idnits 2.17.1 draft-ietf-smime-examples-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document is more than 15 pages and seems to lack a Table of Contents. == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 1 longer page, the longest (page 1) being 5773 lines Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** There are 655 instances of too long lines in the document, the longest one being 17 characters in excess of 72. ** There are 14 instances of lines with control characters in the document. Miscellaneous warnings: ---------------------------------------------------------------------------- -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (October 21, 1999) is 8954 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Missing reference section? 'CMS' on line 4861 looks like a reference -- Missing reference section? 'SMIME-MSG' on line 4865 looks like a reference -- Missing reference section? 'SMIME-ESS' on line 4867 looks like a reference -- Missing reference section? 'PKIX' on line 4863 looks like a reference -- Missing reference section? '0' on line 4715 looks like a reference -- Missing reference section? '3' on line 3983 looks like a reference -- Missing reference section? '1' on line 4538 looks like a reference -- Missing reference section? 'PH' on line 5749 looks like a reference -- Missing reference section? 'JS' on line 5750 looks like a reference -- Missing reference section? 'BR' on line 5748 looks like a reference Summary: 7 errors (**), 0 flaws (~~), 2 warnings (==), 13 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Internet Draft Editor: Paul Hoffman 2 draft-ietf-smime-examples-03.txt Internet Mail Consortium 3 October 21, 1999 4 Expires in six months 6 Examples of S/MIME Messages 8 Status of this memo 10 This document is an Internet-Draft and is in full conformance with all 11 provisions of Section 10 of RFC2026. 13 Internet-Drafts are working documents of the Internet Engineering Task 14 Force (IETF), its areas, and its working groups. Note that other 15 groups may also distribute working documents as Internet-Drafts. 17 Internet-Drafts are draft documents valid for a maximum of six months 18 and may be updated, replaced, or obsoleted by other documents at any 19 time. It is inappropriate to use Internet- Drafts as reference 20 material or to cite them other than as "work in progress." 22 The list of current Internet-Drafts can be accessed at 23 http://www.ietf.org/ietf/1id-abstracts.txt 25 The list of Internet-Draft Shadow Directories can be accessed at 26 http://www.ietf.org/shadow.html. 28 To view the list Internet-Draft Shadow Directories, see 29 http://www.ietf.org/shadow.html. 31 Abstract 33 This document gives examples of message bodies formatted using S/MIME. 34 Specifically, it has examples of Cryptographic Message Syntax (CMS) 35 objects, S/MIME messages (including the MIME formatting), and Enhanced 36 Security Services for S/MIME (ESS). It includes examples of most or all 37 common CMS and ESS formats; in addition, it gives examples that show 38 common pitfalls in implementing CMS. The purpose of this document is to 39 help increase interoperability for S/MIME and other protocols that rely 40 on CMS. 42 This draft is being discussed on the 'ietf-smime' mailing list. To 43 join the list, send a message to with the 44 single word "subscribe" in the body of the message. Also, there is a 45 Web site for the mailing list at . 47 1. Introduction 49 The examples in this document show the structure and format of CMS 50 message bodies, as described in [CMS]. They are useful to implementors 51 who use protocols that rely on CMS, such as the S/MIME message format 52 protocol. There are also examples of simple S/MIME messages [SMIME-MSG] 53 (including the MIME headers), and ESS messages [SMIME-ESS]. 55 Every example in this document has been checked by two different 56 implementors. This strongly indicates (but does not assure) that the 57 examples are correct. All CMS implementors must read the CMS document 58 carefully before implementing from it. No one should use the examples 59 in this document as stand-alone explanations of how to create CMS 60 message bodies. 62 This document explicitly does not attempt to cover many PKIX [PKIX] 63 examples. Documents with examples of that format may be forthcoming. 65 2. Contributions To This Document 67 The examples shown here will be created and validated by many different 68 people. In the example listings in Appendix B, there is a tag with the 69 initials of the creator of the example, and one or more tags for the 70 people who validated the example. 72 Some of the examples are of mis-implementations of CMS and ESS. That 73 is, if a developer reading the CMS or ESS specification created a 74 message body that was illegal, and another developer agreed that the 75 mis-reading was potentially a pitfall for later developers, that 76 message body is also included here. To make it clear which examples are 77 bad, they are all put into a single section of this document with 78 (hopefully) explicit headings. 80 To contribute an implementation of an unimplemented example listed in 81 this document, to verify that you got the same results as an example 82 listed here, or to suggest a new example that should be listed, please 83 contact the document author at the address listed near the end of the 84 document. 86 3. Constants Used in the Examples 88 This section defines the data used in the rest of the document. The names 89 of the constants indicate their use. For example, AlicePrivDSSSign is the 90 private part of Alice's DSS signing key. 92 - Alice is the creator of the message bodies in this spec. 94 - Bob is the recipient of the messages. 96 - Carl is a CA. 98 - Diane sometimes gets involved with these folks. 100 - Erica also sometimes gets involved. 102 3.1 Content of documents 104 ExContent is the following sentence: 105 This is some sample content. 106 That is, it is the string of characters starting with "T" up to and 107 including the ".". 109 The hex for ExContent is 110 5468 6973 2069 7320 736f 6d65 2073 616d 706c 6520 636f 6e74 656e 742e 112 The MD5 hash of ExContent is 113 9898 cac8 fab7 691f f89d c207 24e7 4a04 115 The SHA-1 hash of ExContent is 116 406a ec08 5279 ba6e 1602 2d9e 0629 c022 9687 dd48 118 3.2 Private Keys 120 The following private keys are needed to create the samples. 121 To find the public keys, see the certificates in the next section. 123 AlicePrivDSSSign = 124 0 30 331: SEQUENCE { 125 4 02 1: INTEGER 0 126 7 30 299: SEQUENCE { 127 11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) 128 : (ANSI X9.57 algorithm) 129 20 30 286: SEQUENCE { 130 24 02 129: INTEGER 131 : 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4 132 : 47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94 133 : E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89 134 : 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A 135 : E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F 136 : 2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3 137 : C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D 138 : B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B 139 : DB 140 156 02 21: INTEGER 141 : 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B 142 : 62 8B F7 93 CD 143 179 02 128: INTEGER 144 : 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C 145 : 76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD 146 : 9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF 147 : 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D 148 : EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23 149 : 85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8 150 : 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2 151 : BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39 152 : } 153 : } 154 310 04 23: OCTET STRING, encapsulates { 155 312 02 21: INTEGER 156 : 00 BB 44 46 D1 A5 C9 46 07 2E D0 FE 7A D6 92 07 157 : F0 9A 85 89 3F 158 : } 159 : } 161 AlicePrivRSASign = 162 0 30 630: SEQUENCE { 163 4 02 1: INTEGER 0 164 7 30 13: SEQUENCE { 165 9 06 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1) 166 : (PKCS #1) 167 20 05 0: NULL 168 : } 169 22 04 608: OCTET STRING, encapsulates { 170 26 30 604: SEQUENCE { 171 30 02 1: INTEGER 0 172 33 02 129: INTEGER 173 : 00 E0 89 73 39 8D D8 F5 F5 E8 87 76 39 7F 4E B0 174 : 05 BB 53 83 DE 0F B7 AB DC 7D C7 75 29 0D 05 2E 175 : 6D 12 DF A6 86 26 D4 D2 6F AA 58 29 FC 97 EC FA 176 : 82 51 0F 30 80 BE B1 50 9E 46 44 F1 2C BB D8 32 177 : CF C6 68 6F 07 D9 B0 60 AC BE EE 34 09 6A 13 F5 178 : F7 05 05 93 DF 5E BA 35 56 D9 61 FF 19 7F C9 81 179 : E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 9F 2D FA 55 180 : 3A B9 99 77 02 A6 48 52 8C 4E F3 57 38 57 74 57 181 : 5F 182 165 02 3: INTEGER 65537 183 170 02 128: INTEGER 184 : 00 A4 03 C3 27 47 76 34 34 6C A6 86 B5 79 49 01 185 : 4B 2E 8A D2 C8 62 B2 C7 D7 48 09 6A 8B 91 F7 36 186 : F2 75 D6 E8 CD 15 90 60 27 31 47 35 64 4D 95 CD 187 : 67 63 CE B4 9F 56 AC 2F 37 6E 1C EE 0E BF 28 2D 188 : F4 39 90 6F 34 D8 6E 08 5B D5 65 6A D8 41 F3 13 189 : D7 2D 39 5E FE 33 CB FF 29 E4 03 0B 3D 05 A2 8F 190 : B7 F1 8E A2 76 37 B0 79 57 D3 2F 2B DE 87 06 22 191 : 7D 04 66 5E C9 1B AF 8B 1A C3 EC 91 44 AB 7F 21 192 301 02 65: INTEGER 193 : 00 F6 D6 E0 22 21 4C 5F 0A 70 FF 27 FC E5 B3 50 194 : 6A 9D E5 0F B5 85 96 C6 40 FA A8 0A B4 9B 9B 0C 195 : 55 C2 01 1D F9 37 82 8A 14 C8 F2 93 0E 92 CD A5 196 : 66 21 B9 3C D2 06 BF B4 55 31 C9 DC AD CA 98 2D 197 : D1 198 368 02 65: INTEGER 199 : 00 E8 DE B0 11 25 09 D2 02 51 01 DE 8A E8 98 50 200 : F5 77 77 61 A4 45 93 6B 08 55 96 73 5D F4 C8 5B 201 : 12 93 22 73 8B 7F D3 70 7F F5 A4 AA BB 74 FD 3C 202 : 22 6A DA 38 91 2A 86 5B 6C 14 E8 AE 4C 9E FA 8E 203 : 2F 204 435 02 65: INTEGER 205 : 00 97 4C F0 87 9B 17 7F EE 1B 83 1B 14 B6 0B 6A 206 : 90 5F 86 27 51 E1 B7 A0 7F F5 E4 88 E3 59 B9 F9 207 : 1E 9B D3 29 77 38 22 48 D7 22 B1 25 98 BA 3D 59 208 : 53 B7 FA 1E 20 B2 C8 51 16 23 75 93 51 E7 AB CD 209 : F1 210 502 02 64: INTEGER 211 : 2C F0 24 5B FA A0 CD 85 22 EA D0 6E 4F FA 6C CD 212 : 21 D3 C8 E4 F1 84 44 48 64 73 D7 29 8F 7E 46 8C 213 : EC 15 DE E4 51 B3 94 E7 2C 99 2D 55 65 7B 24 EA 214 : A3 62 1F 3E 6C 4D 67 41 11 3B E1 BE E9 83 02 83 215 568 02 64: INTEGER 216 : 58 88 D9 A1 50 38 84 6A AB 03 BC BB DF 4B F4 9C 217 : 6F B8 B4 2A 25 FB F6 E4 05 2F 6E E2 88 89 21 6F 218 : 4B 25 9E D0 AB 50 93 CA BF 40 71 EC 21 25 C5 7F 219 : FB 02 E9 21 96 B8 33 CD E2 C6 95 EE 6F 8D 5F 28 220 : } 221 : } 222 : } 224 BobPrivDHEncrypt = 225 0 30 355: SEQUENCE { 226 4 02 1: INTEGER 0 227 7 30 312: SEQUENCE { 228 11 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1) 229 : (ANSI X9.42 number-type) 230 20 30 299: SEQUENCE { 231 24 02 129: INTEGER 232 : 00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB 23 4D DF 2B 233 : 25 C1 68 D2 9E A9 45 5B 36 F1 94 89 1A AF 7D 11 234 : 24 9D 3D B9 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB 235 : AA CC 9E 28 05 95 A0 B3 17 76 C1 F7 25 35 61 02 236 : 41 92 27 0C 5E AE 48 E5 F3 6E 38 EF 91 D1 CF 37 237 : FE 9A 40 97 C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA 238 : 74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8 7E BC 3A AA 239 : 43 0A 81 64 FC 63 F0 7B 71 98 FA C0 38 79 10 1A 240 : 33 241 156 02 129: INTEGER 242 : 00 BA 0B D7 74 3D E7 34 E5 4C 13 A7 95 96 BB F1 243 : E4 61 37 08 FB 12 C7 FB 9C 91 77 06 99 35 F0 48 244 : 24 96 33 12 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5 245 : 5E 95 86 A2 73 C5 49 46 37 79 60 FD 77 05 09 48 246 : 9B 70 8D 3C 05 F6 CE 44 2C 7F 7D 1B 2B 15 DD F3 247 : 05 2F BE 85 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D 248 : 42 62 34 27 27 81 8E 6F 0F 5E 62 85 89 CC ED 21 249 : C3 91 70 06 54 EE 70 A8 92 55 5B 6E 19 22 4D 62 250 : A7 251 288 02 33: INTEGER 252 : 00 C3 AB 4A 30 79 B3 D3 97 4E CA F5 A2 7D C7 70 253 : A3 45 F3 B3 A2 86 05 D2 3E 49 F9 9F D9 0A B3 BE 254 : BD 255 : } 256 : } 257 323 04 34: OCTET STRING, encapsulates { 258 325 02 32: INTEGER 259 : 20 FC 67 82 EE CF 4A A6 C8 E5 83 D2 8C 3B 8A D2 260 : 45 32 11 27 32 6C 86 EC 66 CA 71 AD F0 19 4D F7 261 : } 262 : } 264 BobPrivRSAEncrypt = 265 0 30 630: SEQUENCE { 266 4 02 1: INTEGER 0 267 7 30 13: SEQUENCE { 268 9 06 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1) 269 : (PKCS #1) 270 20 05 0: NULL 271 : } 272 22 04 608: OCTET STRING, encapsulates { 273 26 30 604: SEQUENCE { 274 30 02 1: INTEGER 0 275 33 02 129: INTEGER 276 : 00 E4 4B FF 18 B8 24 57 F4 77 FF 6E 73 7B 93 71 277 : 5C BC 33 1A 92 92 72 23 D8 41 46 D0 CD 11 3A 04 278 : B3 8E AF 82 9D BD 51 1E 17 7A F2 76 2C 2B 86 39 279 : A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC A2 36 B1 ED 280 : E2 50 E2 32 09 8A 3F 9F 99 25 8F B8 4E AB B9 7D 281 : D5 96 65 DA 16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7 282 : 29 CB 82 DD AC 44 E9 AA 93 94 29 0E F8 18 D6 C8 283 : 57 5E F2 76 C4 F2 11 60 38 B9 1B 3C 1D 97 C9 6A 284 : F1 285 165 02 3: INTEGER 65537 286 170 02 129: INTEGER 287 : 00 AE 73 E4 5B 5F 5B 66 5A C9 D7 C6 EF 38 5F 53 288 : 21 2A 2F 62 FE DE 29 9A 7A 86 67 36 E7 7D 62 78 289 : 75 3D 73 A0 BC 29 0E F3 8F BD C3 C9 C9 B6 F8 BA 290 : D6 13 9B C3 97 7A CA 6A F0 B8 85 65 4E 0F BD A7 291 : A8 F7 54 06 41 BD EB DC 20 77 90 DF 61 9B 9A 6F 292 : 74 DE EA 3B D4 9C 87 60 ED 76 84 F1 6A 30 37 D5 293 : E0 90 16 F8 80 47 C3 19 6B ED 75 77 BA 4A ED 39 294 : B6 5D 02 47 3B 5F 1B C8 1C AB CB E8 F5 26 3F A4 295 : 81 296 302 02 65: INTEGER 297 : 00 FF DF 09 A0 56 0B 42 52 9E C4 4D 93 B3 B0 49 298 : BB DE E7 81 7D 28 99 D0 B1 48 BA 0B 39 E1 1C 7B 299 : 22 18 33 B6 40 F6 BF DC AE 1D D0 A1 AD 04 71 5A 300 : 61 0A 6E 3B CE 30 DA 36 9F 65 25 29 BB A7 0E 7F 301 : 0B 302 369 02 65: INTEGER 303 : 00 E4 69 68 18 5F F9 57 D0 7C 66 89 0F BA 63 1D 304 : 72 CB 20 A4 81 76 64 89 CD 7D D1 C2 27 A9 2E AC 305 : 7A 56 9A 85 07 D9 30 03 A3 03 AB 7F 88 92 50 24 306 : 01 AA 1B 07 1F 20 4C B7 C9 7B 56 F7 B6 C2 7E AB 307 : 73 308 436 02 64: INTEGER 309 : 57 36 6C 8F 8C 04 76 6C B6 D4 EE 24 44 00 F8 80 310 : E2 AF 42 01 A9 0F 14 84 F8 E7 00 E0 8F 8C 27 A4 311 : 2D 5F A2 E5 6D B5 63 C0 AD 44 E9 76 91 A7 19 49 312 : 2E 46 F8 77 85 4B 3B 87 04 F0 AF D2 D8 54 26 95 313 502 02 64: INTEGER 314 : 64 A1 0F AC 55 74 1B BD 0D 61 7B 17 03 CD B0 E6 315 : A7 19 1D 80 AF F1 41 48 D8 1A B6 88 14 A0 2C 7A 316 : C5 76 D4 0F 0E 1F 7A 2A B2 6E 37 04 AB 39 45 73 317 : BA 46 A8 0F 8D 82 5F 22 14 05 CF A2 A3 F3 7C 83 318 568 02 64: INTEGER 319 : 26 1E 1D 1C A1 98 2B E4 DB 38 E8 57 6E 6B 73 19 320 : 88 61 3A FA 74 4A 36 8B 47 68 5D 50 EB 26 E3 EA 321 : 7D 9B 4E 65 A9 AF 7B AB 4B 2E 76 51 3D A8 D0 11 322 : AB A3 D6 A8 C0 27 36 1D 54 0B AA A7 D1 6D 8D FA 323 : } 324 : } 325 : } 327 CarlPrivDSSSign = 328 0 30 330: SEQUENCE { 329 4 02 1: INTEGER 0 330 7 30 299: SEQUENCE { 331 11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) 332 : (ANSI X9.57 algorithm) 333 20 30 286: SEQUENCE { 334 24 02 129: INTEGER 335 : 00 B6 49 18 3E 8A 44 C1 29 71 94 4C 01 C4 12 C1 336 : 7A 79 CB 54 4D AB 1E 81 FB C6 4C B3 0E 94 09 06 337 : EB 01 D4 B1 C8 71 4B C7 45 C0 50 25 5D 9C FC DA 338 : E4 6D D3 E2 86 48 84 82 7D BA 15 95 4A 16 F6 46 339 : ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16 7B B9 50 01 340 : 48 93 8B EB 25 15 51 97 55 DC 8F 53 0E 10 A9 50 341 : FC 70 B7 CD 30 54 FD DA DE A8 AA 22 B5 A1 AF 8B 342 : CC 02 88 E7 8B 70 5F B9 AD E1 08 D4 6D 29 2D D6 343 : E9 344 156 02 21: INTEGER 345 : 00 DD C1 2F DF 53 CE 0B 34 60 77 3E 02 A4 BF 8A 346 : 5D 98 B9 10 D5 347 179 02 128: INTEGER 348 : 0C EE 57 9B 4B BD DA B6 07 6A 74 37 4F 55 7F 9D 349 : ED BC 61 0D EB 46 59 3C 56 0B 2B 5B 0C 91 CE A5 350 : 62 52 69 CA E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C 351 : AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 87 0B C7 CD 352 : F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D 5A 51 F5 4F 353 : 44 79 35 5A 73 AA 7F 46 51 1F A9 42 16 9C 48 EB 354 : 8A 79 61 B4 D5 2F 53 22 44 63 1F 86 B8 A3 58 06 355 : 25 F8 29 C0 EF BA E0 75 F0 42 C4 63 65 52 9B 0A 356 : } 357 : } 358 310 04 22: OCTET STRING, encapsulates { 359 312 02 20: INTEGER 360 : 19 B3 38 A5 21 62 31 50 E5 7F B9 3E 08 46 78 D1 361 : 3E B5 E5 72 362 : } 363 : } 365 CarlPrivRSASign = 366 0 30 630: SEQUENCE { 367 4 02 1: INTEGER 0 368 7 30 13: SEQUENCE { 369 9 06 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1) 370 : (PKCS #1) 371 20 05 0: NULL 372 : } 373 22 04 608: OCTET STRING, encapsulates { 374 26 30 604: SEQUENCE { 375 30 02 1: INTEGER 0 376 33 02 129: INTEGER 377 : 00 E4 4B FF 18 B8 24 57 F4 77 FF 6E 73 7B 93 71 378 : 5C BC 33 1A 92 92 72 23 D8 41 46 D0 CD 11 3A 04 379 : B3 8E AF 82 9D BD 51 1E 17 7A F2 76 2C 2B 86 39 380 : A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC A2 36 B1 ED 381 : E2 50 E2 32 09 8A 3F 9F 99 25 8F B8 4E AB B9 7D 382 : D5 96 65 DA 16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7 383 : 29 CB 82 DD AC 44 E9 AA 93 94 29 0E F8 18 D6 C8 384 : 57 5E F2 76 C4 F2 11 60 38 B9 1B 3C 1D 97 C9 6A 385 : F1 386 165 02 3: INTEGER 65537 387 170 02 129: INTEGER 388 : 00 AE 73 E4 5B 5F 5B 66 5A C9 D7 C6 EF 38 5F 53 389 : 21 2A 2F 62 FE DE 29 9A 7A 86 67 36 E7 7D 62 78 390 : 75 3D 73 A0 BC 29 0E F3 8F BD C3 C9 C9 B6 F8 BA 391 : D6 13 9B C3 97 7A CA 6A F0 B8 85 65 4E 0F BD A7 392 : A8 F7 54 06 41 BD EB DC 20 77 90 DF 61 9B 9A 6F 393 : 74 DE EA 3B D4 9C 87 60 ED 76 84 F1 6A 30 37 D5 394 : E0 90 16 F8 80 47 C3 19 6B ED 75 77 BA 4A ED 39 395 : B6 5D 02 47 3B 5F 1B C8 1C AB CB E8 F5 26 3F A4 396 : 81 397 302 02 65: INTEGER 398 : 00 FF DF 09 A0 56 0B 42 52 9E C4 4D 93 B3 B0 49 399 : BB DE E7 81 7D 28 99 D0 B1 48 BA 0B 39 E1 1C 7B 400 : 22 18 33 B6 40 F6 BF DC AE 1D D0 A1 AD 04 71 5A 401 : 61 0A 6E 3B CE 30 DA 36 9F 65 25 29 BB A7 0E 7F 402 : 0B 403 369 02 65: INTEGER 404 : 00 E4 69 68 18 5F F9 57 D0 7C 66 89 0F BA 63 1D 405 : 72 CB 20 A4 81 76 64 89 CD 7D D1 C2 27 A9 2E AC 406 : 7A 56 9A 85 07 D9 30 03 A3 03 AB 7F 88 92 50 24 407 : 01 AA 1B 07 1F 20 4C B7 C9 7B 56 F7 B6 C2 7E AB 408 : 73 409 436 02 64: INTEGER 410 : 57 36 6C 8F 8C 04 76 6C B6 D4 EE 24 44 00 F8 80 411 : E2 AF 42 01 A9 0F 14 84 F8 E7 00 E0 8F 8C 27 A4 412 : 2D 5F A2 E5 6D B5 63 C0 AD 44 E9 76 91 A7 19 49 413 : 2E 46 F8 77 85 4B 3B 87 04 F0 AF D2 D8 54 26 95 414 502 02 64: INTEGER 415 : 64 A1 0F AC 55 74 1B BD 0D 61 7B 17 03 CD B0 E6 416 : A7 19 1D 80 AF F1 41 48 D8 1A B6 88 14 A0 2C 7A 417 : C5 76 D4 0F 0E 1F 7A 2A B2 6E 37 04 AB 39 45 73 418 : BA 46 A8 0F 8D 82 5F 22 14 05 CF A2 A3 F3 7C 83 419 568 02 64: INTEGER 420 : 26 1E 1D 1C A1 98 2B E4 DB 38 E8 57 6E 6B 73 19 421 : 88 61 3A FA 74 4A 36 8B 47 68 5D 50 EB 26 E3 EA 422 : 7D 9B 4E 65 A9 AF 7B AB 4B 2E 76 51 3D A8 D0 11 423 : AB A3 D6 A8 C0 27 36 1D 54 0B AA A7 D1 6D 8D FA 424 : } 425 : } 426 : } 428 DianePrivDHEncrypt = 429 0 30 354: SEQUENCE { 430 4 02 1: INTEGER 0 431 7 30 311: SEQUENCE { 432 11 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1) 433 : (ANSI X9.42 number-type) 434 20 30 298: SEQUENCE { 435 24 02 129: INTEGER 436 : 00 CA 6E 91 C2 B0 BD A8 58 F2 31 21 74 BB 1F E4 437 : 10 BD D0 93 A2 7E 61 E1 3D BA 23 04 16 D0 66 39 438 : BD 3B CD 05 74 48 F1 03 70 95 F4 05 63 6D 2E BF 439 : 9A B7 FF 97 FF 39 BB 63 DB 4D A4 71 D8 94 9A B4 440 : F2 8A 3D 9F B7 5D 8D CA E2 AF B5 0F CF 05 65 82 441 : 68 6E 43 D2 F4 04 5F 03 8B F9 50 F5 C8 6C 05 26 442 : BC BF 36 0F 5C C3 51 6A 67 E8 75 32 66 78 91 63 443 : E8 FE 34 E7 19 B6 70 6C 78 38 36 82 D2 34 36 C2 444 : DF 445 156 02 128: INTEGER 446 : 6E D6 76 36 4B E4 59 07 57 5F 18 9A 10 D2 31 5C 447 : A6 10 B0 26 96 42 4D 7C A3 A1 D3 9E A5 80 B2 1F 448 : 37 11 49 7C 8A 99 D8 56 3F 93 51 ED 6E 54 FB 6E 449 : DB B2 FC 34 C0 E7 CA 1E 58 2B D5 3D 3B DC AE 71 450 : 21 D9 3B 56 B8 A7 F6 4D 22 52 5F 41 BA D5 1E 82 451 : 69 6C DD 70 71 CC 6C 3B EF 84 A9 71 8B A9 3B 2A 452 : 09 F8 BD FD CB 51 BC 2E 2E CA 3E 30 8C FA 54 9E 453 : 7D 0D 03 E2 DF 63 62 6D F3 50 82 27 DC D1 99 F7 454 287 02 33: INTEGER 455 : 00 AA 05 65 FB DD 4E A8 02 F1 34 39 E7 A3 FC 7D 456 : 46 10 B8 5D F0 2E F2 C5 D1 5E A2 74 4C DA 0F 4E 457 : 1F 458 : } 459 : } 460 322 04 34: OCTET STRING, encapsulates { 461 324 02 32: INTEGER 462 : 58 2E 89 AB 57 34 7D 3C F5 9A 75 CB 7D 99 8A 19 463 : 2F 3C 7A A6 85 C9 2F 1B 5A 47 03 E3 82 16 E4 9B 464 : } 465 : } 467 DianePrivDSSSign = 468 0 30 331: SEQUENCE { 469 4 02 1: INTEGER 0 470 7 30 299: SEQUENCE { 471 11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) 472 : (ANSI X9.57 algorithm) 473 20 30 286: SEQUENCE { 474 24 02 129: INTEGER 475 : 00 B6 49 18 3E 8A 44 C1 29 71 94 4C 01 C4 12 C1 476 : 7A 79 CB 54 4D AB 1E 81 FB C6 4C B3 0E 94 09 06 477 : EB 01 D4 B1 C8 71 4B C7 45 C0 50 25 5D 9C FC DA 478 : E4 6D D3 E2 86 48 84 82 7D BA 15 95 4A 16 F6 46 479 : ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16 7B B9 50 01 480 : 48 93 8B EB 25 15 51 97 55 DC 8F 53 0E 10 A9 50 481 : FC 70 B7 CD 30 54 FD DA DE A8 AA 22 B5 A1 AF 8B 482 : CC 02 88 E7 8B 70 5F B9 AD E1 08 D4 6D 29 2D D6 483 : E9 484 156 02 21: INTEGER 485 : 00 DD C1 2F DF 53 CE 0B 34 60 77 3E 02 A4 BF 8A 486 : 5D 98 B9 10 D5 487 179 02 128: INTEGER 488 : 0C EE 57 9B 4B BD DA B6 07 6A 74 37 4F 55 7F 9D 489 : ED BC 61 0D EB 46 59 3C 56 0B 2B 5B 0C 91 CE A5 490 : 62 52 69 CA E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C 491 : AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 87 0B C7 CD 492 : F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D 5A 51 F5 4F 493 : 44 79 35 5A 73 AA 7F 46 51 1F A9 42 16 9C 48 EB 494 : 8A 79 61 B4 D5 2F 53 22 44 63 1F 86 B8 A3 58 06 495 : 25 F8 29 C0 EF BA E0 75 F0 42 C4 63 65 52 9B 0A 496 : } 497 : } 498 310 04 23: OCTET STRING, encapsulates { 499 312 02 21: INTEGER 500 : 00 96 95 F9 E0 C1 E0 41 2D 32 0F 8B 42 52 93 2A 501 : E6 1E 0E 21 29 502 : } 503 : } 505 DianePrivRSASignEncrypt = 506 0 30 631: SEQUENCE { 507 4 02 1: INTEGER 0 508 7 30 13: SEQUENCE { 509 9 06 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1) 510 : (PKCS #1) 511 20 05 0: NULL 512 : } 513 22 04 609: OCTET STRING, encapsulates { 514 26 30 605: SEQUENCE { 515 30 02 1: INTEGER 0 516 33 02 129: INTEGER 517 : 00 D6 FD B8 C0 70 C6 4C 25 EC EA CF EA 7C BB A2 518 : 62 FA F0 E6 32 3A 53 FF B1 92 5A 17 F4 20 E1 99 519 : 24 82 0A D0 F6 7C FB 44 CA 8B 27 06 F1 7E 26 03 520 : A9 76 9D CF EC A0 2C 70 96 F2 83 42 F6 D4 B7 28 521 : 0A BB F8 BF 4A 4C 19 3F 07 DB A0 C1 60 1E B7 7E 522 : 67 F7 DE B1 C3 60 49 AC 45 D7 F8 C6 