20: SEQUENCE {
35 06 8: OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
: (RSADSI encryptionAlgorithm (1 2 840 113549 3))
45 04 8: OCTET STRING
: B3 6B 6B FB 62 31 08 4E
: }
55 80 32: [0]
: D7 6F D1 17 8F BD 02 F8 42 31 F5 C1 D2 A2 F7 4A
: 41 59 48 29 64 F6 75 24 82 54 22 3D AF 9A F8 E4
: }
: }
: }
: }
The TripleDES key is:
73 7c 79 1f 25 ea d0 e0 46 29 25 43 52 f7 dc 62
91 e5 cb 26 91 7a da 32
8.2 EncryptedData with unprotected attributes
An EncryptedData from Alice to Bob of ExContent with unprotected
attributes.
0 30 209: SEQUENCE {
3 06 9: OBJECT IDENTIFIER encryptedData (1 2 840 113549 1 7 6)
: (PKCS #7)
14 A0 195: [0] {
17 30 192: SEQUENCE {
20 02 1: INTEGER 2
23 30 67: SEQUENCE {
25 06 9: OBJECT IDENTIFIER encryptedData (1 2 840 113549 1 7 6)
: (PKCS #7)
36 30 20: SEQUENCE {
38 06 8: OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
: (RSADSI encryptionAlgorithm (1 2 840 113549 3))
48 04 8: OCTET STRING
: 64 F0 07 5E 58 3B F0 1F
: }
58 80 32: [0]
: 22 3F E5 D3 07 18 0A 37 6E C2 48 A0 D0 AD 77 AC
: FE 48 62 5E B0 8D 6B 05 33 BC 22 66 2B 93 2A 71
: }
92 A1 118: [1] {
94 30 56: SEQUENCE {
96 06 3: OBJECT IDENTIFIER '1 2 5555'
101 31 49: SET {
103 04 47: OCTET STRING
: 54 68 69 73 20 69 73 20 61 20 74 65 73 74 20 47
: 65 6E 65 72 61 6C 20 41 53 4E 20 41 74 74 72 69
: 62 75 74 65 2C 20 6E 75 6D 62 65 72 20 31 2E
: }
: }
152 30 58: SEQUENCE {
154 06 11: OBJECT IDENTIFIER
: id-aa-contentHint (1 2 840 113549 1 9 16 2 4)
: (S/MIME Authenticated Attributes (1 2 840
113549 1 9 16 2))
167 31 43: SET {
169 30 41: SEQUENCE {
171 0C 32: UTF8String 'Content Hints Description Buffer'
205 06 5: OBJECT IDENTIFIER '1 2 3 6 5 4'
: }
: }
: }
: }
: }
: }
: }
9. Authenticated-data
No examples are given in this section because no one has created them.
10. Key Wrapping
This section shows the steps needed to wrap keys, as described in
section 12.6 of [CMS].
10.1 Wrapping RC2
This example shows how to wrap an RC2 key.
The CEK to be wrapped is
b70a 25fb c9d8 6a86 050c e0d7 11ea d4d9
The random value used is
4845 cce7 fd12 50
The hash of the CEK is
0a6f f19f db40 4988
The CEK initialization vector is
c7d9 0059 b29e 97f7
The KEK is
fd04 fd08 0607 07fb 0003 feff fd02 fe05
The "Pre Encrypt #1" is
10b7 0a25 fbc9 d86a 8605 0ce0 d711 ead4
d9 4845 cce7 fd12 500a 6ff1 9fdb 4049 88
The "Pre Encrypt #2" is
a7 f7 1f a3 07 8a a9 9f 32 99 8e ff 9e d7 8c ac
b8 70 ce 04 f5 55 8c e4 60 12 93 37 59 a2 1d a0
f7 97 9e b2 59 00 d9 c7
The wrapped CEK is
70e6 99fb 5701 f783 3330 fb71 e87c 85a4
20bd c99a f05d 22af 5a0e 48d3 5f31 3898
6cba afb4 b28d 4f35
10.2 Wrapping TripleDES
This example shows how to wrap an TripleDES key.
The CEK to be wrapped is
2923 bf85 e06d d6ae 5291 49f1 f1ba e9ea b3a7 da3d 860d 3e98
The hash of the CEK is
181b 7e96 86e04a4e
The CEK initialization vector is
5dd4 cbfc 96f5 453b
The KEK is
255e 0d1c 07b6 46df b313 4cc8 43ba 8aa7 1f02 5b7c 0838 251f
The "Pre Encrypt #1" is
29 23 bf 85 e0 6d d6 ae 52 91 49 f1 f1 ba e9 ea
b3 a7 da 3d 86 0d 3e 98 18 1b 7e 96 86 e0 4a 4e
The "Pre Encrypt #2" is
49 84 9d 72 5f cc 4d a4 f6 60 79 7a 3b 97 1f 5c
03 cc 92 ef 04 32 9a b4 2a dd 75 c6 89 a7 c1 cf
3b 45 f5 96 fc cb d4 5d
The wrapped CEK is
69 01 07 61 8e f0 92 b3 b4 8c a1 79 6b 23 4a e9
fa 33 eb b4 15 96 04 03 7d b5 d6 a8 4e b3 aa c2
76 8c 63 27 75 a4 67 d4
11. ESS Examples
11.1 ReceiptRequest
Alice asks Bob for a reciept on the message in 5.1 using RSA.
0 30 1119: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 1104: [0] {
19 30 1100: SEQUENCE {
23 02 1: INTEGER 1
26 31 9: SET {
28 30 7: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
: }
37 30 43: SEQUENCE {
39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
50 A0 30: [0] {
52 04 28: OCTET STRING
: 54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
: 70 6C 65 20 63 6F 6E 74 65 6E 74 2E
: }
: }
82 A0 738: [0] {
86 30 734: SEQUENCE {
90 30 669: SEQUENCE {
94 A0 3: [0] {
96 02 1: INTEGER 2
: }
99 02 2: INTEGER 200
103 30 9: SEQUENCE {
105 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
114 30 18: SEQUENCE {
116 31 16: SET {
118 30 14: SEQUENCE {
120 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
125 13 7: PrintableString 'CarlDSS'
: }
: }
: }
134 30 30: SEQUENCE {
136 17 13: UTCTime '990817011049Z'
151 17 13: UTCTime '391231235959Z'
: }
166 30 19: SEQUENCE {
168 31 17: SET {
170 30 15: SEQUENCE {
172 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
177 13 8: PrintableString 'AliceDSS'
: }
: }
: }
187 30 438: SEQUENCE {
191 30 299: SEQUENCE {
195 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
204 30 286: SEQUENCE {
208 02 129: INTEGER
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2
48 28 A3 E4
: 47 93 DD 0E D7 A8 0E EC 53 C5 AB 84
08 4F FF 94
: E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F
AF A4 A1 89
: 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
DC 5F 69 8A
: E4 75 D0 37 0C 91 08 95 9B DE A7 5E
F9 FC F4 9F
: 2F DD 43 A8 8B 54 F1 3F B0 07 08 47
4D 5D 88 C3
: C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
78 BD FF 9D
: B0 84 97 37 F2 E4 51 1B B5 E4 09 96
5C F3 7E 5B
: [ Another 1 bytes skipped ]
340 02 21: INTEGER
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
B8 37 21 2B
: 62 8B F7 93 CD
363 02 128: INTEGER
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9
4B 59 6A 4C
: 76 23 39 04 02 35 5C F2 CB 1A 30 C3
1E 50 5D DD
: 9B 59 E2 CD AA 05 3D 58 C0 7B A2 36
B8 6E 07 AF
: 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
3E 90 F8 6D
: EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D
A3 07 CD 23
: 85 B8 2F 30 01 7C 6D 49 89 11 89 36
44 BD F8 C8
: 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
1F 11 7F C2
: BD ED D1 50 FF 98 74 C2 D1 81 4A 60
39 BA 36 39
: }
: }
494 03 132: BIT STRING 0 unused bits, encapsulates {
498 02 128: INTEGER
: 5C E3 B9 5A 75 14 96 0B A9 7A DD E3
3F A9 EC AC
: 5E DC BD B7 13 11 34 A6 16 89 28 11
23 D9 34 86
: 67 75 75 13 12 3D 43 5B 6F E5 51 BF
FA 89 F2 A2
: 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
A5 A0 4A E3
: 85 D6 CE 06 80 3F E8 23 7E 1A F2 24
AB 53 1A B8
: 27 0D 1E EF 08 BF 66 14 80 5C 62 AC
65 FA 15 8B
: F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
32 84 F0 7E
: 41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4
F2 83 E5 B8
: }
: }
629 A3 131: [3] {
632 30 128: SEQUENCE {
635 30 32: SEQUENCE {
637 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
642 04 25: OCTET STRING, encapsulates {
644 30 23: SEQUENCE {
646 81 21: [1] 'aliceDss@examples.com'
: }
: }
: }
669 30 12: SEQUENCE {
671 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
676 01 1: BOOLEAN TRUE
679 04 2: OCTET STRING, encapsulates {
681 30 0: SEQUENCE {}
: }
: }
683 30 14: SEQUENCE {
685 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
690 01 1: BOOLEAN TRUE
693 04 4: OCTET STRING, encapsulates {
695 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
699 30 31: SEQUENCE {
701 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
706 04 24: OCTET STRING, encapsulates {
708 30 22: SEQUENCE {
710 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
: 2B 93 F1 1F
: }
: }
: }
732 30 29: SEQUENCE {
734 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
739 04 22: OCTET STRING
: 04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70
A4 CE 13 01
: E2 FD E3 97 FE CD
: }
: }
: }
: }
763 30 9: SEQUENCE {
765 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
774 03 48: BIT STRING 0 unused bits, encapsulates {
777 30 45: SEQUENCE {
779 02 21: INTEGER
: 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A
8F C0 F8 24
: 05 E8 46 94 8E
802 02 20: INTEGER
: 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9
A1 87 C1 A5
: 7F 28 2D BB
: }
: }
: }
: }
824 31 295: SET {
828 30 291: SEQUENCE {
832 02 1: INTEGER 1
835 30 24: SEQUENCE {
837 30 18: SEQUENCE {
839 31 16: SET {
841 30 14: SEQUENCE {
843 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
848 13 7: PrintableString 'CarlDSS'
: }
: }
: }
857 02 2: INTEGER 200
: }
861 30 7: SEQUENCE {
863 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
870 A0 190: [0] {
873 30 24: SEQUENCE {
875 06 9: OBJECT IDENTIFIER
: contentType (1 2 840 113549 1 9 3)
: (PKCS #9 (1 2 840 113549 1 9))
886 31 11: SET {
888 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
: }
: }
899 30 35: SEQUENCE {
901 06 9: OBJECT IDENTIFIER
: messageDigest (1 2 840 113549 1 9 4)
: (PKCS #9 (1 2 840 113549 1 9))
912 31 22: SET {
914 04 20: OCTET STRING
: 40 6A EC 08 52 79 BA 6E 16 02 2D 9E
06 29 C0 22
: 96 87 DD 48
: }
: }
936 30 125: SEQUENCE {
938 06 11: OBJECT IDENTIFIER
: id-aa-receiptRequest (1 2 840 113549 1 9 16 2 1)
: (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
951 31 110: SET {
953 30 108: SEQUENCE {
955 04 50: OCTET STRING
: 45 78 61 6D 70 6C 65 20 31 31 2E 31
20 28 41 6C
: 69 63 65 20 61 73 6B 73 20 66 6F 72
20 61 20 72
: 65 63 65 69 70 74 20 66 72 6F 6D 20
44 69 61 6E
: 65 29
1007 A1 23: [1] {
1009 30 21: SEQUENCE {
1011 A4 19: [4] {
1013 30 17: SEQUENCE {
1015 31 15: SET {
1017 30 13: SEQUENCE {
1019 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
1024 13 6: PrintableString 'BobRSA'
: }
: }
: }
: }
: }
: }
1032 30 29: SEQUENCE {
1034 30 27: SEQUENCE {
1036 81 25: [1] 'robert.colestock@wang.com'
: }
: }
: }
: }
: }
: }
1063 30 9: SEQUENCE {
1065 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
: }
1074 04 47: OCTET STRING, encapsulates {
1076 30 45: SEQUENCE {
1078 02 20: INTEGER
: 6F 15 C9 61 96 0F 3B 4F FD CC 62 97
7C B1 F3 C2
: 9A 9F E4 74
1100 02 21: INTEGER
: 00 9F 8D 42 09 CA 34 E9 35 9B BB 80
CD B7 81 26
: E4 E6 7E 23 A5
: }
: }
: }
: }
: }
: }
: }
11.2 Receipt
Bob gives Alice a receipt for the message in 11.1 using RSA.
0 30 1031: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 1016: [0] {
19 30 1012: SEQUENCE {
23 02 1: INTEGER 3
26 31 9: SET {
28 30 7: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
: }
37 30 134: SEQUENCE {
40 06 11: OBJECT IDENTIFIER
: id-ct-receipt (1 2 840 113549 1 9 16 1 1)
: (S/MIME Content Types (1 2 840 113549 1 9 16 1))
53 A0 119: [0] {
55 04 117: OCTET STRING, encapsulates {
57 30 115: SEQUENCE {
59 02 1: INTEGER 1
62 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
73 04 50: OCTET STRING
: 'Example 11.1 (Alice asks for a receipt'
: ' from Diane)'
125 04 47: OCTET STRING, encapsulates {
127 30 45: SEQUENCE {
129 02 20: INTEGER
: 6F 15 C9 61 96 0F 3B 4F FD CC 62 97 7C B1 F3 C2
: 9A 9F E4 74
151 02 21: INTEGER
: 00 9F 8D 42 09 CA 34 E9 35 9B BB 80 CD B7 81 26
: E4 E6 7E 23 A5
: }
: }
: }
: }
: }
: }
174 A0 516: [0] {
178 30 512: SEQUENCE {
182 30 365: SEQUENCE {
186 A0 3: [0] {
188 02 1: INTEGER 2
: }
191 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
209 30 9: SEQUENCE {
211 06 5: OBJECT IDENTIFIER
: sha-1WithRSAEncryption (1 3 14 3 2 29)
: (Oddball OIW OID)
218 05 0: NULL
: }
220 30 18: SEQUENCE {
222 31 16: SET {
224 30 14: SEQUENCE {
226 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
231 13 7: PrintableString 'CarlRSA'
: }
: }
: }
240 30 30: SEQUENCE {
242 17 13: UTCTime '990919010902Z'
257 17 13: UTCTime '391231235959Z'
: }
272 30 17: SEQUENCE {
274 31 15: SET {
276 30 13: SEQUENCE {
278 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
283 13 6: PrintableString 'BobRSA'
: }
: }
: }
291 30 159: SEQUENCE {
294 30 13: SEQUENCE {
296 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
307 05 0: NULL
: }
309 03 141: BIT STRING 0 unused bits, encapsulates {
313 30 137: SEQUENCE {
316 02 129: INTEGER
: 00 A9 E1 67 98 3F 39 D5 5F F2 A0 93 41 5E A6 79
: 89 85 C8 35 5D 9A 91 5B FB 1D 01 DA 19 70 26 17
: 0F BD A5 22 D0 35 85 6D 7A 98 66 14 41 5C CF B7
: B7 08 3B 09 C9 91 B8 19 69 37 6D F9 65 1E 7B D9
: A9 33 24 A3 7F 3B BB AF 46 01 86 36 34 32 CB 07
: 03 59 52 FC 85 8B 31 04 B8 CC 18 08 14 48 E6 4F
: 1C FB 5D 60 C4 E0 5C 1F 53 D3 7F 53 D8 69 01 F1
: 05 F8 7A 70 D1 BE 83 C6 5F 38 CF 1C 2C AA 6A A7
: EB
448 02 3: INTEGER 65537
: }
: }
: }
453 A3 96: [3] {
455 30 94: SEQUENCE {
457 30 12: SEQUENCE {
459 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
464 01 1: BOOLEAN TRUE
467 04 2: OCTET STRING, encapsulates {
469 30 0: SEQUENCE {}
: }
: }
471 30 14: SEQUENCE {
473 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
478 01 1: BOOLEAN TRUE
481 04 4: OCTET STRING, encapsulates {
483 03 2: BIT STRING 5 unused bits
: '100'B (bit 2)
: }
: }
487 30 31: SEQUENCE {
489 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
494 04 24: OCTET STRING, encapsulates {
496 30 22: SEQUENCE {
498 80 20: [0]
: E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 4E 22
: AE 9E 38 BB
: }
: }
: }
520 30 29: SEQUENCE {
522 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
527 04 22: OCTET STRING, encapsulates {
529 04 20: OCTET STRING
: E8 F4 B8 67 D8 B3 96 A4 2A F3 11 AA 29 D3 95 5A
: 86 16 B4 24
: }
: }
: }
: }
: }
551 30 9: SEQUENCE {
553 06 5: OBJECT IDENTIFIER
: sha-1WithRSAEncryption (1 3 14 3 2 29)
: (Oddball OIW OID)
560 05 0: NULL
: }
562 03 129: BIT STRING 0 unused bits
: 09 21 6A 3B 62 50 DF 62 41 5E 12 40 09 14 C3 B5
: E4 28 2E 50 77 FA 56 66 B3 A2 96 B6 0A 01 AE A6
: 38 E5 BD 6B E7 F2 3E 6D B0 A5 EF CC 87 AC AB 25
: A4 BB DA E2 1A 81 B7 B9 15 B3 6C DA D1 13 D5 9F
: 0F D5 4B 7A 8D 54 D8 5A DC 07 01 D1 05 41 0D 0A
: 61 47 80 F1 75 0F F8 22 1B 50 92 33 FE 08 05 50
: 6D 7B 03 00 03 F1 2D 4B FE 20 62 C7 20 77 05 42
: 23 DB A8 C7 AD DE 71 1B D1 2A 99 82 A6 65 EB 7E
: }
: }
694 31 337: SET {
698 30 333: SEQUENCE {
702 02 1: INTEGER 1
705 30 38: SEQUENCE {
707 30 18: SEQUENCE {
709 31 16: SET {
711 30 14: SEQUENCE {
713 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
718 13 7: PrintableString 'CarlRSA'
: }
: }
: }
727 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
: }
745 30 7: SEQUENCE {
747 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
754 A0 134: [0] {
757 30 26: SEQUENCE {
759 06 9: OBJECT IDENTIFIER
: contentType (1 2 840 113549 1 9 3)
: (PKCS #9 (1 2 840 113549 1 9))
770 31 13: SET {
772 06 11: OBJECT IDENTIFIER
: id-ct-receipt (1 2 840 113549 1 9 16 1 1)
: (S/MIME Content Types (1 2 840 113549 1 9 16 1))
: }
: }
785 30 28: SEQUENCE {
787 06 9: OBJECT IDENTIFIER
: signingTime (1 2 840 113549 1 9 5)
: (PKCS #9 (1 2 840 113549 1 9))
798 31 15: SET {
800 17 13: UTCTime '020404184700Z'
: }
: }
815 30 35: SEQUENCE {
817 06 9: OBJECT IDENTIFIER
: messageDigest (1 2 840 113549 1 9 4)
: (PKCS #9 (1 2 840 113549 1 9))
828 31 22: SET {
830 04 20: OCTET STRING
: 93 C0 4A 4C 74 86 1B EC CF 75 DE 30 20 32 58 1D
: D4 B8 E8 54
: }
: }
852 30 37: SEQUENCE {
854 06 11: OBJECT IDENTIFIER
: id-aa-msgSigDigest (1 2 840 113549 1 9 16 2 5)
: (S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2))
867 31 22: SET {
869 04 20: OCTET STRING
: B6 C3 E5 76 8E 43 68 AD 26 FE 45 83 90 D1 00 5C
: B0 69 1D 14
: }
: }
: }
891 30 11: SEQUENCE {
893 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
: }
904 04 128: OCTET STRING
: 4B 94 95 E3 C2 CB FE 3F 39 B4 E7 6B 07 6A 9B 37
: 01 9F 4C C7 16 FB 1B 20 B3 C4 DD 47 B0 A9 02 79
: EB 71 03 3E 58 83 87 AF 5B 41 F2 90 F6 03 07 48
: EB 35 E3 EE 73 20 89 FA 16 E1 24 CA 82 6F A3 E7
: FD 89 F2 6B 6D 6E F9 7E C8 0E 1E A8 40 24 FD 40
: C7 80 C6 D6 D1 19 D8 9F 6F 64 E5 82 BF 6F FE 3E
: DF A1 F9 15 07 8A 7F 72 0E 73 A2 90 CF 32 7C D5
: 44 B2 12 E2 67 64 BF 1D 4E 38 22 AF F2 F3 67 64
: }
: }
: }
: }
: }
11.3 eSSSecurityLabel
Alice includes a security label in the message in 5.1.