EF 08 37 21 523 : 93 47 EE F0 73 35 72 B0 02 C4 F3 11 C3 5E 47 E5 524 : 0A B7 83 F1 DB 74 69 64 8B 44 1D 95 5D CD 28 C0 525 : 85 526 165 02 3: INTEGER 65537 527 170 02 128: INTEGER 528 : 3D BD CD C2 0E 61 14 5B 4B E7 BF 60 23 04 2B C5 529 : 6B 35 A5 96 45 23 FC 69 7D 93 3C 0F D3 25 96 BA 530 : 62 52 42 E2 96 CF FE 58 80 8F EB B1 8C BD D4 0D 531 : 65 D0 3A 77 45 24 9E 0C EB 86 80 C3 AC 21 11 71 532 : 44 E3 B2 A8 A9 2E AC 17 D2 A3 84 25 63 B5 BC 2F 533 : 1E DD F6 21 FF 15 20 24 5B F1 80 2F D5 41 0E 32 534 : 24 F7 D4 4A 32 9E B9 49 D8 19 8E 3F 39 8D 62 BD 535 : 80 FC 0C 24 92 93 E4 C3 D7 05 91 53 BB 96 B6 41 536 301 02 65: INTEGER 537 : 00 F3 B8 3F 4A D1 94 B0 91 60 13 41 92 0D 8D 44 538 : 3F 77 1D FF 96 23 44 08 D4 0B 70 C9 1A AF E9 90 539 : 94 F2 B0 D5 5F 4F 19 85 50 A1 90 91 AE BD 05 76 540 : 52 B3 22 D8 A8 7C 8E 54 7F 00 72 4F 36 75 68 73 541 : B5 542 368 02 65: INTEGER 543 : 00 E1 D2 E7 11 57 06 AE 72 95 22 16 AA 02 B4 5A 544 : ED 4E 9D 82 11 4F 96 3C 86 C9 10 8D 56 7B 31 75 545 : 79 69 E7 75 68 38 00 4B 2E D2 26 32 DD B1 E2 E0 546 : 2C 54 80 0A 75 BA D1 66 96 1B B0 0E A0 7E D2 BB 547 : 91 548 435 02 65: INTEGER 549 : 00 AF B6 BC DB 22 73 43 41 EC B4 B5 67 A9 A1 99 550 : FC EF D2 8E FD 1D FB E5 29 8B FE 0A DF D4 C8 5E 551 : 57 25 0A 5D 2B D4 09 A0 56 5B C5 B1 62 FC 20 BE 552 : 08 2D E3 07 B5 A1 E7 B3 FF C4 C0 A5 5F AC 12 5C 553 : A9 554 502 02 65: INTEGER 555 : 00 B9 98 41 FC 08 50 1F 73 60 8A 01 A2 7C 52 8A 556 : 20 5A EA 2C 89 D9 A5 19 DD 94 C6 1B C3 25 C0 82 557 : 51 E4 EE 2B 9A 19 DC 73 ED E9 1D 27 D4 F8 6C 03 558 : DD AB 1D 08 7B B5 AC 7F E9 82 9B F1 89 8A 71 DB 559 : 61 560 569 02 64: INTEGER 561 : 01 07 21 97 5F 7A 60 A8 FD 5A 5C 07 DF A8 DE F7 562 : E2 B1 34 7D FC EB 91 BD B0 73 74 C8 C4 BE 3F 58 563 : 45 30 06 90 B3 AC 69 CC B3 F7 3F 7C AC C7 B8 1B 564 : 65 A1 16 39 39 B0 E3 74 7D CF CD C5 AC 6C BF E5 565 : } 566 : } 567 : } 569 EricaPrivDHEncryptBobParam = 570 0 30 355: SEQUENCE { 571 4 02 1: INTEGER 0 572 7 30 312: SEQUENCE { 573 11 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1) 574 : (ANSI X9.42 number-type) 575 20 30 299: SEQUENCE { 576 24 02 129: INTEGER 577 : 00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB 23 4D DF 2B 578 : 25 C1 68 D2 9E A9 45 5B 36 F1 94 89 1A AF 7D 11 579 : 24 9D 3D B9 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB 580 : AA CC 9E 28 05 95 A0 B3 17 76 C1 F7 25 35 61 02 581 : 41 92 27 0C 5E AE 48 E5 F3 6E 38 EF 91 D1 CF 37 582 : FE 9A 40 97 C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA 583 : 74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8 7E BC 3A AA 584 : 43 0A 81 64 FC 63 F0 7B 71 98 FA C0 38 79 10 1A 585 : 33 586 156 02 129: INTEGER 587 : 00 BA 0B D7 74 3D E7 34 E5 4C 13 A7 95 96 BB F1 588 : E4 61 37 08 FB 12 C7 FB 9C 91 77 06 99 35 F0 48 589 : 24 96 33 12 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5 590 : 5E 95 86 A2 73 C5 49 46 37 79 60 FD 77 05 09 48 591 : 9B 70 8D 3C 05 F6 CE 44 2C 7F 7D 1B 2B 15 DD F3 592 : 05 2F BE 85 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D 593 : 42 62 34 27 27 81 8E 6F 0F 5E 62 85 89 CC ED 21 594 : C3 91 70 06 54 EE 70 A8 92 55 5B 6E 19 22 4D 62 595 : A7 596 288 02 33: INTEGER 597 : 00 C3 AB 4A 30 79 B3 D3 97 4E CA F5 A2 7D C7 70 598 : A3 45 F3 B3 A2 86 05 D2 3E 49 F9 9F D9 0A B3 BE 599 : BD 600 : } 601 : } 602 323 04 34: OCTET STRING, encapsulates { 603 325 02 32: INTEGER 604 : 48 64 11 E4 17 01 12 E6 C1 D3 9C 70 7D 7C A6 97 605 : 95 BD C8 95 07 F7 CF 41 11 A7 13 91 FB 30 3D 8C 606 : } 607 : } 609 MailListTripleDES = 610 255e 0d1c 07b6 46df b313 4cc8 43ba 8aa7 1f02 5b7c 0838 251f 612 MailListRC2 = 613 b70a 25fb c9d8 6a86 050c e0d7 11ea d4d9 615 3.3 Certificates 617 Note that Bob's and Diane's Diffie-Hellman encryption keys do *not* 618 share Diffie-Hellman parameters; however, Bob and Erica share Diffie- 619 Hellman parameters. 621 AliceDSSSignByCarlNoInherit = 622 0 30 734: SEQUENCE { 623 4 30 669: SEQUENCE { 624 8 A0 3: [0] { 625 10 02 1: INTEGER 2 626 : } 627 13 02 2: INTEGER 200 628 17 30 9: SEQUENCE { 629 19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 630 : (ANSI X9.57 algorithm) 631 : } 632 28 30 18: SEQUENCE { 633 30 31 16: SET { 634 32 30 14: SEQUENCE { 635 34 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 636 : (X.520 id-at (2 5 4)) 637 39 13 7: PrintableString 'CarlDSS' 638 : } 639 : } 640 : } 641 48 30 30: SEQUENCE { 642 50 17 13: UTCTime '990817011049Z' 643 65 17 13: UTCTime '391231235959Z' 644 : } 645 80 30 19: SEQUENCE { 646 82 31 17: SET { 647 84 30 15: SEQUENCE { 648 86 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 649 : (X.520 id-at (2 5 4)) 650 91 13 8: PrintableString 'AliceDSS' 651 : } 652 : } 653 : } 654 101 30 438: SEQUENCE { 655 105 30 299: SEQUENCE { 656 109 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) 657 : (ANSI X9.57 algorithm) 658 118 30 286: SEQUENCE { 659 122 02 129: INTEGER 660 : 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4 661 : 47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94 662 : E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89 663 : 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A 664 : E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F 665 : 2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3 666 : C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D 667 : B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B 668 : DB 669 254 02 21: INTEGER 670 : 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B 671 : 62 8B F7 93 CD 672 277 02 128: INTEGER 673 : 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C 674 : 76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD 675 : 9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF 676 : 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D 677 : EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23 678 : 85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8 679 : 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2 680 : BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39 681 : } 682 : } 683 408 03 132: BIT STRING 0 unused bits, encapsulates { 684 412 02 128: INTEGER 685 : 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 3F A9 EC AC 686 : 5E DC BD B7 13 11 34 A6 16 89 28 11 23 D9 34 86 687 : 67 75 75 13 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 688 : 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 A5 A0 4A E3 689 : 85 D6 CE 06 80 3F E8 23 7E 1A F2 24 AB 53 1A B8 690 : 27 0D 1E EF 08 BF 66 14 80 5C 62 AC 65 FA 15 8B 691 : F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 32 84 F0 7E 692 : 41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2 83 E5 B8 693 : } 694 : } 695 543 A3 131: [3] { 696 546 30 128: SEQUENCE { 697 549 30 32: SEQUENCE { 698 551 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) 699 : (X.509 id-ce (2 5 29)) 700 556 04 25: OCTET STRING, encapsulates { 701 558 30 23: SEQUENCE { 702 560 81 21: [1] 'aliceDss@examples.com' 703 : } 704 : } 705 : } 706 583 30 12: SEQUENCE { 707 585 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 708 : (X.509 id-ce (2 5 29)) 709 590 01 1: BOOLEAN TRUE 710 593 04 2: OCTET STRING, encapsulates { 711 595 30 0: SEQUENCE {} 712 : } 713 : } 714 597 30 14: SEQUENCE { 715 599 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 716 : (X.509 id-ce (2 5 29)) 717 604 01 1: BOOLEAN TRUE 718 607 04 4: OCTET STRING, encapsulates { 719 609 03 2: BIT STRING 6 unused bits 720 : '11'B 721 : } 722 : } 723 613 30 31: SEQUENCE { 724 615 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35) 725 : (X.509 id-ce (2 5 29)) 726 620 04 24: OCTET STRING, encapsulates { 727 622 30 22: SEQUENCE { 728 624 80 20: [0] 729 : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43 730 : 2B 93 F1 1F 731 : } 732 : } 733 : } 734 646 30 29: SEQUENCE { 735 648 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 736 : (X.509 id-ce (2 5 29)) 737 653 04 22: OCTET STRING 738 : 04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01 739 : E2 FD E3 97 FE CD 740 : } 741 : } 742 : } 743 : } 744 677 30 9: SEQUENCE { 745 679 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 746 : (ANSI X9.57 algorithm) 747 : } 748 688 03 48: BIT STRING 0 unused bits, encapsulates { 749 691 30 45: SEQUENCE { 750 693 02 21: INTEGER 751 : 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A 8F C0 F8 24 752 : 05 E8 46 94 8E 753 716 02 20: INTEGER 754 : 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9 A1 87 C1 A5 755 : 7F 28 2D BB 756 : } 757 : } 758 : } 760 AliceRSASignByCarl = 761 0 30 522: SEQUENCE { 762 4 30 371: SEQUENCE { 763 8 A0 3: [0] { 764 10 02 1: INTEGER 2 765 : } 766 13 02 16: INTEGER 767 : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0 768 31 30 13: SEQUENCE { 769 33 06 9: OBJECT IDENTIFIER 770 : sha1withRSAEncryption (1 2 840 113549 1 1 5) 771 : (PKCS #1) 772 44 05 0: NULL 773 : } 774 46 30 18: SEQUENCE { 775 48 31 16: SET { 776 50 30 14: SEQUENCE { 777 52 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 778 : (X.520 id-at (2 5 4)) 779 57 13 7: PrintableString 'CarlRSA' 780 : } 781 : } 782 : } 783 66 30 30: SEQUENCE { 784 68 17 13: UTCTime '990819070000Z' 785 83 17 13: UTCTime '391231235959Z' 786 : } 787 98 30 19: SEQUENCE { 788 100 31 17: SET { 789 102 30 15: SEQUENCE { 790 104 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 791 : (X.520 id-at (2 5 4)) 792 109 13 8: PrintableString 'AliceRSA' 793 : } 794 : } 795 : } 796 119 30 159: SEQUENCE { 797 122 30 13: SEQUENCE { 798 124 06 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1) 799 : (PKCS #1) 800 135 05 0: NULL 801 : } 802 137 03 141: BIT STRING 0 unused bits, encapsulates { 803 141 30 137: SEQUENCE { 804 144 02 129: INTEGER 805 : 00 E0 89 73 39 8D D8 F5 F5 E8 87 76 39 7F 4E B0 806 : 05 BB 53 83 DE 0F B7 AB DC 7D C7 75 29 0D 05 2E 807 : 6D 12 DF A6 86 26 D4 D2 6F AA 58 29 FC 97 EC FA 808 : 82 51 0F 30 80 BE B1 50 9E 46 44 F1 2C BB D8 32 809 : CF C6 68 6F 07 D9 B0 60 AC BE EE 34 09 6A 13 F5 810 : F7 05 05 93 DF 5E BA 35 56 D9 61 FF 19 7F C9 81 811 : E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 9F 2D FA 55 812 : 3A B9 99 77 02 A6 48 52 8C 4E F3 57 38 57 74 57 813 : 5F 814 276 02 3: INTEGER 65537 815 : } 816 : } 817 : } 818 281 A3 96: [3] { 819 283 30 94: SEQUENCE { 820 285 30 12: SEQUENCE { 821 287 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 822 : (X.509 id-ce (2 5 29)) 823 292 01 1: BOOLEAN TRUE 824 295 04 2: OCTET STRING, encapsulates { 825 297 30 0: SEQUENCE {} 826 : } 827 : } 828 299 30 14: SEQUENCE { 829 301 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 830 : (X.509 id-ce (2 5 29)) 831 306 01 1: BOOLEAN TRUE 832 309 04 4: OCTET STRING, encapsulates { 833 311 03 2: BIT STRING 6 unused bits 834 : '11'B 835 : } 836 : } 837 315 30 31: SEQUENCE { 838 317 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35) 839 : (X.509 id-ce (2 5 29)) 840 322 04 24: OCTET STRING, encapsulates { 841 324 30 22: SEQUENCE { 842 326 80 20: [0] 843 : E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 4E 22 844 : AE 9E 38 BB 845 : } 846 : } 847 : } 848 348 30 29: SEQUENCE { 849 350 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 850 : (X.509 id-ce (2 5 29)) 851 355 04 22: OCTET STRING 852 : 04 14 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D CE EC 853 : 3C A0 3A E3 FF 50 854 : } 855 : } 856 : } 857 : } 858 379 30 13: SEQUENCE { 859 381 06 9: OBJECT IDENTIFIER 860 : sha1withRSAEncryption (1 2 840 113549 1 1 5) 861 : (PKCS #1) 862 392 05 0: NULL 863 : } 864 394 03 129: BIT STRING 0 unused bits 865 : 52 FF B3 8B 54 1E 08 BF F3 6D 0C 12 08 7D 8E CB 866 : 6E 59 EC 56 93 A6 4A 22 40 5F 8B 14 79 7E 83 4F 867 : F5 3F DE 21 97 16 58 70 76 32 B2 20 51 A3 1A 1F 868 : 97 48 80 5C 83 B0 B8 93 0B 03 44 AE BF BE A4 8C 869 : 06 C6 45 E2 81 08 D5 89 58 0C 28 1B 2D A5 8B 1C 870 : 4A E3 D7 44 34 D4 CB 53 FC BA A9 8B AA B6 E9 B0 871 : C3 AB 74 F1 2A F1 B0 C6 38 EA 87 02 1E 10 BB 99 872 : C4 BE 36 C0 08 BA 13 65 37 3E 36 F3 31 42 73 18 873 : } 875 BobDHEncryptByCarl = 876 0 30 866: SEQUENCE { 877 4 30 801: SEQUENCE { 878 8 A0 3: [0] { 879 10 02 1: INTEGER 2 880 : } 881 13 02 2: INTEGER 201 882 17 30 9: SEQUENCE { 883 19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 884 : (ANSI X9.57 algorithm) 885 : } 886 28 30 18: SEQUENCE { 887 30 31 16: SET { 888 32 30 14: SEQUENCE { 889 34 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 890 : (X.520 id-at (2 5 4)) 891 39 13 7: PrintableString 'CarlDSS' 892 : } 893 : } 894 : } 895 48 30 30: SEQUENCE { 896 50 17 13: UTCTime '990817011828Z' 897 65 17 13: UTCTime '391231235959Z' 898 : } 899 80 30 16: SEQUENCE { 900 82 31 14: SET { 901 84 30 12: SEQUENCE { 902 86 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 903 : (X.520 id-at (2 5 4)) 904 91 13 5: PrintableString 'bobDH' 905 : } 906 : } 907 : } 908 98 30 578: SEQUENCE { 909 102 30 439: SEQUENCE { 910 106 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1) 911 : (ANSI X9.42 number-type) 912 115 30 426: SEQUENCE { 913 119 02 129: INTEGER 914 : 00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB 23 4D DF 2B 915 : 25 C1 68 D2 9E A9 45 5B 36 F1 94 89 1A AF 7D 11 916 : 24 9D 3D B9 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB 917 : AA CC 9E 28 05 95 A0 B3 17 76 C1 F7 25 35 61 02 918 : 41 92 27 0C 5E AE 48 E5 F3 6E 38 EF 91 D1 CF 37 919 : FE 9A 40 97 C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA 920 : 74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8 7E BC 3A AA 921 : 43 0A 81 64 FC 63 F0 7B 71 98 FA C0 38 79 10 1A 922 : 33 923 251 02 129: INTEGER 924 : 00 BA 0B D7 74 3D E7 34 E5 4C 13 A7 95 96 BB F1 925 : E4 61 37 08 FB 12 C7 FB 9C 91 77 06 99 35 F0 48 926 : 24 96 33 12 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5 927 : 5E 95 86 A2 73 C5 49 46 37 79 60 FD 77 05 09 48 928 : 9B 70 8D 3C 05 F6 CE 44 2C 7F 7D 1B 2B 15 DD F3 929 : 05 2F BE 85 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D 930 : 42 62 34 27 27 81 8E 6F 0F 5E 62 85 89 CC ED 21 931 : C3 91 70 06 54 EE 70 A8 92 55 5B 6E 19 22 4D 62 932 : A7 933 383 02 33: INTEGER 934 : 00 C3 AB 4A 30 79 B3 D3 97 4E CA F5 A2 7D C7 70 935 : A3 45 F3 B3 A2 86 05 D2 3E 49 F9 9F D9 0A B3 BE 936 : BD 937 418 02 97: INTEGER 938 : 01 34 FE C2 33 48 EB F6 3B 97 D9 E4 97 A7 60 A5 939 : 25 69 34 FB FD 46 2A D6 C9 C4 C5 F7 D6 F4 04 19 940 : 8D 94 D9 8A 37 68 69 67 55 FB F2 6B 0E 47 C5 5B 941 : 0B 4B 0E 1C 1A 8B 7B 75 B7 AA C3 AA D7 EB 3B DA 942 : 2A 8D 02 87 37 47 83 D7 31 B4 25 A8 AC BB 11 88 943 : 53 1C 11 92 B6 69 E7 2E 90 C1 7A FC 87 F4 F6 D7 944 : 1A 945 517 30 26: SEQUENCE { 946 519 03 21: BIT STRING 0 unused bits 947 : B9 FF 1C 93 44 67 37 D1 B2 F8 57 9A 32 4A C9 4A 948 : FF 3B EC 1E 949 542 02 1: INTEGER 29 950 : } 951 : } 952 : } 953 545 03 132: BIT STRING 0 unused bits, encapsulates { 954 549 02 128: INTEGER 955 : 6F D4 F6 CD 94 9A 6E AF 5B 57 17 96 75 BB 0F B9 956 : 48 E9 90 37 0D 15 20 C2 55 1E 13 E2 AE 71 17 84 957 : C3 0E 74 AE 8A 55 7F 28 7D 8B D7 28 22 9C 76 46 958 : D7 3B 4F 9D D1 4D 1B B2 DB 51 94 C5 6D 54 96 40 959 : 38 8A 38 81 63 4A 8C C3 1E 09 89 74 A6 58 D5 C8 960 : 5A 3D CF BB B8 23 7F 9C 1F 7D 78 FA 9E F9 90 9E 961 : 91 E7 4B C2 A4 BE 45 06 78 42 58 3D 9F 63 2C EF 962 : 84 D4 67 E5 FB C6 6D A2 36 29 67 90 46 DB 4E 48 963 : } 964 : } 965 680 A3 127: [3] { 966 682 30 125: SEQUENCE { 967 684 30 29: SEQUENCE { 968 686 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) 969 : (X.509 id-ce (2 5 29)) 970 691 04 22: OCTET STRING, encapsulates { 971 693 30 20: SEQUENCE { 972 695 81 18: [1] 'bobDh@examples.com' 973 : } 974 : } 975 : } 976 715 30 12: SEQUENCE { 977 717 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 978 : (X.509 id-ce (2 5 29)) 979 722 01 1: BOOLEAN TRUE 980 725 04 2: OCTET STRING, encapsulates { 981 727 30 0: SEQUENCE {} 982 : } 983 : } 984 729 30 14: SEQUENCE { 985 731 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 986 : (X.509 id-ce (2 5 29)) 987 736 01 1: BOOLEAN TRUE 988 739 04 4: OCTET STRING, encapsulates { 989 741 03 2: BIT STRING 3 unused bits 990 : '10000'B 991 : } 992 : } 993 745 30 31: SEQUENCE { 994 747 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35) 995 : (X.509 id-ce (2 5 29)) 996 752 04 24: OCTET STRING, encapsulates { 997 754 30 22: SEQUENCE { 998 756 80 20: [0] 999 : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43 1000 : 2B 93 F1 1F 1001 : } 1002 : } 1003 : } 1004 778 30 29: SEQUENCE { 1005 780 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 1006 : (X.509 id-ce (2 5 29)) 1007 785 04 22: OCTET STRING 1008 : 04 14 26 FF 19 48 C3 59 33 68 56 8D 7E C8 80 68 1009 : 5C CF 3C 72 DD 26 1010 : } 1011 : } 1012 : } 1013 : } 1014 809 30 9: SEQUENCE { 1015 811 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 1016 : (ANSI X9.57 algorithm) 1017 : } 1018 820 03 48: BIT STRING 0 unused bits, encapsulates { 1019 823 30 45: SEQUENCE { 1020 825 02 20: INTEGER 1021 : 15 EA 15 43 E3 49 22 86 C1 BB E5 DA E4 0E B8 09 1022 : E0 D5 72 35 1023 847 02 21: INTEGER 1024 : 00 AE 4F 51 29 73 71 75 A9 81 EB ED 9D 5E 00 19 1025 : 7E F0 DE 5A D6 1026 : } 1027 : } 1028 : } 1030 BobRSASignByCarl = 1031 0 30 520: SEQUENCE { 1032 4 30 369: SEQUENCE { 1033 8 A0 3: [0] { 1034 10 02 1: INTEGER 2 1035 : } 1036 13 02 16: INTEGER 1037 : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0 1038 31 30 13: SEQUENCE { 1039 33 06 9: OBJECT IDENTIFIER 1040 : sha1withRSAEncryption (1 2 840 113549 1 1 5) 1041 : (PKCS #1) 1042 44 05 0: NULL 1043 : } 1044 46 30 18: SEQUENCE { 1045 48 31 16: SET { 1046 50 30 14: SEQUENCE { 1047 52 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 1048 : (X.520 id-at (2 5 4)) 1049 57 13 7: PrintableString 'CarlRSA' 1050 : } 1051 : } 1052 : } 1053 66 30 30: SEQUENCE { 1054 68 17 13: UTCTime '990819070000Z' 1055 83 17 13: UTCTime '391231235959Z' 1056 : } 1057 98 30 17: SEQUENCE { 1058 100 31 15: SET { 1059 102 30 13: SEQUENCE { 1060 104 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 1061 : (X.520 id-at (2 5 4)) 1062 109 13 6: PrintableString 'BobRSA' 1063 : } 1064 : } 1065 : } 1066 117 30 159: SEQUENCE { 1067 120 30 13: SEQUENCE { 1068 122 06 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1) 1069 : (PKCS #1) 1070 133 05 0: NULL 1071 : } 1072 135 03 141: BIT STRING 0 unused bits, encapsulates { 1073 139 30 137: SEQUENCE { 1074 142 02 129: INTEGER 1075 : 00 CA 5C E1 2E EC CF C1 3B 5D 10 1B DF 54 35 71 1076 : 99 0A 09 D8 3D E4 61 BF A0 BE 0A BE 11 A4 3C B5 1077 : 38 41 41 48 04 E1 5B B1 17 1C 53 B5 F4 C5 15 D3 1078 : FE 0C FB 0C AC EA 80 18 36 03 7E 41 93 53 D7 40 1079 : 74 49 DB D9 C6 AF FE D6 CA 0D CA 01 84 8F A1 E9 1080 : A3 00 21 27 51 D5 40 19 AA E3 C0 30 78 5B A0 B2 1081 : E6 C1 2D 24 36 CB AE 44 10 82 B0 DD 74 D7 F6 EB 1082 : 51 27 B2 A7 B6 AD 78 CA A7 1B 59 51 18 EF 28 0C 1083 : 53 1084 274 02 3: INTEGER 65537 1085 : } 1086 : } 1087 : } 1088 279 A3 96: [3] { 1089 281 30 94: SEQUENCE { 1090 283 30 12: SEQUENCE { 1091 285 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 1092 : (X.509 id-ce (2 5 29)) 1093 290 01 1: BOOLEAN TRUE 1094 293 04 2: OCTET STRING, encapsulates { 1095 295 30 0: SEQUENCE {} 1096 : } 1097 : } 1098 297 30 14: SEQUENCE { 1099 299 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 1100 : (X.509 id-ce (2 5 29)) 1101 304 01 1: BOOLEAN TRUE 1102 307 04 4: OCTET STRING, encapsulates { 1103 309 03 2: BIT STRING 5 unused bits 1104 : '100'B 1105 : } 1106 : } 1107 313 30 31: SEQUENCE { 1108 315 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35) 1109 : (X.509 id-ce (2 5 29)) 1110 320 04 24: OCTET STRING, encapsulates { 1111 322 30 22: SEQUENCE { 1112 324 80 20: [0] 1113 : E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 4E 22 1114 : AE 9E 38 BB 1115 : } 1116 : } 1117 : } 1118 346 30 29: SEQUENCE { 1119 348 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 1120 : (X.509 id-ce (2 5 29)) 1121 353 04 22: OCTET STRING 1122 : 04 14 E8 F4 B8 67 D8 B3 96 A4 2A F3 11 AA 29 D3 1123 : 95 5A 86 16 B4 24 1124 : } 1125 : } 1126 : } 1127 : } 1128 377 30 13: SEQUENCE { 1129 379 06 9: OBJECT IDENTIFIER 1130 : sha1withRSAEncryption (1 2 840 113549 1 1 5) 1131 : (PKCS #1) 1132 390 05 0: NULL 1133 : } 1134 392 03 129: BIT STRING 0 unused bits 1135 : 2B 53 8A E0 38 69 0C 19 2D AA D9 42 67 BE 58 49 1136 : A9 58 4C 42 F1 F5 68 B6 4E 4D 07 A4 9E B2 DB D0 1137 : 95 DF 4C F0 EF 5F 23 D6 90 7C 3F 62 92 86 E4 D2 1138 : 64 AB 2E B5 CA 5D 58 57 04 DF 39 29 73 B0 CD A5 1139 : 6B 22 75 C9 5D D5 0B FF C9 B8 7B F0 09 2C A1 86 1140 : F3 75 CD 54 67 AD 8B 1E 7B EC 7E AB 25 2B 14 71 1141 : 98 D1 19 16 F0 60 EB 3B 3C F4 0F 24 98 7A A4 A4 1142 : BA E6 C2 4E 80 07 EA C4 93 92 8B 49 17 FE 42 58 1143 : } 1145 CarlDSSSelf = 1146 0 30 667: SEQUENCE { 1147 4 30 602: SEQUENCE { 1148 8 A0 3: [0] { 1149 10 02 1: INTEGER 2 1150 : } 1151 13 02 1: INTEGER 1 1152 16 30 9: SEQUENCE { 1153 18 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 1154 : (ANSI X9.57 algorithm) 1155 : } 1156 27 30 18: SEQUENCE { 1157 29 31 16: SET { 1158 31 30 14: SEQUENCE { 1159 33 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 1160 : (X.520 id-at (2 5 4)) 1161 38 13 7: PrintableString 'CarlDSS' 1162 : } 1163 : } 1164 : } 1165 47 30 30: SEQUENCE { 1166 49 17 13: UTCTime '990816225050Z' 1167 64 17 13: UTCTime '391231235959Z' 1168 : } 1169 79 30 18: SEQUENCE { 1170 81 31 16: SET { 1171 83 30 14: SEQUENCE { 1172 85 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 1173 : (X.520 id-at (2 5 4)) 1174 90 13 7: PrintableString 'CarlDSS' 1175 : } 1176 : } 1177 : } 1178 99 30 439: SEQUENCE { 1179 103 30 299: SEQUENCE { 1180 107 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) 1181 : (ANSI X9.57 algorithm) 1182 116 30 286: SEQUENCE { 1183 120 02 129: INTEGER 1184 : 00 B6 49 18 3E 8A 44 C1 29 71 94 4C 01 C4 12 C1 1185 : 7A 79 CB 54 4D AB 1E 81 FB C6 4C B3 0E 94 09 06 1186 : EB 01 D4 B1 C8 71 4B C7 45 C0 50 25 5D 9C FC DA 1187 : E4 6D D3 E2 86 48 84 82 7D BA 15 95 4A 16 F6 46 1188 : ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16 7B B9 50 01 1189 : 48 93 8B EB 25 15 51 97 55 DC 8F 53 0E 10 A9 50 1190 : FC 70 B7 CD 30 54 FD DA DE A8 AA 22 B5 A1 AF 8B 1191 : CC 02 88 E7 8B 70 5F B9 AD E1 08 D4 6D 29 2D D6 1192 : E9 1193 252 02 21: INTEGER 1194 : 00 DD C1 2F DF 53 CE 0B 34 60 77 3E 02 A4 BF 8A 1195 : 5D 98 B9 10 D5 1196 275 02 128: INTEGER 1197 : 0C EE 57 9B 4B BD DA B6 07 6A 74 37 4F 55 7F 9D 1198 : ED BC 61 0D EB 46 59 3C 56 0B 2B 5B 0C 91 CE A5 1199 : 62 52 69 CA E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C 1200 : AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 87 0B C7 CD 1201 : F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D 5A 51 F5 4F 1202 : 44 79 35 5A 73 AA 7F 46 51 1F A9 42 16 9C 48 EB 1203 : 8A 79 61 B4 D5 2F 53 22 44 63 1F 86 B8 A3 58 06 1204 : 25 F8 29 C0 EF BA E0 75 F0 42 C4 63 65 52 9B 0A 1205 : } 1206 : } 1207 406 03 133: BIT STRING 0 unused bits, encapsulates { 1208 410 02 129: INTEGER 1209 : 00 99 87 74 27 03 66 A0 B1 C0 AD DC 2C 75 BB E1 1210 : 6C 44 9C DA 21 6D 4D 47 6D B1 62 09 E9 D8 AE 1E 1211 : F2 3A B4 94 B1 A3 8E 7A 9B 71 4E 00 94 C9 B4 25 1212 : 4E B9 60 96 19 24 01 F3 62 0C FE 75 C0 FB CE D8 1213 : 68 00 E3 FD D5 70 4F DF 23 96 19 06 94 F4 B1 61 1214 : 8F 3A 57 B1 08 11 A4 0B 26 25 F0 52 76 81 EA 0B 1215 : 62 0D 95 2A E6 86 BA 72 B2 A7 50 83 0B AA 27 CD 1216 : 1B A9 4D 89 9A D7 8D 18 39 84 3F 8B C5 56 4D 80 1217 : 7A 1218 : } 1219 : } 1220 542 A3 66: [3] { 1221 544 30 64: SEQUENCE { 1222 546 30 15: SEQUENCE { 1223 548 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 1224 : (X.509 id-ce (2 5 29)) 1225 553 01 1: BOOLEAN TRUE 1226 556 04 5: OCTET STRING, encapsulates { 1227 558 30 3: SEQUENCE { 1228 560 01 1: BOOLEAN TRUE 1229 : } 1230 : } 1231 : } 1232 563 30 14: SEQUENCE { 1233 565 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 1234 : (X.509 id-ce (2 5 29)) 1235 570 01 1: BOOLEAN TRUE 1236 573 04 4: OCTET STRING, encapsulates { 1237 575 03 2: BIT STRING 1 unused bits 1238 : '1100001'B 1239 : } 1240 : } 1241 579 30 29: SEQUENCE { 1242 581 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 1243 : (X.509 id-ce (2 5 29)) 1244 586 04 22: OCTET STRING 1245 : 04 14 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 1246 : BC 43 2B 93 F1 1F 1247 : } 1248 : } 1249 : } 1250 : } 1251 610 30 9: SEQUENCE { 1252 612 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 1253 : (ANSI X9.57 algorithm) 1254 : } 1255 621 03 48: BIT STRING 0 unused bits, encapsulates { 1256 624 30 45: SEQUENCE { 1257 626 02 20: INTEGER 1258 : 6B A9 F0 4E 7A 5A 79 E3 F9 BE 3D 2B C9 06 37 E9 1259 : 11 17 A1 13 1260 648 02 21: INTEGER 1261 : 00 8F 34 69 2A 8B B1 3C 03 79 94 32 4D 12 1F CE 1262 : 89 FB 46 B2 3B 1263 : } 1264 : } 1265 : } 1267 CarlRSASelf = 1268 0 30 491: SEQUENCE { 1269 4 30 340: SEQUENCE { 1270 8 A0 3: [0] { 1271 10 02 1: INTEGER 2 1272 : } 1273 13 02 16: INTEGER 1274 : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E 9F F2 50 20 1275 31 30 13: SEQUENCE { 1276 33 06 9: OBJECT IDENTIFIER 1277 : sha1withRSAEncryption (1 2 840 113549 1 1 5) 1278 : (PKCS #1) 1279 44 05 0: NULL 1280 : } 1281 46 30 18: SEQUENCE { 1282 48 31 16: SET { 1283 50 30 14: SEQUENCE { 1284 52 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 1285 : (X.520 id-at (2 5 4)) 1286 57 13 7: PrintableString 'CarlRSA' 1287 : } 1288 : } 1289 : } 1290 66 30 30: SEQUENCE { 1291 68 17 13: UTCTime '990818070000Z' 1292 83 17 13: UTCTime '391231235959Z' 1293 : } 1294 98 30 18: SEQUENCE { 1295 100 31 16: SET { 1296 102 30 14: SEQUENCE { 1297 104 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 1298 : (X.520 id-at (2 5 4)) 1299 109 13 7: PrintableString 'CarlRSA' 1300 : } 1301 : } 1302 : } 1303 118 30 159: SEQUENCE { 1304 121 30 13: SEQUENCE { 1305 123 06 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1) 1306 : (PKCS #1) 1307 134 05 0: NULL 1308 : } 1309 136 03 141: BIT STRING 0 unused bits, encapsulates { 1310 140 30 137: SEQUENCE { 1311 143 02 129: INTEGER 1312 : 00 E4 4B FF 18 B8 24 57 F4 77 FF 6E 73 7B 93 71 1313 : 5C BC 33 1A 92 92 72 23 D8 41 46 D0 CD 11 3A 04 1314 : B3 8E AF 82 9D BD 51 1E 17 7A F2 76 2C 2B 86 39 1315 : A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC A2 36 B1 ED 1316 : E2 50 E2 32 09 8A 3F 9F 99 25 8F B8 4E AB B9 7D 1317 : D5 96 65 DA 16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7 1318 : 29 CB 82 DD AC 44 E9 AA 93 94 29 0E F8 18 D6 C8 1319 : 57 5E F2 76 C4 F2 11 60 38 B9 1B 3C 1D 97 C9 6A 1320 : F1 1321 275 02 3: INTEGER 65537 1322 : } 1323 : } 1324 : } 1325 280 A3 66: [3] { 1326 282 30 64: SEQUENCE { 1327 284 30 15: SEQUENCE { 1328 286 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 1329 : (X.509 id-ce (2 5 29)) 1330 291 01 1: BOOLEAN TRUE 1331 294 04 5: OCTET STRING, encapsulates { 1332 296 30 3: SEQUENCE { 1333 298 01 1: BOOLEAN TRUE 1334 : } 1335 : } 1336 : } 1337 301 30 14: SEQUENCE { 1338 303 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 1339 : (X.509 id-ce (2 5 29)) 1340 308 01 1: BOOLEAN TRUE 1341 311 04 4: OCTET STRING, encapsulates { 1342 313 03 2: BIT STRING 1 unused bits 1343 : '1100001'B 1344 : } 1345 : } 1346 317 30 29: SEQUENCE { 1347 319 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 1348 : (X.509 id-ce (2 5 29)) 1349 324 04 22: OCTET STRING 1350 : 04 14 E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 1351 : 4E 22 AE 9E 38 BB 1352 : } 1353 : } 1354 : } 1355 : } 1356 348 30 13: SEQUENCE { 1357 350 06 9: OBJECT IDENTIFIER 1358 : sha1withRSAEncryption (1 2 840 113549 1 1 5) 1359 : (PKCS #1) 1360 361 05 0: NULL 1361 : } 1362 363 03 129: BIT STRING 0 unused bits 1363 : B7 9E D4 04 D3 ED 29 E4 FF 89 89 15 2E 4C DB 0C 1364 : F0 48 0F 32 61 EE C4 04 EC 12 5D 2D FF 0F 64 59 1365 : 7E 0A C3 ED 18 FD E3 56 40 37 A7 07 B5 F0 38 12 1366 : 61 50 ED EF DD 3F E3 0B B8 61 A5 A4 9B 3C E6 9E 1367 : 9C 54 9A B6 95 D6 DA 6C 3B B5 2D 45 35 9D 49 01 1368 : 76 FA B9 B9 31 F9 F9 6B 12 53 A0 F5 14 60 9B 7D 1369 : CA 3E F2 53 6B B0 37 6F AD E6 74 D7 DB FA 5A EA 1370 : 14 41 63 5D CD BE C8 0E C1 DA 6A 8D 53 34 18 02 1371 : } 1373 DianeDHEncryptByCarl = 1374 0 30 869: SEQUENCE { 1375 4 30 805: SEQUENCE { 1376 8 A0 3: [0] { 1377 10 02 1: INTEGER 2 1378 : } 1379 13 02 2: INTEGER 211 1380 17 30 9: SEQUENCE { 1381 19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 1382 : (ANSI X9.57 algorithm) 1383 : } 1384 28 30 18: SEQUENCE { 1385 30 31 16: SET { 1386 32 30 14: SEQUENCE { 1387 34 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 1388 : (X.520 id-at (2 5 4)) 1389 39 13 7: PrintableString 'CarlDSS' 1390 : } 1391 : } 1392 : } 1393 48 30 30: SEQUENCE { 1394 50 17 13: UTCTime '990817021657Z' 1395 65 17 13: UTCTime '391231235959Z' 1396 : } 1397 80 30 18: SEQUENCE { 1398 82 31 16: SET { 1399 84 30 14: SEQUENCE { 1400 86 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 1401 : (X.520 id-at (2 5 4)) 1402 91 13 7: PrintableString 'DianeDH' 1403 : } 1404 : } 1405 : } 1406 100 30 577: SEQUENCE { 1407 104 30 438: SEQUENCE { 1408 108 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1) 1409 : (ANSI X9.42 number-type) 1410 117 30 425: SEQUENCE { 1411 121 02 129: INTEGER 1412 : 00 CA 6E 91 C2 B0 BD A8 58 F2 31 21 74 BB 1F E4 1413 : 10 BD D0 93 A2 7E 61 E1 3D BA 23 04 16 D0 66 39 1414 : BD 3B CD 05 74 48 F1 03 70 95 F4 05 63 6D 2E BF 1415 : 9A B7 FF 97 FF 39 BB 63 DB 4D A4 71 D8 94 9A B4 1416 : F2 8A 3D 9F B7 5D 8D CA E2 AF B5 0F CF 05 65 82 1417 : 68 6E 43 D2 F4 04 5F 03 8B F9 50 F5 C8 6C 05 26 1418 : BC BF 36 0F 5C C3 51 6A 67 E8 75 32 66 78 91 63 1419 : E8 FE 34 E7 19 B6 70 6C 78 38 36 82 D2 34 36 C2 1420 : DF 1421 253 02 128: INTEGER 1422 : 6E D6 76 36 4B E4 59 07 57 5F 18 9A 10 D2 31 5C 1423 : A6 10 B0 26 96 42 4D 7C A3 A1 D3 9E A5 80 B2 1F 1424 : 37 11 49 7C 8A 99 D8 56 3F 93 51 ED 6E 54 FB 6E 1425 : DB B2 FC 34 C0 E7 CA 1E 58 2B D5 3D 3B DC AE 71 1426 : 21 D9 3B 56 B8 A7 F6 4D 22 52 5F 41 BA D5 1E 82 1427 : 69 6C DD 70 71 CC 6C 3B EF 84 A9 71 8B A9 3B 2A 1428 : 09 F8 BD FD CB 51 BC 2E 2E CA 3E 30 8C FA 54 9E 1429 : 7D 0D 03 E2 DF 63 62 6D F3 50 82 27 DC D1 99 F7 1430 384 02 33: INTEGER 1431 : 00 AA 05 65 FB DD 4E A8 02 F1 34 39 E7 A3 FC 7D 1432 : 46 10 B8 5D F0 2E F2 C5 D1 5E A2 74 4C DA 0F 4E 1433 : 1F 1434 419 02 97: INTEGER 1435 : 01 30 CD 03 82 CD 3F 32 3A 5F 16 5E F2 13 5F 52 1436 : 1B DF FF AA 3B 06 3C 7F 81 26 1C B7 0C A0 14 09 1437 : 1B 5D 26 FD 71 33 8C F2 AC 41 7E 0D AC 35 95 90 1438 : 7E A5 AD AB 55 50 80 F0 D2 B9 2A 11 4D 76 45 76 1439 : 3F 0C 38 AE 72 59 C6 EC BD EF E7 6E 60 23 93 B9 1440 : 27 02 44 7E 4A D3 DA 39 3A 9A 63 43 3C 1B 23 C5 1441 : 62 1442 518 30 26: SEQUENCE { 1443 520 03 21: BIT STRING 0 unused bits 1444 : D0 FD D6 E0 46 97 D1 A7 7F BB FF 9A 43 F0 62 64 1445 : B3 7C 97 AB 1446 543 02 1: INTEGER 122 1447 : } 1448 : } 1449 : } 1450 546 03 132: BIT STRING 0 unused bits, encapsulates { 1451 550 02 128: INTEGER 1452 : 60 5E 6E EF 61 55 77 3F 9D 6A 11 10 F4 D3 C9 B8 1453 : 72 A0 1F 89 DF E4 BC 21 FD E4 9F 50 D6 8F 8E F9 1454 : 67 97 14 E0 34 19 8F 3D 58 52 1E DC 5D 05 4E 4F 1455 : C6 88 85 78 AC 01 6C 35 CE 86 6D 90 4B 58 48 2E 1456 : 0F B2 E3 2A 4E 47 C3 B1 4D 2A 7A C9 B7 E5 C6 68 1457 : 8A 73 AE 53 21 B3 CF 09 C4 62 A3 E8 B0 BB DC DE 1458 : 0D 2E 66 48 37 A8 DB A2 4B FB DB FA A6 92 4B 41 1459 : 0A C6 54 0B 8B 1A 9D 2F FF 60 0B 0B 08 D9 42 3F 1460 : } 1461 : } 1462 681 A3 129: [3] { 1463 684 30 127: SEQUENCE { 1464 686 30 31: SEQUENCE { 1465 688 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) 1466 : (X.509 id-ce (2 5 29)) 1467 693 04 24: OCTET STRING, encapsulates { 1468 695 30 22: SEQUENCE { 1469 697 81 20: [1] 'dianeDh@examples.com' 1470 : } 1471 : } 1472 : } 1473 719 30 12: SEQUENCE { 1474 721 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 1475 : (X.509 id-ce (2 5 29)) 1476 726 01 1: BOOLEAN TRUE 1477 729 04 2: OCTET STRING, encapsulates { 1478 731 30 0: SEQUENCE {} 1479 : } 1480 : } 1481 733 30 14: SEQUENCE { 1482 735 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 1483 : (X.509 id-ce (2 5 29)) 1484 740 01 1: BOOLEAN TRUE 1485 743 04 4: OCTET STRING, encapsulates { 1486 745 03 2: BIT STRING 3 unused bits 1487 : '10000'B 1488 : } 1489 : } 1490 749 30 31: SEQUENCE { 1491 751 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35) 1492 : (X.509 id-ce (2 5 29)) 1493 756 04 24: OCTET STRING, encapsulates { 1494 758 30 22: SEQUENCE { 1495 760 80 20: [0] 1496 : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43 1497 : 2B 93 F1 1F 1498 : } 1499 : } 1500 : } 1501 782 30 29: SEQUENCE { 1502 784 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 1503 : (X.509 id-ce (2 5 29)) 1504 789 04 22: OCTET STRING 1505 : 04 14 47 F3 4F CD 75 7D A8 52 21 A8 61 36 57 B5 1506 : F8 9A EE DB 30 46 1507 : } 1508 : } 1509 : } 1510 : } 1511 813 30 9: SEQUENCE { 1512 815 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 1513 : (ANSI X9.57 algorithm) 1514 : } 1515 824 03 47: BIT STRING 0 unused bits, encapsulates { 1516 827 30 44: SEQUENCE { 1517 829 02 20: INTEGER 1518 : 7D 64 1E 1F 4B F3 EC 6F 34 2C B2 E4 64 70 8F 3E 1519 : 6A C0 72 A2 1520 851 02 20: INTEGER 1521 : 4B EA C1 0C F1 CD F7 7A 9D 76 CA 27 6E D0 BE F2 1522 : D8 9B 6A 6D 1523 : } 1524 : } 1525 : } 1527 DianeDSSSignByCarlInherit = 1528 0 30 442: SEQUENCE { 1529 4 30 377: SEQUENCE { 1530 8 A0 3: [0] { 1531 10 02 1: INTEGER 2 1532 : } 1533 13 02 2: INTEGER 210 1534 17 30 9: SEQUENCE { 1535 19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 1536 : (ANSI X9.57 algorithm) 1537 : } 1538 28 30 18: SEQUENCE { 1539 30 31 16: SET { 1540 32 30 14: SEQUENCE { 1541 34 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 1542 : (X.520 id-at (2 5 4)) 1543 39 13 7: PrintableString 'CarlDSS' 1544 : } 1545 : } 1546 : } 1547 48 30 30: SEQUENCE { 1548 50 17 13: UTCTime '990817020810Z' 1549 65 17 13: UTCTime '391231235959Z' 1550 : } 1551 80 30 19: SEQUENCE { 1552 82 31 17: SET { 1553 84 30 15: SEQUENCE { 1554 86 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 1555 : (X.520 id-at (2 5 4)) 1556 91 13 8: PrintableString 'DianeDSS' 1557 : } 1558 : } 1559 : } 1560 101 30 147: SEQUENCE { 1561 104 30 9: SEQUENCE { 1562 106 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) 1563 : (ANSI X9.57 algorithm) 1564 : } 1565 115 03 133: BIT STRING 0 unused bits, encapsulates { 1566 119 02 129: INTEGER 1567 : 00 A0 00 17 78 2C EE 7E 81 53 2E 2E 61 08 0F A1 1568 : 9B 51 52 1A DA 59 A8 73 2F 12 25 B6 08 CB CA EF 1569 : 2A 44 76 8A 52 09 EA BD 05 22 D5 0F F6 FD 46 D7 1570 : AF 99 38 09 0E 13 CB 4F 2C DD 1C 34 F7 1C BF 25 1571 : FF 23 D3 3B 59 E7 82 97 37 BE 31 24 D8 18 C8 F3 1572 : 49 39 5B B7 E2 E5 27 7E FC 8C 45 72 5B 7E 3E 8F 1573 : 68 4D DD 46 7A 22 BE 8E FF CC DA 39 29 A3 39 E5 1574 : 9F 43 E9 55 C9 D7 5B A6 81 67 CC C0 AA CD 2E C5 1575 : 23 1576 : } 1577 : } 1578 251 A3 131: [3] { 1579 254 30 128: SEQUENCE { 1580 257 30 32: SEQUENCE { 1581 259 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) 1582 : (X.509 id-ce (2 5 29)) 1583 264 04 25: OCTET STRING, encapsulates { 1584 266 30 23: SEQUENCE { 1585 268 81 21: [1] 'dianeDss@examples.com' 1586 : } 1587 : } 1588 : } 1589 291 30 12: SEQUENCE { 1590 293 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 1591 : (X.509 id-ce (2 5 29)) 1592 298 01 1: BOOLEAN TRUE 1593 301 04 2: OCTET STRING, encapsulates { 1594 303 30 0: SEQUENCE {} 1595 : } 1596 : } 1597 305 30 14: SEQUENCE { 1598 307 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 1599 : (X.509 id-ce (2 5 29)) 1600 312 01 1: BOOLEAN TRUE 1601 315 04 4: OCTET STRING, encapsulates { 1602 317 03 2: BIT STRING 6 unused bits 1603 : '11'B 1604 : } 1605 : } 1606 321 30 31: SEQUENCE { 1607 323 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35) 1608 : (X.509 id-ce (2 5 29)) 1609 328 04 24: OCTET STRING, encapsulates { 1610 330 30 22: SEQUENCE { 1611 332 80 20: [0] 1612 : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43 1613 : 2B 93 F1 1F 1614 : } 1615 : } 1616 : } 1617 354 30 29: SEQUENCE { 1618 356 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 1619 : (X.509 id-ce (2 5 29)) 1620 361 04 22: OCTET STRING 1621 : 04 14 64 30 99 7D 5C DC 45 0B 99 3A 52 2F 16 BF 1622 : 58 50 DD CE 2B 18 1623 : } 1624 : } 1625 : } 1626 : } 1627 385 30 9: SEQUENCE { 1628 387 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 1629 : (ANSI X9.57 algorithm) 1630 : } 1631 396 03 48: BIT STRING 0 unused bits, encapsulates { 1632 399 30 45: SEQUENCE { 1633 401 02 20: INTEGER 1634 : 7E 0C 0C 81 17 B4 9A 54 B2 C3 30 EB 8A C4 3C C2 1635 : 52 36 9E 95 1636 423 02 21: INTEGER 1637 : 00 C6 9F 17 C2 71 4B AC 2E 39 8D 3D 10 1F 9A B3 1638 : 4D B6 F9 11 A3 1639 : } 1640 : } 1641 : } 1643 DianeRSASignEncryptByCarl = 1644 0 30 522: SEQUENCE { 1645 4 30 371: SEQUENCE { 1646 8 A0 3: [0] { 1647 10 02 1: INTEGER 2 1648 : } 1649 13 02 16: INTEGER 1650 : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E D5 9A 30 90 1651 31 30 13: SEQUENCE { 1652 33 06 9: OBJECT IDENTIFIER 1653 : sha1withRSAEncryption (1 2 840 113549 1 1 5) 1654 : (PKCS #1) 1655 44 05 0: NULL 1656 : } 1657 46 30 18: SEQUENCE { 1658 48 31 16: SET { 1659 50 30 14: SEQUENCE { 1660 52 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 1661 : (X.520 id-at (2 5 4)) 1662 57 13 7: PrintableString 'CarlRSA' 1663 : } 1664 : } 1665 : } 1666 66 30 30: SEQUENCE { 1667 68 17 13: UTCTime '990819070000Z' 1668 83 17 13: UTCTime '391231235959Z' 1669 : } 1670 98 30 19: SEQUENCE { 1671 100 31 17: SET { 1672 102 30 15: SEQUENCE { 1673 104 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 1674 : (X.520 id-at (2 5 4)) 1675 109 13 8: PrintableString 'DianeRSA' 1676 : } 1677 : } 1678 : } 1679 119 30 159: SEQUENCE { 1680 122 30 13: SEQUENCE { 1681 124 06 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1) 1682 : (PKCS #1) 1683 135 05 0: NULL 1684 : } 1685 137 03 141: BIT STRING 0 unused bits, encapsulates { 1686 141 30 137: SEQUENCE { 1687 144 02 129: INTEGER 1688 : 00 D6 FD B8 C0 70 C6 4C 25 EC EA CF EA 7C BB A2 1689 : 62 FA F0 E6 32 3A 53 FF B1 92 5A 17 F4 20 E1 99 1690 : 24 82 0A D0 F6 7C FB 44 CA 8B 27 06 F1 7E 26 03 1691 : A9 76 9D CF EC A0 2C 70 96 F2 83 42 F6 D4 B7 28 1692 : 0A BB F8 BF 4A 4C 19 3F 07 DB A0 C1 60 1E B7 7E 1693 : 67 F7 DE B1 C3 60 49 AC 45 D7 F8 C6 EF 08 37 21 1694 : 93 47 EE F0 73 35 72 B0 02 C4 F3 11 C3 5E 47 E5 1695 : 0A B7 83 F1 DB 74 69 64 8B 44 1D 95 5D CD 28 C0 1696 : 85 1697 276 02 3: INTEGER 65537 1698 : } 1699 : } 1700 : } 1701 281 A3 96: [3] { 1702 283 30 94: SEQUENCE { 1703 285 30 12: SEQUENCE { 1704 287 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 1705 : (X.509 id-ce (2 5 29)) 1706 292 01 1: BOOLEAN TRUE 1707 295 04 2: OCTET STRING, encapsulates { 1708 297 30 0: SEQUENCE {} 1709 : } 1710 : } 1711 299 30 14: SEQUENCE { 1712 301 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 1713 : (X.509 id-ce (2 5 29)) 1714 306 01 1: BOOLEAN TRUE 1715 309 04 4: OCTET STRING, encapsulates { 1716 311 03 2: BIT STRING 5 unused bits 1717 : '111'B 1718 : } 1719 : } 1720 315 30 31: SEQUENCE { 1721 317 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35) 1722 : (X.509 id-ce (2 5 29)) 1723 322 04 24: OCTET STRING, encapsulates { 1724 324 30 22: SEQUENCE { 1725 326 80 20: [0] 1726 : E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 4E 22 1727 : AE 9E 38 BB 1728 : } 1729 : } 1730 : } 1731 348 30 29: SEQUENCE { 1732 350 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 1733 : (X.509 id-ce (2 5 29)) 1734 355 04 22: OCTET STRING 1735 : 04 14 8C F3 CB 75 0E 8D 31 F6 D4 29 DA 44 92 75 1736 : B8 FE ED 4F 39 0C 1737 : } 1738 : } 1739 : } 1740 : } 1741 379 30 13: SEQUENCE { 1742 381 06 9: OBJECT IDENTIFIER 1743 : sha1withRSAEncryption (1 2 840 113549 1 1 5) 1744 : (PKCS #1) 1745 392 05 0: NULL 1746 : } 1747 394 03 129: BIT STRING 0 unused bits 1748 : 1D B3 51 B1 99 96 F0 44 A8 EB 14 EA FC C2 DF B8 1749 : 33 4B 02 3C 41 DF E3 53 7F EA 34 7F FC D5 11 0D 1750 : 00 04 88 B8 ED BC 23 45 03 6E F1 53 B2 C0 3B 19 1751 : 62 DC DC E1 8A FE A7 FC A5 D7 97 DB 25 7C F3 30 1752 : C5 63 A7 38 4A AB 25 21 24 80 C7 D8 78 82 8C 53 1753 : EA 3E 2F 63 10 66 D3 27 55 9A DC EF 35 5E F6 23 1754 : 71 E6 FF 78 7B A9 4F 7B 7F 2E B9 C4 42 73 57 4F 1755 : AA F8 04 B4 0D C7 53 88 C4 F0 92 28 33 44 50 A1 1756 : } 1758 EricaDHEncryptByCarl = 1759 0 30 745: SEQUENCE { 1760 4 30 680: SEQUENCE { 1761 8 A0 3: [0] { 1762 10 02 1: INTEGER 2 1763 : } 1764 13 02 2: INTEGER 212 1765 17 30 9: SEQUENCE { 1766 19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 1767 : (ANSI X9.57 algorithm) 1768 : } 1769 28 30 18: SEQUENCE { 1770 30 31 16: SET { 1771 32 30 14: SEQUENCE { 1772 34 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 1773 : (X.520 id-at (2 5 4)) 1774 39 13 7: PrintableString 'CarlDSS' 1775 : } 1776 : } 1777 : } 1778 48 30 30: SEQUENCE { 1779 50 17 13: UTCTime '990817021716Z' 1780 65 17 13: UTCTime '391231235959Z' 1781 : } 1782 80 30 18: SEQUENCE { 1783 82 31 16: SET { 1784 84 30 14: SEQUENCE { 1785 86 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 1786 : (X.520 id-at (2 5 4)) 1787 91 13 7: PrintableString 'EricaDH' 1788 : } 1789 : } 1790 : } 1791 100 30 452: SEQUENCE { 1792 104 30 312: SEQUENCE { 1793 108 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1) 1794 : (ANSI X9.42 number-type) 1795 117 30 299: SEQUENCE { 1796 121 02 129: INTEGER 1797 : 00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB 23 4D DF 2B 1798 : 25 C1 68 D2 9E A9 45 5B 36 F1 94 89 1A AF 7D 11 1799 : 24 9D 3D B9 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB 1800 : AA CC 9E 28 05 95 A0 B3 17 76 C1 F7 25 35 61 02 1801 : 41 92 27 0C 5E AE 48 E5 F3 6E 38 EF 91 D1 CF 37 1802 : FE 9A 40 97 C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA 1803 : 74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8 7E BC 3A AA 1804 : 43 0A 81 64 FC 63 F0 7B 71 98 FA C0 38 79 10 1A 1805 : 33 1806 253 02 129: INTEGER 1807 : 00 BA 0B D7 74 3D E7 34 E5 4C 13 A7 95 96 BB F1 1808 : E4 61 37 08 FB 12 C7 FB 9C 91 77 06 99 35 F0 48 1809 : 24 96 33 12 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5 1810 : 5E 95 86 A2 73 C5 49 46 37 79 60 FD 77 05 09 48 1811 : 9B 70 8D 3C 05 F6 CE 44 2C 7F 7D 1B 2B 15 DD F3 1812 : 05 2F BE 85 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D 1813 : 42 62 34 27 27 81 8E 6F 0F 5E 62 85 89 CC ED 21 1814 : C3 91 70 06 54 EE 70 A8 92 55 5B 6E 19 22 4D 62 1815 : A7 1816 385 02 33: INTEGER 1817 : 00 C3 AB 4A 30 79 B3 D3 97 4E CA F5 A2 7D C7 70 1818 : A3 45 F3 B3 A2 86 05 D2 3E 49 F9 9F D9 0A B3 BE 1819 : BD 1820 : } 1821 : } 1822 420 03 133: BIT STRING 0 unused bits, encapsulates { 1823 424 02 129: INTEGER 1824 : 00 D1 2B E4 1D 3E BA 18 CF 75 20 C6 C7 5E C3 C4 1825 : 6C EA F3 23 D9 09 1F 46 98 F4 CE 59 B9 B6 CE E8 1826 : 3A C6 18 F8 59 77 1B 99 B0 DA DC C0 9D 09 E4 AF 1827 : F9 61 91 2C 47 CC 47 5E DF 2B 33 76 F3 67 EC 77 1828 : E8 2C 37 30 A1 89 5D F3 C8 F6 5C 16 4A E4 B7 8C 1829 : F5 7B D5 38 FD 14 AC E8 7A C2 7D EE 07 90 27 0A 1830 : 7C 87 A8 A2 E2 70 35 EA 6E DE 9E 50 31 6B E9 09 1831 : DA 25 1A 01 8E E3 FF 26 1C 75 F5 C3 CE 5A F5 9E 1832 : 85 1833 : } 1834 : } 1835 556 A3 129: [3] { 1836 559 30 127: SEQUENCE { 1837 561 30 31: SEQUENCE { 1838 563 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) 1839 : (X.509 id-ce (2 5 29)) 1840 568 04 24: OCTET STRING, encapsulates { 1841 570 30 22: SEQUENCE { 1842 572 81 20: [1] 'ericaDh@examples.com' 1843 : } 1844 : } 1845 : } 1846 594 30 12: SEQUENCE { 1847 596 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 1848 : (X.509 id-ce (2 5 29)) 1849 601 01 1: BOOLEAN TRUE 1850 604 04 2: OCTET STRING, encapsulates { 1851 606 30 0: SEQUENCE {} 1852 : } 1853 : } 1854 608 30 14: SEQUENCE { 1855 610 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 1856 : (X.509 id-ce (2 5 29)) 1857 615 01 1: BOOLEAN TRUE 1858 618 04 4: OCTET STRING, encapsulates { 1859 620 03 2: BIT STRING 3 unused bits 1860 : '10000'B 1861 : } 1862 : } 1863 624 30 31: SEQUENCE { 1864 626 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35) 1865 : (X.509 id-ce (2 5 29)) 1866 631 04 24: OCTET STRING, encapsulates { 1867 633 30 22: SEQUENCE { 1868 635 80 20: [0] 1869 : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43 1870 : 2B 93 F1 1F 1871 : } 1872 : } 1873 : } 1874 657 30 29: SEQUENCE { 1875 659 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) 1876 : (X.509 id-ce (2 5 29)) 1877 664 04 22: OCTET STRING 1878 : 04 14 8D 53 1D 61 55 7F 60 35 6D A6 36 A2 C5 93 1879 : F8 9A FD C0 75 74 1880 : } 1881 : } 1882 : } 1883 : } 1884 688 30 9: SEQUENCE { 1885 690 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 1886 : (ANSI X9.57 algorithm) 1887 : } 1888 699 03 48: BIT STRING 0 unused bits, encapsulates { 1889 702 30 45: SEQUENCE { 1890 704 02 20: INTEGER 1891 : 3E 51 42 08 E3 52 2E AA BB 8F BD 18 38 71 CB 98 1892 : 83 BE 47 9E 1893 726 02 21: INTEGER 1894 : 00 B4 B3 15 85 99 11 06 40 1F 40 59 8D D4 1B 2D 1895 : CD 81 F1 E8 68 1896 : } 1897 : } 1898 : } 1900 3.4 CRLs 1902 CarlCRL is a CRL from Carl that contains three revocations. 