0 30 1103: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 1088: [0] {
19 30 1084: SEQUENCE {
23 02 1: INTEGER 1
26 31 9: SET {
28 30 7: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
: }
37 30 43: SEQUENCE {
39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
50 A0 30: [0] {
52 04 28: OCTET STRING
: 54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
: 70 6C 65 20 63 6F 6E 74 65 6E 74 2E
: }
: }
82 A0 738: [0] {
86 30 734: SEQUENCE {
90 30 669: SEQUENCE {
94 A0 3: [0] {
96 02 1: INTEGER 2
: }
99 02 2: INTEGER 200
103 30 9: SEQUENCE {
105 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
114 30 18: SEQUENCE {
116 31 16: SET {
118 30 14: SEQUENCE {
120 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
125 13 7: PrintableString 'CarlDSS'
: }
: }
: }
134 30 30: SEQUENCE {
136 17 13: UTCTime '990817011049Z'
151 17 13: UTCTime '391231235959Z'
: }
166 30 19: SEQUENCE {
168 31 17: SET {
170 30 15: SEQUENCE {
172 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
177 13 8: PrintableString 'AliceDSS'
: }
: }
: }
187 30 438: SEQUENCE {
191 30 299: SEQUENCE {
195 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
204 30 286: SEQUENCE {
208 02 129: INTEGER
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2
48 28 A3 E4
: 47 93 DD 0E D7 A8 0E EC 53 C5 AB 84
08 4F FF 94
: E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F
AF A4 A1 89
: 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
DC 5F 69 8A
: E4 75 D0 37 0C 91 08 95 9B DE A7 5E
F9 FC F4 9F
: 2F DD 43 A8 8B 54 F1 3F B0 07 08 47
4D 5D 88 C3
: C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
78 BD FF 9D
: B0 84 97 37 F2 E4 51 1B B5 E4 09 96
5C F3 7E 5B
: [ Another 1 bytes skipped ]
340 02 21: INTEGER
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
B8 37 21 2B
: 62 8B F7 93 CD
363 02 128: INTEGER
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9
4B 59 6A 4C
: 76 23 39 04 02 35 5C F2 CB 1A 30 C3
1E 50 5D DD
: 9B 59 E2 CD AA 05 3D 58 C0 7B A2 36
B8 6E 07 AF
: 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
3E 90 F8 6D
: EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D
A3 07 CD 23
: 85 B8 2F 30 01 7C 6D 49 89 11 89 36
44 BD F8 C8
: 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
1F 11 7F C2
: BD ED D1 50 FF 98 74 C2 D1 81 4A 60
39 BA 36 39
: }
: }
494 03 132: BIT STRING 0 unused bits, encapsulates {
498 02 128: INTEGER
: 5C E3 B9 5A 75 14 96 0B A9 7A DD E3
3F A9 EC AC
: 5E DC BD B7 13 11 34 A6 16 89 28 11
23 D9 34 86
: 67 75 75 13 12 3D 43 5B 6F E5 51 BF
FA 89 F2 A2
: 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
A5 A0 4A E3
: 85 D6 CE 06 80 3F E8 23 7E 1A F2 24
AB 53 1A B8
: 27 0D 1E EF 08 BF 66 14 80 5C 62 AC
65 FA 15 8B
: F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
32 84 F0 7E
: 41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4
F2 83 E5 B8
: }
: }
629 A3 131: [3] {
632 30 128: SEQUENCE {
635 30 32: SEQUENCE {
637 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
642 04 25: OCTET STRING, encapsulates {
644 30 23: SEQUENCE {
646 81 21: [1] 'aliceDss@examples.com'
: }
: }
: }
669 30 12: SEQUENCE {
671 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
676 01 1: BOOLEAN TRUE
679 04 2: OCTET STRING, encapsulates {
681 30 0: SEQUENCE {}
: }
: }
683 30 14: SEQUENCE {
685 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
690 01 1: BOOLEAN TRUE
693 04 4: OCTET STRING, encapsulates {
695 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
699 30 31: SEQUENCE {
701 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
706 04 24: OCTET STRING, encapsulates {
708 30 22: SEQUENCE {
710 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
: 2B 93 F1 1F
: }
: }
: }
732 30 29: SEQUENCE {
734 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
739 04 22: OCTET STRING
: 04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70
A4 CE 13 01
: E2 FD E3 97 FE CD
: }
: }
: }
: }
763 30 9: SEQUENCE {
765 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
774 03 48: BIT STRING 0 unused bits, encapsulates {
777 30 45: SEQUENCE {
779 02 21: INTEGER
: 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A
8F C0 F8 24
: 05 E8 46 94 8E
802 02 20: INTEGER
: 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9
A1 87 C1 A5
: 7F 28 2D BB
: }
: }
: }
: }
824 31 279: SET {
828 30 275: SEQUENCE {
832 02 1: INTEGER 1
835 30 24: SEQUENCE {
837 30 18: SEQUENCE {
839 31 16: SET {
841 30 14: SEQUENCE {
843 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
848 13 7: PrintableString 'CarlDSS'
: }
: }
: }
857 02 2: INTEGER 200
: }
861 30 7: SEQUENCE {
863 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
870 A0 174: [0] {
873 30 24: SEQUENCE {
875 06 9: OBJECT IDENTIFIER
: contentType (1 2 840 113549 1 9 3)
: (PKCS #9 (1 2 840 113549 1 9))
886 31 11: SET {
888 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
: }
: }
899 30 35: SEQUENCE {
901 06 9: OBJECT IDENTIFIER
: messageDigest (1 2 840 113549 1 9 4)
: (PKCS #9 (1 2 840 113549 1 9))
912 31 22: SET {
914 04 20: OCTET STRING
: 40 6A EC 08 52 79 BA 6E 16 02 2D 9E
06 29 C0 22
: 96 87 DD 48
: }
: }
936 30 109: SEQUENCE {
938 06 11: OBJECT IDENTIFIER
: id-aa-securityLabel (1 2 840 113549 1 9 16 2 2)
: (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
951 31 94: SET {
953 31 92: SET {
955 02 1: INTEGER 1
958 06 7: OBJECT IDENTIFIER '1 2 3 4 5 6 7 8'
967 31 49: SET {
969 30 47: SEQUENCE {
971 80 8: [0]
: 2A 03 04 05 06 07 86 78
981 A1 35: [1] {
983 13 33: PrintableString 'THIS IS A TEST
SECURITY-CATEGORY.'
: }
: }
: }
1018 13 27: PrintableString 'THIS IS A PRIVACY MARK TEST'
: }
: }
: }
: }
1047 30 9: SEQUENCE {
1049 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
: }
1058 04 47: OCTET STRING, encapsulates {
1060 30 45: SEQUENCE {
1062 02 20: INTEGER
: 00 DC 34 49 B3 5A 23 BB 46 0E D0 5A
6D 06 5B 4C
: 81 46 CB 73
1084 02 21: INTEGER
: 00 CC E2 3C D9 20 CD 87 96 33 5D D3
92 BF 14 EC
: 6A 3A 0D 25 EE
: }
: }
: }
: }
: }
: }
: }
11.4 EquivalentLabels
Alice uses an EquivalentLabels in the message in 11.3.
0 30 1341: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 1326: [0] {
19 30 1322: SEQUENCE {
23 02 1: INTEGER 1
26 31 9: SET {
28 30 7: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
: }
37 30 43: SEQUENCE {
39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
50 A0 30: [0] {
52 04 28: OCTET STRING
: 54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
: 70 6C 65 20 63 6F 6E 74 65 6E 74 2E
: }
: }
82 A0 738: [0] {
86 30 734: SEQUENCE {
90 30 669: SEQUENCE {
94 A0 3: [0] {
96 02 1: INTEGER 2
: }
99 02 2: INTEGER 200
103 30 9: SEQUENCE {
105 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
114 30 18: SEQUENCE {
116 31 16: SET {
118 30 14: SEQUENCE {
120 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
125 13 7: PrintableString 'CarlDSS'
: }
: }
: }
134 30 30: SEQUENCE {
136 17 13: UTCTime '990817011049Z'
151 17 13: UTCTime '391231235959Z'
: }
166 30 19: SEQUENCE {
168 31 17: SET {
170 30 15: SEQUENCE {
172 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
177 13 8: PrintableString 'AliceDSS'
: }
: }
: }
187 30 438: SEQUENCE {
191 30 299: SEQUENCE {
195 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
204 30 286: SEQUENCE {
208 02 129: INTEGER
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2
48 28 A3 E4
: 47 93 DD 0E D7 A8 0E EC 53 C5 AB 84
08 4F FF 94
: E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F
AF A4 A1 89
: 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
DC 5F 69 8A
: E4 75 D0 37 0C 91 08 95 9B DE A7 5E
F9 FC F4 9F
: 2F DD 43 A8 8B 54 F1 3F B0 07 08 47
4D 5D 88 C3
: C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
78 BD FF 9D
: B0 84 97 37 F2 E4 51 1B B5 E4 09 96
5C F3 7E 5B
: [ Another 1 bytes skipped ]
340 02 21: INTEGER
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
B8 37 21 2B
: 62 8B F7 93 CD
363 02 128: INTEGER
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9
4B 59 6A 4C
: 76 23 39 04 02 35 5C F2 CB 1A 30 C3
1E 50 5D DD
: 9B 59 E2 CD AA 05 3D 58 C0 7B A2 36
B8 6E 07 AF
: 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
3E 90 F8 6D
: EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D
A3 07 CD 23
: 85 B8 2F 30 01 7C 6D 49 89 11 89 36
44 BD F8 C8
: 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
1F 11 7F C2
: BD ED D1 50 FF 98 74 C2 D1 81 4A 60
39 BA 36 39
: }
: }
494 03 132: BIT STRING 0 unused bits, encapsulates {
498 02 128: INTEGER
: 5C E3 B9 5A 75 14 96 0B A9 7A DD E3
3F A9 EC AC
: 5E DC BD B7 13 11 34 A6 16 89 28 11
23 D9 34 86
: 67 75 75 13 12 3D 43 5B 6F E5 51 BF
FA 89 F2 A2
: 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
A5 A0 4A E3
: 85 D6 CE 06 80 3F E8 23 7E 1A F2 24
AB 53 1A B8
: 27 0D 1E EF 08 BF 66 14 80 5C 62 AC
65 FA 15 8B
: F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
32 84 F0 7E
: 41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4
F2 83 E5 B8
: }
: }
629 A3 131: [3] {
632 30 128: SEQUENCE {
635 30 32: SEQUENCE {
637 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
642 04 25: OCTET STRING, encapsulates {
644 30 23: SEQUENCE {
646 81 21: [1] 'aliceDss@examples.com'
: }
: }
: }
669 30 12: SEQUENCE {
671 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
676 01 1: BOOLEAN TRUE
679 04 2: OCTET STRING, encapsulates {
681 30 0: SEQUENCE {}
: }
: }
683 30 14: SEQUENCE {
685 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
690 01 1: BOOLEAN TRUE
693 04 4: OCTET STRING, encapsulates {
695 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
699 30 31: SEQUENCE {
701 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
706 04 24: OCTET STRING, encapsulates {
708 30 22: SEQUENCE {
710 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
: 2B 93 F1 1F
: }
: }
: }
732 30 29: SEQUENCE {
734 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
739 04 22: OCTET STRING
: 04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70
A4 CE 13 01
: E2 FD E3 97 FE CD
: }
: }
: }
: }
763 30 9: SEQUENCE {
765 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
774 03 48: BIT STRING 0 unused bits, encapsulates {
777 30 45: SEQUENCE {
779 02 21: INTEGER
: 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A
8F C0 F8 24
: 05 E8 46 94 8E
802 02 20: INTEGER
: 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9
A1 87 C1 A5
: 7F 28 2D BB
: }
: }
: }
: }
824 31 517: SET {
828 30 513: SEQUENCE {
832 02 1: INTEGER 1
835 30 24: SEQUENCE {
837 30 18: SEQUENCE {
839 31 16: SET {
841 30 14: SEQUENCE {
843 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
848 13 7: PrintableString 'CarlDSS'
: }
: }
: }
857 02 2: INTEGER 200
: }
861 30 7: SEQUENCE {
863 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
870 A0 411: [0] {
874 30 24: SEQUENCE {
876 06 9: OBJECT IDENTIFIER
: contentType (1 2 840 113549 1 9 3)
: (PKCS #9 (1 2 840 113549 1 9))
887 31 11: SET {
889 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
: }
: }
900 30 35: SEQUENCE {
902 06 9: OBJECT IDENTIFIER
: messageDigest (1 2 840 113549 1 9 4)
: (PKCS #9 (1 2 840 113549 1 9))
913 31 22: SET {
915 04 20: OCTET STRING
: 40 6A EC 08 52 79 BA 6E 16 02 2D 9E
06 29 C0 22
: 96 87 DD 48
: }
: }
937 30 113: SEQUENCE {
939 06 11: OBJECT IDENTIFIER
: id-aa-securityLabel (1 2 840 113549 1 9 16 2 2)
: (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
952 31 98: SET {
954 31 96: SET {
956 02 1: INTEGER 1
959 06 7: OBJECT IDENTIFIER '1 2 3 4 5 6 7 8'
968 31 53: SET {
970 30 51: SEQUENCE {
972 80 8: [0]
: 2A 03 04 05 06 07 86 78
982 A1 39: [1] {
984 13 37: PrintableString 'BOB THIS IS A
TEST SECURITY-CATEGORY.'
: }
: }
: }
1023 13 27: PrintableString 'THIS IS A PRIVACY MARK TEST'
: }
: }
: }
1052 30 230: SEQUENCE {
1055 06 11: OBJECT IDENTIFIER
: id-aa-equivalentLabels (1 2 840 113549
1 9 16 2 9)
: (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
1068 31 214: SET {
1071 30 211: SEQUENCE {
1074 31 100: SET {
1076 02 1: INTEGER 1
1079 06 7: OBJECT IDENTIFIER '1 2 3 4 5 6 7 8'
1088 31 53: SET {
1090 30 51: SEQUENCE {
1092 80 8: [0]
: 2A 03 04 05 06 07 86 78
1102 A1 39: [1] {
1104 13 37: PrintableString 'BOB THIS IS
A TEST SECURITY-CATEGORY.'
: }
: }
: }
1143 13 31: PrintableString 'BOB THIS IS A
PRIVACY MARK TEST'
: }
1176 31 107: SET {
1178 02 1: INTEGER 1
1181 06 7: OBJECT IDENTIFIER '1 2 3 4 5 6 7 9'
1190 31 53: SET {
1192 30 51: SEQUENCE {
1194 80 8: [0]
: 2A 03 04 05 06 07 86 78
1204 A1 39: [1] {
1206 13 37: PrintableString 'BOB THIS IS
A TEST SECURITY-CATEGORY.'
: }
: }
: }
1245 13 38: PrintableString 'BOB THIS IS A
SECOND PRIVACY MARK TEST'
: }
: }
: }
: }
: }
1285 30 9: SEQUENCE {
1287 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
: }
1296 04 47: OCTET STRING, encapsulates {
1298 30 45: SEQUENCE {
1300 02 21: INTEGER
: 00 9D 50 FA 7F 91 68 8D 44 11 41 2E
D4 51 5B A1
: 7D A4 B5 BD F7
1323 02 20: INTEGER
: 15 B6 E7 31 2E 7C F5 5B 1E 22 F0 3A
D1 92 92 E1
: BE 31 A6 D9
: }
: }
: }
: }
: }
: }
: }
11.5 mlExpansionHistory
The mailing list sends a message with a mlExpansionHistory attribute.
0 30 1302: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 1287: [0] {
19 30 1283: SEQUENCE {
23 02 1: INTEGER 1
26 31 9: SET {
28 30 7: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
: }
37 30 43: SEQUENCE {
39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
50 A0 30: [0] {
52 04 28: OCTET STRING
: 54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
: 70 6C 65 20 63 6F 6E 74 65 6E 74 2E
: }
: }
82 31 1220: SET {
86 30 1216: SEQUENCE {
90 02 1: INTEGER 1
93 30 24: SEQUENCE {
95 30 18: SEQUENCE {
97 31 16: SET {
99 30 14: SEQUENCE {
101 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
106 13 7: PrintableString 'CarlDSS'
: }
: }
: }
115 02 2: INTEGER 200
: }
119 30 7: SEQUENCE {
121 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
128 A0 1115: [0] {
132 30 24: SEQUENCE {
134 06 9: OBJECT IDENTIFIER
: contentType (1 2 840 113549 1 9 3)
: (PKCS #9 (1 2 840 113549 1 9))
145 31 11: SET {
147 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
: }
: }
158 30 35: SEQUENCE {
160 06 9: OBJECT IDENTIFIER
: messageDigest (1 2 840 113549 1 9 4)
: (PKCS #9 (1 2 840 113549 1 9))
171 31 22: SET {
173 04 20: OCTET STRING
: 40 6A EC 08 52 79 BA 6E 16 02 2D 9E 06 29 C0 22
: 96 87 DD 48
: }
: }
195 30 56: SEQUENCE {
197 06 3: OBJECT IDENTIFIER '1 2 5555'
202 31 49: SET {
204 04 47: OCTET STRING
: 54 68 69 73 20 69 73 20 61 20 74 65 73 74 20 47
: 65 6E 65 72 61 6C 20 41 53 4E 20 41 74 74 72 69
: 62 75 74 65 2C 20 6E 75 6D 62 65 72 20 31 2E
: }
: }
253 30 58: SEQUENCE {
255 06 11: OBJECT IDENTIFIER
: id-aa-contentHint (1 2 840 113549 1 9 16 2 4)
: (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
268 31 43: SET {
270 30 41: SEQUENCE {
272 0C 32: UTF8String 'Content Hints Description Buffer'
306 06 5: OBJECT IDENTIFIER '1 2 3 6 5 4'
: }
: }
: }
313 30 74: SEQUENCE {
315 06 9: OBJECT IDENTIFIER
: sMIMECapabilities (1 2 840 113549 1 9 15)
: (PKCS #9 (1 2 840 113549 1 9). This
OID was formerly assigned as symmetricCapabilities, then reassigned
as SMIMECapabilities, then renamed to the current name)
326 31 61: SET {
328 30 59: SEQUENCE {
330 30 7: SEQUENCE {
332 06 5: OBJECT IDENTIFIER '1 2 3 4 5 6'
: }
339 30 48: SEQUENCE {
341 06 6: OBJECT IDENTIFIER '1 2 3 4 5 6 77'
349 04 38: OCTET STRING
: 53 6D 69 6D 65 20 43 61 70 61 62 69 6C 69 74 69
: 65 73 20 70 61 72 61 6D 65 74 65 72 73 20 62 75
: 66 66 65 72 20 32
: }
: }
: }
: }
389 30 109: SEQUENCE {
391 06 11: OBJECT IDENTIFIER
: id-aa-securityLabel (1 2 840 113549 1 9 16 2 2)
: (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
404 31 94: SET {
406 31 92: SET {
408 02 1: INTEGER 1
411 06 7: OBJECT IDENTIFIER '1 2 3 4 5 6 7 8'
420 31 49: SET {
422 30 47: SEQUENCE {
424 80 8: [0]
: 2A 03 04 05 06 07 86 78
434 A1 35: [1] {
436 13 33: PrintableString 'THIS IS A TEST
SECURITY-CATEGORY.'
: }
: }
: }
471 13 27: PrintableString 'THIS IS A PRIVACY MARK TEST'
: }
: }
: }
500 30 111: SEQUENCE {
502 06 11: OBJECT IDENTIFIER
: id-aa-contentReference (1 2 840 113549
1 9 16 2 10)
: (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
515 31 96: SET {
517 30 94: SEQUENCE {
519 06 5: OBJECT IDENTIFIER '1 2 3 4 5 6'
526 04 43: OCTET STRING
: 43 6F 6E 74 65 6E 74 20 52 65 66 65 72 65 6E 63
: 65 20 43 6F 6E 74 65 6E 74 20 49 64 65 6E 74 69
: 66 69 65 72 20 42 75 66 66 65 72
571 04 40: OCTET STRING
: 43 6F 6E 74 65 6E 74 20 52 65 66 65 72 65 6E 63
: 65 20 53 69 67 6E 61 74 75 72 65 20 56 61 6C 75
: 65 20 42 75 66 66 65 72
: }
: }
: }
613 30 115: SEQUENCE {
615 06 11: OBJECT IDENTIFIER '1 2 840 113549 1 9 16 2 11'
628 31 100: SET {
630 A0 98: [0] {
632 30 90: SEQUENCE {
634 31 11: SET {
636 30 9: SEQUENCE {
638 06 3: OBJECT IDENTIFIER countryName (2 5 4 6)
: (X.520 id-at (2 5 4))
643 13 2: PrintableString 'US'
: }
: }
647 31 22: SET {
649 30 20: SEQUENCE {
651 06 3: OBJECT IDENTIFIER
: organizationName (2 5 4 10)
: (X.520 id-at (2 5 4))
656 13 13: PrintableString 'US Government'
: }
: }
671 31 17: SET {
673 30 15: SEQUENCE {
675 06 3: OBJECT IDENTIFIER
: organizationalUnitName (2 5 4 11)
: (X.520 id-at (2 5 4))
680 13 8: PrintableString 'VDA Site'
: }
: }
690 31 12: SET {
692 30 10: SEQUENCE {
694 06 3: OBJECT IDENTIFIER
: organizationalUnitName (2 5 4 11)
: (X.520 id-at (2 5 4))
699 13 3: PrintableString 'VDA'
: }
: }
704 31 18: SET {
706 30 16: SEQUENCE {
708 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
713 13 9: PrintableString 'Daisy RSA'
: }
: }
: }
724 02 4: INTEGER 173360179
: }
: }
: }
730 30 252: SEQUENCE {
733 06 11: OBJECT IDENTIFIER
: id-aa-mlExpandHistory (1 2 840 113549 1 9 16 2 3)
: (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
746 31 236: SET {
749 30 233: SEQUENCE {
752 30 230: SEQUENCE {
755 04 7: OCTET STRING
: 35 37 33 38 32 39 39
764 18 15: GeneralizedTime '19990311104433Z'
781 A1 201: [1] {
784 30 198: SEQUENCE {
787 A4 97: [4] {
789 30 95: SEQUENCE {
791 31 11: SET {
793 30 9: SEQUENCE {
795 06 3: OBJECT IDENTIFIER
: countryName (2 5 4 6)
: (X.520 id-at (2 5 4))
800 13 2: PrintableString 'US'
: }
: }
804 31 22: SET {
806 30 20: SEQUENCE {
808 06 3: OBJECT IDENTIFIER
: organizationName (2 5 4 10)
: (X.520 id-at (2 5 4))
813 13 13: PrintableString 'US Government'
: }
: }
828 31 17: SET {
830 30 15: SEQUENCE {
832 06 3: OBJECT IDENTIFIER
:
organizationalUnitName (2 5 4 11)
: (X.520 id-at (2 5 4))
837 13 8: PrintableString 'VDA Site'
: }
: }
847 31 12: SET {
849 30 10: SEQUENCE {
851 06 3: OBJECT IDENTIFIER
:
organizationalUnitName (2 5 4 11)
: (X.520 id-at (2 5 4))
856 13 3: PrintableString 'VDA'
: }
: }
861 31 23: SET {
863 30 21: SEQUENCE {
865 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
870 13 14: PrintableString 'Bugs Bunny DSA'
: }
: }
: }
: }
886 A4 97: [4] {
888 30 95: SEQUENCE {
890 31 11: SET {
892 30 9: SEQUENCE {
894 06 3: OBJECT IDENTIFIER
: countryName (2 5 4 6)
: (X.520 id-at (2 5 4))
899 13 2: PrintableString 'US'
: }
: }
903 31 22: SET {
905 30 20: SEQUENCE {
907 06 3: OBJECT IDENTIFIER
: organizationName (2 5 4 10)
: (X.520 id-at (2 5 4))
912 13 13: PrintableString 'US Government'
: }
: }
927 31 17: SET {
929 30 15: SEQUENCE {
931 06 3: OBJECT IDENTIFIER
:
organizationalUnitName (2 5 4 11)
: (X.520 id-at (2 5 4))
936 13 8: PrintableString 'VDA Site'
: }
: }
946 31 12: SET {
948 30 10: SEQUENCE {
950 06 3: OBJECT IDENTIFIER
:
organizationalUnitName (2 5 4 11)
: (X.520 id-at (2 5 4))
955 13 3: PrintableString 'VDA'
: }
: }
960 31 23: SET {
962 30 21: SEQUENCE {
964 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
969 13 14: PrintableString 'Elmer Fudd DSA'
: }
: }
: }
: }
: }
: }
: }
: }
: }
: }
985 30 258: SEQUENCE {
989 06 11: OBJECT IDENTIFIER
: id-aa-equivalentLabels (1 2 840 113549
1 9 16 2 9)
: (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
1002 31 242: SET {
1005 30 239: SEQUENCE {
1008 31 114: SET {
1010 02 1: INTEGER 1
1013 06 7: OBJECT IDENTIFIER '1 2 3 4 5 6 7 9'
1022 31 60: SET {
1024 30 58: SEQUENCE {
1026 80 8: [0]
: 2A 03 04 05 06 07 86 78
1036 A1 46: [1] {
1038 13 44: PrintableString
: 'EQUIVALENT THIS IS A TEST SECURITY-CATEGORY.'
: }
: }
: }
1084 13 38: PrintableString 'EQUIVALENT THIS IS
A PRIVACY MARK TEST'
: }
1124 31 121: SET {
1126 02 1: INTEGER 1
1129 06 7: OBJECT IDENTIFIER '1 2 3 4 5 6 7 10'
1138 31 60: SET {
1140 30 58: SEQUENCE {
1142 80 8: [0]
: 2A 03 04 05 06 07 86 78
1152 A1 46: [1] {
1154 13 44: PrintableString
: 'EQUIVALENT THIS IS A TEST SECURITY-CATEGORY.'
: }
: }
: }
1200 13 45: PrintableString
: 'EQUIVALENT THIS IS A SECOND PRIVACY MARK TEST'
: }
: }
: }
: }
: }
1247 30 9: SEQUENCE {
1249 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
: }
1258 04 46: OCTET STRING, encapsulates {
1260 30 44: SEQUENCE {
1262 02 20: INTEGER
: 25 2B 30 CB 42 AE 5D 65 FF A9 72 64 97 C0 54 21
: 06 E2 2E 0B
1284 02 20: INTEGER
: 07 61 A1 24 BE 73 94 5F 63 FD 92 0D 2E C2 35 7D
: 9B 7B 0E 27
: }
: }
: }
: }
: }
: }
: }
11.6 SigningCertificate
Alice uses a SigningCertificate attribute in the message in 5.1.
0 30 1110: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 1095: [0] {
19 30 1091: SEQUENCE {
23 02 1: INTEGER 1
26 31 9: SET {
28 30 7: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
: }
37 30 43: SEQUENCE {
39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
50 A0 30: [0] {
52 04 28: OCTET STRING
: 54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
: 70 6C 65 20 63 6F 6E 74 65 6E 74 2E
: }
: }
82 A0 738: [0] {
86 30 734: SEQUENCE {
90 30 669: SEQUENCE {
94 A0 3: [0] {
96 02 1: INTEGER 2
: }
99 02 2: INTEGER 200
103 30 9: SEQUENCE {
105 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
114 30 18: SEQUENCE {
116 31 16: SET {
118 30 14: SEQUENCE {
120 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
125 13 7: PrintableString 'CarlDSS'
: }
: }
: }
134 30 30: SEQUENCE {
136 17 13: UTCTime '990817011049Z'
151 17 13: UTCTime '391231235959Z'
: }
166 30 19: SEQUENCE {
168 31 17: SET {
170 30 15: SEQUENCE {
172 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
177 13 8: PrintableString 'AliceDSS'
: }
: }
: }
187 30 438: SEQUENCE {
191 30 299: SEQUENCE {
195 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
204 30 286: SEQUENCE {
208 02 129: INTEGER
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2
48 28 A3 E4
: 47 93 DD 0E D7 A8 0E EC 53 C5 AB 84
08 4F FF 94
: E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F
AF A4 A1 89
: 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
DC 5F 69 8A
: E4 75 D0 37 0C 91 08 95 9B DE A7 5E
F9 FC F4 9F
: 2F DD 43 A8 8B 54 F1 3F B0 07 08 47
4D 5D 88 C3
: C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
78 BD FF 9D
: B0 84 97 37 F2 E4 51 1B B5 E4 09 96
5C F3 7E 5B
: [ Another 1 bytes skipped ]
340 02 21: INTEGER
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
B8 37 21 2B
: 62 8B F7 93 CD
363 02 128: INTEGER
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9
4B 59 6A 4C
: 76 23 39 04 02 35 5C F2 CB 1A 30 C3
1E 50 5D DD
: 9B 59 E2 CD AA 05 3D 58 C0 7B A2 36
B8 6E 07 AF
: 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
3E 90 F8 6D
: EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D
A3 07 CD 23
: 85 B8 2F 30 01 7C 6D 49 89 11 89 36
44 BD F8 C8
: 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
1F 11 7F C2
: BD ED D1 50 FF 98 74 C2 D1 81 4A 60
39 BA 36 39
: }
: }
494 03 132: BIT STRING 0 unused bits, encapsulates {
498 02 128: INTEGER
: 5C E3 B9 5A 75 14 96 0B A9 7A DD E3
3F A9 EC AC
: 5E DC BD B7 13 11 34 A6 16 89 28 11
23 D9 34 86
: 67 75 75 13 12 3D 43 5B 6F E5 51 BF
FA 89 F2 A2
: 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
A5 A0 4A E3
: 85 D6 CE 06 80 3F E8 23 7E 1A F2 24
AB 53 1A B8
: 27 0D 1E EF 08 BF 66 14 80 5C 62 AC
65 FA 15 8B
: F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
32 84 F0 7E
: 41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4
F2 83 E5 B8
: }
: }
629 A3 131: [3] {
632 30 128: SEQUENCE {
635 30 32: SEQUENCE {
637 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
642 04 25: OCTET STRING, encapsulates {
644 30 23: SEQUENCE {
646 81 21: [1] 'aliceDss@examples.com'
: }
: }
: }
669 30 12: SEQUENCE {
671 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
676 01 1: BOOLEAN TRUE
679 04 2: OCTET STRING, encapsulates {
681 30 0: SEQUENCE {}
: }
: }
683 30 14: SEQUENCE {
685 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
690 01 1: BOOLEAN TRUE
693 04 4: OCTET STRING, encapsulates {
695 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
699 30 31: SEQUENCE {
701 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
706 04 24: OCTET STRING, encapsulates {
708 30 22: SEQUENCE {
710 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
: 2B 93 F1 1F
: }
: }
: }
732 30 29: SEQUENCE {
734 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
739 04 22: OCTET STRING
: 04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70
A4 CE 13 01
: E2 FD E3 97 FE CD
: }
: }
: }
: }
763 30 9: SEQUENCE {
765 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
774 03 48: BIT STRING 0 unused bits, encapsulates {
777 30 45: SEQUENCE {
779 02 21: INTEGER
: 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A
8F C0 F8 24
: 05 E8 46 94 8E
802 02 20: INTEGER
: 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9
A1 87 C1 A5
: 7F 28 2D BB
: }
: }
: }
: }
824 31 286: SET {
828 30 282: SEQUENCE {
832 02 1: INTEGER 1
835 30 24: SEQUENCE {
837 30 18: SEQUENCE {
839 31 16: SET {
841 30 14: SEQUENCE {
843 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
848 13 7: PrintableString 'CarlDSS'
: }
: }
: }
857 02 2: INTEGER 200
: }
861 30 7: SEQUENCE {
863 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
870 A0 182: [0] {
873 30 24: SEQUENCE {
875 06 9: OBJECT IDENTIFIER
: contentType (1 2 840 113549 1 9 3)
: (PKCS #9 (1 2 840 113549 1 9))
886 31 11: SET {
888 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
: }
: }
899 30 35: SEQUENCE {
901 06 9: OBJECT IDENTIFIER
: messageDigest (1 2 840 113549 1 9 4)
: (PKCS #9 (1 2 840 113549 1 9))
912 31 22: SET {
914 04 20: OCTET STRING
: 40 6A EC 08 52 79 BA 6E 16 02 2D 9E
06 29 C0 22
: 96 87 DD 48
: }
: }
936 30 117: SEQUENCE {
938 06 11: OBJECT IDENTIFIER '1 2 840 113549 1 9 16 2 12'
951 31 102: SET {
953 30 100: SEQUENCE {
955 30 48: SEQUENCE {
957 30 46: SEQUENCE {
959 04 44: OCTET STRING
: 54 48 49 53 20 49 53 20 41 20 53 49
47 4E 49 4E
: 47 20 43 45 52 54 49 46 49 43 41 54
45 20 41 54
: 54 52 49 42 55 54 45 20 54 45 53 54
: }
: }
1005 30 48: SEQUENCE {
1007 30 46: SEQUENCE {
1009 06 6: OBJECT IDENTIFIER '1 2 3 4 5 6 7'
1017 30 36: SEQUENCE {
1019 30 34: SEQUENCE {
1021 06 6: OBJECT IDENTIFIER '1 2 3 4 5 6 7'
1029 04 24: OCTET STRING
: 54 48 49 53 20 49 53 20 41 20 51 55
41 4C 49 46
: 49 45 52 20 54 45 53 54
: }
: }
: }
: }
: }
: }
: }
: }
1055 30 9: SEQUENCE {
1057 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
: }
1066 04 46: OCTET STRING, encapsulates {
1068 30 44: SEQUENCE {
1070 02 20: INTEGER
: 12 DE 7E A3 EA D0 95 FA 47 C6 75 93
5D 89 6A 0A
: C5 B4 9E E3
1092 02 20: INTEGER
: 23 FB 30 41 4A 7B FF 3D 7B 0B ED 5A
33 FF 75 B5
: A3 00 B5 8E
: }
: }
: }
: }
: }
: }
: }
12. Security Considerations
Because this document shows examples of S/MIME, CMS, and ESS messages,
this document also inherits all of the security considerations from
[SMIME-MSG], [CMS], and [SMIME-ESS].
The Perl script in Appendix B writes to the user's local hard drive. A
malicious attacker could modify the Perl script in this document. Be
sure to read the Perl code carefully before executing it.
A. References
[CMS] Cryptographic Message Syntax, RFC 2630.
[DVCS] PKIX Data Validation and Certification Server Protocols,
RFC 3029.
[PKIX] PKIX Certificate and CRL Profile, RFC 2459.
[SMIME-MSG] S/MIME Version 3 Message Specification. RFC 2633.
[SMIME-ESS] Enhanced Security Services for S/MIME, RFC 2634.
B. Binaries of the Examples
This section contains the binaries of the examples shown in the rest of
the document. The binaries are stored in a modified Base64 format.
There is a Perl program that, when run over the contents of this
document, will extract the following binaries and write them out to
disk. The program works with Perl for Unix and Windows 95/98/NT (and
possibly Macintosh).
B.1 How the binaries and extractor works
The program in the next section looks for lines that begin with a '|'
character (or some whitespace followed by a '|'), ignoring all other
lines. If the line begins with '|', the second character tells what
kind of line it is:
A line that begins with |* is a comment
A line that begins with |> gives the name of a new file to start
A line that begins with |< tells to end the file (and checks the
file name for sanity)
A line that begins with |anythingelse is a Base64 line
The program writes out a series of files, so you should run this in an
empty directory. The program will overwrite files (if it can), but won't
delete other files already in the directory.
Run this program with this document as the standard input, such as:
extractsample " and "|<" markers, remove any page breaks, and remove the "|"
in the first column of each line. The result is a valid Base64 blob that
can be processed by any Base64 decoder.
B.2 Example extraction program
#!/usr/bin/perl
# CMS Samples extraction program. v 1.1
# Get all the input as an array of lines
@AllIn = (); while () { push(@AllIn, $_) }
$Base64Chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqr' .
'stuvwxyz0123456789+/=';
$LineCount = 0; $CurrFile = '';
foreach $Line (@AllIn) {
$LineCount++; # Keep the line counter for error messages
$Line =~ s/^\s*//; # Get rid of leading whitespace
chomp($Line); # Get rid of CR or CRLF at the end of the line
if(substr($Line, 0, 1) ne '|') { next } # Not a special line
elsif(substr($Line, 1, 1) eq '*') { next } # It is a comment
elsif(substr($Line, 1, 1) eq '>')
{ &StartNewFile(substr($Line, 2)) } # Start a new file
elsif(substr($Line, 1, 1) eq '<')
{ &EndCurrFile(substr($Line, 2)) } # End the current file
else { &DoBase64(substr($Line, 1)) } # It is a line of Base64
}
sub StartNewFile {
$TheNewFile = shift(@_);
if($CurrFile ne '') { die "Was about to start a new file at " .
"line $LineCount, but the old file, $CurrFile, was open\n" }
open(OUT, ">$TheNewFile") or
die "Could not open $TheNewFile for writing: $!\n";
binmode(OUT); # This is needed for Windows, is a noop on Unix
$CurrFile = $TheNewFile;
$LeftOver = 0; # Amount left from previous Base64 character
$NextPos = 0; # Bit position to start the next Base64 character
# (bits are numbered 01234567)
$OutString = ''; # Holds the text going out to the file
}
sub EndCurrFile {
$FileToEnd = shift(@_);
if($CurrFile ne $FileToEnd) { die "Was about to close " .
"$FileToEnd at line $LineCount, but that name didn't match " .
"the name of the currently open file, $CurrFile\n" }
print OUT $OutString;
close(OUT);
$CurrFile = '';
}
sub DoBase64 {
$TheIn = shift(@_);
if($CurrFile eq '') { die "Got some Base64 at line $LineCount, " .
"but appear to not be writing to any particular file.\n" }
@Chars = split(//, $TheIn); # Make an array of the characters
foreach $ThisChar (@Chars) {
# $ThisVal is the position in the string and the Base64 value
$ThisVal = index($Base64Chars, $ThisChar);
if($ThisVal == -1) { die "At line $LineCount, found the " .