1904 CarlDSSCRLForAll = 1905 0 30 216: SEQUENCE { 1906 3 30 153: SEQUENCE { 1907 6 30 9: SEQUENCE { 1908 8 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 1909 : (ANSI X9.57 algorithm) 1910 : } 1911 17 30 18: SEQUENCE { 1912 19 31 16: SET { 1913 21 30 14: SEQUENCE { 1914 23 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 1915 : (X.520 id-at (2 5 4)) 1916 28 13 7: PrintableString 'CarlDSS' 1917 : } 1918 : } 1919 : } 1920 37 17 13: UTCTime '990827070000Z' 1921 52 30 105: SEQUENCE { 1922 54 30 19: SEQUENCE { 1923 56 02 2: INTEGER 200 1924 60 17 13: UTCTime '990822070000Z' 1925 : } 1926 75 30 19: SEQUENCE { 1927 77 02 2: INTEGER 201 1928 81 17 13: UTCTime '990822070000Z' 1929 : } 1930 96 30 19: SEQUENCE { 1931 98 02 2: INTEGER 211 1932 102 17 13: UTCTime '990822070000Z' 1933 : } 1934 117 30 19: SEQUENCE { 1935 119 02 2: INTEGER 210 1936 123 17 13: UTCTime '990822070000Z' 1937 : } 1938 138 30 19: SEQUENCE { 1939 140 02 2: INTEGER 212 1940 144 17 13: UTCTime '990824070000Z' 1941 : } 1942 : } 1943 : } 1944 159 30 9: SEQUENCE { 1945 161 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 1946 : (ANSI X9.57 algorithm) 1947 : } 1948 170 03 47: BIT STRING 0 unused bits, encapsulates { 1949 173 30 44: SEQUENCE { 1950 175 02 20: INTEGER 1951 : 7E 65 52 76 33 FE 34 73 17 D1 F7 96 F9 A0 D4 D8 1952 : 6D 5C 7D 3D 1953 197 02 20: INTEGER 1954 : 02 7A 5B B7 D5 5B 18 C1 CF 87 EF 7E DA 24 F3 2A 1955 : 83 9C 35 A1 1956 : } 1957 : } 1958 : } 1960 CarlDSSCRLForCarl = 1961 0 30 131: SEQUENCE { 1962 3 30 68: SEQUENCE { 1963 5 30 9: SEQUENCE { 1964 7 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 1965 : (ANSI X9.57 algorithm) 1966 : } 1967 16 30 18: SEQUENCE { 1968 18 31 16: SET { 1969 20 30 14: SEQUENCE { 1970 22 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 1971 : (X.520 id-at (2 5 4)) 1972 27 13 7: PrintableString 'CarlDSS' 1973 : } 1974 : } 1975 : } 1976 36 17 13: UTCTime '990825070000Z' 1977 51 30 20: SEQUENCE { 1978 53 30 18: SEQUENCE { 1979 55 02 1: INTEGER 1 1980 58 17 13: UTCTime '990822070000Z' 1981 : } 1982 : } 1983 : } 1984 73 30 9: SEQUENCE { 1985 75 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 1986 : (ANSI X9.57 algorithm) 1987 : } 1988 84 03 48: BIT STRING 0 unused bits, encapsulates { 1989 87 30 45: SEQUENCE { 1990 89 02 21: INTEGER 1991 : 00 B3 1F C5 4F 7A 3D EC 76 D5 60 F9 DE 79 22 EC 1992 : 4F B0 90 FE 97 1993 112 02 20: INTEGER 1994 : 5A 8B C3 84 BC 66 87 1B BF 79 82 5B 0A 5D 07 F6 1995 : BA A9 05 29 1996 : } 1997 : } 1998 : } 2000 CarlDSSCRLEmpty = 2001 0 30 109: SEQUENCE { 2002 2 30 46: SEQUENCE { 2003 4 30 9: SEQUENCE { 2004 6 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 2005 : (ANSI X9.57 algorithm) 2006 : } 2007 15 30 18: SEQUENCE { 2008 17 31 16: SET { 2009 19 30 14: SEQUENCE { 2010 21 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2011 : (X.520 id-at (2 5 4)) 2012 26 13 7: PrintableString 'CarlDSS' 2013 : } 2014 : } 2015 : } 2016 35 17 13: UTCTime '990820070000Z' 2017 : } 2018 50 30 9: SEQUENCE { 2019 52 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 2020 : (ANSI X9.57 algorithm) 2021 : } 2022 61 03 48: BIT STRING 0 unused bits, encapsulates { 2023 64 30 45: SEQUENCE { 2024 66 02 20: INTEGER 2025 : 62 3F 36 17 31 58 2E 67 50 79 F5 09 4B 8C AD D4 2026 : 6B F4 64 9F 2027 88 02 21: INTEGER 2028 : 00 B5 3B 4E A1 4C 7B FD 0F C3 8D 9B B6 FE C3 5D 2029 : 6F DE 65 28 7D 2030 : } 2031 : } 2032 : } 2034 CarlRSACRLForAll = 2035 0 30 307: SEQUENCE { 2036 4 30 157: SEQUENCE { 2037 7 30 13: SEQUENCE { 2038 9 06 9: OBJECT IDENTIFIER 2039 : md5withRSAEncryption (1 2 840 113549 1 1 4) 2040 : (PKCS #1) 2041 20 05 0: NULL 2042 : } 2043 22 30 18: SEQUENCE { 2044 24 31 16: SET { 2045 26 30 14: SEQUENCE { 2046 28 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2047 : (X.520 id-at (2 5 4)) 2048 33 13 7: PrintableString 'CarlRSA' 2049 : } 2050 : } 2051 : } 2052 42 17 13: UTCTime '990827070000Z' 2053 57 30 105: SEQUENCE { 2054 59 30 33: SEQUENCE { 2055 61 02 16: INTEGER 2056 : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0 2057 79 17 13: UTCTime '990822070000Z' 2058 : } 2059 94 30 33: SEQUENCE { 2060 96 02 16: INTEGER 2061 : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E D5 9A 30 90 2062 114 17 13: UTCTime '990822070000Z' 2063 : } 2064 129 30 33: SEQUENCE { 2065 131 02 16: INTEGER 2066 : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0 2067 149 17 13: UTCTime '990824070000Z' 2068 : } 2069 : } 2070 : } 2071 164 30 13: SEQUENCE { 2072 166 06 9: OBJECT IDENTIFIER md5withRSAEncryption (1 2 840 113549 1 1 4) 2073 : (PKCS #1) 2074 177 05 0: NULL 2075 : } 2076 179 03 129: BIT STRING 0 unused bits 2077 : BF B3 97 AA 53 F0 32 21 16 2B 77 92 7A 6B BB 97 2078 : C8 DC EA F1 FA 66 16 30 0E B5 9E 5C F0 81 D4 5E 2079 : B3 6E C1 88 6B 8C D4 5E C5 4D FB 47 5E 66 F3 5D 2080 : AB E5 B4 18 36 60 A8 4D 9C 3C 89 EC 6F 27 BF 35 2081 : 50 71 81 C2 B9 44 5B 62 89 19 12 31 A9 7B 9A D3 2082 : CC 66 CB 11 D9 0B 10 47 77 AD 4F 22 D9 E5 7F 30 2083 : F2 5B FC 94 51 A5 58 76 3B 1F A8 46 A6 1F F6 A1 2084 : DE 55 A1 ED 31 88 69 97 0F 08 D3 D4 0C 60 5B 1E 2085 : } 2087 CarlRSACRLForCarl = 2088 0 30 236: SEQUENCE { 2089 3 30 87: SEQUENCE { 2090 5 30 13: SEQUENCE { 2091 7 06 9: OBJECT IDENTIFIER 2092 : md5withRSAEncryption (1 2 840 113549 1 1 4) 2093 : (PKCS #1) 2094 18 05 0: NULL 2095 : } 2096 20 30 18: SEQUENCE { 2097 22 31 16: SET { 2098 24 30 14: SEQUENCE { 2099 26 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2100 : (X.520 id-at (2 5 4)) 2101 31 13 7: PrintableString 'CarlRSA' 2102 : } 2103 : } 2104 : } 2105 40 17 13: UTCTime '990825070000Z' 2106 55 30 35: SEQUENCE { 2107 57 30 33: SEQUENCE { 2108 59 02 16: INTEGER 2109 : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E 9F F2 50 20 2110 77 17 13: UTCTime '990822070000Z' 2111 : } 2112 : } 2113 : } 2114 92 30 13: SEQUENCE { 2115 94 06 9: OBJECT IDENTIFIER md5withRSAEncryption (1 2 840 113549 1 1 4) 2116 : (PKCS #1) 2117 105 05 0: NULL 2118 : } 2119 107 03 129: BIT STRING 0 unused bits 2120 : 21 EF 21 D4 C1 1A 85 95 49 6B CA 45 62 DC D7 09 2121 : FF A9 51 2E 8E D9 47 18 FA F8 E5 72 DD 4F ED 74 2122 : 74 E3 F3 65 32 65 28 2C 9A 1D 57 E5 D5 26 06 EA 2123 : D5 E6 23 95 84 8D 0E 89 9E EE 9B 0C 2F CE 07 F7 2124 : A3 D1 6B 85 4C 0F FF E6 DD FC DC CD 73 2C 1E 7D 2125 : DC B0 71 C5 4C FC 01 6E 52 57 69 1E 39 63 DF 12 2126 : 22 30 C7 13 55 94 05 6E 2A 00 A9 5B C4 2A 66 94 2127 : 62 CE 36 33 C2 2B 63 47 25 9D F3 DE 70 EE 00 56 2128 : } 2130 CarlRSACRLEmpty = 2131 0 30 199: SEQUENCE { 2132 3 30 50: SEQUENCE { 2133 5 30 13: SEQUENCE { 2134 7 06 9: OBJECT IDENTIFIER 2135 : md5withRSAEncryption (1 2 840 113549 1 1 4) 2136 : (PKCS #1) 2137 18 05 0: NULL 2138 : } 2139 20 30 18: SEQUENCE { 2140 22 31 16: SET { 2141 24 30 14: SEQUENCE { 2142 26 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2143 : (X.520 id-at (2 5 4)) 2144 31 13 7: PrintableString 'CarlRSA' 2145 : } 2146 : } 2147 : } 2148 40 17 13: UTCTime '990820070000Z' 2149 : } 2150 55 30 13: SEQUENCE { 2151 57 06 9: OBJECT IDENTIFIER md5withRSAEncryption (1 2 840 113549 1 1 4) 2152 : (PKCS #1) 2153 68 05 0: NULL 2154 : } 2155 70 03 129: BIT STRING 0 unused bits 2156 : A9 C5 21 B8 13 7C 74 F3 B5 11 EC 04 F3 20 45 86 2157 : 1E 0B 6E 7F 83 6D 5F F4 34 76 06 59 25 0E 04 3D 2158 : 88 09 88 81 37 C4 DC 20 98 FA 17 81 0B 37 94 AC 2159 : B4 8F 7B 51 89 14 A4 CB 72 73 14 07 BC 22 9C 40 2160 : A1 07 FC 44 7C 85 0F 0B 88 D1 EE E1 0E AF F6 16 2161 : 74 AD A1 AF C1 00 75 00 64 EA A5 9A F6 0B 08 A2 2162 : DB 95 19 5F A6 A7 B9 39 45 25 0A 0E F6 5E 84 E7 2163 : F8 B9 5A C9 18 C2 0E B8 A0 96 BE 81 3A 80 6D C9 2164 : } 2166 4. Trivial Examples 2168 This section covers examples of small CMS types. 2170 4.1 ContentInfo with Data type, BER 2172 The object is a ContentInfo containing a Data object in BER format that is 2173 ExContent. 2175 0 30 NDEF: SEQUENCE { 2176 2 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 2177 : (PKCS #7) 2178 13 A0 NDEF: [0] { 2179 15 24 NDEF: OCTET STRING { 2180 17 04 4: OCTET STRING 2181 : 54 68 69 73 2182 23 04 24: OCTET STRING 2183 : 20 69 73 20 73 6F 6D 65 20 73 61 6D 70 6C 65 20 2184 : 63 6F 6E 74 65 6E 74 2E 2185 : } 2186 : } 2187 : } 2189 4.2 ContentInfo with Data type, DER 2191 The object is a ContentInfo containing a Data object in DER format that is 2192 ExContent. 2194 0 30 43: SEQUENCE { 2195 2 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 2196 : (PKCS #7) 2197 13 A0 30: [0] { 2198 15 04 28: OCTET STRING 2199 : 54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D 2200 : 70 6C 65 20 63 6F 6E 74 65 6E 74 2E 2201 : } 2202 : } 2204 5. Signed-data 2206 5.1 Basic signed content, DSS 2208 A SignedData with no attribute certificates, signed by Alice using 2209 DH-DSS, just her certificate (not Carl's root cert), no CRL. The 2210 message is ExContent, and is included in the eContent. There are no 2211 signed or unsigned attributes. 2213 0 30 927: SEQUENCE { 2214 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 2215 : (PKCS #7) 2216 15 A0 912: [0] { 2217 19 30 908: SEQUENCE { 2218 23 02 1: INTEGER 1 2219 26 31 11: SET { 2220 28 30 9: SEQUENCE { 2221 30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) 2222 : (OIW) 2223 37 05 0: NULL 2224 : } 2225 : } 2226 39 30 43: SEQUENCE { 2227 41 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 2228 : (PKCS #7) 2229 52 A0 30: [0] { 2230 54 04 28: OCTET STRING 2231 : 54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D 2232 : 70 6C 65 20 63 6F 6E 74 65 6E 74 2E 2233 : } 2234 : } 2235 84 A0 738: [0] { 2236 88 30 734: SEQUENCE { 2237 92 30 669: SEQUENCE { 2238 96 A0 3: [0] { 2239 98 02 1: INTEGER 2 2240 : } 2241 101 02 2: INTEGER 200 2242 105 30 9: SEQUENCE { 2243 107 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 2244 : (ANSI X9.57 algorithm) 2245 : } 2246 116 30 18: SEQUENCE { 2247 118 31 16: SET { 2248 120 30 14: SEQUENCE { 2249 122 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2250 : (X.520 id-at (2 5 4)) 2251 127 13 7: PrintableString 'CarlDSS' 2252 : } 2253 : } 2254 : } 2255 136 30 30: SEQUENCE { 2256 138 17 13: UTCTime '990817011049Z' 2257 153 17 13: UTCTime '391231235959Z' 2258 : } 2259 168 30 19: SEQUENCE { 2260 170 31 17: SET { 2261 172 30 15: SEQUENCE { 2262 174 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2263 : (X.520 id-at (2 5 4)) 2264 179 13 8: PrintableString 'AliceDSS' 2265 : } 2266 : } 2267 : } 2268 189 30 438: SEQUENCE { 2269 193 30 299: SEQUENCE { 2270 197 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) 2271 : (ANSI X9.57 algorithm) 2272 206 30 286: SEQUENCE { 2273 210 02 129: INTEGER 2274 : 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4 2275 : 47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94 2276 : E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89 2277 : 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A 2278 : E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F 2279 : 2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3 2280 : C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D 2281 : B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B 2282 : DB 2283 342 02 21: INTEGER 2284 : 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B 2285 : 62 8B F7 93 CD 2286 365 02 128: INTEGER 2287 : 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C 2288 : 76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD 2289 : 9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF 2290 : 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D 2291 : EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23 2292 : 85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8 2293 : 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2 2294 : BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39 2295 : } 2296 : } 2297 496 03 132: BIT STRING 0 unused bits, encapsulates { 2298 500 02 128: INTEGER 2299 : 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 3F A9 EC AC 2300 : 5E DC BD B7 13 11 34 A6 16 89 28 11 23 D9 34 86 2301 : 67 75 75 13 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 2302 : 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 A5 A0 4A E3 2303 : 85 D6 CE 06 80 3F E8 23 7E 1A F2 24 AB 53 1A B8 2304 : 27 0D 1E EF 08 BF 66 14 80 5C 62 AC 65 FA 15 8B 2305 : F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 32 84 F0 7E 2306 : 41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2 83 E5 B8 2307 : } 2308 : } 2309 631 A3 131: [3] { 2310 634 30 128: SEQUENCE { 2311 637 30 32: SEQUENCE { 2312 639 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) 2313 : (X.509 id-ce (2 5 29)) 2314 644 04 25: OCTET STRING, encapsulates { 2315 646 30 23: SEQUENCE { 2316 648 81 21: [1] 'aliceDss@examples.com' 2317 : } 2318 : } 2319 : } 2320 671 30 12: SEQUENCE { 2321 673 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 2322 : (X.509 id-ce (2 5 29)) 2323 678 01 1: BOOLEAN TRUE 2324 681 04 2: OCTET STRING, encapsulates { 2325 683 30 0: SEQUENCE {} 2326 : } 2327 : } 2328 685 30 14: SEQUENCE { 2329 687 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 2330 : (X.509 id-ce (2 5 29)) 2331 692 01 1: BOOLEAN TRUE 2332 695 04 4: OCTET STRING, encapsulates { 2333 697 03 2: BIT STRING 6 unused bits 2334 : '11'B 2335 : } 2336 : } 2337 701 30 31: SEQUENCE { 2338 703 06 3: OBJECT IDENTIFIER 2339 : authorityKeyIdentifier (2 5 29 35) 2340 : (X.509 id-ce (2 5 29)) 2341 708 04 24: OCTET STRING, encapsulates { 2342 710 30 22: SEQUENCE { 2343 712 80 20: [0] 2344 : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43 2345 : 2B 93 F1 1F 2346 : } 2347 : } 2348 : } 2349 734 30 29: SEQUENCE { 2350 736 06 3: OBJECT IDENTIFIER 2351 : subjectKeyIdentifier (2 5 29 14) 2352 : (X.509 id-ce (2 5 29)) 2353 741 04 22: OCTET STRING 2354 : 04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01 2355 : E2 FD E3 97 FE CD 2356 : } 2357 : } 2358 : } 2359 : } 2360 765 30 9: SEQUENCE { 2361 767 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 2362 : (ANSI X9.57 algorithm) 2363 : } 2364 776 03 48: BIT STRING 0 unused bits, encapsulates { 2365 779 30 45: SEQUENCE { 2366 781 02 21: INTEGER 2367 : 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A 8F C0 F8 24 2368 : 05 E8 46 94 8E 2369 804 02 20: INTEGER 2370 : 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9 A1 87 C1 A5 2371 : 7F 28 2D BB 2372 : } 2373 : } 2374 : } 2375 : } 2376 826 31 103: SET { 2377 828 30 101: SEQUENCE { 2378 830 02 1: INTEGER 1 2379 833 30 24: SEQUENCE { 2380 835 30 18: SEQUENCE { 2381 837 31 16: SET { 2382 839 30 14: SEQUENCE { 2383 841 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2384 : (X.520 id-at (2 5 4)) 2385 846 13 7: PrintableString 'CarlDSS' 2386 : } 2387 : } 2388 : } 2389 855 02 2: INTEGER 200 2390 : } 2391 859 30 9: SEQUENCE { 2392 861 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) 2393 : (OIW) 2394 868 05 0: NULL 2395 : } 2396 870 30 9: SEQUENCE { 2397 872 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 2398 : (ANSI X9.57 algorithm) 2399 : } 2400 881 04 48: OCTET STRING, encapsulates { 2401 883 30 45: SEQUENCE { 2402 885 02 20: INTEGER 2403 : 08 D0 45 7D 63 E1 39 EC 62 B0 30 C2 29 AD 42 EA 2404 : 96 4F 91 86 2405 907 02 21: INTEGER 2406 : 00 A6 86 EE 8A 7A 05 A7 E0 07 E6 F9 88 BF 93 FB 2407 : 96 4D 76 D3 92 2408 : } 2409 : } 2410 : } 2411 : } 2412 : } 2413 : } 2414 : } 2415 : } 2417 5.2 Basic signed content, RSA 2419 Same as 5.1, except using RSA signatures. A SignedData with no 2420 attribute certificates, signed by Alice using RSA, just her certificate 2421 (not Carl's root cert), no CRL. The message is ExContent, and is 2422 included in the eContent. There are no signed or unsigned attributes. 2424 0 30 816: SEQUENCE { 2425 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 2426 : (PKCS #7) 2427 15 A0 801: [0] { 2428 19 30 797: SEQUENCE { 2429 23 02 1: INTEGER 1 2430 26 31 11: SET { 2431 28 30 9: SEQUENCE { 2432 30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) 2433 : (OIW) 2434 37 05 0: NULL 2435 : } 2436 : } 2437 39 30 43: SEQUENCE { 2438 41 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 2439 : (PKCS #7) 2440 52 A0 30: [0] { 2441 54 04 28: OCTET STRING 2442 : 54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D 2443 : 70 6C 65 20 63 6F 6E 74 65 6E 74 2E 2444 : } 2445 : } 2446 84 A0 526: [0] { 2447 88 30 522: SEQUENCE { 2448 92 30 371: SEQUENCE { 2449 96 A0 3: [0] { 2450 98 02 1: INTEGER 2 2451 : } 2452 101 02 16: INTEGER 2453 : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0 2454 119 30 13: SEQUENCE { 2455 121 06 9: OBJECT IDENTIFIER 2456 : sha1withRSAEncryption (1 2 840 113549 1 1 5) 2457 : (PKCS #1) 2458 132 05 0: NULL 2459 : } 2460 134 30 18: SEQUENCE { 2461 136 31 16: SET { 2462 138 30 14: SEQUENCE { 2463 140 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2464 : (X.520 id-at (2 5 4)) 2465 145 13 7: PrintableString 'CarlRSA' 2466 : } 2467 : } 2468 : } 2469 154 30 30: SEQUENCE { 2470 156 17 13: UTCTime '990819070000Z' 2471 171 17 13: UTCTime '391231235959Z' 2472 : } 2473 186 30 19: SEQUENCE { 2474 188 31 17: SET { 2475 190 30 15: SEQUENCE { 2476 192 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2477 : (X.520 id-at (2 5 4)) 2478 197 13 8: PrintableString 'AliceRSA' 2479 : } 2480 : } 2481 : } 2482 207 30 159: SEQUENCE { 2483 210 30 13: SEQUENCE { 2484 212 06 9: OBJECT IDENTIFIER 2485 : rsaEncryption (1 2 840 113549 1 1 1) 2486 : (PKCS #1) 2487 223 05 0: NULL 2488 : } 2489 225 03 141: BIT STRING 0 unused bits, encapsulates { 2490 229 30 137: SEQUENCE { 2491 232 02 129: INTEGER 2492 : 00 E0 89 73 39 8D D8 F5 F5 E8 87 76 39 7F 4E B0 2493 : 05 BB 53 83 DE 0F B7 AB DC 7D C7 75 29 0D 05 2E 2494 : 6D 12 DF A6 86 26 D4 D2 6F AA 58 29 FC 97 EC FA 2495 : 82 51 0F 30 80 BE B1 50 9E 46 44 F1 2C BB D8 32 2496 : CF C6 68 6F 07 D9 B0 60 AC BE EE 34 09 6A 13 F5 2497 : F7 05 05 93 DF 5E BA 35 56 D9 61 FF 19 7F C9 81 2498 : E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 9F 2D FA 55 2499 : 3A B9 99 77 02 A6 48 52 8C 4E F3 57 38 57 74 57 2500 : 5F 2501 364 02 3: INTEGER 65537 2502 : } 2503 : } 2504 : } 2505 369 A3 96: [3] { 2506 371 30 94: SEQUENCE { 2507 373 30 12: SEQUENCE { 2508 375 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 2509 : (X.509 id-ce (2 5 29)) 2510 380 01 1: BOOLEAN TRUE 2511 383 04 2: OCTET STRING, encapsulates { 2512 385 30 0: SEQUENCE {} 2513 : } 2514 : } 2515 387 30 14: SEQUENCE { 2516 389 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 2517 : (X.509 id-ce (2 5 29)) 2518 394 01 1: BOOLEAN TRUE 2519 397 04 4: OCTET STRING, encapsulates { 2520 399 03 2: BIT STRING 6 unused bits 2521 : '11'B 2522 : } 2523 : } 2524 403 30 31: SEQUENCE { 2525 405 06 3: OBJECT IDENTIFIER 2526 : authorityKeyIdentifier (2 5 29 35) 2527 : (X.509 id-ce (2 5 29)) 2528 410 04 24: OCTET STRING, encapsulates { 2529 412 30 22: SEQUENCE { 2530 414 80 20: [0] 2531 : E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 4E 22 2532 : AE 9E 38 BB 2533 : } 2534 : } 2535 : } 2536 436 30 29: SEQUENCE { 2537 438 06 3: OBJECT IDENTIFIER 2538 : subjectKeyIdentifier (2 5 29 14) 2539 : (X.509 id-ce (2 5 29)) 2540 443 04 22: OCTET STRING 2541 : 04 14 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D CE EC 2542 : 3C A0 3A E3 FF 50 2543 : } 2544 : } 2545 : } 2546 : } 2547 467 30 13: SEQUENCE { 2548 469 06 9: OBJECT IDENTIFIER 2549 : sha1withRSAEncryption (1 2 840 113549 1 1 5) 2550 : (PKCS #1) 2551 480 05 0: NULL 2552 : } 2553 482 03 129: BIT STRING 0 unused bits 2554 : 52 FF B3 8B 54 1E 08 BF F3 6D 0C 12 08 7D 8E CB 2555 : 6E 59 EC 56 93 A6 4A 22 40 5F 8B 14 79 7E 83 4F 2556 : F5 3F DE 21 97 16 58 70 76 32 B2 20 51 A3 1A 1F 2557 : 97 48 80 5C 83 B0 B8 93 0B 03 44 AE BF BE A4 8C 2558 : 06 C6 45 E2 81 08 D5 89 58 0C 28 1B 2D A5 8B 1C 2559 : 4A E3 D7 44 34 D4 CB 53 FC BA A9 8B AA B6 E9 B0 2560 : C3 AB 74 F1 2A F1 B0 C6 38 EA 87 02 1E 10 BB 99 2561 : C4 BE 36 C0 08 BA 13 65 37 3E 36 F3 31 42 73 18 2562 : } 2563 : } 2564 614 31 203: SET { 2565 617 30 200: SEQUENCE { 2566 620 02 1: INTEGER 1 2567 623 30 38: SEQUENCE { 2568 625 30 18: SEQUENCE { 2569 627 31 16: SET { 2570 629 30 14: SEQUENCE { 2571 631 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2572 : (X.520 id-at (2 5 4)) 2573 636 13 7: PrintableString 'CarlRSA' 2574 : } 2575 : } 2576 : } 2577 645 02 16: INTEGER 2578 : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0 2579 : } 2580 663 30 9: SEQUENCE { 2581 665 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) 2582 : (OIW) 2583 672 05 0: NULL 2584 : } 2585 674 30 13: SEQUENCE { 2586 676 06 9: OBJECT IDENTIFIER 2587 : rsaEncryption (1 2 840 113549 1 1 1) 2588 : (PKCS #1) 2589 687 05 0: NULL 2590 : } 2591 689 04 128: OCTET STRING 2592 : 2F 23 82 D2 F3 09 5F B8 0C 58 EB 4E 9D BF 89 9A 2593 : 81 E5 75 C4 91 3D D3 D0 D5 7B B6 D5 FE 94 A1 8A 2594 : AC E3 C4 84 F5 CD 60 4E 27 95 F6 CF 00 86 76 75 2595 : 3F 2B F0 E7 D4 02 67 A7 F5 C7 8D 16 04 A5 B3 B5 2596 : E7 D9 32 F0 24 EF E7 20 44 D5 9F 07 C5 53 24 FA 2597 : CE 01 1D 0F 17 13 A7 2A 95 9D 2B E4 03 95 14 0B 2598 : E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6 55 13 D4 68 2599 : 6F D0 07 D7 A2 B1 62 4C E3 8F AF FD E0 D5 5D C7 2600 : } 2601 : } 2602 : } 2603 : } 2604 : } 2606 5.3 Basic signed content, detached content 2608 Same as 5.1, except with no eContent. A SignedData with no attribute 2609 certificates, signed by Alice using DH-DSS, just her certificate (not 2610 Carl's root cert), no CRL. The message is ExContent, but the eContent 2611 is not included. There are no signed or unsigned attributes. 