"character $ThisChar, which is not a Base64 character\n" }
if($ThisVal == 64) { last } # It is a "=", so we're done
if ($NextPos == 0 ) {
# Don't output anything, just fill the left of $LeftOver
$LeftOver = $ThisVal * 4;
$NextPos = 6;
} elsif ($NextPos == 2) {
# Add $ThisVal to $LeftOver, output, and reset
$OutString .= chr($LeftOver + $ThisVal);
$LeftOver = 0;
$NextPos = 0;
} elsif ($NextPos == 4) {
# Add upper 4 bits of $ThisVal to $LeftOver and output
$Upper4 = ($ThisVal & 60);
$OutString .= chr($LeftOver + ($Upper4/4));
$LeftOver = (($ThisVal - $Upper4) * 64);
$NextPos = 2;
} elsif ($NextPos == 6) {
# Add upper 2 bits of $ThisVal to $LeftOver and output
$Upper2 = ($ThisVal & 48);
$OutString .= chr($LeftOver + ($Upper2/16));
$LeftOver = (($ThisVal - $Upper2) * 16);
$NextPos = 4;
} else { die "\$NextPos has an illegal value: $NextPos." }
}
}
C. Examples by section
Example from section 3.1 (content)
|* ExContent is just the message
|* Creator: [PH]
|>ExContent.bin
|VGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50Lg==
|AlicePrivDSSSign.pri
|MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBAIGNze2D6gqeOT7CSCij5EeT3Q7XqA7sU8
|WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+HZMMg23j+bv7dM3F9piuR10DcMkQiVm96nXvn8
|9J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UIddU5dhDEeL3/nbCElzfy5FEbteQJllzzflvbAh
|UA4kemGkVmuBPG2o+4NyErYov3k80CgYAmONAUiTKqOfs+bdlLWWpMdiM5BAI1XPLLGjDD
|HlBd3ZtZ4s2qBT1YwHuiNrhuB699ikIlp/R1z0oIXks+kPht6pzJIYo7dhTpzi5dowfNI4
|W4LzABfG1JiRGJNkS9+MiVSlNWteL5c+waYTYfEX/Cve3RUP+YdMLRgUpgObo2OQQXAhUA
|u0RG0aXJRgcu0P561pIH8JqFiT8=
|AlicePrivRSASign.pri
|MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAOCJczmN2PX16Id2OX9OsA
|W7U4PeD7er3H3HdSkNBS5tEt+mhibU0m+qWCn8l+z6glEPMIC+sVCeRkTxLLvYMs/GaG8H
|2bBgrL7uNAlqE/X3BQWT3166NVbZYf8Zf8mB5vhs6odAcO+sbSx0ny36VTq5mXcCpkhSjE
|7zVzhXdFdfAgMBAAECgYAApAPDJ0d2NDRspoa1eUkBSy6K0shissfXSAlqi5H3NvJ11ujN
|FZBgJzFHNWRNlc1nY860n1asLzduHO4Ovygt9DmQbzTYbghb1WVq2EHzE9ctOV7+M8v/Ke
|QDCz0Foo+38Y6idjeweVfTLyvehwYifQRmXskbr4saw+yRRKt/IQJBAPbW4CIhTF8KcP8n
|/OWzUGqd5Q+1hZbGQPqoCrSbmwxVwgEd+TeCihTI8pMOks2lZiG5PNIGv7RVMcncrcqYLd
|ECQQDo3rARJQnSAlEB3oromFD1d3dhpEWTawhVlnNd9MhbEpMic4t/03B/9aSqu3T9PCJq
|2jiRKoZbbBTorkye+o4vAkEAl0zwh5sXf+4bgxsUtgtqkF+GJ1Hht6B/9eSI41m5+R6b0y
|l3OCJI1yKxJZi6PVlTt/oeILLIURYjdZNR56vN8QJALPAkW/qgzYUi6tBuT/pszSHTyOTx
|hERIZHPXKY9+RozsFd7kUbOU5yyZLVVleyTqo2IfPmxNZ0ERO+G+6YMCgwJAWIjZoVA4hG
|qrA7y730v0nG+4tCol+/bkBS9u4oiJIW9LJZ7Qq1CTyr9AcewhJcV/+wLpIZa4M83ixpXu
|b41fKA==
|BobPrivDHEncrypt.pri
|MIIBYwIBADCCATgGByqGSM4+AgEwggErAoGBAOwszaTvmiYvYqe7I03fKyXBaNKeqUVbNv
|GUiRqvfREknT25PCno1yOAM6aeRQK7qsyeKAWVoLMXdsH3JTVhAkGSJwxerkjl824475HR
|zzf+mkCXyC01np2TxvgVrz/adDq3xJO1ubt2bB+ofrw6qkMKgWT8Y/B7cZj6wDh5EBozAo
|GBALoL13Q95zTlTBOnlZa78eRhNwj7Esf7nJF3Bpk18EgkljMSAX6N7Av2ssBjpxXFXpWG
|onPFSUY3eWD9dwUJSJtwjTwF9s5ELH99GysV3fMFL76FII+N+bSgRXQr9DudQmI0JyeBjm
|8PXmKFicztIcORcAZU7nCoklVbbhkiTWKnAiEAw6tKMHmz05dOyvWifcdwo0Xzs6KGBdI+
|Sfmf2Qqzvr0EIgIgIPxngu7PSqbI5YPSjDuK0kUyEScybIbsZspxrfAZTfc=
|BobPrivRSAEncrypt.pri
|MIIChQIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKnhZ5g/OdVf8qCTQV6meY
|mFyDVdmpFb+x0B2hlwJhcPvaUi0DWFbXqYZhRBXM+3twg7CcmRuBlpN235ZR572akzJKN/
|O7uvRgGGNjQyywcDWVL8hYsxBLjMGAgUSOZPHPtdYMTgXB9T039T2GkB8QX4enDRvoPGXz
|jPHCyqaqfrAgMBAAECgYBnzUhMmg2PmMIbZf8ig5xt8KYGHbztpwOIlPIcaw+LNd4Ogngw
|y+e6alatd8brUXlweQqg9P5F4Kmy9Bnah5jWMIR05PxZbMHGd9ypkdB8MKCixQheIXFD/A
|0HPfD6bRSeTmPwF1h5HEuYHD09sBvf+iU7o8AsmAX2EAnYh9sDGQJBANDDIsbeopkYdo+N
|vKZ11mY/1I1FUox29XLE6/BGmvE+XKpVC5va3Wtt+Pw7PAhDk7Vb/s7q/WiEI2Kv8zHCue
|UCQQDQUfweIrdb7bWOAcjXq/JY1PeClPNTqBlFy2bKKBlf4hAr84/sajB0+E0R9KfEILVH
|IdxJAfkKICnwJAiEYH2PAkA0umTJSChXdNdVUN5qSO8bKlocSHseIVnDYDubl6nA7xhmqU
|5iUjiEzuUJiEiUacUgFJlaV/4jbOSnI3vQgLeFAkEAni+zN5r7CwZdV+EJBqRd2ZCWBgVf
|JAZAcpw6iIWchw+dYhKIFmioNRobQ+g4wJhprwMKSDIETukPj3d9NDAlBwJAVxhn1grSta
|vCunrnVNqcBU+B1O8BiR4yPWnLMcRSyFRVJQA7HCp8JlDV6abXd8vPFfXuC9WN7rOvTKF8
|Y0ZB9qANMAsGA1UdDzEEAwIAEA==
|CarlPrivDSSSign.pri
|MIIBSgIBADCCASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8
|ZMsw6UCQbrAdSxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5
|UAFIk4vrJRVRl1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAh
|UA3cEv31POCzRgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytb
|DJHOpWJSacrhbT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0
|R5NVpzqn9GUR+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgQWAhQZ
|szilIWIxUOV/uT4IRnjRPrXlcg==
|CarlPrivRSASign.pri
|MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAORL/xi4JFf0d/9uc3uTcV
|y8MxqSknIj2EFG0M0ROgSzjq+Cnb1RHhd68nYsK4Y5p73XjRpT7OQA1ejsojax7eJQ4jIJ
|ij+fmSWPuE6ruX3VlmXaFqDFvg6uRFvvXvSnKcuC3axE6aqTlCkO+BjWyFde8nbE8hFgOL
|kbPB2XyWrxAgMBAAECgYEArnPkW19bZlrJ18bvOF9TISovYv7eKZp6hmc2531ieHU9c6C8
|KQ7zj73Dycm2+LrWE5vDl3rKavC4hWVOD72nqPdUBkG969wgd5DfYZuab3Te6jvUnIdg7X
|aE8WowN9XgkBb4gEfDGWvtdXe6Su05tl0CRztfG8gcq8vo9SY/pIECQQD/3wmgVgtCUp7E
|TZOzsEm73ueBfSiZ0LFIugs54Rx7IhgztkD2v9yuHdChrQRxWmEKbjvOMNo2n2UlKbunDn
|8LAkEA5GloGF/5V9B8ZokPumMdcssgpIF2ZInNfdHCJ6kurHpWmoUH2TADowOrf4iSUCQB
|qhsHHyBMt8l7Vve2wn6rcwJAVzZsj4wEdmy21O4kRAD4gOKvQgGpDxSE+OcA4I+MJ6QtX6
|LlbbVjwK1E6XaRpxlJLkb4d4VLO4cE8K/S2FQmlQJAZKEPrFV0G70NYXsXA82w5qcZHYCv
|8UFI2Bq2iBSgLHrFdtQPDh96KrJuNwSrOUVzukaoD42CXyIUBc+io/N8gwJAJh4dHKGYK+
|TbOOhXbmtzGYhhOvp0SjaLR2hdUOsm4+p9m05lqa97q0sudlE9qNARq6PWqMAnNh1UC6qn
|0W2N+g==
|DianePrivDHEncrypt.pri
|MIIBYgIBADCCATcGByqGSM4+AgEwggEqAoGBAMpukcKwvahY8jEhdLsf5BC90JOifmHhPb
|ojBBbQZjm9O80FdEjxA3CV9AVjbS6/mrf/l/85u2PbTaRx2JSatPKKPZ+3XY3K4q+1D88F
|ZYJobkPS9ARfA4v5UPXIbAUmvL82D1zDUWpn6HUyZniRY+j+NOcZtnBseDg2gtI0NsLfAo
|GAbtZ2NkvkWQdXXxiaENIxXKYQsCaWQk18o6HTnqWAsh83EUl8ipnYVj+TUe1uVPtu27L8
|NMDnyh5YK9U9O9yucSHZO1a4p/ZNIlJfQbrVHoJpbN1wccxsO++EqXGLqTsqCfi9/ctRvC
|4uyj4wjPpUnn0NA+LfY2Jt81CCJ9zRmfcCIQCqBWX73U6oAvE0Oeej/H1GELhd8C7yxdFe
|onRM2g9OHwQiAiBYLomrVzR9PPWadct9mYoZLzx6poXJLxtaRwPjghbkmw==
|DianePrivRSASignEncrypt.pri
|MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBANb9uMBwxkwl7OrP6ny7om
|L68OYyOlP/sZJaF/Qg4ZkkggrQ9nz7RMqLJwbxfiYDqXadz+ygLHCW8oNC9tS3KAq7+L9K
|TBk/B9ugwWAet35n996xw2BJrEXX+MbvCDchk0fu8HM1crACxPMRw15H5Qq3g/HbdGlki0
|QdlV3NKMCFAgMBAAECgYA9vc3CDmEUW0vnv2AjBCvFazWllkUj/Gl9kzwP0yWWumJSQuKW
|z/5YgI/rsYy91A1l0Dp3RSSeDOuGgMOsIRFxROOyqKkurBfSo4QlY7W8Lx7d9iH/FSAkW/
|GAL9VBDjIk99RKMp65SdgZjj85jWK9gPwMJJKT5MPXBZFTu5a2QQJBAPO4P0rRlLCRYBNB
|kg2NRD93Hf+WI0QI1AtwyRqv6ZCU8rDVX08ZhVChkJGuvQV2UrMi2Kh8jlR/AHJPNnVoc7
|UCQQDh0ucRVwaucpUiFqoCtFrtTp2CEU+WPIbJEI1WezF1eWnndWg4AEsu0iYy3bHi4CxU
|gAp1utFmlhuwDqB+0ruRAkEAr7a82yJzQ0HstLVnqaGZ/O/Sjv0d++Upi/4K39TIXlclCl
|0r1AmgVlvFsWL8IL4ILeMHtaHns//EwKVfrBJcqQJBALmYQfwIUB9zYIoBonxSiiBa6iyJ
|2aUZ3ZTGG8MlwIJR5O4rmhncc+3pHSfU+GwD3asdCHu1rH/pgpvxiYpx22ECQAEHIZdfem
|Co/VpcB9+o3vfisTR9/OuRvbBzdMjEvj9YRTAGkLOsacyz9z98rMe4G2WhFjk5sON0fc/N
|xaxsv+U=
|DianePrivDSSSign.pri
|MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8
|ZMsw6UCQbrAdSxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5
|UAFIk4vrJRVRl1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAh
|UA3cEv31POCzRgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytb
|DJHOpWJSacrhbT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0
|R5NVpzqn9GUR+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgQXAhUA
|lpX54MHgQS0yD4tCUpMq5h4OISk=
|EricaPrivDHEncryptBobParam.pri
|MIIBYwIBADCCATgGByqGSM4+AgEwggErAoGBAOwszaTvmiYvYqe7I03fKyXBaNKeqUVbNv
|GUiRqvfREknT25PCno1yOAM6aeRQK7qsyeKAWVoLMXdsH3JTVhAkGSJwxerkjl824475HR
|zzf+mkCXyC01np2TxvgVrz/adDq3xJO1ubt2bB+ofrw6qkMKgWT8Y/B7cZj6wDh5EBozAo
|GBALoL13Q95zTlTBOnlZa78eRhNwj7Esf7nJF3Bpk18EgkljMSAX6N7Av2ssBjpxXFXpWG
|onPFSUY3eWD9dwUJSJtwjTwF9s5ELH99GysV3fMFL76FII+N+bSgRXQr9DudQmI0JyeBjm
|8PXmKFicztIcORcAZU7nCoklVbbhkiTWKnAiEAw6tKMHmz05dOyvWifcdwo0Xzs6KGBdI+
|Sfmf2Qqzvr0EIgIgSGQR5BcBEubB05xwfXyml5W9yJUH989BEacTkfswPYw=
|MailListTripleDES.bin
|JV4NHAe2Rt+zE0zIQ7qKpx8CW3wIOCUf
|MailListRc2.bin
|tw0KJfvJ2GqGBQzg1xHq1Nk=
|AliceDSSSignByCarlNoInherit.cer
|MIIC3jCCAp2gAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1MwggG2
|MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE//lO
|FzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6iL
|VPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6YaRW
|a4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dm1ni
|zaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB80jhbgvMAF8bU
|mJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GEAAKBgFzjuVp1
|FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyohs+JH09B41bY8
|i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTSljf2YUeyxDKE
|8H5BQP1Gp2NOM/Kl4vTyg+W4o4GDMIGAMCAGA1UdEQQZMBeBFWFsaWNlRHNzQGV4YW1wbG
|VzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6C
|Lm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wCQYHKo
|ZIzjgEAwMwADAtAhUAmLDGP89xR1o1qUqPwPgkBehGlI4CFFufSMCMocECnETq6aGHwaV/
|KC27
|AliceRSASignByCarl.cer
|MIICAjCCAW+gAwIBAgIQRjRrx4AAVrwR024uxBCzsDAJBgUrDgMCHQUAMBIxEDAOBgNVBA
|MTB0NhcmxSU0EwHhcNOTkwOTE5MDEwODQ3WhcNMzkxMjMxMjM1OTU5WjATMREwDwYDVQQD
|EwhBbGljZVJTQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4IlzOY3Y9fXoh3Y5f0
|6wBbtTg94Pt6vcfcd1KQ0FLm0S36aGJtTSb6pYKfyX7PqCUQ8wgL6xUJ5GRPEsu9gyz8Zo
|bwfZsGCsvu40CWoT9fcFBZPfXro1Vtlh/xl/yYHm+Gzqh0Bw76xtLHSfLfpVOrmZdwKmSF
|KMTvNXOFd0V18CAwEAAaNgMF4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwHwYD
|VR0jBBgwFoAU6eCQJ6x4IHqa00zyQjdOIq6eOLswHQYDVR0OBBYEFHfStNG3TIqKo85Fnc
|7sPKA64/9QMAkGBSsOAwIdBQADgYEAvzQy5vxqiEF98FyZoZO3SbcCUh7LhKyT11grAKGc
|xEhImd0Cw8YF+NIl8aOcyTMBinYOb3dDo7/h5rNqBHk57uHp5Z1QB4si3BJQ4/O0PZ7lk5
|6xzTP54KuYcQn467D8nOzxiNiuA9H+YOFiFLGiI9LIjRgfXu6bcgInwoU9BC4=
|BobDHEncryptByCarl.cer
|MIIDYjCCAyGgAwIBAgICAMkwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAxMTgyOFoXDTM5MTIzMTIzNTk1OVowEDEOMAwGA1UEAxMFYm9iREgwggJCMIIB
|twYHKoZIzj4CATCCAaoCgYEA7CzNpO+aJi9ip7sjTd8rJcFo0p6pRVs28ZSJGq99ESSdPb
|k8KejXI4Azpp5FAruqzJ4oBZWgsxd2wfclNWECQZInDF6uSOXzbjjvkdHPN/6aQJfILTWe
|nZPG+BWvP9p0OrfEk7W5u3ZsH6h+vDqqQwqBZPxj8HtxmPrAOHkQGjMCgYEAugvXdD3nNO
|VME6eVlrvx5GE3CPsSx/uckXcGmTXwSCSWMxIBfo3sC/aywGOnFcVelYaic8VJRjd5YP13
|BQlIm3CNPAX2zkQsf30bKxXd8wUvvoUgj435tKBFdCv0O51CYjQnJ4GObw9eYoWJzO0hw5
|FwBlTucKiSVVtuGSJNYqcCIQDDq0owebPTl07K9aJ9x3CjRfOzooYF0j5J+Z/ZCrO+vQJh
|ATT+wjNI6/Y7l9nkl6dgpSVpNPv9RirWycTF99b0BBmNlNmKN2hpZ1X78msOR8VbC0sOHB
|qLe3W3qsOq1+s72iqNAoc3R4PXMbQlqKy7EYhTHBGStmnnLpDBevyH9PbXGjAaAxUAuf8c
|k0RnN9Gy+FeaMkrJSv877B4CAR0DgYQAAoGAb9T2zZSabq9bVxeWdbsPuUjpkDcNFSDCVR
|4T4q5xF4TDDnSuilV/KH2L1yginHZG1ztPndFNG7LbUZTFbVSWQDiKOIFjSozDHgmJdKZY
|1chaPc+7uCN/nB99ePqe+ZCekedLwqS+RQZ4Qlg9n2Ms74TUZ+X7xm2iNilnkEbbTkijfz
|B9MB0GA1UdEQQWMBSBEmJvYkRoQGV4YW1wbGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1Ud
|DwEB/wQEAwIDCDAfBgNVHSMEGDAWgBRwRD6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFg
|QUJv8ZSMNZM2hWjX7IgGhczzxy3SYwCQYHKoZIzjgEAwMwADAtAhQV6hVD40kihsG75drk
|DrgJ4NVyNQIVAK5PUSlzcXWpgevtnV4AGX7w3lrW
|BobRSASignByCarl.cer
|MIICADCCAW2gAwIBAgIQRjRrx4AAVrwR024uzV1x0DAJBgUrDgMCHQUAMBIxEDAOBgNVBA
|MTB0NhcmxSU0EwHhcNOTkwOTE5MDEwOTAyWhcNMzkxMjMxMjM1OTU5WjARMQ8wDQYDVQQD
|EwZCb2JSU0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKnhZ5g/OdVf8qCTQV6meY
|mFyDVdmpFb+x0B2hlwJhcPvaUi0DWFbXqYZhRBXM+3twg7CcmRuBlpN235ZR572akzJKN/
|O7uvRgGGNjQyywcDWVL8hYsxBLjMGAgUSOZPHPtdYMTgXB9T039T2GkB8QX4enDRvoPGXz
|jPHCyqaqfrAgMBAAGjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgUgMB8GA1Ud
|IwQYMBaAFOngkCeseCB6mtNM8kI3TiKunji7MB0GA1UdDgQWBBTo9Lhn2LOWpCrzEaop05
|Vahha0JDAJBgUrDgMCHQUAA4GBAAkhajtiUN9iQV4SQAkUw7XkKC5Qd/pWZrOilrYKAa6m
|OOW9a+fyPm2wpe/Mh6yrJaS72uIagbe5FbNs2tET1Z8P1Ut6jVTYWtwHAdEFQQ0KYUeA8X
|UP+CIbUJIz/ggFUG17AwAD8S1L/iBixyB3BUIj26jHrd5xG9EqmYKmZet+
|CarlDSSSelf.cer
|MIICmzCCAlqgAwIBAgIBATAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOT
|kwODE2MjI1MDUwWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQDEwdDYXJsRFNTMIIBtzCC
|ASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8ZMsw6UCQbrAd
|SxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5UAFIk4vrJRVR
|l1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAhUA3cEv31POCz
|Rgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytbDJHOpWJSacrh
|bT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0R5NVpzqn9GUR
|+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgOBhQACgYEAmYd0JwNm
|oLHArdwsdbvhbESc2iFtTUdtsWIJ6diuHvI6tJSxo456m3FOAJTJtCVOuWCWGSQB82IM/n
|XA+87YaADj/dVwT98jlhkGlPSxYY86V7EIEaQLJiXwUnaB6gtiDZUq5oa6crKnUIMLqifN
|G6lNiZrXjRg5hD+LxVZNgHqjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAg
|GGMB0GA1UdDgQWBBRwRD6CLm+H3krTdeM9ILxDK5PxHzAJBgcqhkjOOAQDAzAAMC0CFGup
|8E56Wnnj+b49K8kGN+kRF6ETAhUAjzRpKouxPAN5lDJNEh/OiftGsjs=
|CarlRSASelf.cer
|MIIB6zCCAVSgAwIBAgIQRjRrx4AAVrwR024un/JQIDANBgkqhkiG9w0BAQUFADASMRAwDg
|YDVQQDEwdDYXJsUlNBMB4XDTk5MDgxODA3MDAwMFoXDTM5MTIzMTIzNTk1OVowEjEQMA4G
|A1UEAxMHQ2FybFJTQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Ev/GLgkV/R3/2
|5ze5NxXLwzGpKSciPYQUbQzRE6BLOOr4KdvVEeF3rydiwrhjmnvdeNGlPs5ADV6OyiNrHt
|4lDiMgmKP5+ZJY+4Tqu5fdWWZdoWoMW+Dq5EW+9e9Kcpy4LdrETpqpOUKQ74GNbIV17yds
|TyEWA4uRs8HZfJavECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
|AYYwHQYDVR0OBBYEFOngkCeseCB6mtNM8kI3TiKunji7MA0GCSqGSIb3DQEBBQUAA4GBAL
|ee1ATT7Snk/4mJFS5M2wzwSA8yYe7EBOwSXS3/D2RZfgrD7Rj941ZAN6cHtfA4EmFQ7e/d
|P+MLuGGlpJs85p6cVJq2ldbabDu1LUU1nUkBdvq5uTH5+WsSU6D1FGCbfco+8lNrsDdvre
|Z019v6WuoUQWNdzb7IDsHaao1TNBgC
|DianeDHEncryptByCarl.cer
|MIIDZTCCAyWgAwIBAgICANMwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAyMTY1N1oXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHRGlhbmVESDCCAkEw
|ggG2BgcqhkjOPgIBMIIBqQKBgQDKbpHCsL2oWPIxIXS7H+QQvdCTon5h4T26IwQW0GY5vT
|vNBXRI8QNwlfQFY20uv5q3/5f/Obtj202kcdiUmrTyij2ft12NyuKvtQ/PBWWCaG5D0vQE
|XwOL+VD1yGwFJry/Ng9cw1FqZ+h1MmZ4kWPo/jTnGbZwbHg4NoLSNDbC3wKBgG7WdjZL5F
|kHV18YmhDSMVymELAmlkJNfKOh056lgLIfNxFJfIqZ2FY/k1HtblT7btuy/DTA58oeWCvV
|PTvcrnEh2TtWuKf2TSJSX0G61R6CaWzdcHHMbDvvhKlxi6k7Kgn4vf3LUbwuLso+MIz6VJ
|59DQPi32NibfNQgifc0Zn3AiEAqgVl+91OqALxNDnno/x9RhC4XfAu8sXRXqJ0TNoPTh8C
|YQEwzQOCzT8yOl8WXvITX1Ib3/+qOwY8f4EmHLcMoBQJG10m/XEzjPKsQX4NrDWVkH6lra
|tVUIDw0rkqEU12RXY/DDiuclnG7L3v525gI5O5JwJEfkrT2jk6mmNDPBsjxWIwGgMVAND9
|1uBGl9Gnf7v/mkPwYmSzfJerAgF6A4GEAAKBgGBebu9hVXc/nWoREPTTybhyoB+J3+S8If
|3kn1DWj475Z5cU4DQZjz1YUh7cXQVOT8aIhXisAWw1zoZtkEtYSC4PsuMqTkfDsU0qesm3
|5cZoinOuUyGzzwnEYqPosLvc3g0uZkg3qNuiS/vb+qaSS0EKxlQLixqdL/9gCwsI2UI/o4
|GBMH8wHwYDVR0RBBgwFoEUZGlhbmVEaEBleGFtcGxlcy5jb20wDAYDVR0TAQH/BAIwADAO
|BgNVHQ8BAf8EBAMCAwgwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8wHQYDVR
|0OBBYEFEfzT811fahSIahhNle1+Jru2zBGMAkGByqGSM44BAMDLwAwLAIUfWQeH0vz7G80
|LLLkZHCPPmrAcqICFEvqwQzxzfd6nXbKJ27QvvLYm2pt
|DianeDSSSignByCarlInherit.cer
|MIIBujCCAXmgAwIBAgICANIwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAyMDgxMFoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIRGlhbmVEU1MwgZMw
|CQYHKoZIzjgEAQOBhQACgYEAoAAXeCzufoFTLi5hCA+hm1FSGtpZqHMvEiW2CMvK7ypEdo
|pSCeq9BSLVD/b9RtevmTgJDhPLTyzdHDT3HL8l/yPTO1nngpc3vjEk2BjI80k5W7fi5Sd+
|/IxFclt+Po9oTd1GeiK+jv/M2jkpoznln0PpVcnXW6aBZ8zAqs0uxSOjgYMwgYAwIAYDVR
|0RBBkwF4EVZGlhbmVEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/
|BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0GA1UdDgQWBBRkMJ
|l9XNxFC5k6Ui8Wv1hQ3c4rGDAJBgcqhkjOOAQDAzAAMC0CFH4MDIEXtJpUssMw64rEPMJS
|Np6VAhUAxp8XwnFLrC45jT0QH5qzTbb5EaM=
|DianeRSASignByCarl.cer
|MIICCjCCAXOgAwIBAgIQRjRrx4AAVrwR024u1ZowkDANBgkqhkiG9w0BAQUFADASMRAwDg
|YDVQQDEwdDYXJsUlNBMB4XDTk5MDgxOTA3MDAwMFoXDTM5MTIzMTIzNTk1OVowEzERMA8G
|A1UEAxMIRGlhbmVSU0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANb9uMBwxkwl7O
|rP6ny7omL68OYyOlP/sZJaF/Qg4ZkkggrQ9nz7RMqLJwbxfiYDqXadz+ygLHCW8oNC9tS3
|KAq7+L9KTBk/B9ugwWAet35n996xw2BJrEXX+MbvCDchk0fu8HM1crACxPMRw15H5Qq3g/
|HbdGlki0QdlV3NKMCFAgMBAAGjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXg
|MB8GA1UdIwQYMBaAFOngkCeseCB6mtNM8kI3TiKunji7MB0GA1UdDgQWBBSM88t1Do0x9t
|Qp2kSSdbj+7U85DDANBgkqhkiG9w0BAQUFAAOBgQAds1GxmZbwRKjrFOr8wt+4M0sCPEHf
|41N/6jR//NURDQAEiLjtvCNFA27xU7LAOxli3Nzhiv6n/KXXl9slfPMwxWOnOEqrJSEkgM
|fYeIKMU+o+L2MQZtMnVZrc7zVe9iNx5v94e6lPe38uucRCc1dPqvgEtA3HU4jE8JIoM0RQ
|oQ==
|EricaDHEncryptByCarl.cer
|MIIC6TCCAqigAwIBAgICANQwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAyMTcxNloXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHRXJpY2FESDCCAcQw
|ggE4BgcqhkjOPgIBMIIBKwKBgQDsLM2k75omL2KnuyNN3yslwWjSnqlFWzbxlIkar30RJJ
|09uTwp6NcjgDOmnkUCu6rMnigFlaCzF3bB9yU1YQJBkicMXq5I5fNuOO+R0c83/ppAl8gt
|NZ6dk8b4Fa8/2nQ6t8STtbm7dmwfqH68OqpDCoFk/GPwe3GY+sA4eRAaMwKBgQC6C9d0Pe
|c05UwTp5WWu/HkYTcI+xLH+5yRdwaZNfBIJJYzEgF+jewL9rLAY6cVxV6VhqJzxUlGN3lg
|/XcFCUibcI08BfbORCx/fRsrFd3zBS++hSCPjfm0oEV0K/Q7nUJiNCcngY5vD15ihYnM7S
|HDkXAGVO5wqJJVW24ZIk1ipwIhAMOrSjB5s9OXTsr1on3HcKNF87OihgXSPkn5n9kKs769
|A4GFAAKBgQDRK+QdProYz3Ugxsdew8Rs6vMj2QkfRpj0zlm5ts7oOsYY+Fl3G5mw2tzAnQ
|nkr/lhkSxHzEde3yszdvNn7HfoLDcwoYld88j2XBZK5LeM9XvVOP0UrOh6wn3uB5AnCnyH
|qKLicDXqbt6eUDFr6QnaJRoBjuP/Jhx19cPOWvWehaOBgTB/MB8GA1UdEQQYMBaBFGVyaW
|NhRGhAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgMIMB8GA1Ud
|IwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0GA1UdDgQWBBSNUx1hVX9gNW2mNqLFk/
|ia/cB1dDAJBgcqhkjOOAQDAzAAMC0CFD5RQgjjUi6qu4+9GDhxy5iDvkeeAhUAtLMVhZkR
|BkAfQFmN1BstzYHx6Gg=
|CarlDSSCRLEmpty.crl
|MG0wLjAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MXDTk5MDgyMDA3MDAwMFowCQ
|YHKoZIzjgEAwMwADAtAhRiPzYXMVguZ1B59QlLjK3Ua/RknwIVALU7TqFMe/0Pw42btv7D
|XW/eZSh9
|CarlDSSCRLForAll.crl
|MIHYMIGZMAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUxcNOTkwODI3MDcwMDAwWj
|BpMBMCAgDIFw05OTA4MjIwNzAwMDBaMBMCAgDJFw05OTA4MjIwNzAwMDBaMBMCAgDTFw05
|OTA4MjIwNzAwMDBaMBMCAgDSFw05OTA4MjIwNzAwMDBaMBMCAgDUFw05OTA4MjQwNzAwMD
|BaMAkGByqGSM44BAMDLwAwLAIUfmVSdjP+NHMX0feW+aDU2G1cfT0CFAJ6W7fVWxjBz4fv
|ftok8yqDnDWh
|CarlDSSCRLForCarl.crl
|MIGDMEQwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTFw05OTA4MjUwNzAwMDBaMB
|QwEgIBARcNOTkwODIyMDcwMDAwWjAJBgcqhkjOOAQDAzAAMC0CFQCzH8VPej3sdtVg+d55
|IuxPsJD+lwIUWovDhLxmhxu/eYJbCl0H9rqpBSk=
|CarlRSACRLEmpty.crl
|MIHHMDIwDQYJKoZIhvcNAQEEBQAwEjEQMA4GA1UEAxMHQ2FybFJTQRcNOTkwODIwMDcwMD
|AwWjANBgkqhkiG9w0BAQQFAAOBgQCpxSG4E3x087UR7ATzIEWGHgtuf4NtX/Q0dgZZJQ4E
|PYgJiIE3xNwgmPoXgQs3lKy0j3tRiRSky3JzFAe8IpxAoQf8RHyFDwuI0e7hDq/2FnStoa
|/BAHUAZOqlmvYLCKLblRlfpqe5OUUlCg72XoTn+LlayRjCDriglr6BOoBtyQ==
|CarlRSACRLForAll.crl
|MIIBMzCBnTANBgkqhkiG9w0BAQQFADASMRAwDgYDVQQDEwdDYXJsUlNBFw05OTA4MjcwNz
|AwMDBaMGkwIQIQRjRrx4AAVrwR024uxBCzsBcNOTkwODIyMDcwMDAwWjAhAhBGNGvHgABW
|vBHTbi7VmjCQFw05OTA4MjIwNzAwMDBaMCECEEY0a8eAAFa8EdNuLs1dcdAXDTk5MDgyND
|A3MDAwMFowDQYJKoZIhvcNAQEEBQADgYEAv7OXqlPwMiEWK3eSemu7l8jc6vH6ZhYwDrWe
|XPCB1F6zbsGIa4zUXsVN+0deZvNdq+W0GDZgqE2cPInsbye/NVBxgcK5RFtiiRkSMal7mt
|PMZssR2QsQR3etTyLZ5X8w8lv8lFGlWHY7H6hGph/2od5Voe0xiGmXDwjT1AxgWx4=
|CarlRSACRLForCarl.crl
|MIHsMFcwDQYJKoZIhvcNAQEEBQAwEjEQMA4GA1UEAxMHQ2FybFJTQRcNOTkwODI1MDcwMD
|AwWjAjMCECEEY0a8eAAFa8EdNuLp/yUCAXDTk5MDgyMjA3MDAwMFowDQYJKoZIhvcNAQEE
|BQADgYEAIe8h1MEahZVJa8pFYtzXCf+pUS6O2UcY+vjlct1P7XR04/NlMmUoLJodV+XVJg
|bq1eYjlYSNDome7psML84H96PRa4VMD//m3fzczXMsHn3csHHFTPwBblJXaR45Y98SIjDH
|E1WUBW4qAKlbxCpmlGLONjPCK2NHJZ3z3nDuAFY=
|4.1.bin
|MIAGCSqGSIb3DQEHAaCAJIAEBFRoaXMEGCBpcyBzb21lIHNhbXBsZSBjb250ZW50LgAAAA
|AAAA==
|<4.1.bin
|* Example from section 4.2
|* Creator: [JS]
|>4.2.bin
|MCsGCSqGSIb3DQEHAaAeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQu
|<4.2.bin
|* Example from section 5.1
|* Creator: [JP]
|>5.1.bin
|MIIDmwYJKoZIhvcNAQcCoIIDjDCCA4gCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuIwggLeMIICnaADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMA
|AwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0G
|A1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJBgcqhkjOOAQDAzAAMC0CFQCYsMY/z3
|FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoYfBpX8oLbsxZTBjAgEBMBgwEjEQMA4G
|A1UEAxMHQ2FybERTUwICAMgwBwYFKw4DAhowCQYHKoZIzjgEAQQwMC4CFQCawY9rKZh3vR
|4B3dJJd1uIqamIXgIVAI+PZLl3xkdZJbtxBS+QYWuJPq3F
|<5.1.bin
|* Example from section 5.2
|* Creator: [JS]
|>5.2.bin
|MIIDMAYJKoZIhvcNAQcCoIIDITCCAx0CAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa
|AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIICDjCCAgowggFzoAMCAQICEEY0
|a8eAAFa8EdNuLsQQs7AwDQYJKoZIhvcNAQEFBQAwEjEQMA4GA1UEAxMHQ2FybFJTQTAeFw
|05OTA4MTkwNzAwMDBaFw0zOTEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlUlNBMIGf
|MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgiXM5jdj19eiHdjl/TrAFu1OD3g+3q9x9x3
|UpDQUubRLfpoYm1NJvqlgp/Jfs+oJRDzCAvrFQnkZE8Sy72DLPxmhvB9mwYKy+7jQJahP1
|9wUFk99eujVW2WH/GX/Jgeb4bOqHQHDvrG0sdJ8t+lU6uZl3AqZIUoxO81c4V3RXXwIDAQ
|ABo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBTp4JAn
|rHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQUd9K00bdMioqjzkWdzuw8oDrj/1AwDQYJKo
|ZIhvcNAQEFBQADgYEAUv+zi1QeCL/zbQwSCH2Oy25Z7FaTpkoiQF+LFHl+g0/1P94hlxZY
|cHYysiBRoxofl0iAXIOwuJMLA0Suv76kjAbGReKBCNWJWAwoGy2lixxK49dENNTLU/y6qY
|uqtumww6t08SrxsMY46ocCHhC7mcS+NsAIuhNlNz428zFCcxgxgcswgcgCAQEwJjASMRAw
|DgYDVQQDEwdDYXJsUlNBAhBGNGvHgABWvBHTbi7EELOwMAkGBSsOAwIaBQAwDQYJKoZIhv
|cNAQEBBQAEgYAvI4LS8wlfuAxY606dv4mageV1xJE909DVe7bV/pShiqzjxIT1zWBOJ5X2
|zwCGdnU/K/Dn1AJnp/XHjRYEpbO159ky8CTv5yBE1Z8HxVMk+s4BHQ8XE6cqlZ0r5AOVFA
|vpOQ26zm6cngzomOZVE9Rob9AH16KxYkzjj6/94NVdxw==
|<5.2.bin
|* Example from section 5.3
|* Creator: [JP]
|>5.3.bin
|MIIDegYJKoZIhvcNAQcCoIIDazCCA2cCAQExCTAHBgUrDgMCGjALBgkqhkiG9w0BBwGggg
|LiMIIC3jCCAp2gAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4X
|DTk5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1Mwgg
|G2MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE//
|lOFzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6
|iLVPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6Ya
|RWa4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dm1
|nizaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB80jhbgvMAF8
|bUmJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GEAAKBgFzjuV
|p1FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyohs+JH09B41b
|Y8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTSljf2YUeyxD
|KE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GDMIGAMCAGA1UdEQQZMBeBFWFsaWNlRHNzQGV4YW1w
|bGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD
|6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wCQYH
|KoZIzjgEAwMwADAtAhUAmLDGP89xR1o1qUqPwPgkBehGlI4CFFufSMCMocECnETq6aGHwa
|V/KC27MWQwYgIBATAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaMAkGByqG
|SM44BAEELzAtAhQfoHCxTz15njyzXxRd1LmSOHwUjgIVAKKSpkYici37AhlnD22/qFDz3t
|b2
|<5.3.bin
|* Example from section 5.4
|* Creator: [JP]
|>5.4.bin
|MIIKpAYJKoZIhvcNAQcCoIIKlTCCCpECAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCB4cwggICMIIBb6ADAgECAhBGNGvH
|gABWvBHTbi7EELOwMAkGBSsOAwIdBQAwEjEQMA4GA1UEAxMHQ2FybFJTQTAeFw05OTA5MT
|kwMTA4NDdaFw0zOTEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlUlNBMIGfMA0GCSqG
|SIb3DQEBAQUAA4GNADCBiQKBgQDgiXM5jdj19eiHdjl/TrAFu1OD3g+3q9x9x3UpDQUubR
|LfpoYm1NJvqlgp/Jfs+oJRDzCAvrFQnkZE8Sy72DLPxmhvB9mwYKy+7jQJahP19wUFk99e
|ujVW2WH/GX/Jgeb4bOqHQHDvrG0sdJ8t+lU6uZl3AqZIUoxO81c4V3RXXwIDAQABo2AwXj
|AMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBTp4JAnrHggeprT
|TPJCN04irp44uzAdBgNVHQ4EFgQUd9K00bdMioqjzkWdzuw8oDrj/1AwCQYFKw4DAh0FAA
|OBgQC/NDLm/GqIQX3wXJmhk7dJtwJSHsuErJPXWCsAoZzESEiZ3QLDxgX40iXxo5zJMwGK
|dg5vd0Ojv+Hms2oEeTnu4enlnVAHiyLcElDj87Q9nuWTnrHNM/ngq5hxCfjrsPyc7PGI2K
|4D0f5g4WIUsaIj0siNGB9e7ptyAifChT0ELjCCApswggJaoAMCAQICAQEwCQYHKoZIzjgE
|AzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDTk5MDgxNjIyNTA1MFoXDTM5MTIzMTIzNTk1OV
|owEjEQMA4GA1UEAxMHQ2FybERTUzCCAbcwggErBgcqhkjOOAQBMIIBHgKBgQC2SRg+ikTB
|KXGUTAHEEsF6ectUTasegfvGTLMOlAkG6wHUschxS8dFwFAlXZz82uRt0+KGSISCfboVlU
|oW9kbt3faY0rt+igqKuhZ7uVABSJOL6yUVUZdV3I9TDhCpUPxwt80wVP3a3qiqIrWhr4vM
|Aojni3Bfua3hCNRtKS3W6QIVAN3BL99Tzgs0YHc+AqS/il2YuRDVAoGADO5Xm0u92rYHan
|Q3T1V/ne28YQ3rRlk8VgsrWwyRzqViUmnK4W0+vb/+4be5K2E8rcuuReMGrIwinZxEhwvH
|zfAc2bVOXXPerw7JHVpR9U9EeTVac6p/RlEfqUIWnEjrinlhtNUvUyJEYx+GuKNYBiX4Kc
|DvuuB18ELEY2VSmwoDgYUAAoGBAJmHdCcDZqCxwK3cLHW74WxEnNohbU1HbbFiCenYrh7y
|OrSUsaOOeptxTgCUybQlTrlglhkkAfNiDP51wPvO2GgA4/3VcE/fI5YZBpT0sWGPOlexCB
|GkCyYl8FJ2geoLYg2VKuaGunKyp1CDC6onzRupTYma140YOYQ/i8VWTYB6o0IwQDAPBgNV
|HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUcEQ+gi5vh95K03XjPS
|C8QyuT8R8wCQYHKoZIzjgEAwMwADAtAhRrqfBOelp54/m+PSvJBjfpERehEwIVAI80aSqL
|sTwDeZQyTRIfzon7RrI7MIIC3jCCAp2gAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQ
|QDEwdDYXJsRFNTMB4XDTk5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UE
|AxMIQWxpY2VEU1MwggG2MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5
|PdDteoDuxTxauECE//lOFzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyR
|CJWb3qde+fz0ny/dQ6iLVPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15A
|mWXPN+W9sCFQDiR6YaRWa4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkE
|AjVc8ssaMMMeUF3dm1nizaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FO
|nOLl2jB80jhbgvMAF8bUmJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5
|ujY5A4GEAAKBgFzjuVp1FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5V
|G/+onyohs+JH09B41bY8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoV
|i/G7NNTSljf2YUeyxDKE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GDMIGAMCAGA1UdEQQZMBeBFW
|FsaWNlRHNzQGV4YW1wbGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAf
|BgNVHSMEGDAWgBRwRD6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcK
|TOEwHi/eOX/s0wCQYHKoZIzjgEAwMwADAtAhUAmLDGP89xR1o1qUqPwPgkBehGlI4CFFuf
|SMCMocECnETq6aGHwaV/KC27oYHbMIHYMIGZMAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2
|FybERTUxcNOTkwODI3MDcwMDAwWjBpMBMCAgDIFw05OTA4MjIwNzAwMDBaMBMCAgDJFw05
|OTA4MjIwNzAwMDBaMBMCAgDTFw05OTA4MjIwNzAwMDBaMBMCAgDSFw05OTA4MjIwNzAwMD
|BaMBMCAgDUFw05OTA4MjQwNzAwMDBaMAkGByqGSM44BAMDLwAwLAIUfmVSdjP+NHMX0feW
|+aDU2G1cfT0CFAJ6W7fVWxjBz4fvftok8yqDnDWhMYIB6TCCAeUCAQEwGDASMRAwDgYDVQ
|QDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGqBdMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEw
|HAYJKoZIhvcNAQkFMQ8XDTAyMDQxNTE1MzIwMFowIwYJKoZIhvcNAQkEMRYEFEBq7AhSeb
|puFgItngYpwCKWh91IMAkGByqGSM44BAEELzAtAhQ3H01jDBO7+KYfn+DSGtHn4fILfQIV
|AJ6ddUz+5kMvY+cdPEkLo9Sai455oYIBIDCCARwGCSqGSIb3DQEJBjGCAQ0wggEJAgEBMC
|YwEjEQMA4GA1UEAxMHQ2FybFJTQQIQRjRrx4AAVrwR024uxBCzsDAHBgUrDgMCGqBDMBwG
|CSqGSIb3DQEJBTEPFw0wMjA0MTUxNTMyMDBaMCMGCSqGSIb3DQEJBDEWBBSec93NYPXovD
|ELZgf/DcKlvYlAyTALBgkqhkiG9w0BAQEEgYA9mWp2dHQeX4ytJJQ4OidpycvUCfSbBdYt
|Uoj5JTUd/VVH7+5y3MDeI3GLRIy9RiclgM0wegaeyZLvArwXBGUefcMNJojDy0WB9Xy+wN
|A1UfZeHY7bfBdPDqxAZycN6IRdBg3X0Wv3jbekgJleLw95mDf3t2deIVRxDQeOVgpNUg==
|<5.4.bin
|* Example from section 5.5
|* Creator: [JS]
|>5.5.bin
|MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAaCAJIAEBF
|RoaXMEGCBpcyBzb21lIHNhbXBsZSBjb250ZW50LgAAAAAAAKCCA/0wggHrMIIBVKADAgEC
|AhBGNGvHgABWvBHTbi6f8lAgMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNVBAMTB0NhcmxSU0
|EwHhcNOTkwODE4MDcwMDAwWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQDEwdDYXJsUlNB
|MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkS/8YuCRX9Hf/bnN7k3FcvDMakpJyI9
|hBRtDNEToEs46vgp29UR4XevJ2LCuGOae9140aU+zkANXo7KI2se3iUOIyCYo/n5klj7hO
|q7l91ZZl2hagxb4OrkRb7170pynLgt2sROmqk5QpDvgY1shXXvJ2xPIRYDi5Gzwdl8lq8Q
|IDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
|6eCQJ6x4IHqa00zyQjdOIq6eOLswDQYJKoZIhvcNAQEFBQADgYEAt57UBNPtKeT/iYkVLk
|zbDPBIDzJh7sQE7BJdLf8PZFl+CsPtGP3jVkA3pwe18DgSYVDt790/4wu4YaWkmzzmnpxU
|mraV1tpsO7UtRTWdSQF2+rm5Mfn5axJToPUUYJt9yj7yU2uwN2+t5nTX2/pa6hRBY13Nvs
|gOwdpqjVM0GAIwggIKMIIBc6ADAgECAhBGNGvHgABWvBHTbi7EELOwMA0GCSqGSIb3DQEB
|BQUAMBIxEDAOBgNVBAMTB0NhcmxSU0EwHhcNOTkwODE5MDcwMDAwWhcNMzkxMjMxMjM1OT
|U5WjATMREwDwYDVQQDEwhBbGljZVJTQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
|4IlzOY3Y9fXoh3Y5f06wBbtTg94Pt6vcfcd1KQ0FLm0S36aGJtTSb6pYKfyX7PqCUQ8wgL
|6xUJ5GRPEsu9gyz8ZobwfZsGCsvu40CWoT9fcFBZPfXro1Vtlh/xl/yYHm+Gzqh0Bw76xt
|LHSfLfpVOrmZdwKmSFKMTvNXOFd0V18CAwEAAaNgMF4wDAYDVR0TAQH/BAIwADAOBgNVHQ
|8BAf8EBAMCBsAwHwYDVR0jBBgwFoAU6eCQJ6x4IHqa00zyQjdOIq6eOLswHQYDVR0OBBYE
|FHfStNG3TIqKo85Fnc7sPKA64/9QMA0GCSqGSIb3DQEBBQUAA4GBAFL/s4tUHgi/820MEg
|h9jstuWexWk6ZKIkBfixR5foNP9T/eIZcWWHB2MrIgUaMaH5dIgFyDsLiTCwNErr++pIwG
|xkXigQjViVgMKBstpYscSuPXRDTUy1P8uqmLqrbpsMOrdPEq8bDGOOqHAh4Qu5nEvjbACL
|oTZTc+NvMxQnMYMYHLMIHIAgEBMCYwEjEQMA4GA1UEAxMHQ2FybFJTQQIQRjRrx4AAVrwR
|024uxBCzsDAJBgUrDgMCGgUAMA0GCSqGSIb3DQEBAQUABIGALyOC0vMJX7gMWOtOnb+Jmo
|HldcSRPdPQ1Xu21f6UoYqs48SE9c1gTieV9s8AhnZ1Pyvw59QCZ6f1x40WBKWztefZMvAk
|7+cgRNWfB8VTJPrOAR0PFxOnKpWdK+QDlRQL6TkNus5unJ4M6JjmVRPUaG/QB9eisWJM44
|+v/eDVXccAAAAAAAA=
|<5.5.bin
|* Example from section 5.6
|* Creator: [JP]
|>5.6.bin
|MIIFvgYJKoZIhvcNAQcCoIIFrzCCBasCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCBKAwggG6MIIBeaADAgECAgIA0jAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDIwODEwWhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhEaWFuZURTUzCBkzAJBgcqhkjOOAQBA4GFAAKBgQCg
|ABd4LO5+gVMuLmEID6GbUVIa2lmocy8SJbYIy8rvKkR2ilIJ6r0FItUP9v1G16+ZOAkOE8
|tPLN0cNPccvyX/I9M7WeeClze+MSTYGMjzSTlbt+LlJ378jEVyW34+j2hN3UZ6Ir6O/8za
|OSmjOeWfQ+lVyddbpoFnzMCqzS7FI6OBgzCBgDAgBgNVHREEGTAXgRVkaWFuZURzc0BleG
|FtcGxlcy5jb20wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAU
|cEQ+gi5vh95K03XjPSC8QyuT8R8wHQYDVR0OBBYEFGQwmX1c3EULmTpSLxa/WFDdzisYMA
|kGByqGSM44BAMDMAAwLQIUfgwMgRe0mlSywzDrisQ8wlI2npUCFQDGnxfCcUusLjmNPRAf
|mrNNtvkRozCCAt4wggKdoAMCAQICAgDIMAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybE
|RTUzAeFw05OTA4MTcwMTEwNDlaFw0zOTEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNl
|RFNTMIIBtjCCASsGByqGSM44BAEwggEeAoGBAIGNze2D6gqeOT7CSCij5EeT3Q7XqA7sU8
|WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+HZMMg23j+bv7dM3F9piuR10DcMkQiVm96nXvn8
|9J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UIddU5dhDEeL3/nbCElzfy5FEbteQJllzzflvbAh
|UA4kemGkVmuBPG2o+4NyErYov3k80CgYAmONAUiTKqOfs+bdlLWWpMdiM5BAI1XPLLGjDD
|HlBd3ZtZ4s2qBT1YwHuiNrhuB699ikIlp/R1z0oIXks+kPht6pzJIYo7dhTpzi5dowfNI4
|W4LzABfG1JiRGJNkS9+MiVSlNWteL5c+waYTYfEX/Cve3RUP+YdMLRgUpgObo2OQOBhAAC
|gYBc47ladRSWC6l63eM/qeysXty9txMRNKYWiSgRI9k0hmd1dRMSPUNbb+VRv/qJ8qIbPi
|R9PQeNW2PIu0WloErjhdbOBoA/6CN+GvIkq1MauCcNHu8Iv2YUgFxirGX6FYvxuzTU0pY3
|9mFHssQyhPB+QUD9RqdjTjPypeL08oPluKOBgzCBgDAgBgNVHREEGTAXgRVhbGljZURzc0
|BleGFtcGxlcy5jb20wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwHwYDVR0jBBgw
|FoAUcEQ+gi5vh95K03XjPSC8QyuT8R8wHQYDVR0OBBYEFL5sobPjwfftQ3CkzhMB4v3jl/
|7NMAkGByqGSM44BAMDMAAwLQIVAJiwxj/PcUdaNalKj8D4JAXoRpSOAhRbn0jAjKHBApxE
|6umhh8GlfygtuzGByTBiAgEBMBgwEjEQMA4GA1UEAxMHQ2FybERTUwICANIwBwYFKw4DAh
|owCQYHKoZIzjgEAQQvMC0CFB9I4rjoZ8CQkejDIqNd6r7QgxowAhUA2KFvBbnUkgFd6nJJ
|m+mspFmADu0wYwIBATAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaMAkGBy
|qGSM44BAEEMDAuAhUAkiquklkinwtPrHpwm2B+LXvFA14CFQCQPl0UutYETYM7YP+KKscb
|DJ0zeQ==
|<5.6.bin
|* Example from section 5.7
|* Creator: [JP]
|>5.7.bin
|MIIDlQYJKoZIhvcNAQcCoIIDhjCCA4ICAQMxCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuIwggLeMIICnaADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMA
|AwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0G
|A1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJBgcqhkjOOAQDAzAAMC0CFQCYsMY/z3
|FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoYfBpX8oLbsxXzBdAgEDgBS+bKGz48H3
|7UNwpM4TAeL945f+zTAHBgUrDgMCGjAJBgcqhkjOOAQBBC4wLAIUbY5azSigH9mGrXrp36
|zXvuy+P/gCFHyKBh78pEE1fvckFP09wFa3BSfV
|<5.7.bin
|* Example from section 5.8
|* Creator: [JP]
|>5.8.eml
|TUlNRS1WZXJzaW9uOiAxLjANClRvOiBVc2VyMkBleGFtcGxlcy5jb20NCkZyb206IGFsaW
|NlRHNzQGV4YW1wbGVzLmNvbQ0KU3ViamVjdDogRXhhbXBsZSA1LjgNCk1lc3NhZ2UtSWQ6
|IDwwMjA5MDYwMDI1NTAzMDAuMjQ5QGV4YW1wbGVzLmNvbT4NCkRhdGU6IEZyaSwgMDYgU2
|VwIDIwMDIgMDA6MjU6MjEgLTAzMDAgDQpDb250ZW50LVR5cGU6IG11bHRpcGFydC9zaWdu
|ZWQ7DQoJbWljYWxnPVNIQTE7DQoJYm91bmRhcnk9Ii0tLS09X05leHRCb3VuZHJ5X19fX0
|ZyaSxfMDZfU2VwXzIwMDJfMDA6MjU6MjEiOw0KCXByb3RvY29sPSJhcHBsaWNhdGlvbi9w
|a2NzNy1zaWduYXR1cmUiDQoNClRoaXMgaXMgYSBtdWx0aS1wYXJ0IG1lc3NhZ2UgaW4gTU
|lNRSBmb3JtYXQuDQoNCi0tLS0tLT1fTmV4dEJvdW5kcnlfX19fRnJpLF8wNl9TZXBfMjAw
|Ml8wMDoyNToyMQ0KDQpUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuDQotLS0tLS09X0
|5leHRCb3VuZHJ5X19fX0ZyaSxfMDZfU2VwXzIwMDJfMDA6MjU6MjENCkNvbnRlbnQtVHlw
|ZTogYXBwbGljYXRpb24vcGtjczctc2lnbmF0dXJlOyBuYW1lPXNtaW1lLnA3cw0KQ29udG
|VudC1UcmFuc2Zlci1FbmNvZGluZzogYmFzZTY0DQpDb250ZW50LURpc3Bvc2l0aW9uOiBh
|dHRhY2htZW50OyBmaWxlbmFtZT1zbWltZS5wN3MNCg0KTUlJRGVRWUpLb1pJaHZjTkFRY0
|NvSUlEYWpDQ0EyWUNBUUV4Q1RBSEJnVXJEZ01DR2pBTEJna3Foa2lHOXcwQkJ3R2dnZ0xp
|TUlJQw0KM2pDQ0FwMmdBd0lCQWdJQ0FNZ3dDUVlIS29aSXpqZ0VBekFTTVJBd0RnWURWUV
|FERXdkRFlYSnNSRk5UTUI0WERUazVNRGd4TnpBeA0KTVRBME9Wb1hEVE01TVRJek1USXpO
|VGsxT1Zvd0V6RVJNQThHQTFVRUF4TUlRV3hwWTJWRVUxTXdnZ0cyTUlJQkt3WUhLb1pJem
|pnRQ0KQVRDQ0FSNENnWUVBZ1kzTjdZUHFDcDQ1UHNKSUtLUGtSNVBkRHRlb0R1eFR4YXVF
|Q0UvL2xPRnpTSDRNMXZORVNOSCtuNitrb1lrdg0KNGRrd3lEYmVQNXUvdDB6Y1gybUs1SF
|hRTnd5UkNKV2IzcWRlK2Z6MG55L2RRNmlMVlBFL3NBY0lSMDFkaU1QRHRiUGpWUWgxMVRs
|Mg0KRU1SNHZmK2RzSVNYTi9Ma1VSdTE1QW1XWFBOK1c5c0NGUURpUjZZYVJXYTRFOGJhaj
|dnM0lTdGlpL2VUelFLQmdDWTQwQlNKTXFvNQ0KK3o1dDJVdFpha3gySXprRUFqVmM4c3Nh
|TU1NZVVGM2RtMW5pemFvRlBWakFlNkkydUc0SHIzMktRaVduOUhYUFNnaGVTejZRK0czcQ
|0Kbk1raGlqdDJGT25PTGwyakI4MGpoYmd2TUFGOGJVbUpFWWsyUkwzNHlKVktVMWExNHZs
|ejdCcGhOaDhSZjhLOTdkRlEvNWgwd3RHQg0KU21BNXVqWTVBNEdFQUFLQmdGemp1VnAxRk
|pZTHFYcmQ0eitwN0t4ZTNMMjNFeEUwcGhhSktCRWoyVFNHWjNWMUV4STlRMXR2NVZHLw0K
|K29ueW9ocytKSDA5QjQxYlk4aTdSYVdnU3VPRjFzNEdnRC9vSTM0YThpU3JVeHE0SncwZT
|d3aS9aaFNBWEdLc1pmb1ZpL0c3Tk5UUw0KbGpmMllVZXl4REtFOEg1QlFQMUdwMk5PTS9L
|bDR2VHlnK1c0bzRHRE1JR0FNQ0FHQTFVZEVRUVpNQmVCRldGc2FXTmxSSE56UUdWNA0KWV
|cxd2JHVnpMbU52YlRBTUJnTlZIUk1CQWY4RUFqQUFNQTRHQTFVZER3RUIvd1FFQXdJR3dE
|QWZCZ05WSFNNRUdEQVdnQlJ3UkQ2Qw0KTG0rSDNrclRkZU05SUx4REs1UHhIekFkQmdOVk
|hRNEVGZ1FVdm15aHMrUEI5KzFEY0tUT0V3SGkvZU9YL3Mwd0NRWUhLb1pJempnRQ0KQXdN
|d0FEQXRBaFVBbUxER1A4OXhSMW8xcVVxUHdQZ2tCZWhHbEk0Q0ZGdWZTTUNNb2NFQ25FVH
|E2YUdId2FWL0tDMjdNV013WVFJQg0KQVRBWU1CSXhFREFPQmdOVkJBTVRCME5oY214RVUx
|TUNBZ0RJTUFjR0JTc09Bd0lhTUFrR0J5cUdTTTQ0QkFFRUxqQXNBaFF6K1laLw0KcUNTQ2
|4xblJlMUYwYUtZbDRIOEhGUUlVWVVVbXJCaEczVlpod2c1Q2dhSnFqQ29iTlVnPQ0KDQot
|LS0tLS09X05leHRCb3VuZHJ5X19fX0ZyaSxfMDZfU2VwXzIwMDJfMDA6MjU6MjEtLQ0K