2613 0 30 895: SEQUENCE { 2614 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 2615 : (PKCS #7) 2616 15 A0 880: [0] { 2617 19 30 876: SEQUENCE { 2618 23 02 1: INTEGER 1 2619 26 31 11: SET { 2620 28 30 9: SEQUENCE { 2621 30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) 2622 : (OIW) 2623 37 05 0: NULL 2624 : } 2625 : } 2626 39 30 11: SEQUENCE { 2627 41 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 2628 : (PKCS #7) 2629 : } 2630 52 A0 738: [0] { 2631 56 30 734: SEQUENCE { 2632 60 30 669: SEQUENCE { 2633 64 A0 3: [0] { 2634 66 02 1: INTEGER 2 2635 : } 2636 69 02 2: INTEGER 200 2637 73 30 9: SEQUENCE { 2638 75 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 2639 : (ANSI X9.57 algorithm) 2640 : } 2641 84 30 18: SEQUENCE { 2642 86 31 16: SET { 2643 88 30 14: SEQUENCE { 2644 90 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2645 : (X.520 id-at (2 5 4)) 2646 95 13 7: PrintableString 'CarlDSS' 2647 : } 2648 : } 2649 : } 2650 104 30 30: SEQUENCE { 2651 106 17 13: UTCTime '990817011049Z' 2652 121 17 13: UTCTime '391231235959Z' 2653 : } 2654 136 30 19: SEQUENCE { 2655 138 31 17: SET { 2656 140 30 15: SEQUENCE { 2657 142 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2658 : (X.520 id-at (2 5 4)) 2659 147 13 8: PrintableString 'AliceDSS' 2660 : } 2661 : } 2662 : } 2663 157 30 438: SEQUENCE { 2664 161 30 299: SEQUENCE { 2665 165 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) 2666 : (ANSI X9.57 algorithm) 2667 174 30 286: SEQUENCE { 2668 178 02 129: INTEGER 2669 : 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4 2670 : 47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94 2671 : E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89 2672 : 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A 2673 : E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F 2674 : 2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3 2675 : C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D 2676 : B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B 2677 : DB 2678 310 02 21: INTEGER 2679 : 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B 2680 : 62 8B F7 93 CD 2681 333 02 128: INTEGER 2682 : 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C 2683 : 76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD 2684 : 9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF 2685 : 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D 2686 : EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23 2687 : 85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8 2688 : 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2 2689 : BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39 2690 : } 2691 : } 2692 464 03 132: BIT STRING 0 unused bits, encapsulates { 2693 468 02 128: INTEGER 2694 : 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 3F A9 EC AC 2695 : 5E DC BD B7 13 11 34 A6 16 89 28 11 23 D9 34 86 2696 : 67 75 75 13 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 2697 : 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 A5 A0 4A E3 2698 : 85 D6 CE 06 80 3F E8 23 7E 1A F2 24 AB 53 1A B8 2699 : 27 0D 1E EF 08 BF 66 14 80 5C 62 AC 65 FA 15 8B 2700 : F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 32 84 F0 7E 2701 : 41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2 83 E5 B8 2702 : } 2703 : } 2704 599 A3 131: [3] { 2705 602 30 128: SEQUENCE { 2706 605 30 32: SEQUENCE { 2707 607 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) 2708 : (X.509 id-ce (2 5 29)) 2709 612 04 25: OCTET STRING, encapsulates { 2710 614 30 23: SEQUENCE { 2711 616 81 21: [1] 'aliceDss@examples.com' 2712 : } 2713 : } 2714 : } 2715 639 30 12: SEQUENCE { 2716 641 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 2717 : (X.509 id-ce (2 5 29)) 2718 646 01 1: BOOLEAN TRUE 2719 649 04 2: OCTET STRING, encapsulates { 2720 651 30 0: SEQUENCE {} 2721 : } 2722 : } 2723 653 30 14: SEQUENCE { 2724 655 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 2725 : (X.509 id-ce (2 5 29)) 2726 660 01 1: BOOLEAN TRUE 2727 663 04 4: OCTET STRING, encapsulates { 2728 665 03 2: BIT STRING 6 unused bits 2729 : '11'B 2730 : } 2731 : } 2732 669 30 31: SEQUENCE { 2733 671 06 3: OBJECT IDENTIFIER 2734 : authorityKeyIdentifier (2 5 29 35) 2735 : (X.509 id-ce (2 5 29)) 2736 676 04 24: OCTET STRING, encapsulates { 2737 678 30 22: SEQUENCE { 2738 680 80 20: [0] 2739 : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43 2740 : 2B 93 F1 1F 2741 : } 2742 : } 2743 : } 2744 702 30 29: SEQUENCE { 2745 704 06 3: OBJECT IDENTIFIER 2746 : subjectKeyIdentifier (2 5 29 14) 2747 : (X.509 id-ce (2 5 29)) 2748 709 04 22: OCTET STRING 2749 : 04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01 2750 : E2 FD E3 97 FE CD 2751 : } 2752 : } 2753 : } 2754 : } 2755 733 30 9: SEQUENCE { 2756 735 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 2757 : (ANSI X9.57 algorithm) 2758 : } 2759 744 03 48: BIT STRING 0 unused bits, encapsulates { 2760 747 30 45: SEQUENCE { 2761 749 02 21: INTEGER 2762 : 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A 8F C0 F8 24 2763 : 05 E8 46 94 8E 2764 772 02 20: INTEGER 2765 : 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9 A1 87 C1 A5 2766 : 7F 28 2D BB 2767 : } 2768 : } 2769 : } 2770 : } 2771 794 31 103: SET { 2772 796 30 101: SEQUENCE { 2773 798 02 1: INTEGER 1 2774 801 30 24: SEQUENCE { 2775 803 30 18: SEQUENCE { 2776 805 31 16: SET { 2777 807 30 14: SEQUENCE { 2778 809 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2779 : (X.520 id-at (2 5 4)) 2780 814 13 7: PrintableString 'CarlDSS' 2781 : } 2782 : } 2783 : } 2784 823 02 2: INTEGER 200 2785 : } 2786 827 30 9: SEQUENCE { 2787 829 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) 2788 : (OIW) 2789 836 05 0: NULL 2790 : } 2791 838 30 9: SEQUENCE { 2792 840 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 2793 : (ANSI X9.57 algorithm) 2794 : } 2795 849 04 48: OCTET STRING, encapsulates { 2796 851 30 44: SEQUENCE { 2797 853 02 20: INTEGER 2798 : 15 D0 DC EE FF D4 36 5B 93 0D CF 69 3D 37 45 A0 2799 : 34 9A 63 35 2800 875 02 20: INTEGER 2801 : 49 75 76 4C 33 00 0A AB 90 FD EF 9C 47 80 21 F1 2802 : 49 EA 02 15 2803 : } 2804 : } 2805 : } 2806 : } 2807 : } 2808 : } 2809 : } 2811 5.4 Fancier signed content 2813 Same as 5.1, but includes Carl's root cert, Carl's CRL, some signed and 2814 unsigned attributes (Countersignature by Diane). A SignedData with no 2815 attribute certificates, signed by Alice using DH-DSS, her certificate 2816 and Carl's root cert, Carl's DSS CRL. The message is ExContent, and is 2817 included in the eContent. The signed attributes are Content Type, 2818 Message Digest and Signing Time; the unsigned attributes are content 2819 hint and counter signature. 2821 0 30 1968: SEQUENCE { 2822 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 2823 : (PKCS #7) 2824 15 A0 1953: [0] { 2825 19 30 1949: SEQUENCE { 2826 23 02 1: INTEGER 1 2827 26 31 11: SET { 2828 28 30 9: SEQUENCE { 2829 30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) 2830 : (OIW) 2831 37 05 0: NULL 2832 : } 2833 : } 2834 39 30 43: SEQUENCE { 2835 41 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 2836 : (PKCS #7) 2837 52 A0 30: [0] { 2838 54 04 28: OCTET STRING 2839 : 54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D 2840 : 70 6C 65 20 63 6F 6E 74 65 6E 74 2E 2841 : } 2842 : } 2843 84 A0 1409: [0] { 2844 88 30 667: SEQUENCE { 2845 92 30 602: SEQUENCE { 2846 96 A0 3: [0] { 2847 98 02 1: INTEGER 2 2848 : } 2849 101 02 1: INTEGER 1 2850 104 30 9: SEQUENCE { 2851 106 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 2852 : (ANSI X9.57 algorithm) 2853 : } 2854 115 30 18: SEQUENCE { 2855 117 31 16: SET { 2856 119 30 14: SEQUENCE { 2857 121 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2858 : (X.520 id-at (2 5 4)) 2859 126 13 7: PrintableString 'CarlDSS' 2860 : } 2861 : } 2862 : } 2863 135 30 30: SEQUENCE { 2864 137 17 13: UTCTime '990816225050Z' 2865 152 17 13: UTCTime '391231235959Z' 2866 : } 2867 167 30 18: SEQUENCE { 2868 169 31 16: SET { 2869 171 30 14: SEQUENCE { 2870 173 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2871 : (X.520 id-at (2 5 4)) 2872 178 13 7: PrintableString 'CarlDSS' 2873 : } 2874 : } 2875 : } 2876 187 30 439: SEQUENCE { 2877 191 30 299: SEQUENCE { 2878 195 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) 2879 : (ANSI X9.57 algorithm) 2880 204 30 286: SEQUENCE { 2881 208 02 129: INTEGER 2882 : 00 B6 49 18 3E 8A 44 C1 29 71 94 4C 01 C4 12 C1 2883 : 7A 79 CB 54 4D AB 1E 81 FB C6 4C B3 0E 94 09 06 2884 : EB 01 D4 B1 C8 71 4B C7 45 C0 50 25 5D 9C FC DA 2885 : E4 6D D3 E2 86 48 84 82 7D BA 15 95 4A 16 F6 46 2886 : ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16 7B B9 50 01 2887 : 48 93 8B EB 25 15 51 97 55 DC 8F 53 0E 10 A9 50 2888 : FC 70 B7 CD 30 54 FD DA DE A8 AA 22 B5 A1 AF 8B 2889 : CC 02 88 E7 8B 70 5F B9 AD E1 08 D4 6D 29 2D D6 2890 : E9 2891 340 02 21: INTEGER 2892 : 00 DD C1 2F DF 53 CE 0B 34 60 77 3E 02 A4 BF 8A 2893 : 5D 98 B9 10 D5 2894 363 02 128: INTEGER 2895 : 0C EE 57 9B 4B BD DA B6 07 6A 74 37 4F 55 7F 9D 2896 : ED BC 61 0D EB 46 59 3C 56 0B 2B 5B 0C 91 CE A5 2897 : 62 52 69 CA E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C 2898 : AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 87 0B C7 CD 2899 : F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D 5A 51 F5 4F 2900 : 44 79 35 5A 73 AA 7F 46 51 1F A9 42 16 9C 48 EB 2901 : 8A 79 61 B4 D5 2F 53 22 44 63 1F 86 B8 A3 58 06 2902 : 25 F8 29 C0 EF BA E0 75 F0 42 C4 63 65 52 9B 0A 2903 : } 2904 : } 2905 494 03 133: BIT STRING 0 unused bits, encapsulates { 2906 498 02 129: INTEGER 2907 : 00 99 87 74 27 03 66 A0 B1 C0 AD DC 2C 75 BB E1 2908 : 6C 44 9C DA 21 6D 4D 47 6D B1 62 09 E9 D8 AE 1E 2909 : F2 3A B4 94 B1 A3 8E 7A 9B 71 4E 00 94 C9 B4 25 2910 : 4E B9 60 96 19 24 01 F3 62 0C FE 75 C0 FB CE D8 2911 : 68 00 E3 FD D5 70 4F DF 23 96 19 06 94 F4 B1 61 2912 : 8F 3A 57 B1 08 11 A4 0B 26 25 F0 52 76 81 EA 0B 2913 : 62 0D 95 2A E6 86 BA 72 B2 A7 50 83 0B AA 27 CD 2914 : 1B A9 4D 89 9A D7 8D 18 39 84 3F 8B C5 56 4D 80 2915 : 7A 2916 : } 2917 : } 2918 630 A3 66: [3] { 2919 632 30 64: SEQUENCE { 2920 634 30 15: SEQUENCE { 2921 636 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 2922 : (X.509 id-ce (2 5 29)) 2923 641 01 1: BOOLEAN TRUE 2924 644 04 5: OCTET STRING, encapsulates { 2925 646 30 3: SEQUENCE { 2926 648 01 1: BOOLEAN TRUE 2927 : } 2928 : } 2929 : } 2930 651 30 14: SEQUENCE { 2931 653 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 2932 : (X.509 id-ce (2 5 29)) 2933 658 01 1: BOOLEAN TRUE 2934 661 04 4: OCTET STRING, encapsulates { 2935 663 03 2: BIT STRING 1 unused bits 2936 : '1100001'B 2937 : } 2938 : } 2939 667 30 29: SEQUENCE { 2940 669 06 3: OBJECT IDENTIFIER 2941 : subjectKeyIdentifier (2 5 29 14) 2942 : (X.509 id-ce (2 5 29)) 2943 674 04 22: OCTET STRING 2944 : 04 14 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 2945 : BC 43 2B 93 F1 1F 2946 : } 2947 : } 2948 : } 2949 : } 2950 698 30 9: SEQUENCE { 2951 700 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 2952 : (ANSI X9.57 algorithm) 2953 : } 2954 709 03 48: BIT STRING 0 unused bits, encapsulates { 2955 712 30 45: SEQUENCE { 2956 714 02 20: INTEGER 2957 : 6B A9 F0 4E 7A 5A 79 E3 F9 BE 3D 2B C9 06 37 E9 2958 : 11 17 A1 13 2959 736 02 21: INTEGER 2960 : 00 8F 34 69 2A 8B B1 3C 03 79 94 32 4D 12 1F CE 2961 : 89 FB 46 B2 3B 2962 : } 2963 : } 2964 : } 2965 759 30 734: SEQUENCE { 2966 763 30 669: SEQUENCE { 2967 767 A0 3: [0] { 2968 769 02 1: INTEGER 2 2969 : } 2970 772 02 2: INTEGER 200 2971 776 30 9: SEQUENCE { 2972 778 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 2973 : (ANSI X9.57 algorithm) 2974 : } 2975 787 30 18: SEQUENCE { 2976 789 31 16: SET { 2977 791 30 14: SEQUENCE { 2978 793 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2979 : (X.520 id-at (2 5 4)) 2980 798 13 7: PrintableString 'CarlDSS' 2981 : } 2982 : } 2983 : } 2984 807 30 30: SEQUENCE { 2985 809 17 13: UTCTime '990817011049Z' 2986 824 17 13: UTCTime '391231235959Z' 2987 : } 2988 839 30 19: SEQUENCE { 2989 841 31 17: SET { 2990 843 30 15: SEQUENCE { 2991 845 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 2992 : (X.520 id-at (2 5 4)) 2993 850 13 8: PrintableString 'AliceDSS' 2994 : } 2995 : } 2996 : } 2997 860 30 438: SEQUENCE { 2998 864 30 299: SEQUENCE { 2999 868 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) 3000 : (ANSI X9.57 algorithm) 3001 877 30 286: SEQUENCE { 3002 881 02 129: INTEGER 3003 : 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4 3004 : 47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94 3005 : E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89 3006 : 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A 3007 : E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F 3008 : 2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3 3009 : C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D 3010 : B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B 3011 : DB 3012 1013 02 21: INTEGER 3013 : 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B 3014 : 62 8B F7 93 CD 3015 1036 02 128: INTEGER 3016 : 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C 3017 : 76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD 3018 : 9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF 3019 : 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D 3020 : EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23 3021 : 85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8 3022 : 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2 3023 : BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39 3024 : } 3025 : } 3026 1167 03 132: BIT STRING 0 unused bits, encapsulates { 3027 1171 02 128: INTEGER 3028 : 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 3F A9 EC AC 3029 : 5E DC BD B7 13 11 34 A6 16 89 28 11 23 D9 34 86 3030 : 67 75 75 13 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 3031 : 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 A5 A0 4A E3 3032 : 85 D6 CE 06 80 3F E8 23 7E 1A F2 24 AB 53 1A B8 3033 : 27 0D 1E EF 08 BF 66 14 80 5C 62 AC 65 FA 15 8B 3034 : F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 32 84 F0 7E 3035 : 41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2 83 E5 B8 3036 : } 3037 : } 3038 1302 A3 131: [3] { 3039 1305 30 128: SEQUENCE { 3040 1308 30 32: SEQUENCE { 3041 1310 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) 3042 : (X.509 id-ce (2 5 29)) 3043 1315 04 25: OCTET STRING, encapsulates { 3044 1317 30 23: SEQUENCE { 3045 1319 81 21: [1] 'aliceDss@examples.com' 3046 : } 3047 : } 3048 : } 3049 1342 30 12: SEQUENCE { 3050 1344 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 3051 : (X.509 id-ce (2 5 29)) 3052 1349 01 1: BOOLEAN TRUE 3053 1352 04 2: OCTET STRING, encapsulates { 3054 1354 30 0: SEQUENCE {} 3055 : } 3056 : } 3057 1356 30 14: SEQUENCE { 3058 1358 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 3059 : (X.509 id-ce (2 5 29)) 3060 1363 01 1: BOOLEAN TRUE 3061 1366 04 4: OCTET STRING, encapsulates { 3062 1368 03 2: BIT STRING 6 unused bits 3063 : '11'B 3064 : } 3065 : } 3066 1372 30 31: SEQUENCE { 3067 1374 06 3: OBJECT IDENTIFIER 3068 : authorityKeyIdentifier (2 5 29 35) 3069 : (X.509 id-ce (2 5 29)) 3070 1379 04 24: OCTET STRING, encapsulates { 3071 1381 30 22: SEQUENCE { 3072 1383 80 20: [0] 3073 : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43 3074 : 2B 93 F1 1F 3075 : } 3076 : } 3077 : } 3078 1405 30 29: SEQUENCE { 3079 1407 06 3: OBJECT IDENTIFIER 3080 : subjectKeyIdentifier (2 5 29 14) 3081 : (X.509 id-ce (2 5 29)) 3082 1412 04 22: OCTET STRING 3083 : 04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01 3084 : E2 FD E3 97 FE CD 3085 : } 3086 : } 3087 : } 3088 : } 3089 1436 30 9: SEQUENCE { 3090 1438 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 3091 : (ANSI X9.57 algorithm) 3092 : } 3093 1447 03 48: BIT STRING 0 unused bits, encapsulates { 3094 1450 30 45: SEQUENCE { 3095 1452 02 21: INTEGER 3096 : 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A 8F C0 F8 24 3097 : 05 E8 46 94 8E 3098 1475 02 20: INTEGER 3099 : 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9 A1 87 C1 A5 3100 : 7F 28 2D BB 3101 : } 3102 : } 3103 : } 3104 : } 3105 1497 A1 219: [1] { 3106 1500 30 216: SEQUENCE { 3107 1503 30 153: SEQUENCE { 3108 1506 30 9: SEQUENCE { 3109 1508 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 3110 : (ANSI X9.57 algorithm) 3111 : } 3112 1517 30 18: SEQUENCE { 3113 1519 31 16: SET { 3114 1521 30 14: SEQUENCE { 3115 1523 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 3116 : (X.520 id-at (2 5 4)) 3117 1528 13 7: PrintableString 'CarlDSS' 3118 : } 3119 : } 3120 : } 3121 1537 17 13: UTCTime '990827070000Z' 3122 1552 30 105: SEQUENCE { 3123 1554 30 19: SEQUENCE { 3124 1556 02 2: INTEGER 200 3125 1560 17 13: UTCTime '990822070000Z' 3126 : } 3127 1575 30 19: SEQUENCE { 3128 1577 02 2: INTEGER 201 3129 1581 17 13: UTCTime '990822070000Z' 3130 : } 3131 1596 30 19: SEQUENCE { 3132 1598 02 2: INTEGER 211 3133 1602 17 13: UTCTime '990822070000Z' 3134 : } 3135 1617 30 19: SEQUENCE { 3136 1619 02 2: INTEGER 210 3137 1623 17 13: UTCTime '990822070000Z' 3138 : } 3139 1638 30 19: SEQUENCE { 3140 1640 02 2: INTEGER 212 3141 1644 17 13: UTCTime '990824070000Z' 3142 : } 3143 : } 3144 : } 3145 1659 30 9: SEQUENCE { 3146 1661 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 3147 : (ANSI X9.57 algorithm) 3148 : } 3149 1670 03 47: BIT STRING 0 unused bits, encapsulates { 3150 1673 30 44: SEQUENCE { 3151 1675 02 20: INTEGER 3152 : 7E 65 52 76 33 FE 34 73 17 D1 F7 96 F9 A0 D4 D8 3153 : 6D 5C 7D 3D 3154 1697 02 20: INTEGER 3155 : 02 7A 5B B7 D5 5B 18 C1 CF 87 EF 7E DA 24 F3 2A 3156 : 83 9C 35 A1 3157 : } 3158 : } 3159 : } 3160 : } 3161 1719 31 250: SET { 3162 1722 30 247: SEQUENCE { 3163 1725 02 1: INTEGER 1 3164 1728 30 24: SEQUENCE { 3165 1730 30 18: SEQUENCE { 3166 1732 31 16: SET { 3167 1734 30 14: SEQUENCE { 3168 1736 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 3169 : (X.520 id-at (2 5 4)) 3170 1741 13 7: PrintableString 'CarlDSS' 3171 : } 3172 : } 3173 : } 3174 1750 02 2: INTEGER 200 3175 : } 3176 1754 30 9: SEQUENCE { 3177 1756 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) 3178 : (OIW) 3179 1763 05 0: NULL 3180 : } 3181 1765 A0 93: [0] { 3182 1767 30 24: SEQUENCE { 3183 1769 06 9: OBJECT IDENTIFIER 3184 : contentType (1 2 840 113549 1 9 3) 3185 : (PKCS #9 (1 2 840 113549 1 9)) 3186 1780 31 11: SET { 3187 1782 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 3188 : (PKCS #7) 3189 : } 3190 : } 3191 1793 30 28: SEQUENCE { 3192 1795 06 9: OBJECT IDENTIFIER 3193 : signingTime (1 2 840 113549 1 9 5) 3194 : (PKCS #9 (1 2 840 113549 1 9)) 3195 1806 31 15: SET { 3196 1808 17 13: UTCTime '991015222610Z' 3197 : } 3198 : } 3199 1823 30 35: SEQUENCE { 3200 1825 06 9: OBJECT IDENTIFIER 3201 : messageDigest (1 2 840 113549 1 9 4) 3202 : (PKCS #9 (1 2 840 113549 1 9)) 3203 1836 31 22: SET { 3204 1838 04 20: OCTET STRING 3205 : 40 6A EC 08 52 79 BA 6E 16 02 2D 9E 06 29 C0 22 3206 : 96 87 DD 48 3207 : } 3208 : } 3209 : } 3210 1860 30 9: SEQUENCE { 3211 1862 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 3212 : (ANSI X9.57 algorithm) 3213 : } 3214 1871 04 48: OCTET STRING, encapsulates { 3215 1873 30 46: SEQUENCE { 3216 1875 02 21: INTEGER 3217 : 00 97 02 AB 81 D8 49 FD CA 6D 89 B4 6A C5 09 96 3218 : EE E3 76 36 2F 3219 1898 02 21: INTEGER 3220 : 00 C7 3E 7E 7B 3D D6 E4 D3 1D 6F 87 8B 18 03 F2 3221 : DF 18 2B 77 75 3222 : } 3223 : } 3224 1921 A1 49: [1] { 3225 1923 30 47: SEQUENCE { 3226 1925 06 11: OBJECT IDENTIFIER 3227 : id-aa-contentHint (1 2 840 113549 1 9 16 2 4) 3228 : (S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2)) 3229 1938 31 32: SET { 3230 1940 30 30: SEQUENCE { 3231 1942 0C 17: UTF8String (1997) 'SMime Example 5.4' 3232 1961 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 3233 : (PKCS #7) 3234 : } 3235 : } 3236 : } 3237 : } 3238 : } 3239 : } 3240 : } 3241 : } 3242 : } 3244 5.5 All RSA signed message 3246 Same as 5.2, but includes Carl's RSA root cert (but no CRL). A 3247 SignedData with no attribute certificates, signed by Alice using RSA, 3248 her certificate and Carl's root cert, no CRL. The message is ExContent, 3249 and is included in the eContent. There are no signed or unsigned 3250 attributes. 