|<5.8.eml
|* Example from section 5.9
|* Creator: [JP]
|>5.9.eml
|TUlNRS1WZXJzaW9uOiAxLjANClRvOiBVc2VyMkBleGFtcGxlcy5jb20NCkZyb206IGFsaW
|NlRHNzQGV4YW1wbGVzLmNvbQ0KU3ViamVjdDogRXhhbXBsZSA1LjkNCk1lc3NhZ2UtSWQ6
|IDwwMjEwMzExNjQ1NDAzMDAuMzA0QGV4YW1wbGVzLmNvbT4NCkRhdGU6IFRodSwgMzEgT2
|N0IDIwMDIgMTY6NDU6MTQgLTAzMDAgDQpDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL3Br
|Y3M3LW1pbWU7IHNtaW1lLXR5cGU9c2lnbmVkLWRhdGE7DQoJbmFtZT1zbWltZS5wN20NCk
|NvbnRlbnQtVHJhbnNmZXItRW5jb2Rpbmc6IGJhc2U2NA0KQ29udGVudC1EaXNwb3NpdGlv
|bjogYXR0YWNobWVudDsgZmlsZW5hbWU9c21pbWUucDdtDQoNCg0KTUlJRG13WUpLb1pJaH
|ZjTkFRY0NvSUlEakRDQ0E0Z0NBUUV4Q1RBSEJnVXJEZ01DR2pBdEJna3Foa2lHOXcwQkJ3
|R2dJQVFlRFFwVQ0KYUdseklHbHpJSE52YldVZ2MyRnRjR3hsSUdOdmJuUmxiblF1b0lJQz
|RqQ0NBdDR3Z2dLZG9BTUNBUUlDQWdESU1Ba0dCeXFHU000NA0KQkFNd0VqRVFNQTRHQTFV
|RUF4TUhRMkZ5YkVSVFV6QWVGdzA1T1RBNE1UY3dNVEV3TkRsYUZ3MHpPVEV5TXpFeU16VT
|VOVGxhTUJNeA0KRVRBUEJnTlZCQU1UQ0VGc2FXTmxSRk5UTUlJQnRqQ0NBU3NHQnlxR1NN
|NDRCQUV3Z2dFZUFvR0JBSUdOemUyRDZncWVPVDdDU0Npag0KNUVlVDNRN1hxQTdzVThXcm
|hBaFAvNVRoYzBoK0ROYnpSRWpSL3ArdnBLR0pMK0haTU1nMjNqK2J2N2RNM0Y5cGl1UjEw
|RGNNa1FpVg0KbTk2blh2bjg5Sjh2M1VPb2kxVHhQN0FIQ0VkTlhZakR3N1d6NDFVSWRkVT
|VkaERFZUwzL25iQ0VsemZ5NUZFYnRlUUpsbHp6Zmx2Yg0KQWhVQTRrZW1Ha1ZtdUJQRzJv
|KzROeUVyWW92M2s4MENnWUFtT05BVWlUS3FPZnMrYmRsTFdXcE1kaU01QkFJMVhQTExHak
|RESGxCZA0KM1p0WjRzMnFCVDFZd0h1aU5yaHVCNjk5aWtJbHAvUjF6MG9JWGtzK2tQaHQ2
|cHpKSVlvN2RoVHB6aTVkb3dmTkk0VzRMekFCZkcxSg0KaVJHSk5rUzkrTWlWU2xOV3RlTD
|VjK3dhWVRZZkVYL0N2ZTNSVVArWWRNTFJnVXBnT2JvMk9RT0JoQUFDZ1lCYzQ3bGFkUlNX
|QzZsNg0KM2VNL3FleXNYdHk5dHhNUk5LWVdpU2dSSTlrMGhtZDFkUk1TUFVOYmIrVlJ2L3
|FKOHFJYlBpUjlQUWVOVzJQSXUwV2xvRXJqaGRiTw0KQm9BLzZDTitHdklrcTFNYXVDY05I
|dThJdjJZVWdGeGlyR1g2Rll2eHV6VFUwcFkzOW1GSHNzUXloUEIrUVVEOVJxZGpUalB5cG
|VMMA0KOG9QbHVLT0JnekNCZ0RBZ0JnTlZIUkVFR1RBWGdSVmhiR2xqWlVSemMwQmxlR0Z0
|Y0d4bGN5NWpiMjB3REFZRFZSMFRBUUgvQkFJdw0KQURBT0JnTlZIUThCQWY4RUJBTUNCc0
|F3SHdZRFZSMGpCQmd3Rm9BVWNFUStnaTV2aDk1SzAzWGpQU0M4UXl1VDhSOHdIUVlEVlIw
|Tw0KQkJZRUZMNXNvYlBqd2ZmdFEzQ2t6aE1CNHYzamwvN05NQWtHQnlxR1NNNDRCQU1ETU
|FBd0xRSVZBSml3eGovUGNVZGFOYWxLajhENA0KSkFYb1JwU09BaFJibjBqQWpLSEJBcHhF
|NnVtaGg4R2xmeWd0dXpGak1HRUNBUUV3R0RBU01SQXdEZ1lEVlFRREV3ZERZWEpzUkZOVA
|0KQWdJQXlEQUhCZ1VyRGdNQ0dqQUpCZ2NxaGtqT09BUUJCQzR3TEFJVVBWeEpib3NoUVhO
|NWVWN2RnamxJcElGNnYrd0NGQ1lLcnV6OA0KSk1VYzRTT0FCSjVTTnN5bkhtRG8NCg0KDQ
|o=
|<5.9.eml
|* Example from section 5.10
|* Creator: [JP]
|>5.10.bin
|MIIFGAYJKoZIhvcNAQcCoIIFCTCCBQUCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LjGCBMYwggTCAgEBMBgwEjEQMA4GA1UE
|AxMHQ2FybERTUwICAMgwBwYFKw4DAhqgggRbMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBw
|EwIwYJKoZIhvcNAQkEMRYEFEBq7AhSebpuFgItngYpwCKWh91IMDgGAyqrMzExBC9UaGlz
|IGlzIGEgdGVzdCBHZW5lcmFsIEFTTiBBdHRyaWJ1dGUsIG51bWJlciAxLjA6BgsqhkiG9w
|0BCRACBDErMCkMIENvbnRlbnQgSGludHMgRGVzY3JpcHRpb24gQnVmZmVyBgUqAwYFBDBK
|BgkqhkiG9w0BCQ8xPTA7MAcGBSoDBAUGMDAGBioDBAUGTQQmU21pbWUgQ2FwYWJpbGl0aW
|VzIHBhcmFtZXRlcnMgYnVmZmVyIDIwbQYLKoZIhvcNAQkQAgIxXjFcAgEBBgcqAwQFBgcI
|MTEwL4AIKgMEBQYHhnihIxMhVEhJUyBJUyBBIFRFU1QgU0VDVVJJVFktQ0FURUdPUlkuEx
|tUSElTIElTIEEgUFJJVkFDWSBNQVJLIFRFU1QwbwYLKoZIhvcNAQkQAgoxYDBeBgUqAwQF
|BgQrQ29udGVudCBSZWZlcmVuY2UgQ29udGVudCBJZGVudGlmaWVyIEJ1ZmZlcgQoQ29udG
|VudCBSZWZlcmVuY2UgU2lnbmF0dXJlIFZhbHVlIEJ1ZmZlcjBzBgsqhkiG9w0BCRACCzFk
|oGIwWjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDVVTIEdvdmVybm1lbnQxETAPBgNVBAsTCF
|ZEQSBTaXRlMQwwCgYDVQQLEwNWREExEjAQBgNVBAMTCURhaXN5IFJTQQIEClVEMzCB/AYL
|KoZIhvcNAQkQAgMxgewwgekwgeYEBzU3MzgyOTkYDzE5OTkwMzExMTA0NDMzWqGByTCBxq
|RhMF8xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1VUyBHb3Zlcm5tZW50MREwDwYDVQQLEwhW
|REEgU2l0ZTEMMAoGA1UECxMDVkRBMRcwFQYDVQQDEw5CdWdzIEJ1bm55IERTQaRhMF8xCz
|AJBgNVBAYTAlVTMRYwFAYDVQQKEw1VUyBHb3Zlcm5tZW50MREwDwYDVQQLEwhWREEgU2l0
|ZTEMMAoGA1UECxMDVkRBMRcwFQYDVQQDEw5FbG1lciBGdWRkIERTQTCCAQIGCyqGSIb3DQ
|EJEAIJMYHyMIHvMXICAQEGByoDBAUGBwkxPDA6gAgqAwQFBgeGeKEuEyxFUVVJVkFMRU5U
|IFRISVMgSVMgQSBURVNUIFNFQ1VSSVRZLUNBVEVHT1JZLhMmRVFVSVZBTEVOVCBUSElTIE
|lTIEEgUFJJVkFDWSBNQVJLIFRFU1QxeQIBAQYHKgMEBQYHCjE8MDqACCoDBAUGB4Z4oS4T
|LEVRVUlWQUxFTlQgVEhJUyBJUyBBIFRFU1QgU0VDVVJJVFktQ0FURUdPUlkuEy1FUVVJVk
|FMRU5UIFRISVMgSVMgQSBTRUNPTkQgUFJJVkFDWSBNQVJLIFRFU1QwCQYHKoZIzjgEAwQw
|MC4CFQDX6xg4wO5LLUo9d7f+W4PZZ2jgNAIVAIgDSMwKcMdfiWuZEEodu5hhBgjD
|<5.10.bin
|* Example from section 5.11
|* Creator: [JP]
|>5.11.bin
|MIIGigYJKoZIhvcNAQcCoIIGezCCBncCAQExADALBgkqhkiG9w0BBwGgggWBMIICmzCCAl
|qgAwIBAgIBATAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE2MjI1
|MDUwWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQDEwdDYXJsRFNTMIIBtzCCASsGByqGSM
|44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8ZMsw6UCQbrAdSxyHFLx0XA
|UCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5UAFIk4vrJRVRl1Xcj1MOEK
|lQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAhUA3cEv31POCzRgdz4CpL+K
|XZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytbDJHOpWJSacrhbT69v/7ht7
|krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0R5NVpzqn9GUR+pQhacSOuK
|eWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgOBhQACgYEAmYd0JwNmoLHArdwsdb
|vhbESc2iFtTUdtsWIJ6diuHvI6tJSxo456m3FOAJTJtCVOuWCWGSQB82IM/nXA+87YaADj
|/dVwT98jlhkGlPSxYY86V7EIEaQLJiXwUnaB6gtiDZUq5oa6crKnUIMLqifNG6lNiZrXjR
|g5hD+LxVZNgHqjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1Ud
|DgQWBBRwRD6CLm+H3krTdeM9ILxDK5PxHzAJBgcqhkjOOAQDAzAAMC0CFGup8E56Wnnj+b
|49K8kGN+kRF6ETAhUAjzRpKouxPAN5lDJNEh/OiftGsjswggLeMIICnaADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMA
|AwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0G
|A1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJBgcqhkjOOAQDAzAAMC0CFQCYsMY/z3
|FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoYfBpX8oLbuhgdswgdgwgZkwCQYHKoZI
|zjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTFw05OTA4MjcwNzAwMDBaMGkwEwICAMgXDTk5MD
|gyMjA3MDAwMFowEwICAMkXDTk5MDgyMjA3MDAwMFowEwICANMXDTk5MDgyMjA3MDAwMFow
|EwICANIXDTk5MDgyMjA3MDAwMFowEwICANQXDTk5MDgyNDA3MDAwMFowCQYHKoZIzjgEAw
|MvADAsAhR+ZVJ2M/40cxfR95b5oNTYbVx9PQIUAnpbt9VbGMHPh+9+2iTzKoOcNaExAA==
|<5.11.bin
|* Example from section 6.1
|* Creator: [JP] (after [JS])
|>6.1.bin
|MIIBqgYJKoZIhvcNAQcDoIIBmzCCAZcCAQIxggFLoYIBRwIBA6CBlaGBkjAJBgcqhkjOPg
|IBA4GEAAKBgES5JjITd62IzfWfS02pbP84YOuEq0Xmo/TilCeX8I0ppesfIZFoWDnI8knY
|mdtIqJ5HpZ4GvrT0oIYBEMRQ+7H1MYgSexUYcPhyCGVPUaejlhjoebSmbPG3emEm9q9NNE
|Ii3YDzx0LOahyMpiTpVGqgZ7GA3ruwxP68RUzS7DV0oUIEQKl0xOmqedPOXHSk7aXbZfXA
|N9aB8QqTXySh25eW7oeLedvpBxEjznAkhDByAoPVfWDT1PanTUzC4In6zVkgopMwHgYLKo
|ZIhvcNAQkQAwUwDwYLKoZIhvcNAQkQAwYFADBGMEQwGDASMRAwDgYDVQQDEwdDYXJsRFNT
|AgIAyQQol6Icmx1yA0z6H87aroVJ4Q0yBJeAQ8sASWA2p91LDuXWqHu6ZpSXpzBDBgkqhk
|iG9w0BBwEwFAYIKoZIhvcNAwcECDfnftcWF8isgCBq8riaWGWyrfQ6oDGyvfdSeusr+wR3
|D+JZxjO7Bf0M6g==
|<6.1.bin
|* Example from section 6.2
|* Creator: [JS]
|>6.2.bin
|MIIBHgYJKoZIhvcNAQcDoIIBDzCCAQsCAQAxgcAwgb0CAQAwJjASMRAwDgYDVQQDEwdDYX
|JsUlNBAhBGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUABIGAC3EN5nGIiJi2lsGP
|cP2iJ97a4e8kbKQz36zg6Z2i0yx6zYC4mZ7mX7FBs3IWg+f6KgCLx3M1eCbWx8+MDFbbpX
|adCDgO8/nUkUNYeNxJtuzubGgzoyEd8Ch4H/dd9gdzTd+taTEgS0ipdSJuNnkVY4/M652j
|KKHRLFf02hosdR8wQwYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAgtaMXpRwZRNYAgDsiSf8
|Z9P43LrY4OxUk660cu1lXeCSFOSOpOJ7FuVyU=
|<6.2.bin
|* Example from section 6.3
|* Creator: [JS]
|>6.3.bin
|MIIBIwYJKoZIhvcNAQcDoIIBFDCCARACAQAxgcAwgb0CAQAwJjASMRAwDgYDVQQDEwdDYX
|JsUlNBAhBGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUABIGAhUK+4wsu5Q8JqiTK
|3trB0wm4Jysly9Vx+8mc2/CybqCKXxydSu2YnRU5JgEaLmvwRDmJNzxvx0phCwsnd6r51J
|ek0iE/wj8g1NwQ6dY/ANucgkfWfpb/Em6HhKC67YEPVm2mHeurw7ehufhfi8wbSuUUNgZh
|0MdkX2lnkalQ7tgwSAYJKoZIhvcNAQcBMBkGCCqGSIb3DQMCMA0CAToECOhwgeLvxRVXgC
|AGUwp7jVwWDczVdtaLWdZFjBoaDOYe895DVgCbQIw4XQ==
|<6.3.bin
|* Example from section 6.4
|* Creator: [JP]
|>6.4.bin
|MIIC9wYJKoZIhvcNAQcDoIIC6DCCAuQCAQIxggKYoYIBSAIBA6CBlqGBkzAJBgcqhkjOPg
|IBA4GFAAKBgQCdbqpNVTUFZmX3oGR1mWf7Tk9TVTR6hSGVK35iPN4KySAcTIBHPqZf9UsH
|EiZ0vti4LizqRSEFyH36aG4jRocP0tCoiw7eTX0s81F2n1j38nsjMNchU5ApmlteZBwN/3
|7rnTXftdOj/zAiuK8xCcKOv8i9UfInpc00EbVMK79oGKFCBECDFBrYRijveD/IHik7FPj+
|FjYubzXIKWCKxmq/SOZ222p8GDYTRyDiXzkIwgSX8/zmw291Tskwl7FBa6HoUNbHMB4GCy
|qGSIb3DQEJEAMFMA8GCyqGSIb3DQEJEAMGBQAwRjBEMBgwEjEQMA4GA1UEAxMHQ2FybERT
|UwICANMEKDhzky1Gg8F+6mBrQc9ybzUNWbHjxQlZlOKC7Rj+Jhu8RoEbhZpWPzyhggFIAg
|EDoIGWoYGTMAkGByqGSM4+AgEDgYUAAoGBALpYk4u8MVn5z/cjOnd1y/SbfF5T63OUT+V1
|VUhNUMSvcWmHyry1W2M7mg6l0POX2xhRwMs1pQcgIXkCB67KJu5Erpw3N4vIRbNiT6SHDh
|F+SJa2o3Tg9J9dJsHofry/s0zrSlpYyxLoPkI8mdyz03pP0wiDdmtz5rAI63YOuEBMoUIE
|QP/eiHo/qkTYEBSmKXLQCEyarH00tWhNCO3LSCpw1nrFQZuuxgMj8Ic/wVVNb+D/52sc71
|TtxFLdkAQlXvJDwRkwHgYLKoZIhvcNAQkQAwUwDwYLKoZIhvcNAQkQAwYFADBGMEQwGDAS
|MRAwDgYDVQQDEwdDYXJsRFNTAgIAyQQoIZ9l8JcEwId+2Wki46GAsolO1n2zVd4jqlusDh
|crRROpJLwJNQDmkjBDBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECLia7T9eZxGKgCDqqtjE
|cWPkMZYREuSOhGDwoBQC+SN54j3z/OOmdP0lOA==
|<6.4.bin
|* Example from section 6.5
|* Creator: [JP]
|>6.5.bin
|MIIBrQYJKoZIhvcNAQcDoIIBnjCCAZoCAQIxggFOoYIBSgIBA6CBlaGBkjAJBgcqhkjOPg
|IBA4GEAAKBgCHKVaMQM9OFoaZK2BiFExXXRaUXlN1nW+1DA+E24y7d+Tw4Zbk0ZokpDX5v
|hXL53eRifsOe88Q4OWrqTgeDuEQjf779Ao9IlUjQLL8C7s2pruMg/SArer2sWYhi9UiFJq
|AgK/WWAkoa/KEPj5AD7pFBRt6n5XkwN4rLQT9m8/cHMB4GCyqGSIb3DQEJEAMFMA8GCyqG
|SIb3DQEJEAMGBQAwgYwwRDAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDJBChzJjprl/lQOr
|hqjedHWLpMC03HJKITIm86k3DsLBfRa4AaueN5uKZ7MEQwGDASMRAwDgYDVQQDEwdDYXJs
|RFNTAgIA1AQorIS/KLUZVhm38r0yWVqexn71ldzxIIAVwryVRz6S7s+2QY9Fg8nIXzBDBg
|kqhkiG9w0BBwEwFAYIKoZIhvcNAwcECMrUyMIptPqsgCACGOJ8GSE0zEOIiEX2fq2rlypD
|EeZFARE6wtgpbU1seA==
|<6.5.bin
|* Example from section 6.6
|* Creator: [JS]
|>6.6.eml
|U3ViamVjdDogVGVzdCBzdWJqZWN0DQpNSU1FLVZlcnNpb246IDEuMA0KQ29udGVudC1UeX
|BlOiBhcHBsaWNhdGlvbi94LXBrY3M3LW1pbWU7DQoJbmFtZT0ic21pbWUucDdtIjsNCglz
|bWltZS10eXBlPWVudmVsb3BlZC1kYXRhDQpDb250ZW50LVRyYW5zZmVyLUVuY29kaW5nOi
|BiYXNlNjQNCkNvbnRlbnQtRGlzcG9zaXRpb246IGF0dGFjaG1lbnQ7DQoJZmlsZW5hbWU9
|InNtaW1lLnA3bSINClgtTWltZU9MRTogUHJvZHVjZWQgQnkgTWljcm9zb2Z0IE1pbWVPTE
|UgVjUuMDAuMjExNS4zMDANCg0KTUlBR0NTcUdTSWIzRFFFSEE2Q0FNSUFDQVFJeGdnRmRv
|WUlCQkFJQkE2Q0JsYUdCa2pBSkJnY3Foa2pPUGdJQkE0R0VBQUtCZ0UzNA0KOE84V1lrYi
|ttaDlKeXdJbUlKMWowUElqODRTbnBLY2xxTzMxRWNTY1p6a1NpUVFQK2dxcGhJbWZFd0lH
|aDdQN3l3dW9GdXhkb3Q4Qw0KMlgvbkR1YmhycktJbUczWjk2aC9GQWg2L3JnQTZQMTByMn
|llc1YxUXZxZkdnWUJoOStvOXpxL1MxK1E4c3NGSDlqMW5aelRMTEwzcg0Kckc4VzR6dG11
|NHFYK1E4OU1COEdDeXFHU0liM0RRRUpFQU1GTUJBR0N5cUdTSWIzRFFFSkVBTUhBZ0U2TU
|VZd1JEQVlNQkl4RURBTw0KQmdOVkJBTVRCME5oY214RVUxTUNBZ0RKQkNoVEV2L0lpWWI1
|OGZKcEJjMU1RQUoxRlNHMzNMZEZicFJxOFFpck1VMTJKaUhkOXFBSg0Kamo5Q29sTUNBUV
|F3RXdRUlRXRnBiRXhwYzNSVWNtbHdiR1ZFUlZNd0R3WUxLb1pJaHZjTkFRa1FBd1lGQUFR
|by9KVjI1cWlwc2xidQ0KdWJaRExzbEVCOTNZNHJHdE9KSHB5bU51K3U1RmU3YnB5cFZ0an
|c0VldqQ0FCZ2txaGtpRzl3MEJCd0V3R1FZSUtvWklodmNOQXdJdw0KRFFJQk9nUUlqM2hQ
|OUZnMnlFcWdnQVFnNGxZTE9nbjBOdU9yU0FMTHZ0TjROemVWdFlKMDdoc1cyT1o3RnFRTm
|11b0FBQUFBQUFBQQ0KQUFBQQ0K
|<6.6.eml
|* Example from section 6.7
|* Creator: [JS]
|>6.7.bin
|MIIBZQYJKoZIhvcNAQcDoIIBVjCCAVICAQIxggEAMIG9AgEAMCYwEjEQMA4GA1UEAxMHQ2
|FybFJTQQIQRjRrx4AAVrwR024uzV1x0DANBgkqhkiG9w0BAQEFAASBgJQmQojGi7Z4IP+C
|VypBmNFoCDoEp87khtgyff2N4SmqD3RxPx+8hbLQt9i3YcMwcap+aiOkyqjMalT03VUC0X
|BOGv+HYI3HBZm/aFzxoq+YOXAWs5xlGerZwTOc9j6AYlK4qXvnztR5SQ8TBjlzytm4V7zg
|+TGrnGVNQBNw47Ewoj4CAQQwDQQLTWFpbExpc3RSQzIwEAYLKoZIhvcNAQkQAwcCAToEGH