3252 0 30 NDEF: SEQUENCE { 3253 2 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 3254 : (PKCS #7) 3255 13 A0 NDEF: [0] { 3256 15 30 NDEF: SEQUENCE { 3257 17 02 1: INTEGER 1 3258 20 31 11: SET { 3259 22 30 9: SEQUENCE { 3260 24 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) 3261 : (OIW) 3262 31 05 0: NULL 3263 : } 3264 : } 3265 33 30 NDEF: SEQUENCE { 3266 35 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 3267 : (PKCS #7) 3268 46 A0 NDEF: [0] { 3269 48 24 NDEF: OCTET STRING { 3270 50 04 4: OCTET STRING 3271 : 54 68 69 73 3272 56 04 24: OCTET STRING 3273 : 20 69 73 20 73 6F 6D 65 20 73 61 6D 70 6C 65 20 3274 : 63 6F 6E 74 65 6E 74 2E 3275 : } 3276 : } 3277 : } 3278 88 A0 1021: [0] { 3279 92 30 491: SEQUENCE { 3280 96 30 340: SEQUENCE { 3281 100 A0 3: [0] { 3282 102 02 1: INTEGER 2 3283 : } 3284 105 02 16: INTEGER 3285 : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E 9F F2 50 20 3286 123 30 13: SEQUENCE { 3287 125 06 9: OBJECT IDENTIFIER 3288 : sha1withRSAEncryption (1 2 840 113549 1 1 5) 3289 : (PKCS #1) 3290 136 05 0: NULL 3291 : } 3292 138 30 18: SEQUENCE { 3293 140 31 16: SET { 3294 142 30 14: SEQUENCE { 3295 144 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 3296 : (X.520 id-at (2 5 4)) 3297 149 13 7: PrintableString 'CarlRSA' 3298 : } 3299 : } 3300 : } 3301 158 30 30: SEQUENCE { 3302 160 17 13: UTCTime '990818070000Z' 3303 175 17 13: UTCTime '391231235959Z' 3304 : } 3305 190 30 18: SEQUENCE { 3306 192 31 16: SET { 3307 194 30 14: SEQUENCE { 3308 196 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 3309 : (X.520 id-at (2 5 4)) 3310 201 13 7: PrintableString 'CarlRSA' 3311 : } 3312 : } 3313 : } 3314 210 30 159: SEQUENCE { 3315 213 30 13: SEQUENCE { 3316 215 06 9: OBJECT IDENTIFIER 3317 : rsaEncryption (1 2 840 113549 1 1 1) 3318 : (PKCS #1) 3319 226 05 0: NULL 3320 : } 3321 228 03 141: BIT STRING 0 unused bits, encapsulates { 3322 232 30 137: SEQUENCE { 3323 235 02 129: INTEGER 3324 : 00 E4 4B FF 18 B8 24 57 F4 77 FF 6E 73 7B 93 71 3325 : 5C BC 33 1A 92 92 72 23 D8 41 46 D0 CD 11 3A 04 3326 : B3 8E AF 82 9D BD 51 1E 17 7A F2 76 2C 2B 86 39 3327 : A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC A2 36 B1 ED 3328 : E2 50 E2 32 09 8A 3F 9F 99 25 8F B8 4E AB B9 7D 3329 : D5 96 65 DA 16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7 3330 : 29 CB 82 DD AC 44 E9 AA 93 94 29 0E F8 18 D6 C8 3331 : 57 5E F2 76 C4 F2 11 60 38 B9 1B 3C 1D 97 C9 6A 3332 : F1 3333 367 02 3: INTEGER 65537 3334 : } 3335 : } 3336 : } 3337 372 A3 66: [3] { 3338 374 30 64: SEQUENCE { 3339 376 30 15: SEQUENCE { 3340 378 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 3341 : (X.509 id-ce (2 5 29)) 3342 383 01 1: BOOLEAN TRUE 3343 386 04 5: OCTET STRING, encapsulates { 3344 388 30 3: SEQUENCE { 3345 390 01 1: BOOLEAN TRUE 3346 : } 3347 : } 3348 : } 3349 393 30 14: SEQUENCE { 3350 395 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 3351 : (X.509 id-ce (2 5 29)) 3352 400 01 1: BOOLEAN TRUE 3353 403 04 4: OCTET STRING, encapsulates { 3354 405 03 2: BIT STRING 1 unused bits 3355 : '1100001'B 3356 : } 3357 : } 3358 409 30 29: SEQUENCE { 3359 411 06 3: OBJECT IDENTIFIER 3360 : subjectKeyIdentifier (2 5 29 14) 3361 : (X.509 id-ce (2 5 29)) 3362 416 04 22: OCTET STRING 3363 : 04 14 E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 3364 : 4E 22 AE 9E 38 BB 3365 : } 3366 : } 3367 : } 3368 : } 3369 440 30 13: SEQUENCE { 3370 442 06 9: OBJECT IDENTIFIER 3371 : sha1withRSAEncryption (1 2 840 113549 1 1 5) 3372 : (PKCS #1) 3373 453 05 0: NULL 3374 : } 3375 455 03 129: BIT STRING 0 unused bits 3376 : B7 9E D4 04 D3 ED 29 E4 FF 89 89 15 2E 4C DB 0C 3377 : F0 48 0F 32 61 EE C4 04 EC 12 5D 2D FF 0F 64 59 3378 : 7E 0A C3 ED 18 FD E3 56 40 37 A7 07 B5 F0 38 12 3379 : 61 50 ED EF DD 3F E3 0B B8 61 A5 A4 9B 3C E6 9E 3380 : 9C 54 9A B6 95 D6 DA 6C 3B B5 2D 45 35 9D 49 01 3381 : 76 FA B9 B9 31 F9 F9 6B 12 53 A0 F5 14 60 9B 7D 3382 : CA 3E F2 53 6B B0 37 6F AD E6 74 D7 DB FA 5A EA 3383 : 14 41 63 5D CD BE C8 0E C1 DA 6A 8D 53 34 18 02 3384 : } 3385 587 30 522: SEQUENCE { 3386 591 30 371: SEQUENCE { 3387 595 A0 3: [0] { 3388 597 02 1: INTEGER 2 3389 : } 3390 600 02 16: INTEGER 3391 : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0 3392 618 30 13: SEQUENCE { 3393 620 06 9: OBJECT IDENTIFIER 3394 : sha1withRSAEncryption (1 2 840 113549 1 1 5) 3395 : (PKCS #1) 3396 631 05 0: NULL 3397 : } 3398 633 30 18: SEQUENCE { 3399 635 31 16: SET { 3400 637 30 14: SEQUENCE { 3401 639 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 3402 : (X.520 id-at (2 5 4)) 3403 644 13 7: PrintableString 'CarlRSA' 3404 : } 3405 : } 3406 : } 3407 653 30 30: SEQUENCE { 3408 655 17 13: UTCTime '990819070000Z' 3409 670 17 13: UTCTime '391231235959Z' 3410 : } 3411 685 30 19: SEQUENCE { 3412 687 31 17: SET { 3413 689 30 15: SEQUENCE { 3414 691 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 3415 : (X.520 id-at (2 5 4)) 3416 696 13 8: PrintableString 'AliceRSA' 3417 : } 3418 : } 3419 : } 3420 706 30 159: SEQUENCE { 3421 709 30 13: SEQUENCE { 3422 711 06 9: OBJECT IDENTIFIER 3423 : rsaEncryption (1 2 840 113549 1 1 1) 3424 : (PKCS #1) 3425 722 05 0: NULL 3426 : } 3427 724 03 141: BIT STRING 0 unused bits, encapsulates { 3428 728 30 137: SEQUENCE { 3429 731 02 129: INTEGER 3430 : 00 E0 89 73 39 8D D8 F5 F5 E8 87 76 39 7F 4E B0 3431 : 05 BB 53 83 DE 0F B7 AB DC 7D C7 75 29 0D 05 2E 3432 : 6D 12 DF A6 86 26 D4 D2 6F AA 58 29 FC 97 EC FA 3433 : 82 51 0F 30 80 BE B1 50 9E 46 44 F1 2C BB D8 32 3434 : CF C6 68 6F 07 D9 B0 60 AC BE EE 34 09 6A 13 F5 3435 : F7 05 05 93 DF 5E BA 35 56 D9 61 FF 19 7F C9 81 3436 : E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 9F 2D FA 55 3437 : 3A B9 99 77 02 A6 48 52 8C 4E F3 57 38 57 74 57 3438 : 5F 3439 863 02 3: INTEGER 65537 3440 : } 3441 : } 3442 : } 3443 868 A3 96: [3] { 3444 870 30 94: SEQUENCE { 3445 872 30 12: SEQUENCE { 3446 874 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 3447 : (X.509 id-ce (2 5 29)) 3448 879 01 1: BOOLEAN TRUE 3449 882 04 2: OCTET STRING, encapsulates { 3450 884 30 0: SEQUENCE {} 3451 : } 3452 : } 3453 886 30 14: SEQUENCE { 3454 888 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 3455 : (X.509 id-ce (2 5 29)) 3456 893 01 1: BOOLEAN TRUE 3457 896 04 4: OCTET STRING, encapsulates { 3458 898 03 2: BIT STRING 6 unused bits 3459 : '11'B 3460 : } 3461 : } 3462 902 30 31: SEQUENCE { 3463 904 06 3: OBJECT IDENTIFIER 3464 : authorityKeyIdentifier (2 5 29 35) 3465 : (X.509 id-ce (2 5 29)) 3466 909 04 24: OCTET STRING, encapsulates { 3467 911 30 22: SEQUENCE { 3468 913 80 20: [0] 3469 : E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 4E 22 3470 : AE 9E 38 BB 3471 : } 3472 : } 3473 : } 3474 935 30 29: SEQUENCE { 3475 937 06 3: OBJECT IDENTIFIER 3476 : subjectKeyIdentifier (2 5 29 14) 3477 : (X.509 id-ce (2 5 29)) 3478 942 04 22: OCTET STRING 3479 : 04 14 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D CE EC 3480 : 3C A0 3A E3 FF 50 3481 : } 3482 : } 3483 : } 3484 : } 3485 966 30 13: SEQUENCE { 3486 968 06 9: OBJECT IDENTIFIER 3487 : sha1withRSAEncryption (1 2 840 113549 1 1 5) 3488 : (PKCS #1) 3489 979 05 0: NULL 3490 : } 3491 981 03 129: BIT STRING 0 unused bits 3492 : 52 FF B3 8B 54 1E 08 BF F3 6D 0C 12 08 7D 8E CB 3493 : 6E 59 EC 56 93 A6 4A 22 40 5F 8B 14 79 7E 83 4F 3494 : F5 3F DE 21 97 16 58 70 76 32 B2 20 51 A3 1A 1F 3495 : 97 48 80 5C 83 B0 B8 93 0B 03 44 AE BF BE A4 8C 3496 : 06 C6 45 E2 81 08 D5 89 58 0C 28 1B 2D A5 8B 1C 3497 : 4A E3 D7 44 34 D4 CB 53 FC BA A9 8B AA B6 E9 B0 3498 : C3 AB 74 F1 2A F1 B0 C6 38 EA 87 02 1E 10 BB 99 3499 : C4 BE 36 C0 08 BA 13 65 37 3E 36 F3 31 42 73 18 3500 : } 3501 : } 3502 1113 31 203: SET { 3503 1116 30 200: SEQUENCE { 3504 1119 02 1: INTEGER 1 3505 1122 30 38: SEQUENCE { 3506 1124 30 18: SEQUENCE { 3507 1126 31 16: SET { 3508 1128 30 14: SEQUENCE { 3509 1130 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 3510 : (X.520 id-at (2 5 4)) 3511 1135 13 7: PrintableString 'CarlRSA' 3512 : } 3513 : } 3514 : } 3515 1144 02 16: INTEGER 3516 : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0 3517 : } 3518 1162 30 9: SEQUENCE { 3519 1164 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) 3520 : (OIW) 3521 1171 05 0: NULL 3522 : } 3523 1173 30 13: SEQUENCE { 3524 1175 06 9: OBJECT IDENTIFIER 3525 : rsaEncryption (1 2 840 113549 1 1 1) 3526 : (PKCS #1) 3527 1186 05 0: NULL 3528 : } 3529 1188 04 128: OCTET STRING 3530 : 2F 23 82 D2 F3 09 5F B8 0C 58 EB 4E 9D BF 89 9A 3531 : 81 E5 75 C4 91 3D D3 D0 D5 7B B6 D5 FE 94 A1 8A 3532 : AC E3 C4 84 F5 CD 60 4E 27 95 F6 CF 00 86 76 75 3533 : 3F 2B F0 E7 D4 02 67 A7 F5 C7 8D 16 04 A5 B3 B5 3534 : E7 D9 32 F0 24 EF E7 20 44 D5 9F 07 C5 53 24 FA 3535 : CE 01 1D 0F 17 13 A7 2A 95 9D 2B E4 03 95 14 0B 3536 : E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6 55 13 D4 68 3537 : 6F D0 07 D7 A2 B1 62 4C E3 8F AF FD E0 D5 5D C7 3538 : } 3539 : } 3540 : } 3541 : } 3542 : } 3544 5.6 Multiple signers 3546 Similar to 5.1, but the message is also signed by Diane. Two 3547 SignedDatas (one for Alice, one for Diane) with no attribute 3548 certificates, each signed using DH-DSS, Alice's and Diane's certificate 3549 (not Carl's root cert), no CRL. The message is ExContent, and is 3550 included in the eContent. There are no signed or unsigned attributes. 3552 0 30 1477: SEQUENCE { 3553 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 3554 : (PKCS #7) 3555 15 A0 1462: [0] { 3556 19 30 1458: SEQUENCE { 3557 23 02 1: INTEGER 1 3558 26 31 11: SET { 3559 28 30 9: SEQUENCE { 3560 30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) 3561 : (OIW) 3562 37 05 0: NULL 3563 : } 3564 : } 3565 39 30 43: SEQUENCE { 3566 41 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 3567 : (PKCS #7) 3568 52 A0 30: [0] { 3569 54 04 28: OCTET STRING 3570 : 54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D 3571 : 70 6C 65 20 63 6F 6E 74 65 6E 74 2E 3572 : } 3573 : } 3574 84 A0 1184: [0] { 3575 88 30 442: SEQUENCE { 3576 92 30 377: SEQUENCE { 3577 96 A0 3: [0] { 3578 98 02 1: INTEGER 2 3579 : } 3580 101 02 2: INTEGER 210 3581 105 30 9: SEQUENCE { 3582 107 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 3583 : (ANSI X9.57 algorithm) 3584 : } 3585 116 30 18: SEQUENCE { 3586 118 31 16: SET { 3587 120 30 14: SEQUENCE { 3588 122 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 3589 : (X.520 id-at (2 5 4)) 3590 127 13 7: PrintableString 'CarlDSS' 3591 : } 3592 : } 3593 : } 3594 136 30 30: SEQUENCE { 3595 138 17 13: UTCTime '990817020810Z' 3596 153 17 13: UTCTime '391231235959Z' 3597 : } 3598 168 30 19: SEQUENCE { 3599 170 31 17: SET { 3600 172 30 15: SEQUENCE { 3601 174 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 3602 : (X.520 id-at (2 5 4)) 3603 179 13 8: PrintableString 'DianeDSS' 3604 : } 3605 : } 3606 : } 3607 189 30 147: SEQUENCE { 3608 192 30 9: SEQUENCE { 3609 194 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) 3610 : (ANSI X9.57 algorithm) 3611 : } 3612 203 03 133: BIT STRING 0 unused bits, encapsulates { 3613 207 02 129: INTEGER 3614 : 00 A0 00 17 78 2C EE 7E 81 53 2E 2E 61 08 0F A1 3615 : 9B 51 52 1A DA 59 A8 73 2F 12 25 B6 08 CB CA EF 3616 : 2A 44 76 8A 52 09 EA BD 05 22 D5 0F F6 FD 46 D7 3617 : AF 99 38 09 0E 13 CB 4F 2C DD 1C 34 F7 1C BF 25 3618 : FF 23 D3 3B 59 E7 82 97 37 BE 31 24 D8 18 C8 F3 3619 : 49 39 5B B7 E2 E5 27 7E FC 8C 45 72 5B 7E 3E 8F 3620 : 68 4D DD 46 7A 22 BE 8E FF CC DA 39 29 A3 39 E5 3621 : 9F 43 E9 55 C9 D7 5B A6 81 67 CC C0 AA CD 2E C5 3622 : 23 3623 : } 3624 : } 3625 339 A3 131: [3] { 3626 342 30 128: SEQUENCE { 3627 345 30 32: SEQUENCE { 3628 347 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) 3629 : (X.509 id-ce (2 5 29)) 3630 352 04 25: OCTET STRING, encapsulates { 3631 354 30 23: SEQUENCE { 3632 356 81 21: [1] 'dianeDss@examples.com' 3633 : } 3634 : } 3635 : } 3636 379 30 12: SEQUENCE { 3637 381 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 3638 : (X.509 id-ce (2 5 29)) 3639 386 01 1: BOOLEAN TRUE 3640 389 04 2: OCTET STRING, encapsulates { 3641 391 30 0: SEQUENCE {} 3642 : } 3643 : } 3644 393 30 14: SEQUENCE { 3645 395 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 3646 : (X.509 id-ce (2 5 29)) 3647 400 01 1: BOOLEAN TRUE 3648 403 04 4: OCTET STRING, encapsulates { 3649 405 03 2: BIT STRING 6 unused bits 3650 : '11'B 3651 : } 3652 : } 3653 409 30 31: SEQUENCE { 3654 411 06 3: OBJECT IDENTIFIER 3655 : authorityKeyIdentifier (2 5 29 35) 3656 : (X.509 id-ce (2 5 29)) 3657 416 04 24: OCTET STRING, encapsulates { 3658 418 30 22: SEQUENCE { 3659 420 80 20: [0] 3660 : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43 3661 : 2B 93 F1 1F 3662 : } 3663 : } 3664 : } 3665 442 30 29: SEQUENCE { 3666 444 06 3: OBJECT IDENTIFIER 3667 : subjectKeyIdentifier (2 5 29 14) 3668 : (X.509 id-ce (2 5 29)) 3669 449 04 22: OCTET STRING 3670 : 04 14 64 30 99 7D 5C DC 45 0B 99 3A 52 2F 16 BF 3671 : 58 50 DD CE 2B 18 3672 : } 3673 : } 3674 : } 3675 : } 3676 473 30 9: SEQUENCE { 3677 475 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 3678 : (ANSI X9.57 algorithm) 3679 : } 3680 484 03 48: BIT STRING 0 unused bits, encapsulates { 3681 487 30 45: SEQUENCE { 3682 489 02 20: INTEGER 3683 : 7E 0C 0C 81 17 B4 9A 54 B2 C3 30 EB 8A C4 3C C2 3684 : 52 36 9E 95 3685 511 02 21: INTEGER 3686 : 00 C6 9F 17 C2 71 4B AC 2E 39 8D 3D 10 1F 9A B3 3687 : 4D B6 F9 11 A3 3688 : } 3689 : } 3690 : } 3691 534 30 734: SEQUENCE { 3692 538 30 669: SEQUENCE { 3693 542 A0 3: [0] { 3694 544 02 1: INTEGER 2 3695 : } 3696 547 02 2: INTEGER 200 3697 551 30 9: SEQUENCE { 3698 553 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 3699 : (ANSI X9.57 algorithm) 3700 : } 3701 562 30 18: SEQUENCE { 3702 564 31 16: SET { 3703 566 30 14: SEQUENCE { 3704 568 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 3705 : (X.520 id-at (2 5 4)) 3706 573 13 7: PrintableString 'CarlDSS' 3707 : } 3708 : } 3709 : } 3710 582 30 30: SEQUENCE { 3711 584 17 13: UTCTime '990817011049Z' 3712 599 17 13: UTCTime '391231235959Z' 3713 : } 3714 614 30 19: SEQUENCE { 3715 616 31 17: SET { 3716 618 30 15: SEQUENCE { 3717 620 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 3718 : (X.520 id-at (2 5 4)) 3719 625 13 8: PrintableString 'AliceDSS' 3720 : } 3721 : } 3722 : } 3723 635 30 438: SEQUENCE { 3724 639 30 299: SEQUENCE { 3725 643 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) 3726 : (ANSI X9.57 algorithm) 3727 652 30 286: SEQUENCE { 3728 656 02 129: INTEGER 3729 : 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4 3730 : 47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94 3731 : E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89 3732 : 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A 3733 : E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F 3734 : 2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3 3735 : C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D 3736 : B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B 3737 : DB 3738 788 02 21: INTEGER 3739 : 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B 3740 : 62 8B F7 93 CD 3741 811 02 128: INTEGER 3742 : 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C 3743 : 76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD 3744 : 9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF 3745 : 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D 3746 : EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23 3747 : 85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8 3748 : 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2 3749 : BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39 3750 : } 3751 : } 3752 942 03 132: BIT STRING 0 unused bits, encapsulates { 3753 946 02 128: INTEGER 3754 : 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 3F A9 EC AC 3755 : 5E DC BD B7 13 11 34 A6 16 89 28 11 23 D9 34 86 3756 : 67 75 75 13 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 3757 : 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 A5 A0 4A E3 3758 : 85 D6 CE 06 80 3F E8 23 7E 1A F2 24 AB 53 1A B8 3759 : 27 0D 1E EF 08 BF 66 14 80 5C 62 AC 65 FA 15 8B 3760 : F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 32 84 F0 7E 3761 : 41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2 83 E5 B8 3762 : } 3763 : } 3764 1077 A3 131: [3] { 3765 1080 30 128: SEQUENCE { 3766 1083 30 32: SEQUENCE { 3767 1085 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) 3768 : (X.509 id-ce (2 5 29)) 3769 1090 04 25: OCTET STRING, encapsulates { 3770 1092 30 23: SEQUENCE { 3771 1094 81 21: [1] 'aliceDss@examples.com' 3772 : } 3773 : } 3774 : } 3775 1117 30 12: SEQUENCE { 3776 1119 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 3777 : (X.509 id-ce (2 5 29)) 3778 1124 01 1: BOOLEAN TRUE 3779 1127 04 2: OCTET STRING, encapsulates { 3780 1129 30 0: SEQUENCE {} 3781 : } 3782 : } 3783 1131 30 14: SEQUENCE { 3784 1133 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 3785 : (X.509 id-ce (2 5 29)) 3786 1138 01 1: BOOLEAN TRUE 3787 1141 04 4: OCTET STRING, encapsulates { 3788 1143 03 2: BIT STRING 6 unused bits 3789 : '11'B 3790 : } 3791 : } 3792 1147 30 31: SEQUENCE { 3793 1149 06 3: OBJECT IDENTIFIER 3794 : authorityKeyIdentifier (2 5 29 35) 3795 : (X.509 id-ce (2 5 29)) 3796 1154 04 24: OCTET STRING, encapsulates { 3797 1156 30 22: SEQUENCE { 3798 1158 80 20: [0] 3799 : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43 3800 : 2B 93 F1 1F 3801 : } 3802 : } 3803 : } 3804 1180 30 29: SEQUENCE { 3805 1182 06 3: OBJECT IDENTIFIER 3806 : subjectKeyIdentifier (2 5 29 14) 3807 : (X.509 id-ce (2 5 29)) 3808 1187 04 22: OCTET STRING 3809 : 04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01 3810 : E2 FD E3 97 FE CD 3811 : } 3812 : } 3813 : } 3814 : } 3815 1211 30 9: SEQUENCE { 3816 1213 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 3817 : (ANSI X9.57 algorithm) 3818 : } 3819 1222 03 48: BIT STRING 0 unused bits, encapsulates { 3820 1225 30 45: SEQUENCE { 3821 1227 02 21: INTEGER 3822 : 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A 8F C0 F8 24 3823 : 05 E8 46 94 8E 3824 1250 02 20: INTEGER 3825 : 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9 A1 87 C1 A5 3826 : 7F 28 2D BB 3827 : } 3828 : } 3829 : } 3830 : } 3831 1272 31 206: SET { 3832 1275 30 101: SEQUENCE { 3833 1277 02 1: INTEGER 1 3834 1280 30 24: SEQUENCE { 3835 1282 30 18: SEQUENCE { 3836 1284 31 16: SET { 3837 1286 30 14: SEQUENCE { 3838 1288 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 3839 : (X.520 id-at (2 5 4)) 3840 1293 13 7: PrintableString 'CarlDSS' 3841 : } 3842 : } 3843 : } 3844 1302 02 2: INTEGER 200 3845 : } 3846 1306 30 9: SEQUENCE { 3847 1308 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) 3848 : (OIW) 3849 1315 05 0: NULL 3850 : } 3851 1317 30 9: SEQUENCE { 3852 1319 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 3853 : (ANSI X9.57 algorithm) 3854 : } 3855 1328 04 48: OCTET STRING 3856 : 30 2D 02 15 00 CB 2D 81 7B 0D 3F 4D 8A 0D B6 0A 3857 : 3C 86 48 B2 22 5B 4F B4 1C 02 14 75 00 20 67 96 3858 : 9D C5 DD B7 5E 47 94 B2 01 A5 52 15 0C 26 A2 00 3859 : } 3860 1378 30 101: SEQUENCE { 3861 1380 02 1: INTEGER 1 3862 1383 30 24: SEQUENCE { 3863 1385 30 18: SEQUENCE { 3864 1387 31 16: SET { 3865 1389 30 14: SEQUENCE { 3866 1391 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 3867 : (X.520 id-at (2 5 4)) 3868 1396 13 7: PrintableString 'CarlDSS' 3869 : } 3870 : } 3871 : } 3872 1405 02 2: INTEGER 210 3873 : } 3874 1409 30 9: SEQUENCE { 3875 1411 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) 3876 : (OIW) 3877 1418 05 0: NULL 3878 : } 3879 1420 30 9: SEQUENCE { 3880 1422 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 3881 : (ANSI X9.57 algorithm) 3882 : } 3883 1431 04 48: OCTET STRING 3884 : 30 2D 02 14 1F 4B 9C 80 62 FF 19 77 6E 9A FC 66 3885 : 45 C8 FD 6D 49 7A BA 84 02 15 00 84 D2 E4 E6 8C 3886 : BC C4 12 72 74 4F D9 50 A4 A8 66 FB 2A E9 CF 00 3887 : } 3888 : } 3889 : } 3890 : } 3891 : } 3893 5.7 Signing using SKI 3895 Same as 5.1, but the signature uses the SKI instead of the 3896 issuer/serial number in the cert. A SignedData with no attribute 3897 certificates, signed by Alice using DH-DSS, just her certificate (not 3898 Carl's root cert), identified by the SKI, no CRL. The message is 3899 ExContent, and is included in the eContent. There are no signed or 3900 unsigned attributes. 3902 0 30 711: SEQUENCE { 3903 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 3904 : (PKCS #7) 3905 15 A0 696: [0] { 3906 19 30 692: SEQUENCE { 3907 23 02 1: INTEGER 3 3908 26 31 11: SET { 3909 28 30 9: SEQUENCE { 3910 30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) 3911 : (OIW) 3912 37 05 0: NULL 3913 : } 3914 : } 3915 39 30 43: SEQUENCE { 3916 41 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 3917 : (PKCS #7) 3918 52 A0 30: [0] { 3919 54 04 28: OCTET STRING 3920 : 54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D 3921 : 70 6C 65 20 63 6F 6E 74 65 6E 74 2E 3922 : } 3923 : } 3924 84 A0 526: [0] { 3925 88 30 522: SEQUENCE { 3926 92 30 371: SEQUENCE { 3927 96 A0 3: [0] { 3928 98 02 1: INTEGER 2 3929 : } 3930 101 02 16: INTEGER 3931 : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0 3932 119 30 13: SEQUENCE { 3933 121 06 9: OBJECT IDENTIFIER 3934 : sha1withRSAEncryption (1 2 840 113549 1 1 5) 3935 : (PKCS #1) 3936 132 05 0: NULL 3937 : } 3938 134 30 18: SEQUENCE { 3939 136 31 16: SET { 3940 138 30 14: SEQUENCE { 3941 140 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 3942 : (X.520 id-at (2 5 4)) 3943 145 13 7: PrintableString 'CarlRSA' 3944 : } 3945 : } 3946 : } 3947 154 30 30: SEQUENCE { 3948 156 17 13: UTCTime '990819070000Z' 3949 171 17 13: UTCTime '391231235959Z' 3950 : } 3951 186 30 19: SEQUENCE { 3952 188 31 17: SET { 3953 190 30 15: SEQUENCE { 3954 192 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 3955 : (X.520 id-at (2 5 4)) 3956 197 13 8: PrintableString 'AliceRSA' 3957 : } 3958 : } 3959 : } 3960 207 30 159: SEQUENCE { 3961 210 30 13: SEQUENCE { 3962 212 06 9: OBJECT IDENTIFIER 3963 : rsaEncryption (1 2 840 113549 1 1 1) 3964 : (PKCS #1) 3965 223 05 0: NULL 3966 : } 3967 225 03 141: BIT STRING 0 unused bits, encapsulates { 3968 229 30 137: SEQUENCE { 3969 232 02 129: INTEGER 3970 : 00 E0 89 73 39 8D D8 F5 F5 E8 87 76 39 7F 4E B0 3971 : 05 BB 53 83 DE 0F B7 AB DC 7D C7 75 29 0D 05 2E 3972 : 6D 12 DF A6 86 26 D4 D2 6F AA 58 29 FC 97 EC FA 3973 : 82 51 0F 30 80 BE B1 50 9E 46 44 F1 2C BB D8 32 3974 : CF C6 68 6F 07 D9 B0 60 AC BE EE 34 09 6A 13 F5 3975 : F7 05 05 93 DF 5E BA 35 56 D9 61 FF 19 7F C9 81 3976 : E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 9F 2D FA 55 3977 : 3A B9 99 77 02 A6 48 52 8C 4E F3 57 38 57 74 57 3978 : 5F 3979 364 02 3: INTEGER 65537 3980 : } 3981 : } 3982 : } 3983 369 A3 96: [3] { 3984 371 30 94: SEQUENCE { 3985 373 30 12: SEQUENCE { 3986 375 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 3987 : (X.509 id-ce (2 5 29)) 3988 380 01 1: BOOLEAN TRUE 3989 383 04 2: OCTET STRING, encapsulates { 3990 385 30 0: SEQUENCE {} 3991 : } 3992 : } 3993 387 30 14: SEQUENCE { 3994 389 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 3995 : (X.509 id-ce (2 5 29)) 3996 394 01 1: BOOLEAN TRUE 3997 397 04 4: OCTET STRING, encapsulates { 3998 399 03 2: BIT STRING 6 unused bits 3999 : '11'B 4000 : } 4001 : } 4002 403 30 31: SEQUENCE { 4003 405 06 3: OBJECT IDENTIFIER 4004 : authorityKeyIdentifier (2 5 29 35) 4005 : (X.509 id-ce (2 5 29)) 4006 410 04 24: OCTET STRING, encapsulates { 4007 412 30 22: SEQUENCE { 4008 414 80 20: [0] 4009 : E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 4E 22 4010 : AE 9E 38 BB 4011 : } 4012 : } 4013 : } 4014 436 30 29: SEQUENCE { 4015 438 06 3: OBJECT IDENTIFIER 4016 : subjectKeyIdentifier (2 5 29 14) 4017 : (X.509 id-ce (2 5 29)) 4018 443 04 22: OCTET STRING 4019 : 04 14 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D CE EC 4020 : 3C A0 3A E3 FF 50 4021 : } 4022 : } 4023 : } 4024 : } 4025 467 30 13: SEQUENCE { 4026 469 06 9: OBJECT IDENTIFIER 4027 : sha1withRSAEncryption (1 2 840 113549 1 1 5) 4028 : (PKCS #1) 4029 480 05 0: NULL 4030 : } 4031 482 03 129: BIT STRING 0 unused bits 4032 : 52 FF B3 8B 54 1E 08 BF F3 6D 0C 12 08 7D 8E CB 4033 : 6E 59 EC 56 93 A6 4A 22 40 5F 8B 14 79 7E 83 4F 4034 : F5 3F DE 21 97 16 58 70 76 32 B2 20 51 A3 1A 1F 4035 : 97 48 80 5C 83 B0 B8 93 0B 03 44 AE BF BE A4 8C 4036 : 06 C6 45 E2 81 08 D5 89 58 0C 28 1B 2D A5 8B 1C 4037 : 4A E3 D7 44 34 D4 CB 53 FC BA A9 8B AA B6 E9 B0 4038 : C3 AB 74 F1 2A F1 B0 C6 38 EA 87 02 1E 10 BB 99 4039 : C4 BE 36 C0 08 BA 13 65 37 3E 36 F3 31 42 73 18 4040 : } 4041 : } 4042 614 31 99: SET { 4043 616 30 97: SEQUENCE { 4044 618 02 1: INTEGER 3 4045 621 80 20: [0] 4046 : BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01 E2 FD 4047 : E3 97 FE CD 4048 643 30 9: SEQUENCE { 4049 645 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) 4050 : (OIW) 4051 652 05 0: NULL 4052 : } 4053 654 30 9: SEQUENCE { 4054 656 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 4055 : (ANSI X9.57 algorithm) 4056 : } 4057 665 04 48: OCTET STRING, encapsulates { 4058 667 30 45: SEQUENCE { 4059 669 02 21: INTEGER 4060 : 00 B8 38 97 28 5A E2 E3 FE 4E 6E 24 00 A6 37 F2 4061 : 0D 8C 1F 1C EE 4062 692 02 20: INTEGER 4063 : 66 B5 EE 3B D8 2B 46 0B E0 64 D0 F5 B9 AD 5C EC 4064 : 0F ED 7B 12 4065 : } 4066 : } 4067 : } 4068 : } 4069 : } 4070 : } 4071 : } 4072 : } 4074 5.8 S/MIME multipart/signed message 4076 A full S/MIME message, including MIME, that includes the body part from 4077 5.3 and the body containing the content of the message. 4079 MIME-Version: 1.0 4080 Content-Type: multipart/signed; 4081 protocol="application/x-pkcs7-signature"; 4082 micalg=SHA1; 4083 boundary="----=_NextPart_000_0000_01BEF8B8.4F7D5F80" 4085 ------=_NextPart_000_0000_01BEF8B8.4F7D5F80 4087 This is some sample content. 4088 ------=_NextPart_000_0000_01BEF8B8.4F7D5F80 4089 Content-Type: application/x-pkcs7-signature; 4090 name="smime.p7s" 4091 Content-Transfer-Encoding: base64 4092 Content-Disposition: attachment; 4093 filename="smime.p7s" 4095 MIGXBgkqhkiG9w0BBwKggYkwgYYCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAT 4096 FnMGUCAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyDAJBgUrDgMCGgUAMAkGByqG 4097 SM44BAEEMDAtAhReXmtpBKJiXYtFslX5dRwSToiIIQIVAKPBSCPgCDVvJSJ6HrYUvO 4098 R1kdslAA== 4100 ------=_NextPart_000_0000_01BEF8B8.4F7D5F80-- 4102 5.9 S/MIME application/pkcs7-mime signed message 4104 A full S/MIME message, including MIME, that includes the body part from 4105 5.1. 4107 Subject: Example 5.9 4108 MIME-Version: 1.0 4109 Content-Type: application/pkcs7-mime; name="smime.p7m"; 4110 smime-type=signed-data 4111 Content-Transfer-Encoding: base64 4112 Content-Disposition: attachment; filename="smime.p7m" 4114 MIG3BgkqhkiG9w0BBwKggakwgaYCAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa 4115 AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuMWcwZQIBATAYMBIxEDAOBgNV 4116 BAMTB0NhcmxEU1MCAgDIMAkGBSsOAwIaBQAwCQYHKoZIzjgEAQQwMC0CFHCbJ32Z59 4117 IMxsUhC0viIbe9jUgpAhUAiywMBstKtQZLqEwOeNE7kOnRn6QA 4119 6. Enveloped-data 4121 6.1 Basic encrypted content, TripleDES and DH 4123 An EnvelopedData from Alice to Bob of ExContent using TripleDES for 4124 encrypting and Diffie-Hellman for key management. Does not have a 4125 OriginatorInfo or any attributes. 4127 0 30 355: SEQUENCE { 4128 4 06 9: OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3) 4129 : (PKCS #7) 4130 15 A0 340: [0] { 4131 19 30 336: SEQUENCE { 4132 23 02 1: INTEGER 2 4133 26 31 260: SET { 4134 30 A1 256: [1] { 4135 34 02 1: INTEGER 3 4136 37 A0 150: [0] { 4137 40 A1 147: [1] { 4138 43 30 9: SEQUENCE { 4139 45 06 7: OBJECT IDENTIFIER 4140 : dhPublicNumber (1 2 840 10046 2 1) 4141 : (ANSI X9.42 number-type) 4142 : } 4143 54 03 133: BIT STRING 0 unused bits, encapsulates { 4144 58 02 129: INTEGER 4145 : 00 C2 A4 56 E7 80 6C 11 EC 48 01 F7 0E FA B0 20 4146 : D2 9C 6F 31 2C 85 F8 4A 9C B2 B8 BA 17 B6 F5 28 4147 : 31 BC B2 5E 53 D3 8C C9 B5 E3 79 20 8F 03 E5 67 4148 : 7F 4E 02 6A 2E C2 67 7F 71 9A 44 0B EC C0 7D 19 4149 : 6F EE 5F 2E D5 32 00 D4 7C C2 16 56 7E ED AF 68 4150 : DD 0C 73 68 95 36 CE 5C 51 AD 2E 20 64 D0 1E 3B 4151 : C8 57 3D 65 40 B8 1A CD 6D A7 CB 1C 9E C5 83 73 4152 : 66 DD D2 86 EE E1 9C ED B1 9D 30 32 41 4C 52 3D 4153 : 18 4154 : } 4155 : } 4156 : } 4157 190 30 26: SEQUENCE { 4158 192 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1) 4159 : (ANSI X9.42 number-type) 4160 201 30 15: SEQUENCE { 4161 203 06 11: OBJECT IDENTIFIER '1 2 840 113549 1 9 16 3 6' 4162 216 05 0: NULL 4163 : } 4164 : } 4165 218 30 70: SEQUENCE { 4166 220 30 68: SEQUENCE { 4167 222 30 24: SEQUENCE { 4168 224 30 18: SEQUENCE { 4169 226 31 16: SET { 4170 228 30 14: SEQUENCE { 4171 230 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 4172 : (X.520 id-at (2 5 4)) 4173 235 13 7: PrintableString 'CarlDSS' 4174 : } 4175 : } 4176 : } 4177 244 02 2: INTEGER 201 4178 : } 4179 248 04 40: OCTET STRING 4180 : 51 46 57 41 34 1C D6 C7 CD 36 4B A4 93 B7 16 E6 4181 : 2E F0 58 24 9C 6D 4B E9 90 8B 0F 46 B8 E5 93 19 4182 : FF 7C F0 56 4D 4F FA F5 4183 : } 4184 : } 4185 : } 4186 : } 4187 290 30 67: SEQUENCE { 4188 292 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 4189 : (PKCS #7) 4190 303 30 20: SEQUENCE { 4191 305 06 8: OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7) 4192 : (RSADSI encryptionAlgorithm (1 2 840 113549 3)) 4193 315 04 8: OCTET STRING 4194 : EE F2 1F EE 80 08 CE 6A 4195 : } 4196 325 80 32: [0] 4197 : 9E BB 6C 9E B8 14 43 2C CB B2 90 8E A4 7D 8A D8 4198 : AE 96 88 73 08 80 95 3E D1 DF E8 2F 4F DC 73 98 4199 : } 4200 : } 4201 : } 4202 : } 4204 Some additional information on this example: 4206 3DES CEK 4207 cd 4f 7c 83 73 c4 26 ce 5d b0 cd ea 7c 16 15 cb 4208 2f 8c a8 20 16 0e c8 2a 4210 Ephemeral X (reverse the bytes) 4211 2e 92 4e b9 2a bd ab 1e cb 5b d8 3b c5 6c b0 ef 4212 2d 89 7b 0e e7 d6 33 8c 1f 33 81 6d 2d d1 61 4f 4214 ZZ 4215 de 42 2f c3 fb 44 ab ce 71 3f f6 3a aa dc 09 d1 4216 ca 30 97 22 73 eb de 6a af 87 e1 74 62 60 73 c7 4217 93 1f 2e 26 b3 09 8f 1c 93 31 33 63 5f 0e ad 89 4218 89 f5 1a cb 8c 3f b7 8f 50 b3 9a fe 06 b0 8a 68 4219 c0 f7 b1 fe 20 af 96 f2 a6 cf de 12 1e 74 f9 38 4220 d1 90 da 4d 10 45 b2 6a be 3f f9 3b 61 c0 6d 8f 4221 bc 2e c8 a3 e6 d8 e2 a8 52 ea 58 65 b3 93 99 b7 4222 77 91 67 e6 04 e5 ca ce 46 86 b0 83 17 d9 de 1d 4224 3DES KEK (no parity check) 4225 02 1f 67 5c 92 58 e5 5a 2a fb 3b ed 94 6b 39 8a 4226 b1 38 a7 8c 63 fc d6 14 4228 wrapped key 4229 51 46 57 41 34 1c d6 c7 cd 36 4b a4 93 b7 16 e6 4230 2e f0 58 24 9c 6d 4b e9 90 8b 0f 46 b8 e5 93 19 4231 ff 7c f0 56 4d 4f fa f5 4233 3DES CEK 4234 1c b6 57 1a 25 bc f8 13 5b 01 1a d5 a2 46 31 7a 4235 85 fe 4f 62 45 4a 2a 43 4237 6.2 Basic encrypted content, TripleDES and RSA 4239 Same as 6.1, except with RSA for key management. An EnvelopedData from 4240 Alice to Bob of ExContent using TripleDES for encrypting and RSA for 4241 key management. Does not have a OriginatorInfo or any attributes. 4243 0 30 NDEF: SEQUENCE { 4244 2 06 9: OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3) 4245 : (PKCS #7) 4246 13 A0 NDEF: [0] { 4247 15 30 NDEF: SEQUENCE { 4248 17 02 1: INTEGER 0 4249 20 31 192: SET { 4250 23 30 189: SEQUENCE { 4251 26 02 1: INTEGER 0 4252 29 30 38: SEQUENCE { 4253 31 30 18: SEQUENCE { 4254 33 31 16: SET { 4255 35 30 14: SEQUENCE { 4256 37 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 4257 : (X.520 id-at (2 5 4)) 4258 42 13 7: PrintableString 'CarlRSA' 4259 : } 4260 : } 4261 : } 4262 51 02 16: INTEGER 4263 : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0 4264 : } 4265 69 30 13: SEQUENCE { 4266 71 06 9: OBJECT IDENTIFIER 4267 : rsaEncryption (1 2 840 113549 1 1 1) 4268 : (PKCS #1) 4269 82 05 0: NULL 4270 : } 4271 84 04 128: OCTET STRING 4272 : C5 C0 8F 67 12 9C 10 49 49 14 5D 80 D6 24 50 59 4273 : 38 41 5C B7 5B B0 0B 12 15 CD 54 80 8E 62 A3 AF 4274 : D1 15 29 A6 6C B5 C0 32 F7 39 5F 0C 2F 32 90 65 4275 : 5C E3 D5 2B 55 F6 21 37 09 5A 9A B4 96 D4 96 20 4276 : 49 06 93 67 EA 0B C1 20 3D 5D B2 63 7E 8C F9 89 4277 : F3 9F BF 1E 19 ED 36 04 83 05 8A 15 5A 92 A4 8A 4278 : B4 3E 89 C1 69 35 0D 74 B7 81 7F 02 CB 7A D7 65 4279 : 51 05 15 B6 78 0F F2 B4 80 F7 60 7A 2B 75 88 E9 4280 : } 4281 : } 4282 215 30 NDEF: SEQUENCE { 4283 217 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 4284 : (PKCS #7) 4285 228 30 20: SEQUENCE { 4286 230 06 8: OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7) 4287 : (RSADSI encryptionAlgorithm (1 2 840 113549 3)) 4288 240 04 8: OCTET STRING 4289 : F4 CF FA 43 74 39 12 F4 4290 : } 4291 250 A0 NDEF: [0] { 4292 252 04 176: OCTET STRING 4293 : 1B CE BA D7 65 FB BC 60 05 95 65 42 3F 60 DB 2D 4294 : 78 C5 F2 7F 93 34 95 E2 62 F3 99 3E D8 A2 CB C8 4295 : E5 50 10 D8 45 CD 27 EF 83 3B 3B B0 41 E6 D7 2A 4296 : DE 57 53 AF 10 97 1F 89 3D 6A 97 B8 BF E1 72 2B 4297 : F0 D6 9B E5 09 D4 6B D6 F4 BA FF 50 6A 3C F0 16 4298 : 8C DD F4 34 E5 85 CC A9 03 1E DE E3 71 19 7F 89 4299 : 9D 27 2D 71 93 53 A8 CC 15 79 58 15 36 C3 53 7B 4300 : 22 51 AD 8F 31 AB 60 3A 1C B7 65 5A 5F 90 16 7B 4301 : 2B 5D 1E 0A B4 D5 A1 64 93 DD 4F 4D 31 81 84 80 4302 : 60 C3 56 99 CC A1 C0 C8 AE 10 9E 4C C8 5E F0 18 4303 : A9 32 30 00 93 12 7B FC 14 BF 7C D4 74 B4 B0 6C 4304 : } 4305 : } 4306 : } 4307 : } 4308 : } 4310 6.3 Basic encrypted content, RC2/40 and RSA 4312 Same as 6.1, except using RC2/40 for encryption and RSA for key 4313 management. An EnvelopedData from Alice to Bob of ExContent using 4314 RC2/40 for encrypting and RSA for key management. Does not have a 4315 OriginatorInfo or any attributes. 4317 0 30 NDEF: SEQUENCE { 4318 2 06 9: OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3) 4319 : (PKCS #7) 4320 13 A0 NDEF: [0] { 4321 15 30 NDEF: SEQUENCE { 4322 17 02 1: INTEGER 0 4323 20 31 192: SET { 4324 23 30 189: SEQUENCE { 4325 26 02 1: INTEGER 0 4326 29 30 38: SEQUENCE { 4327 31 30 18: SEQUENCE { 4328 33 31 16: SET { 4329 35 30 14: SEQUENCE { 4330 37 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 4331 : (X.520 id-at (2 5 4)) 4332 42 13 7: PrintableString 'CarlRSA' 4333 : } 4334 : } 4335 : } 4336 51 02 16: INTEGER 4337 : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0 4338 : } 4339 69 30 13: SEQUENCE { 4340 71 06 9: OBJECT IDENTIFIER 4341 : rsaEncryption (1 2 840 113549 1 1 1) 4342 : (PKCS #1) 4343 82 05 0: NULL 4344 : } 4345 84 04 128: OCTET STRING 4346 : 84 00 78 AC A9 6A F9 ED BE 27 7F A1 45 FE 73 4B 4347 : 05 54 14 D7 DF 9B 27 11 68 97 E6 32 76 A3 D6 48 4348 : B4 4D E4 15 B0 BF A8 58 1F 5D F2 5C 30 A8 E9 C7 4349 : 63 E4 95 B4 AB 2A 36 3E 69 9C 59 0D 67 5F F2 82 4350 : 15 21 7B 1A 3B 59 68 AA F1 B0 C6 8C DB 0E B2 54 4351 : DC 33 D1 64 D1 4C A9 74 08 14 11 8A 16 74 6A 3A 4352 : F0 33 35 1C 34 70 33 BF 0A C6 44 91 C8 B1 21 BC 4353 : B1 A3 65 DD 14 BC 05 D7 E2 E7 DC 7F 3A 59 7E 1F 4354 : } 4355 : } 4356 215 30 NDEF: SEQUENCE { 4357 217 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 4358 : (PKCS #7) 4359 228 30 26: SEQUENCE { 4360 230 06 8: OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2) 4361 : (RSADSI encryptionAlgorithm (1 2 840 113549 3)) 4362 240 30 14: SEQUENCE { 4363 242 02 2: INTEGER 160 4364 246 04 8: OCTET STRING 4365 : 9C 04 D2 19 2E 2A 55 A1 4366 : } 4367 : } 4368 256 A0 NDEF: [0] { 4369 258 04 176: OCTET STRING 4370 : 8E 87 2E 22 E4 30 61 9B 96 CC EA AD 0C D6 D7 03 4371 : 1B 14 60 37 8B 1A 80 2C 12 4F 76 B7 76 77 E2 07 4372 : 84 33 0B CC 65 EB 5B 32 9B 68 F3 86 6D 7D B1 A2 4373 : 44 10 1D C0 14 E1 F2 C6 F1 28 17 BA 86 D5 2F 6D 4374 : 37 DF 82 EB D1 2D 24 80 71 62 4D 0D A8 69 10 A9 4375 : E1 45 75 86 4D AB 83 61 5B 70 7D 6D C2 5D F3 80 4376 : 31 D3 70 FD 73 2D 75 4D 93 54 9F 3A A8 A8 DC 30 4377 : 34 FD 49 36 88 97 37 4F 24 0F FB 03 22 4C 64 EA 4378 : 33 EB C5 C6 23 87 01 72 13 6F E7 62 3D 12 62 0D 4379 : FB 44 88 32 24 91 05 46 8D 0E 00 39 8A 14 8A CA 4380 : 19 58 4B 8F BD BB 35 89 AF F9 99 16 91 F0 E7 BD 4381 : } 4382 : } 4383 : } 4384 : } 4385 : } 4387 6.4 Encrypted content, two recipients, no shared keying material 4389 Same as 6.1, except sent to both Bob and Diane. An EnvelopedData from 4390 Alice to Bob and Diane of ExContent using TripleDES for encrypting and 4391 Diffie-Hellman for key management. Does not have a OriginatorInfo or 4392 any attributes. 4394 0 30 615: SEQUENCE { 4395 4 06 9: OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3) 4396 : (PKCS #7) 4397 15 A0 600: [0] { 4398 19 30 596: SEQUENCE { 4399 23 02 1: INTEGER 2 4400 26 31 520: SET { 4401 30 A1 256: [1] { 4402 34 02 1: INTEGER 3 4403 37 A0 150: [0] { 4404 40 A1 147: [1] { 4405 43 30 9: SEQUENCE { 4406 45 06 7: OBJECT IDENTIFIER 4407 : dhPublicNumber (1 2 840 10046 2 1) 4408 : (ANSI X9.42 number-type) 4409 : } 4410 54 03 133: BIT STRING 0 unused bits 4411 : 02 81 80 03 CA 05 2E 78 63 86 95 7D C6 E3 38 08 4412 : 33 D3 5E 06 FB C5 98 FA DE 66 42 2E 6F BB 35 47 4413 : 73 EE 7F 43 82 83 0C 8D EF 1F 61 8F 52 C6 5C BB 4414 : 85 46 09 CD 0A 1E 75 44 51 AC B8 AB 85 88 C6 B3 4415 : 06 97 C9 47 B2 8A 56 55 8B BE D3 3C C9 3A F0 A8 4416 : D5 4C 3A 56 19 9B 65 75 E9 2B 14 66 D8 BB 66 70 4417 : 2E 64 46 41 BD 33 E1 50 F8 D5 CA A5 74 6A 09 01 4418 : D3 6D 74 85 21 33 53 AB C2 3D 2A 08 40 CF F9 AC 4419 : 2D F7 D0 00 4420 : } 4421 : } 4422 190 30 26: SEQUENCE { 4423 192 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1) 4424 : (ANSI X9.42 number-type) 4425 201 30 15: SEQUENCE { 4426 203 06 11: OBJECT IDENTIFIER '1 2 840 113549 1 9 16 3 6' 4427 216 05 0: NULL 4428 : } 4429 : } 4430 218 30 70: SEQUENCE { 4431 220 30 68: SEQUENCE { 4432 222 30 24: SEQUENCE { 4433 224 30 18: SEQUENCE { 4434 226 31 16: SET { 4435 228 30 14: SEQUENCE { 4436 230 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 4437 : (X.520 id-at (2 5 4)) 4438 235 13 7: PrintableString 'CarlDSS' 4439 : } 4440 : } 4441 : } 4442 244 02 2: INTEGER 211 4443 : } 4444 248 04 40: OCTET STRING 4445 : 88 24 7C 52 73 C3 02 FF DB 89 49 08 0E BD EE 0E 4446 : 49 18 47 19 B4 95 5F 16 12 B9 ED 34 4F 99 6B 2F 4447 : CA 8E 94 87 56 66 08 51 4448 : } 4449 : } 4450 : } 4451 290 A1 256: [1] { 4452 294 02 1: INTEGER 3 4453 297 A0 150: [0] { 4454 300 A1 147: [1] { 4455 303 30 9: SEQUENCE { 4456 305 06 7: OBJECT IDENTIFIER 4457 : dhPublicNumber (1 2 840 10046 2 1) 4458 : (ANSI X9.42 number-type) 4459 : } 4460 314 03 133: BIT STRING 0 unused bits 4461 : 02 81 80 5C 58 72 3E C6 68 91 0F F8 EB 07 EB C1 4462 : 46 60 13 4B 7A D4 E5 AC 61 0C 67 D1 0D 0A AB E8 4463 : 81 31 25 6A B5 E6 F3 EF 53 9D E7 51 B5 1D A4 E3 4464 : 38 C7 EB 95 D9 80 D8 85 65 76 12 FB 7A 9E F2 B1 4465 : 3F 38 1F EA F2 7C 61 26 63 73 AA 22 E2 FD 15 9A 4466 : 9C 17 31 58 0C 4E A0 DE 84 89 B7 81 70 62 3E 9B 4467 : 45 47 AD B9 FC 94 95 A5 99 F4 86 8D 0B CE 74 EC 4468 : 71 DC CA A6 71 37 31 01 4C 8C 01 59 8C 49 AE FC 4469 : FB 64 EA 00 4470 : } 4471 : } 4472 450 30 26: SEQUENCE { 4473 452 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1) 4474 : (ANSI X9.42 number-type) 4475 461 30 15: SEQUENCE { 4476 463 06 11: OBJECT IDENTIFIER '1 2 840 113549 1 9 16 3 6' 4477 476 05 0: NULL 4478 : } 4479 : } 4480 478 30 70: SEQUENCE { 4481 480 30 68: SEQUENCE { 4482 482 30 24: SEQUENCE { 4483 484 30 18: SEQUENCE { 4484 486 31 16: SET { 4485 488 30 14: SEQUENCE { 4486 490 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 4487 : (X.520 id-at (2 5 4)) 4488 495 13 7: PrintableString 'CarlDSS' 4489 : } 4490 : } 4491 : } 4492 504 02 2: INTEGER 201 4493 : } 4494 508 04 40: OCTET STRING 4495 : 39 2A 16 D1 21 2B 72 38 0C 40 01 55 A1 17 19 04 4496 : BE FD 24 9B 33 E5 1C BC C5 D8 7B A7 45 15 D2 5B 4497 : E5 5A 09 A5 22 18 7B DF 4498 : } 4499 : } 4500 : } 4501 : } 4502 550 30 67: SEQUENCE { 4503 552 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 4504 : (PKCS #7) 4505 563 30 20: SEQUENCE { 4506 565 06 8: OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7) 4507 : (RSADSI encryptionAlgorithm (1 2 840 113549 3)) 4508 575 04 8: OCTET STRING 4509 : 13 E3 41 9C 85 30 15 1F 4510 : } 4511 585 80 32: [0] 4512 : BA 8F 71 D9 C8 92 CE D4 08 A7 F5 73 91 29 6D E1 4513 : 33 08 DE C4 58 C2 A2 7B F0 9A 4B 06 44 EF D6 E5 4514 : } 4515 : } 4516 : } 4517 : } 4519 6.5 Encrypted content, two recipients, shared keying material 4521 Same as 6.4, except sent to Bob and Erica using keys that have shared 4522 parameters so the result does not include the UKMs. An EnvelopedData 4523 from Alice to Bob and Erica of ExContent using TripleDES for encrypting 4524 and Diffie-Hellman for key management. Does not have a OriginatorInfo 4525 or any attributes. Uses BobPubDHSharedEncrypt and 4526 DianePubDHSharedEncrypt for keys. 4528 0 30 426: SEQUENCE { 4529 4 06 9: OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3) 4530 : (PKCS #7) 4531 15 A0 411: [0] { 4532 19 30 407: SEQUENCE { 4533 23 02 1: INTEGER 2 4534 26 31 331: SET { 4535 30 A1 327: [1] { 4536 34 02 1: INTEGER 3 4537 37 A0 150: [0] { 4538 40 A1 147: [1] { 4539 43 30 9: SEQUENCE { 4540 45 06 7: OBJECT IDENTIFIER 4541 : dhPublicNumber (1 2 840 10046 2 1) 4542 : (ANSI X9.42 number-type) 4543 : } 4544 54 03 133: BIT STRING 0 unused bits 4545 : 02 81 80 1E 6F B8 49 59 86 A9 EE 34 17 29 BC A0 4546 : 5A 84 51 AB CE 9A 41 38 B6 29 A7 7C 49 24 8D 83 4547 : A6 A0 F8 2C 9A 1B 1D A9 86 64 62 89 4B F9 5B 35 4548 : 93 0C 36 D3 F7 06 51 D5 4A 5E AD DC 76 D2 ED 53 4549 : 46 1A D4 0A 84 5B 26 A7 D0 4C 9A D6 24 A1 9E BA 4550 : D2 21 30 7B 45 C5 36 CC 2B 4A 4F 19 77 0D 48 22 4551 : 79 66 D9 EB 51 4A 5A 3B 5D 25 E5 FA 58 79 0F 53 4552 : 49 1B 1F E9 F9 79 73 0D BC 49 61 ED DB 4D 81 67 4553 : 9E 68 A8 00 4554 : } 4555 : } 4556 190 30 26: SEQUENCE { 4557 192 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1) 4558 : (ANSI X9.42 number-type) 4559 201 30 15: SEQUENCE { 4560 203 06 11: OBJECT IDENTIFIER '1 2 840 113549 1 9 16 3 6' 4561 216 05 0: NULL 4562 : } 4563 : } 4564 218 30 140: SEQUENCE { 4565 221 30 68: SEQUENCE { 4566 223 30 24: SEQUENCE { 4567 225 30 18: SEQUENCE { 4568 227 31 16: SET { 4569 229 30 14: SEQUENCE { 4570 231 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 4571 : (X.520 id-at (2 5 4)) 4572 236 13 7: PrintableString 'CarlDSS' 4573 : } 4574 : } 4575 : } 4576 245 02 2: INTEGER 201 4577 : } 4578 249 04 40: OCTET STRING 4579 : FF 20 83 91 5F 10 CF 38 80 DF 50 20 46 C3 30 3B 4580 : 7D 2B E3 DB C1 18 07 E3 07 85 2B 6C AB 26 07 B9 4581 : 2C E5 DD 89 40 7D E9 D5 4582 : } 4583 291 30 68: SEQUENCE { 4584 293 30 24: SEQUENCE { 4585 295 30 18: SEQUENCE { 4586 297 31 16: SET { 4587 299 30 14: SEQUENCE { 4588 301 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) 4589 : (X.520 id-at (2 5 4)) 4590 306 13 7: PrintableString 'CarlDSS' 4591 : } 4592 : } 4593 : } 4594 315 02 2: INTEGER 212 4595 : } 4596 319 04 40: OCTET STRING 4597 : BF 13 C2 4A A2 D4 08 6A 2B 60 4A B8 A1 6D 31 43 4598 : F7 6B AE 35 64 23 D0 E6 80 79 BE 5F 25 2C 51 E3 4599 : B9 0E 44 F3 83 79 B4 0E 4600 : } 4601 : } 4602 : } 4603 : } 4604 361 30 67: SEQUENCE { 4605 363 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 4606 : (PKCS #7) 4607 374 30 20: SEQUENCE { 4608 376 06 8: OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7) 4609 : (RSADSI encryptionAlgorithm (1 2 840 113549 3)) 4610 386 04 8: OCTET STRING 4611 : 23 DF 7F DB 3D 98 00 F8 4612 : } 4613 396 80 32: [0] 4614 : 74 29 02 33 4D 51 2E C4 C5 AE 32 D8 7F 9B 01 EB 4615 : D2 CD C2 32 0A AA 90 8D A9 91 F3 21 32 8E 4E 76 4616 : } 4617 : } 4618 : } 4619 : } 4621 6.6 Encrypted content, TripleDES and DH, previously-distributed keys 4623 Same as 6.1, except sent using a previously-distributed key. An 4624 EnvelopedData from Alice to Bob of ExContent using TripleDES for 4625 encrypting and Diffie-Hellman for key management, using the 4626 MailListTripleDES key. Does not have a OriginatorInfo or any 4627 attributes. 4629 Subject: Test subject 4630 MIME-Version: 1.0 4631 Content-Type: application/x-pkcs7-mime; 4632 name="smime.p7m"; 4633 smime-type=enveloped-data 4634 Content-Transfer-Encoding: base64 4635 Content-Disposition: attachment; 4636 filename="smime.p7m" 4637 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2115.300 4639 MIAGCSqGSIb3DQEHA6CAMIACAQIxggFdoYIBBAIBA6CBlaGBkjAJBgcqhkjOPgIBA4 4640 GEAAKBgE348O8WYkb+mh9JywImIJ1j0PIj84SnpKclqO31EcScZzkSiQQP+gqphImf 4641 EwIGh7P7ywuoFuxdot8C2X/nDubhrrKImG3Z96h/FAh6/rgA6P10r2yesV1QvqfGgY 4642 Bh9+o9zq/S1+Q8ssFH9j1nZzTLLL3rrG8W4ztmu4qX+Q89MB8GCyqGSIb3DQEJEAMF 4643 MBAGCyqGSIb3DQEJEAMHAgE6MEYwRDAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDJBC 4644 hTEv/IiYb58fJpBc1MQAJ1FSG33LdFbpRq8QirMU12JiHd9qAJjj9ColMCAQQwEwQR 4645 TWFpbExpc3RUcmlwbGVERVMwDwYLKoZIhvcNAQkQAwYFAAQo/JV25qipslbuubZDLs 4646 lEB93Y4rGtOJHpymNu+u5Fe7bpypVtjw4VWjCABgkqhkiG9w0BBwEwGQYIKoZIhvcN 4647 AwIwDQIBOgQIj3hP9Fg2yEqggAQg4lYLOgn0NuOrSALLvtN4NzeVtYJ07hsW2OZ7Fq 4648 QNmuoAAAAAAAAAAAAA 4650 6.7 Encrypted content, RC2/40 and RSA, previously-distributed keys 4652 Same as 6.1, except sent using a previously-distributed key. An 4653 EnvelopedData from Alice to Bob of ExContent using RC2/40 for 4654 encrypting and RSA for key management, using the MailListRC2 key. Does 4655 not have a OriginatorInfo or any attributes. 4657 XXXXX 4659 6.8 S/MIME application/pkcs7-mime encrypted message 4661 A full S/MIME message, including MIME, that includes the body part from 4662 6.1. 4664 XXXXX 4666 7. Digested-data 4668 A DigestedData from Alice to Bob of ExContent using SHA-1. 4670 0 30 90: SEQUENCE { 4671 2 06 9: OBJECT IDENTIFIER digestedData (1 2 840 113549 1 7 5) 4672 : (PKCS #7) 4673 13 A0 77: [0] { 4674 15 30 75: SEQUENCE { 4675 17 02 1: INTEGER 0 4676 20 30 7: SEQUENCE { 4677 22 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) 4678 : (OIW) 4679 : } 4680 29 30 39: SEQUENCE { 4681 31 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 4682 : (PKCS #7) 4683 42 A0 26: [0] { 4684 44 04 24: OCTET STRING 4685 : 54 68 69 73 20 73 6F 6D 65 20 73 61 6D 70 65 20 4686 : 63 6F 6E 74 65 6E 74 2E 4687 : } 4688 : } 4689 70 04 20: OCTET STRING 4690 : 40 6A EC 08 52 79 BA 6E 16 02 2D 9E 06 29 C0 22 4691 : 96 87 DD 48 4692 : } 4693 : } 4694 : } 4696 8. Encrypted-data 4698 An EncryptedData from Alice to Bob of ExContent with no attributes. 4700 0 30 87: SEQUENCE { 4701 2 06 9: OBJECT IDENTIFIER encryptedData (1 2 840 113549 1 7 6) 4702 : (PKCS #7) 4703 13 A0 74: [0] { 4704 15 30 72: SEQUENCE { 4705 17 02 1: INTEGER 0 4706 20 30 67: SEQUENCE { 4707 22 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 4708 : (PKCS #7) 4709 33 30 20: SEQUENCE { 4710 35 06 8: OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7) 4711 : (RSADSI encryptionAlgorithm (1 2 840 113549 3)) 4712 45 04 8: OCTET STRING 4713 : B3 6B 6B FB 62 31 08 4E 4714 : } 4715 55 80 32: [0] 4716 : D7 6F D1 17 8F BD 02 F8 42 31 F5 C1 D2 A2 F7 4A 4717 : 41 59 48 29 64 F6 75 24 82 54 22 3D AF 9A F8 E4 4718 : } 4719 : } 4720 : } 4721 : } 4723 The TripleDES key is: 4724 73 7c 79 1f 25 ea d0 e0 46 29 25 43 52 f7 dc 62 4725 91 e5 cb 26 91 7a da 32 4727 9. Authenticated-data 4729 9.1 Authenticated data with no autenticated attributes 4731 An AutenticatedData from Alice to Bob using XXXXXXXXXX with no 4732 authenticated attributes. 4734 XXXXX 4736 9.2 Authenticated data with autenticated attributes 4738 An AutenticatedData from Alice to Bob using XXXXXXXXXX with the 4739 content-type and message-digest authenticated attributes. 4741 XXXXX 4743 10. Key Wrapping 4745 This section shows the steps needed to wrap keys, as described in 4746 section 12.6 of [CMS]. 