|cUr5MSJ/g9HnJVHsQ6X56VcwYb+OfojTBJBgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgIC
|AKAECJwE0hkuKlWhgCBeKNXhojuej3org9Lt7n+wWxOhnky5V50vSpoYRfRRyw==
|<6.7.bin
|* Example from section 6.8
|* Creator: [JP]
|>6.8.eml
|VG86IFVzZXIyDUZyb206IFVzZXIxLA1TdWJqZWN0OiBFeGFtcGxlIDYuOA1EYXRlOiBUdW
|UsIDE5IEp1biAyMDAxIDE4OjEyOjU2IC0wMzYwIChDZW50cmFsIFN0YW5kYXJkIFRpbWUp
|DUNvbnRlbnQtVHlwZTogQXBwbGljYXRpb24vcGtjczctbWltZTtuYW1lPSJzbWltZS5wN2
|0iO2ZpbGVuYW1lPSJzbWltZS5wN20iDUNvbnRlbnQtVHJhbnNmZXItRW5jb2Rpbmc6IGJh
|c2U2NA1Db250ZW50LURpc3Bvc2l0aW9uOiBhdHRhY2htZW50O2ZpbGVuYW1lPSJzbWltZS
|5wN20iDQ1NSUlCcXdZSktvWklodmNOQVFjRG9JSUJuRENDQVpnQ0FRSXhnZ0ZNb1lJQlNB
|SUJBNkNCbHFHQmt6QUpCZ2NxaGtqT1BnSUJBNEdGDUFBS0JnUURtSnloazRBV1o4Q1VFQ2
|swMy9jT21rRWMvamVZRjJ6aUlEMWhGN09MZFM2QUNxajJHODlGdjNQc0kycnlDY21XMVo2
|a0UNQjR5TDV4Z3UyaW5GcVlUdzRHc2lIZUZCTVpJaEIxbG5Tc0J5NWhnWFdkZVpvR01Qaz
|RVbkZEN3RlMzZkR0dWcHN3MHhBbnNPVHllMw1OL0EreHNCZXN0dElVOHBIQ2VEaUxibTFD
|cUZDQkVCVG9kWUZXMlBQcWVNVUlzS2tQNGxFN1JiNXRKRGJuQ1VjcGF2TkdoQlJyQWhJDW
|gxV0hSNW54WFNtUUU4bGxTaUY0ajJOVnJUWGhzcHdRNVc3VFJhOVFNQjRHQ3lxR1NJYjNE
|UUVKRUFNRk1BOEdDeXFHU0liM0RRRUoNRUFNR0JRQXdSakJFTUJnd0VqRVFNQTRHQTFVRU
|F4TUhRMkZ5YkVSVFV3SUNBTWtFS1BIcUJ1VHpCREdFVzVhRTlodUlqNlNuNk9WNg12MmJo
|aER2RERnZ1pzd2RtWnJBblF6dW8rWFF3UXdZSktvWklodmNOQVFjQk1CUUdDQ3FHU0liM0
|RRTUhCQWhGTUxlWHd0YzlTNEFnDUI0STl4NUhlK2ZFL1dHQTNtbXZUbk9Gd1lCOGNLVnB3
|dDBFSGk1emY1bDg9DQ0NDQ==
|<6.8.eml
|* Example from section 6.9
|* Creator: [JP]
|>6.9.bin
|MIIDSQYJKoZIhvcNAQcDoIIDOjCCAzYCAQIxggJtMIG9AgEAMCYwEjEQMA4GA1UEAxMHQ2
|FybFJTQQIQRjRrx4AAVrwR024uzV1x0DANBgkqhkiG9w0BAQEFAASBgAwIcJ5lN+29OcDP
|BslAl9xfAwUjCPnX0lJchljkaCcAlt+JqF+uwH4DAnHs1iuboY6zFxLFQ/dKQIgnXkXBJM
|c4wFsgZBICvidjNXxwozXbgRFvk5cdSrpm1FzWdlS1lY6ofrhmx4cHAQ0if7NSqcnhffI3
|lcvNKY70bu8VMCF7oYIBSAIBA6CBlaGBkjAJBgcqhkjOPgIBA4GEAAKBgH2RZjleEf8Jw6
|DaM5afR06BcbLCgFiVQE4iSghVKGAlF7zkqxfXwzEFbmgI7IvgIZt132Clskq+QfExM9t3
|Ytw65KDIP9q+TmprRA/1CYZRF1jW8Ua6yTesrVgN32wyv661jxaRogqTKETnVXgoWpqdvd
|6Nr6RbIbsSAjAXlwlhoUIEQGdllBCy8n8dMe9qMXaITeJGeUNLg3c0vrQC5fnK3rvLX4Ui
|BzJi5o5RdGfC0vwrczMqnf9oHmx0jvRNNLLaRgcwHwYLKoZIhvcNAQkQAwUwEAYLKoZIhv
|cNAQkQAwcCATowRjBEMBgwEjEQMA4GA1UEAxMHQ2FybERTUwICAMkEKGcB4THGRNXOazhw
|yGmW2Czpwz5LftKVKctKDuJcsSpH5L8Q7G6s8h6iXwIBBDAeBAtNYWlsTGlzdFJDMhgPMT
|k5NTEyMzAyMzU5NTlaMBAGCyqGSIb3DQEJEAMHAgE6BChm8ykpQ+6co5ZQv1StTlwoIhqb
|E6G0mZ/ge60H8BtSNOe8AAdxa/nBMEgGCSqGSIb3DQEHATAZBggqhkiG9w0DAjANAgE6BA
|gjfpe4P8GOdYAgEuRB9qpBojaBYvFHO2jHZRKnplSO0g9PmN55i6WajFWhdjA4BgMqqzMx
|MQQvVGhpcyBpcyBhIHRlc3QgR2VuZXJhbCBBU04gQXR0cmlidXRlLCBudW1iZXIgMS4wOg
|YLKoZIhvcNAQkQAgQxKzApDCBDb250ZW50IEhpbnRzIERlc2NyaXB0aW9uIEJ1ZmZlcgYF
|KgMGBQQ=
|<6.9.bin
|* Example from section 6.10
|* Creator: [JP]
|>6.10.bin
|MIIBsQYJKoZIhvcNAQcDoIIBojCCAZ4CAQIxggFNoYIBSQIBA6CBlqGBkzAJBgcqhkjOPg
|IBA4GFAAKBgQCxVDIS+2JTfa1q4sBSu7HnnmKTS+C/39J/JZIjadcWgLQMg5OhY24vYZNu
|DHji3MbIUF/ZDXdq1Y84RcYiK5TcxXqL40i8ROWbRWwXF+dfgeUDQhZDghuWpNx1mLRaDm
|DfCusLxx2sdBkvLuaYqTif1asjn0qMpNOvci1t5sxaEKFCBEBdvE5OPEgJg99sCkXo7G5z
|Onsqk6sudTZI9DcCfi4HVMuBbZ2v2wtkha5FaTCKxxLxaDccoUT4jUaB0x96D5ZNMB8GCy
|qGSIb3DQEJEAMFMBAGCyqGSIb3DQEJEAMHAgE6MEYwRDAYMBIxEDAOBgNVBAMTB0NhcmxE
|U1MCAgDJBCgyY9D2lnZNv5YltH8xwqKi9Vcc1ky/YZ5jn2UrmJMqdEatNaOOy4T4MEgGCS
|qGSIb3DQEHATAZBggqhkiG9w0DAjANAgE6BAi+w3yBV7EE84AgHhzrPcwD/1m79zfWfvjq
|J3WRBP2xioKgePEp6Clkv+U=
|<6.10.bin
|* Example from section 6.11
|* Creator: [JP]
|>6.11.bin
|MIHBBgkqhkiG9w0BBwOggbMwgbACAQIxZqJkAgEEMCQEEU1haWxMaXN0VHJpcGxlREVTGA
|8xOTk1MTIzMDIzNTk1OVowDwYLKoZIhvcNAQkQAwYFAAQodDHARVFMPC0u2mNQi67UrGTM
|la6vzQ+MtkgfC0USTfukq8eDMEtprTBDBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECEEecO
|x9VoDZgCDATH5uMelgREm54z4kptRYTV5lB2mlaak4831QyQmzwA==
|<6.11.bin
|* Example from section 7.0
|* Creator: [JS]
|>7.0.bin
|MF4GCSqGSIb3DQEHBaBRME8CAQAwBwYFKw4DAhowKwYJKoZIhvcNAQcBoB4EHFRoaXMgaX
|Mgc29tZSBzYW1wbGUgY29udGVudC4EFEBq7AhSebpuFgItngYpwCKWh91I
|<7.0.bin
|* Example from section 8.1
|* Creator: [JS]
|>8.1.bin
|MFcGCSqGSIb3DQEHBqBKMEgCAQAwQwYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAiza2v7Yj
|EIToAg12/RF4+9AvhCMfXB0qL3SkFZSClk9nUkglQiPa+a+OQ=
|<8.1.bin
|* Example from section 8.2
|* Creator: [JP]
|>8.2.bin
|MIHRBgkqhkiG9w0BBwaggcMwgcACAQIwQwYJKoZIhvcNAQcGMBQGCCqGSIb3DQMHBAgJls
|N/J7+iKoAgt0jhRtUqiPasmj+aj7FX5tL8lWHq2Yp4V7TG8Smd2hyhdjA4BgMqqzMxMQQv
|VGhpcyBpcyBhIHRlc3QgR2VuZXJhbCBBU04gQXR0cmlidXRlLCBudW1iZXIgMS4wOgYLKo
|ZIhvcNAQkQAgQxKzApDCBDb250ZW50IEhpbnRzIERlc2NyaXB0aW9uIEJ1ZmZlcgYFKgMG
|BQQN
|<8.2.bin
|* Example from section 11.1
|* Creator: [JP]
|>11.1.bin
|MIIEXgYJKoZIhvcNAQcCoIIETzCCBEsCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuIwggLeMIICnaADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMA
|AwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0G
|A1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJBgcqhkjOOAQDAzAAMC0CFQCYsMY/z3
|FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoYfBpX8oLbsxggEmMIIBIgIBATAYMBIx
|EDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaoIG+MBgGCSqGSIb3DQEJAzELBgkqhk
|iG9w0BBwEwIwYJKoZIhvcNAQkEMRYEFEBq7AhSebpuFgItngYpwCKWh91IMH0GCyqGSIb3
|DQEJEAIBMW4wbAQyRXhhbXBsZSAxMS4xIChBbGljZSBhc2tzIGZvciBhIHJlY2VpcHQgZn
|JvbSBEaWFuZSmhFzAVpBMwETEPMA0GA1UEAxMGQm9iUlNBMB0wG4EZcm9iZXJ0LmNvbGVz
|dG9ja0B3YW5nLmNvbTAJBgcqhkjOOAQDBC4wLAIUfE18/yCzpInfV19dTOY++O5Dxe4CFG
|SqaihfDPuN3TRhEhepf37cGhgS
|<11.1.bin
|* Example from section 11.2
|* Creator: [JP]
|>11.2.signedReceipt.bin
|MIIEBwYJKoZIhvcNAQcCoIID+DCCA/QCAQMxCTAHBgUrDgMCGjCBhgYLKoZIhvcNAQkQAQ
|GgdwR1MHMCAQEGCSqGSIb3DQEHAQQyRXhhbXBsZSAxMS4xIChBbGljZSBhc2tzIGZvciBh
|IHJlY2VpcHQgZnJvbSBEaWFuZSkELzAtAhRvFclhlg87T/3MYpd8sfPCmp/kdAIVAJ+NQg
|nKNOk1m7uAzbeBJuTmfiOloIICBDCCAgAwggFtoAMCAQICEEY0a8eAAFa8EdNuLs1dcdAw
|CQYFKw4DAh0FADASMRAwDgYDVQQDEwdDYXJsUlNBMB4XDTk5MDkxOTAxMDkwMloXDTM5MT
|IzMTIzNTk1OVowETEPMA0GA1UEAxMGQm9iUlNBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
|iQKBgQCp4WeYPznVX/Kgk0FepnmJhcg1XZqRW/sdAdoZcCYXD72lItA1hW16mGYUQVzPt7
|cIOwnJkbgZaTdt+WUee9mpMySjfzu7r0YBhjY0MssHA1lS/IWLMQS4zBgIFEjmTxz7XWDE
|4FwfU9N/U9hpAfEF+Hpw0b6Dxl84zxwsqmqn6wIDAQABo2AwXjAMBgNVHRMBAf8EAjAAMA
|4GA1UdDwEB/wQEAwIFIDAfBgNVHSMEGDAWgBTp4JAnrHggeprTTPJCN04irp44uzAdBgNV
|HQ4EFgQU6PS4Z9izlqQq8xGqKdOVWoYWtCQwCQYFKw4DAh0FAAOBgQAJIWo7YlDfYkFeEk
|AJFMO15CguUHf6Vmazopa2CgGupjjlvWvn8j5tsKXvzIesqyWku9riGoG3uRWzbNrRE9Wf
|D9VLeo1U2FrcBwHRBUENCmFHgPF1D/giG1CSM/4IBVBtewMAA/EtS/4gYscgdwVCI9uox6
|3ecRvRKpmCpmXrfjGCAVEwggFNAgEBMCYwEjEQMA4GA1UEAxMHQ2FybFJTQQIQRjRrx4AA
|VrwR024uzV1x0DAHBgUrDgMCGqCBhjAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQAQEwHA
|YJKoZIhvcNAQkFMQ8XDTAyMDQwNDE4NDcwMFowIwYJKoZIhvcNAQkEMRYEFJPASkx0hhvs
|z3XeMCAyWB3UuOhUMCUGCyqGSIb3DQEJEAIFMRYEFLbD5XaOQ2itJv5Fg5DRAFywaR0UMA
|sGCSqGSIb3DQEBAQSBgEuUlePCy/4/ObTnawdqmzcBn0zHFvsbILPE3UewqQJ563EDPliD
|h69bQfKQ9gMHSOs14+5zIIn6FuEkyoJvo+f9ifJrbW75fsgOHqhAJP1Ax4DG1tEZ2J9vZO
|WCv2/+Pt+h+RUHin9yDnOikM8yfNVEshLiZ2S/HU44Iq/y82dk
|<11.2.signedReceipt.bin
|* Example from section 11.3
|* Creator: [JP]
|>11.3.bin
|MIIETwYJKoZIhvcNAQcCoIIEQDCCBDwCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuIwggLeMIICnaADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMA
|AwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0G
|A1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJBgcqhkjOOAQDAzAAMC0CFQCYsMY/z3
|FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoYfBpX8oLbsxggEXMIIBEwIBATAYMBIx
|EDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaoIGuMBgGCSqGSIb3DQEJAzELBgkqhk
|iG9w0BBwEwIwYJKoZIhvcNAQkEMRYEFEBq7AhSebpuFgItngYpwCKWh91IMG0GCyqGSIb3
|DQEJEAICMV4xXAIBAQYHKgMEBQYHCDExMC+ACCoDBAUGB4Z4oSMTIVRISVMgSVMgQSBURV
|NUIFNFQ1VSSVRZLUNBVEVHT1JZLhMbVEhJUyBJUyBBIFBSSVZBQ1kgTUFSSyBURVNUMAkG
|ByqGSM44BAMELzAtAhQoFXy/YrEeCZe8SYGQz4pGfpT1XQIVAIgGwk7fTf1gScEhKQwETQ
|i321qS
|<11.3.bin
|* Example from section 11.4
|* Creator: [JP]
|>11.4.bin
|MIIFPAYJKoZIhvcNAQcCoIIFLTCCBSkCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuIwggLeMIICnaADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMA
|AwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0G
|A1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJBgcqhkjOOAQDAzAAMC0CFQCYsMY/z3
|FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoYfBpX8oLbsxggIEMIICAAIBATAYMBIx
|EDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaoIIBmzAYBgkqhkiG9w0BCQMxCwYJKo
|ZIhvcNAQcBMCMGCSqGSIb3DQEJBDEWBBRAauwIUnm6bhYCLZ4GKcAilofdSDBxBgsqhkiG
|9w0BCRACAjFiMWACAQEGByoDBAUGBwgxNTAzgAgqAwQFBgeGeKEnEyVCT0IgVEhJUyBJUy
|BBIFRFU1QgU0VDVVJJVFktQ0FURUdPUlkuExtUSElTIElTIEEgUFJJVkFDWSBNQVJLIFRF
|U1QwgeYGCyqGSIb3DQEJEAIJMYHWMIHTMWQCAQEGByoDBAUGBwgxNTAzgAgqAwQFBgeGeK
|EnEyVCT0IgVEhJUyBJUyBBIFRFU1QgU0VDVVJJVFktQ0FURUdPUlkuEx9CT0IgVEhJUyBJ
|UyBBIFBSSVZBQ1kgTUFSSyBURVNUMWsCAQEGByoDBAUGBwkxNTAzgAgqAwQFBgeGeKEnEy
|VCT0IgVEhJUyBJUyBBIFRFU1QgU0VDVVJJVFktQ0FURUdPUlkuEyZCT0IgVEhJUyBJUyBB
|IFNFQ09ORCBQUklWQUNZIE1BUksgVEVTVDAJBgcqhkjOOAQDBC4wLAIUFmxY0ndQeXCdUp
|nCOW6cSfsuzOwCFEJVQU9m8BXdRoYWPqO7S3xUyXsA
|<11.4.bin
|* Example from section 11.5
|* Creator: [JP]
|>11.5.bin
|MIIB+QYJKoZIhvcNAQcCoIIB6jCCAeYCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LjGCAacwggGjAgEBMBgwEjEQMA4GA1UE
|AxMHQ2FybERTUwICAMgwBwYFKw4DAhqgggE+MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBw
|EwIwYJKoZIhvcNAQkEMRYEFEBq7AhSebpuFgItngYpwCKWh91IMIH8BgsqhkiG9w0BCRAC
|AzGB7DCB6TCB5gQHNTczODI5ORgPMTk5OTAzMTExMDQ0MzNaoYHJMIHGpGEwXzELMAkGA1
|UEBhMCVVMxFjAUBgNVBAoTDVVTIEdvdmVybm1lbnQxETAPBgNVBAsTCFZEQSBTaXRlMQww
|CgYDVQQLEwNWREExFzAVBgNVBAMTDkJ1Z3MgQnVubnkgRFNBpGEwXzELMAkGA1UEBhMCVV
|MxFjAUBgNVBAoTDVVTIEdvdmVybm1lbnQxETAPBgNVBAsTCFZEQSBTaXRlMQwwCgYDVQQL
|EwNWREExFzAVBgNVBAMTDkVsbWVyIEZ1ZGQgRFNBMAkGByqGSM44BAMELjAsAhQYaftiVf
|ptULJPZPEjcniFFHPJtwIUexXGMmL3knelG1iPtquMSdi6Wdo=
|<11.5.bin
|* Example from section 11.6
|* Creator: [JP]
|>11.6.bin
|MIIEVgYJKoZIhvcNAQcCoIIERzCCBEMCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuIwggLeMIICnaADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMA
|AwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0G
|A1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJBgcqhkjOOAQDAzAAMC0CFQCYsMY/z3
|FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoYfBpX8oLbsxggEeMIIBGgIBATAYMBIx
|EDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaoIG2MBgGCSqGSIb3DQEJAzELBgkqhk
|iG9w0BBwEwIwYJKoZIhvcNAQkEMRYEFEBq7AhSebpuFgItngYpwCKWh91IMHUGCyqGSIb3
|DQEJEAIMMWYwZDAwMC4ELFRISVMgSVMgQSBTSUdOSU5HIENFUlRJRklDQVRFIEFUVFJJQl
|VURSBURVNUMDAwLgYGKgMEBQYHMCQwIgYGKgMEBQYHBBhUSElTIElTIEEgUVVBTElGSUVS
|IFRFU1QwCQYHKoZIzjgEAwQuMCwCFG8G44EFvTAkLwnI62FX2il5CXmvAhQLes0xrGqHdm
|s9FwRTLfmqjqacxA==
|<11.6.bin
D. Acknowledgments
The following people contributed ideas and/or examples to this
document. They are listed by their real names, with the initials used
in the examples after their names.
Blake Ramsdell [BR]
Jim Schaad [JS]
John Pawling [JP]
Paul Hoffman [PH]
The examples are displayed with a modified version of Peter Gutmann's
"dumpasn1" program. Peter and Jim Schaad and Blake Ramsdell have been
updating the program based on input from the process of writing this
draft.
E. Differences between -08 and -09
Updated the following examples:
5.1
5.3
5.4
5.6
5.7
5.8
5.9
6.2
6.3
6.9
6.10
11.2
F. Editor's Address
Paul Hoffman
Internet Mail Consortium
127 Segre Place
Santa Cruz, CA 95060 USA
phoffman@imc.org