4748 10.1 Wrapping RC2 4750 This example shows how to wrap an RC2 key. 4752 The CEK to be wrapped is 4753 b70a 25fb c9d8 6a86 050c e0d7 11ea d4d9 4755 The random value used is 4756 4845 cce7 fd12 50 4758 The hash of the CEK is 4759 0a6f f19f db40 4988 4761 The CEK initialization vector is 4762 c7d9 0059 b29e 97f7 4764 The KEK is 4765 fd04 fd08 0607 07fb 0003 feff fd02 fe05 4767 The "Pre Encrypt #1" is 4768 10b7 0a25 fbc9 d86a 8605 0ce0 d711 ead4 4769 d9 4845 cce7 fd12 500a 6ff1 9fdb 4049 88 4771 The "Pre Encrypt #2" is 4772 a7 f7 1f a3 07 8a a9 9f 32 99 8e ff 9e d7 8c ac 4773 b8 70 ce 04 f5 55 8c e4 60 12 93 37 59 a2 1d a0 4774 f7 97 9e b2 59 00 d9 c7 4776 The wrapped CEK is 4777 70e6 99fb 5701 f783 3330 fb71 e87c 85a4 4778 20bd c99a f05d 22af 5a0e 48d3 5f31 3898 4779 6cba afb4 b28d 4f35 4781 10.2 Wrapping TripleDES 4783 This example shows how to wrap an TripleDES key. 4785 The CEK to be wrapped is 4786 2923 bf85 e06d d6ae 5291 49f1 f1ba e9ea b3a7 da3d 860d 3e98 4788 The hash of the CEK is 4789 181b 7e96 86e04a4e 4791 The CEK initialization vector is 4792 5dd4 cbfc 96f5 453b 4794 The KEK is 4795 255e 0d1c 07b6 46df b313 4cc8 43ba 8aa7 1f02 5b7c 0838 251f 4797 The "Pre Encrypt #1" is 4798 29 23 bf 85 e0 6d d6 ae 52 91 49 f1 f1 ba e9 ea 4799 b3 a7 da 3d 86 0d 3e 98 18 1b 7e 96 86 e0 4a 4e 4801 The "Pre Encrypt #2" is 4802 49 84 9d 72 5f cc 4d a4 f6 60 79 7a 3b 97 1f 5c 4803 03 cc 92 ef 04 32 9a b4 2a dd 75 c6 89 a7 c1 cf 4804 3b 45 f5 96 fc cb d4 5d 4806 The wrapped CEK is 4807 69 01 07 61 8e f0 92 b3 b4 8c a1 79 6b 23 4a e9 4808 fa 33 eb b4 15 96 04 03 7d b5 d6 a8 4e b3 aa c2 4809 76 8c 63 27 75 a4 67 d4 4811 11. ESS Examples 4813 11.1 ReceiptRequest 4815 Alice asks Diane for a reciept on the message in 5.1. 4817 XXXXX 4819 11.2 Receipt 4821 Diane gives Alice a receipt for the message in 11.1. 4823 XXXXX 4825 11.3 eSSSecurityLabel 4827 Alice includes a security label in the message in 5.1. 4829 XXXXX 4831 11.4 EquivalentLabels 4833 Alice uses an EquivalentLabels in the message in 11.3. 4835 XXXXX 4837 11.5 mlExpansionHistory 4839 The mailing list sends a message with a mlExpansionHistory attribute. 4841 XXXXX 4843 11.6 SigningCertificate 4845 Alice uses a SigningCertificate attribute in the message in 5.1. 4847 XXXXX 4849 12. Security Considerations 4851 Because this document shows examples of S/MIME, CMS, and ESS messages, 4852 this document also inherits all of the security considerations from 4853 [SMIME-MSG], [CMS], and [SMIME-ESS]. 4855 The Perl script in Appendix B writes to the user's local hard drive. A 4856 malicious attacker could modify the Perl script in this document. Be 4857 sure to read the Perl code carefully before executing it. 4859 A. References 4861 [CMS] Cryptographic Message Syntax, RFC 2630. 4863 [PKIX] PKIX Certificate and CRL Profile, RFC 2459. 4865 [SMIME-MSG] S/MIME Version 3 Message Specification. RFC 2633. 4867 [SMIME-ESS] Enhanced Security Services for S/MIME, RFC 2634. 4869 B. Binaries of the Examples 4871 This section contains the binaries of the examples shown in the rest of 4872 the document. The binaries are stored in a modified Base64 format. 4873 There is a Perl program that, when run over the contents of this 4874 document, will extract the following binaries and write them out to 4875 disk. The program works with Perl for Unix and Windows 95/98/NT (and 4876 possibly Macintosh). 4878 B.1 How the binaries and extractor works 4880 The program in the next section looks for lines that begin with a '|' 4881 character (or some whitespace followed by a '|'), ignoring all other 4882 lines. If the line begins with '|', the second character tells what 4883 kind of line it is: 4884 A line that begins with |* is a comment 4885 A line that begins with |> gives the name of a new file to start 4886 A line that begins with |< tells to end the file (and checks the 4887 file name for sanity) 4888 A line that begins with |anythingelse is a Base64 line 4890 The program writes out a series of files, so you should run this in an 4891 empty directory. The program will overwrite files (if it can), but won't 4892 delete other files already in the directory. 4894 Run this program with this document as the standard input, such as: 4895 extractsample " and "|<" markers, remove any page breaks, and remove the "|" 4899 in the first column of each line. The result is a valid Base64 blob that 4900 can be processed by any Base64 decoder. 4902 B.2 Example extraction program 4904 #!/usr/bin/perl 4906 # CMS Samples extraction program. v 1.1 4908 # Get all the input as an array of lines 4909 @AllIn = (); while () { push(@AllIn, $_) } 4911 $Base64Chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqr' . 4912 'stuvwxyz0123456789+/='; 4913 $LineCount = 0; $CurrFile = ''; 4915 foreach $Line (@AllIn) { 4916 $LineCount++; # Keep the line counter for error messages 4917 $Line =~ s/^\s*//; # Get rid of leading whitespace 4918 chomp($Line); # Get rid of CR or CRLF at the end of the line 4919 if(substr($Line, 0, 1) ne '|') { next } # Not a special line 4920 elsif(substr($Line, 1, 1) eq '*') { next } # It is a comment 4921 elsif(substr($Line, 1, 1) eq '>') 4922 { &StartNewFile(substr($Line, 2)) } # Start a new file 4923 elsif(substr($Line, 1, 1) eq '<') 4924 { &EndCurrFile(substr($Line, 2)) } # End the current file 4925 else { &DoBase64(substr($Line, 1)) } # It is a line of Base64 4926 } 4928 sub StartNewFile { 4929 $TheNewFile = shift(@_); 4930 if($CurrFile ne '') { die "Was about to start a new file at " . 4931 "line $LineCount, but the old file, $CurrFile, was open\n" } 4932 open(OUT, ">$TheNewFile") or 4933 die "Could not open $TheNewFile for writing: $!\n"; 4934 binmode(OUT); # This is needed for Windows, is a noop on Unix 4935 $CurrFile = $TheNewFile; 4936 $LeftOver = 0; # Amount left from previous Base64 character 4937 $NextPos = 0; # Bit position to start the next Base64 character 4938 # (bits are numbered 01234567) 4939 $OutString = ''; # Holds the text going out to the file 4940 } 4942 sub EndCurrFile { 4943 $FileToEnd = shift(@_); 4944 if($CurrFile ne $FileToEnd) { die "Was about to close " . 4945 "$FileToEnd at line $LineCount, but that name didn't match " . 4946 "the name of the currently open file, $CurrFile\n" } 4947 print OUT $OutString; 4948 close(OUT); 4949 $CurrFile = ''; 4950 } 4952 sub DoBase64 { 4953 $TheIn = shift(@_); 4954 if($CurrFile eq '') { die "Got some Base64 at line $LineCount, " . 4955 "but appear to not be writing to any particular file" } 4956 @Chars = split(//, $TheIn); # Make an array of the characters 4957 foreach $ThisChar (@Chars) { 4958 # $ThisVal is the position in the string and the Base64 value 4959 $ThisVal = index($Base64Chars, $ThisChar); 4960 if($ThisVal == -1) { die "At line $LineCount, found the " . 4961 "character $ThisChar, which is not a Base64 character\n" } 4962 if($ThisVal == 64) { last } # It is a "=", so we're done 4963 if ($NextPos == 0 ) { 4964 # Don't output anything, just fill the left of $LeftOver 4965 $LeftOver = $ThisVal * 4; 4966 $NextPos = 6; 4967 } elsif ($NextPos == 2) { 4968 # Add $ThisVal to $LeftOver, output, and reset 4969 $OutString .= chr($LeftOver + $ThisVal); 4970 $LeftOver = 0; 4971 $NextPos = 0; 4972 } elsif ($NextPos == 4) { 4973 # Add upper 4 bits of $ThisVal to $LeftOver and output 4974 $Upper4 = ($ThisVal & 60); 4975 $OutString .= chr($LeftOver + ($Upper4/4)); 4976 $LeftOver = (($ThisVal - $Upper4) * 64); 4977 $NextPos = 2; 4978 } elsif ($NextPos == 6) { 4979 # Add upper 2 bits of $ThisVal to $LeftOver and output 4980 $Upper2 = ($ThisVal & 48); 4981 $OutString .= chr($LeftOver + ($Upper2/16)); 4982 $LeftOver = (($ThisVal - $Upper2) * 16); 4983 $NextPos = 4; 4984 } else { die "\$NextPos has an illegal value: $NextPos." } 4985 } 4986 } 4988 C. Examples by section 4990 Example from section 3.1 (content) 4992 |* ExContent is just the message 4993 |* Creator: [PH] 4994 |>ExContent.bin 4995 |VGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50Lg== 4996 |AlicePrivDSSSign.pri 5003 |MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBAIGNze2D6gqeOT7CSCij5EeT3Q7XqA7sU8 5004 |WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+HZMMg23j+bv7dM3F9piuR10DcMkQiVm96nXvn8 5005 |9J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UIddU5dhDEeL3/nbCElzfy5FEbteQJllzzflvbAh 5006 |UA4kemGkVmuBPG2o+4NyErYov3k80CgYAmONAUiTKqOfs+bdlLWWpMdiM5BAI1XPLLGjDD 5007 |HlBd3ZtZ4s2qBT1YwHuiNrhuB699ikIlp/R1z0oIXks+kPht6pzJIYo7dhTpzi5dowfNI4 5008 |W4LzABfG1JiRGJNkS9+MiVSlNWteL5c+waYTYfEX/Cve3RUP+YdMLRgUpgObo2OQQXAhUA 5009 |u0RG0aXJRgcu0P561pIH8JqFiT8= 5010 |AlicePrivRSASign.pri 5015 |MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAOCJczmN2PX16Id2OX9OsA 5016 |W7U4PeD7er3H3HdSkNBS5tEt+mhibU0m+qWCn8l+z6glEPMIC+sVCeRkTxLLvYMs/GaG8H 5017 |2bBgrL7uNAlqE/X3BQWT3166NVbZYf8Zf8mB5vhs6odAcO+sbSx0ny36VTq5mXcCpkhSjE 5018 |7zVzhXdFdfAgMBAAECgYAApAPDJ0d2NDRspoa1eUkBSy6K0shissfXSAlqi5H3NvJ11ujN 5019 |FZBgJzFHNWRNlc1nY860n1asLzduHO4Ovygt9DmQbzTYbghb1WVq2EHzE9ctOV7+M8v/Ke 5020 |QDCz0Foo+38Y6idjeweVfTLyvehwYifQRmXskbr4saw+yRRKt/IQJBAPbW4CIhTF8KcP8n 5021 |/OWzUGqd5Q+1hZbGQPqoCrSbmwxVwgEd+TeCihTI8pMOks2lZiG5PNIGv7RVMcncrcqYLd 5022 |ECQQDo3rARJQnSAlEB3oromFD1d3dhpEWTawhVlnNd9MhbEpMic4t/03B/9aSqu3T9PCJq 5023 |2jiRKoZbbBTorkye+o4vAkEAl0zwh5sXf+4bgxsUtgtqkF+GJ1Hht6B/9eSI41m5+R6b0y 5024 |l3OCJI1yKxJZi6PVlTt/oeILLIURYjdZNR56vN8QJALPAkW/qgzYUi6tBuT/pszSHTyOTx 5025 |hERIZHPXKY9+RozsFd7kUbOU5yyZLVVleyTqo2IfPmxNZ0ERO+G+6YMCgwJAWIjZoVA4hG 5026 |qrA7y730v0nG+4tCol+/bkBS9u4oiJIW9LJZ7Qq1CTyr9AcewhJcV/+wLpIZa4M83ixpXu 5027 |b41fKA== 5028 |BobPrivDHEncrypt.pri 5033 |MIIBYwIBADCCATgGByqGSM4+AgEwggErAoGBAOwszaTvmiYvYqe7I03fKyXBaNKeqUVbNv 5034 |GUiRqvfREknT25PCno1yOAM6aeRQK7qsyeKAWVoLMXdsH3JTVhAkGSJwxerkjl824475HR 5035 |zzf+mkCXyC01np2TxvgVrz/adDq3xJO1ubt2bB+ofrw6qkMKgWT8Y/B7cZj6wDh5EBozAo 5036 |GBALoL13Q95zTlTBOnlZa78eRhNwj7Esf7nJF3Bpk18EgkljMSAX6N7Av2ssBjpxXFXpWG 5037 |onPFSUY3eWD9dwUJSJtwjTwF9s5ELH99GysV3fMFL76FII+N+bSgRXQr9DudQmI0JyeBjm 5038 |8PXmKFicztIcORcAZU7nCoklVbbhkiTWKnAiEAw6tKMHmz05dOyvWifcdwo0Xzs6KGBdI+ 5039 |Sfmf2Qqzvr0EIgIgIPxngu7PSqbI5YPSjDuK0kUyEScybIbsZspxrfAZTfc= 5040 |BobPrivRSAEncrypt.pri 5045 |MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAORL/xi4JFf0d/9uc3uTcV 5046 |y8MxqSknIj2EFG0M0ROgSzjq+Cnb1RHhd68nYsK4Y5p73XjRpT7OQA1ejsojax7eJQ4jIJ 5047 |ij+fmSWPuE6ruX3VlmXaFqDFvg6uRFvvXvSnKcuC3axE6aqTlCkO+BjWyFde8nbE8hFgOL 5048 |kbPB2XyWrxAgMBAAECgYEArnPkW19bZlrJ18bvOF9TISovYv7eKZp6hmc2531ieHU9c6C8 5049 |KQ7zj73Dycm2+LrWE5vDl3rKavC4hWVOD72nqPdUBkG969wgd5DfYZuab3Te6jvUnIdg7X 5050 |aE8WowN9XgkBb4gEfDGWvtdXe6Su05tl0CRztfG8gcq8vo9SY/pIECQQD/3wmgVgtCUp7E 5051 |TZOzsEm73ueBfSiZ0LFIugs54Rx7IhgztkD2v9yuHdChrQRxWmEKbjvOMNo2n2UlKbunDn 5052 |8LAkEA5GloGF/5V9B8ZokPumMdcssgpIF2ZInNfdHCJ6kurHpWmoUH2TADowOrf4iSUCQB 5053 |qhsHHyBMt8l7Vve2wn6rcwJAVzZsj4wEdmy21O4kRAD4gOKvQgGpDxSE+OcA4I+MJ6QtX6 5054 |LlbbVjwK1E6XaRpxlJLkb4d4VLO4cE8K/S2FQmlQJAZKEPrFV0G70NYXsXA82w5qcZHYCv 5055 |8UFI2Bq2iBSgLHrFdtQPDh96KrJuNwSrOUVzukaoD42CXyIUBc+io/N8gwJAJh4dHKGYK+ 5056 |TbOOhXbmtzGYhhOvp0SjaLR2hdUOsm4+p9m05lqa97q0sudlE9qNARq6PWqMAnNh1UC6qn 5057 |0W2N+g== 5058 |CarlPrivDSSSign.pri 5063 |MIIBSgIBADCCASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8 5064 |ZMsw6UCQbrAdSxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5 5065 |UAFIk4vrJRVRl1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAh 5066 |UA3cEv31POCzRgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytb 5067 |DJHOpWJSacrhbT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0 5068 |R5NVpzqn9GUR+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgQWAhQZ 5069 |szilIWIxUOV/uT4IRnjRPrXlcg== 5070 |CarlPrivRSASign.pri 5075 |MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAORL/xi4JFf0d/9uc3uTcV 5076 |y8MxqSknIj2EFG0M0ROgSzjq+Cnb1RHhd68nYsK4Y5p73XjRpT7OQA1ejsojax7eJQ4jIJ 5077 |ij+fmSWPuE6ruX3VlmXaFqDFvg6uRFvvXvSnKcuC3axE6aqTlCkO+BjWyFde8nbE8hFgOL 5078 |kbPB2XyWrxAgMBAAECgYEArnPkW19bZlrJ18bvOF9TISovYv7eKZp6hmc2531ieHU9c6C8 5079 |KQ7zj73Dycm2+LrWE5vDl3rKavC4hWVOD72nqPdUBkG969wgd5DfYZuab3Te6jvUnIdg7X 5080 |aE8WowN9XgkBb4gEfDGWvtdXe6Su05tl0CRztfG8gcq8vo9SY/pIECQQD/3wmgVgtCUp7E 5081 |TZOzsEm73ueBfSiZ0LFIugs54Rx7IhgztkD2v9yuHdChrQRxWmEKbjvOMNo2n2UlKbunDn 5082 |8LAkEA5GloGF/5V9B8ZokPumMdcssgpIF2ZInNfdHCJ6kurHpWmoUH2TADowOrf4iSUCQB 5083 |qhsHHyBMt8l7Vve2wn6rcwJAVzZsj4wEdmy21O4kRAD4gOKvQgGpDxSE+OcA4I+MJ6QtX6 5084 |LlbbVjwK1E6XaRpxlJLkb4d4VLO4cE8K/S2FQmlQJAZKEPrFV0G70NYXsXA82w5qcZHYCv 5085 |8UFI2Bq2iBSgLHrFdtQPDh96KrJuNwSrOUVzukaoD42CXyIUBc+io/N8gwJAJh4dHKGYK+ 5086 |TbOOhXbmtzGYhhOvp0SjaLR2hdUOsm4+p9m05lqa97q0sudlE9qNARq6PWqMAnNh1UC6qn 5087 |0W2N+g== 5088 |DianePrivDHEncrypt.pri 5093 |MIIBYgIBADCCATcGByqGSM4+AgEwggEqAoGBAMpukcKwvahY8jEhdLsf5BC90JOifmHhPb 5094 |ojBBbQZjm9O80FdEjxA3CV9AVjbS6/mrf/l/85u2PbTaRx2JSatPKKPZ+3XY3K4q+1D88F 5095 |ZYJobkPS9ARfA4v5UPXIbAUmvL82D1zDUWpn6HUyZniRY+j+NOcZtnBseDg2gtI0NsLfAo 5096 |GAbtZ2NkvkWQdXXxiaENIxXKYQsCaWQk18o6HTnqWAsh83EUl8ipnYVj+TUe1uVPtu27L8 5097 |NMDnyh5YK9U9O9yucSHZO1a4p/ZNIlJfQbrVHoJpbN1wccxsO++EqXGLqTsqCfi9/ctRvC 5098 |4uyj4wjPpUnn0NA+LfY2Jt81CCJ9zRmfcCIQCqBWX73U6oAvE0Oeej/H1GELhd8C7yxdFe 5099 |onRM2g9OHwQiAiBYLomrVzR9PPWadct9mYoZLzx6poXJLxtaRwPjghbkmw== 5100 |DianePrivRSASignEncrypt.pri 5105 |MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBANb9uMBwxkwl7OrP6ny7om 5106 |L68OYyOlP/sZJaF/Qg4ZkkggrQ9nz7RMqLJwbxfiYDqXadz+ygLHCW8oNC9tS3KAq7+L9K 5107 |TBk/B9ugwWAet35n996xw2BJrEXX+MbvCDchk0fu8HM1crACxPMRw15H5Qq3g/HbdGlki0 5108 |QdlV3NKMCFAgMBAAECgYA9vc3CDmEUW0vnv2AjBCvFazWllkUj/Gl9kzwP0yWWumJSQuKW 5109 |z/5YgI/rsYy91A1l0Dp3RSSeDOuGgMOsIRFxROOyqKkurBfSo4QlY7W8Lx7d9iH/FSAkW/ 5110 |GAL9VBDjIk99RKMp65SdgZjj85jWK9gPwMJJKT5MPXBZFTu5a2QQJBAPO4P0rRlLCRYBNB 5111 |kg2NRD93Hf+WI0QI1AtwyRqv6ZCU8rDVX08ZhVChkJGuvQV2UrMi2Kh8jlR/AHJPNnVoc7 5112 |UCQQDh0ucRVwaucpUiFqoCtFrtTp2CEU+WPIbJEI1WezF1eWnndWg4AEsu0iYy3bHi4CxU 5113 |gAp1utFmlhuwDqB+0ruRAkEAr7a82yJzQ0HstLVnqaGZ/O/Sjv0d++Upi/4K39TIXlclCl 5114 |0r1AmgVlvFsWL8IL4ILeMHtaHns//EwKVfrBJcqQJBALmYQfwIUB9zYIoBonxSiiBa6iyJ 5115 |2aUZ3ZTGG8MlwIJR5O4rmhncc+3pHSfU+GwD3asdCHu1rH/pgpvxiYpx22ECQAEHIZdfem 5116 |Co/VpcB9+o3vfisTR9/OuRvbBzdMjEvj9YRTAGkLOsacyz9z98rMe4G2WhFjk5sON0fc/N 5117 |xaxsv+U= 5118 |DianePrivDSSSign.pri 5123 |MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8 5124 |ZMsw6UCQbrAdSxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5 5125 |UAFIk4vrJRVRl1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAh 5126 |UA3cEv31POCzRgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytb 5127 |DJHOpWJSacrhbT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0 5128 |R5NVpzqn9GUR+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgQXAhUA 5129 |lpX54MHgQS0yD4tCUpMq5h4OISk= 5130 |EricaPrivDHEncryptBobParam.pri 5135 |MIIBYwIBADCCATgGByqGSM4+AgEwggErAoGBAOwszaTvmiYvYqe7I03fKyXBaNKeqUVbNv 5136 |GUiRqvfREknT25PCno1yOAM6aeRQK7qsyeKAWVoLMXdsH3JTVhAkGSJwxerkjl824475HR 5137 |zzf+mkCXyC01np2TxvgVrz/adDq3xJO1ubt2bB+ofrw6qkMKgWT8Y/B7cZj6wDh5EBozAo 5138 |GBALoL13Q95zTlTBOnlZa78eRhNwj7Esf7nJF3Bpk18EgkljMSAX6N7Av2ssBjpxXFXpWG 5139 |onPFSUY3eWD9dwUJSJtwjTwF9s5ELH99GysV3fMFL76FII+N+bSgRXQr9DudQmI0JyeBjm 5140 |8PXmKFicztIcORcAZU7nCoklVbbhkiTWKnAiEAw6tKMHmz05dOyvWifcdwo0Xzs6KGBdI+ 5141 |Sfmf2Qqzvr0EIgIgSGQR5BcBEubB05xwfXyml5W9yJUH989BEacTkfswPYw= 5142 |MailListTripleDES.bin 5147 |JV4NHAe2Rt+zE0zIQ7qKpx8CW3wIOCUf 5148 |MailListRc2.bin 5153 |tw0KJfvJ2GqGBQzg1xHq1Nk= 5154 |AliceDSSSignByCarlNoInherit.cer 5161 |MIIC3jCCAp2gAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT 5162 |k5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1MwggG2 5163 |MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE//lO 5164 |FzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6iL 5165 |VPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6YaRW 5166 |a4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dm1ni 5167 |zaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB80jhbgvMAF8bU 5168 |mJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GEAAKBgFzjuVp1 5169 |FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyohs+JH09B41bY8 5170 |i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTSljf2YUeyxDKE 5171 |8H5BQP1Gp2NOM/Kl4vTyg+W4o4GDMIGAMCAGA1UdEQQZMBeBFWFsaWNlRHNzQGV4YW1wbG 5172 |VzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6C 5173 |Lm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wCQYHKo 5174 |ZIzjgEAwMwADAtAhUAmLDGP89xR1o1qUqPwPgkBehGlI4CFFufSMCMocECnETq6aGHwaV/ 5175 |KC27 5176 |AliceRSASignByCarl.cer 5181 |MIICAjCCAW+gAwIBAgIQRjRrx4AAVrwR024uxBCzsDAJBgUrDgMCHQUAMBIxEDAOBgNVBA 5182 |MTB0NhcmxSU0EwHhcNOTkwOTE5MDEwODQ3WhcNMzkxMjMxMjM1OTU5WjATMREwDwYDVQQD 5183 |EwhBbGljZVJTQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4IlzOY3Y9fXoh3Y5f0 5184 |6wBbtTg94Pt6vcfcd1KQ0FLm0S36aGJtTSb6pYKfyX7PqCUQ8wgL6xUJ5GRPEsu9gyz8Zo 5185 |bwfZsGCsvu40CWoT9fcFBZPfXro1Vtlh/xl/yYHm+Gzqh0Bw76xtLHSfLfpVOrmZdwKmSF 5186 |KMTvNXOFd0V18CAwEAAaNgMF4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwHwYD 5187 |VR0jBBgwFoAU6eCQJ6x4IHqa00zyQjdOIq6eOLswHQYDVR0OBBYEFHfStNG3TIqKo85Fnc 5188 |7sPKA64/9QMAkGBSsOAwIdBQADgYEAvzQy5vxqiEF98FyZoZO3SbcCUh7LhKyT11grAKGc 5189 |xEhImd0Cw8YF+NIl8aOcyTMBinYOb3dDo7/h5rNqBHk57uHp5Z1QB4si3BJQ4/O0PZ7lk5 5190 |6xzTP54KuYcQn467D8nOzxiNiuA9H+YOFiFLGiI9LIjRgfXu6bcgInwoU9BC4= 5191 |BobDHEncryptByCarl.cer 5196 |MIIDYjCCAyGgAwIBAgICAMkwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT 5197 |k5MDgxNzAxMTgyOFoXDTM5MTIzMTIzNTk1OVowEDEOMAwGA1UEAxMFYm9iREgwggJCMIIB 5198 |twYHKoZIzj4CATCCAaoCgYEA7CzNpO+aJi9ip7sjTd8rJcFo0p6pRVs28ZSJGq99ESSdPb 5199 |k8KejXI4Azpp5FAruqzJ4oBZWgsxd2wfclNWECQZInDF6uSOXzbjjvkdHPN/6aQJfILTWe 5200 |nZPG+BWvP9p0OrfEk7W5u3ZsH6h+vDqqQwqBZPxj8HtxmPrAOHkQGjMCgYEAugvXdD3nNO 5201 |VME6eVlrvx5GE3CPsSx/uckXcGmTXwSCSWMxIBfo3sC/aywGOnFcVelYaic8VJRjd5YP13 5202 |BQlIm3CNPAX2zkQsf30bKxXd8wUvvoUgj435tKBFdCv0O51CYjQnJ4GObw9eYoWJzO0hw5 5203 |FwBlTucKiSVVtuGSJNYqcCIQDDq0owebPTl07K9aJ9x3CjRfOzooYF0j5J+Z/ZCrO+vQJh 5204 |ATT+wjNI6/Y7l9nkl6dgpSVpNPv9RirWycTF99b0BBmNlNmKN2hpZ1X78msOR8VbC0sOHB 5205 |qLe3W3qsOq1+s72iqNAoc3R4PXMbQlqKy7EYhTHBGStmnnLpDBevyH9PbXGjAaAxUAuf8c 5206 |k0RnN9Gy+FeaMkrJSv877B4CAR0DgYQAAoGAb9T2zZSabq9bVxeWdbsPuUjpkDcNFSDCVR 5207 |4T4q5xF4TDDnSuilV/KH2L1yginHZG1ztPndFNG7LbUZTFbVSWQDiKOIFjSozDHgmJdKZY 5208 |1chaPc+7uCN/nB99ePqe+ZCekedLwqS+RQZ4Qlg9n2Ms74TUZ+X7xm2iNilnkEbbTkijfz 5209 |B9MB0GA1UdEQQWMBSBEmJvYkRoQGV4YW1wbGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1Ud 5210 |DwEB/wQEAwIDCDAfBgNVHSMEGDAWgBRwRD6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFg 5211 |QUJv8ZSMNZM2hWjX7IgGhczzxy3SYwCQYHKoZIzjgEAwMwADAtAhQV6hVD40kihsG75drk 5212 |DrgJ4NVyNQIVAK5PUSlzcXWpgevtnV4AGX7w3lrW 5213 |BobRSASignByCarl.cer 5218 |MIICADCCAW2gAwIBAgIQRjRrx4AAVrwR024uzV1x0DAJBgUrDgMCHQUAMBIxEDAOBgNVBA 5219 |MTB0NhcmxSU0EwHhcNOTkwOTE5MDEwOTAyWhcNMzkxMjMxMjM1OTU5WjARMQ8wDQYDVQQD 5220 |EwZCb2JSU0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMpc4S7sz8E7XRAb31Q1cZ 5221 |kKCdg95GG/oL4KvhGkPLU4QUFIBOFbsRccU7X0xRXT/gz7DKzqgBg2A35Bk1PXQHRJ29nG 5222 |r/7Wyg3KAYSPoemjACEnUdVAGarjwDB4W6Cy5sEtJDbLrkQQgrDddNf261Ensqe2rXjKpx 5223 |tZURjvKAxTAgMBAAGjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgUgMB8GA1Ud 5224 |IwQYMBaAFOngkCeseCB6mtNM8kI3TiKunji7MB0GA1UdDgQWBBTo9Lhn2LOWpCrzEaop05 5225 |Vahha0JDAJBgUrDgMCHQUAA4GBAJj6r30hAaqziLzx7xJfTVgw2I5OvOEssn5oV40MQ1zX 5226 |HkXR95Uz4qB1yhPIU7wzJpuzyFDfzYRqG+hIyELQgWNsMxm+Amn2FjF/1JnfgHrzO/gbKX 5227 |0mUTcDIj/2FT0w8zKK8a6X3tf1FqmnrccVr1M+qCWRssRfTmoVV0dQvLL6 5228 |CarlDSSSelf.cer 5233 |MIICmzCCAlqgAwIBAgIBATAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOT 5234 |kwODE2MjI1MDUwWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQDEwdDYXJsRFNTMIIBtzCC 5235 |ASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8ZMsw6UCQbrAd 5236 |SxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5UAFIk4vrJRVR 5237 |l1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAhUA3cEv31POCz 5238 |Rgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytbDJHOpWJSacrh 5239 |bT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0R5NVpzqn9GUR 5240 |+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgOBhQACgYEAmYd0JwNm 5241 |oLHArdwsdbvhbESc2iFtTUdtsWIJ6diuHvI6tJSxo456m3FOAJTJtCVOuWCWGSQB82IM/n 5242 |XA+87YaADj/dVwT98jlhkGlPSxYY86V7EIEaQLJiXwUnaB6gtiDZUq5oa6crKnUIMLqifN 5243 |G6lNiZrXjRg5hD+LxVZNgHqjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAg 5244 |GGMB0GA1UdDgQWBBRwRD6CLm+H3krTdeM9ILxDK5PxHzAJBgcqhkjOOAQDAzAAMC0CFGup 5245 |8E56Wnnj+b49K8kGN+kRF6ETAhUAjzRpKouxPAN5lDJNEh/OiftGsjs= 5246 |CarlRSASelf.cer 5250 |MIIB6zCCAVSgAwIBAgIQRjRrx4AAVrwR024un/JQIDANBgkqhkiG9w0BAQUFADASMRAwDg 5251 |YDVQQDEwdDYXJsUlNBMB4XDTk5MDgxODA3MDAwMFoXDTM5MTIzMTIzNTk1OVowEjEQMA4G 5252 |A1UEAxMHQ2FybFJTQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Ev/GLgkV/R3/2 5253 |5ze5NxXLwzGpKSciPYQUbQzRE6BLOOr4KdvVEeF3rydiwrhjmnvdeNGlPs5ADV6OyiNrHt 5254 |4lDiMgmKP5+ZJY+4Tqu5fdWWZdoWoMW+Dq5EW+9e9Kcpy4LdrETpqpOUKQ74GNbIV17yds 5255 |TyEWA4uRs8HZfJavECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC 5256 |AYYwHQYDVR0OBBYEFOngkCeseCB6mtNM8kI3TiKunji7MA0GCSqGSIb3DQEBBQUAA4GBAL 5257 |ee1ATT7Snk/4mJFS5M2wzwSA8yYe7EBOwSXS3/D2RZfgrD7Rj941ZAN6cHtfA4EmFQ7e/d 5258 |P+MLuGGlpJs85p6cVJq2ldbabDu1LUU1nUkBdvq5uTH5+WsSU6D1FGCbfco+8lNrsDdvre 5259 |Z019v6WuoUQWNdzb7IDsHaao1TNBgC 5260 |DianeDHEncryptByCarl.cer 5265 |MIIDZTCCAyWgAwIBAgICANMwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT 5266 |k5MDgxNzAyMTY1N1oXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHRGlhbmVESDCCAkEw 5267 |ggG2BgcqhkjOPgIBMIIBqQKBgQDKbpHCsL2oWPIxIXS7H+QQvdCTon5h4T26IwQW0GY5vT 5268 |vNBXRI8QNwlfQFY20uv5q3/5f/Obtj202kcdiUmrTyij2ft12NyuKvtQ/PBWWCaG5D0vQE 5269 |XwOL+VD1yGwFJry/Ng9cw1FqZ+h1MmZ4kWPo/jTnGbZwbHg4NoLSNDbC3wKBgG7WdjZL5F 5270 |kHV18YmhDSMVymELAmlkJNfKOh056lgLIfNxFJfIqZ2FY/k1HtblT7btuy/DTA58oeWCvV 5271 |PTvcrnEh2TtWuKf2TSJSX0G61R6CaWzdcHHMbDvvhKlxi6k7Kgn4vf3LUbwuLso+MIz6VJ 5272 |59DQPi32NibfNQgifc0Zn3AiEAqgVl+91OqALxNDnno/x9RhC4XfAu8sXRXqJ0TNoPTh8C 5273 |YQEwzQOCzT8yOl8WXvITX1Ib3/+qOwY8f4EmHLcMoBQJG10m/XEzjPKsQX4NrDWVkH6lra 5274 |tVUIDw0rkqEU12RXY/DDiuclnG7L3v525gI5O5JwJEfkrT2jk6mmNDPBsjxWIwGgMVAND9 5275 |1uBGl9Gnf7v/mkPwYmSzfJerAgF6A4GEAAKBgGBebu9hVXc/nWoREPTTybhyoB+J3+S8If 5276 |3kn1DWj475Z5cU4DQZjz1YUh7cXQVOT8aIhXisAWw1zoZtkEtYSC4PsuMqTkfDsU0qesm3 5277 |5cZoinOuUyGzzwnEYqPosLvc3g0uZkg3qNuiS/vb+qaSS0EKxlQLixqdL/9gCwsI2UI/o4 5278 |GBMH8wHwYDVR0RBBgwFoEUZGlhbmVEaEBleGFtcGxlcy5jb20wDAYDVR0TAQH/BAIwADAO 5279 |BgNVHQ8BAf8EBAMCAwgwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8wHQYDVR 5280 |0OBBYEFEfzT811fahSIahhNle1+Jru2zBGMAkGByqGSM44BAMDLwAwLAIUfWQeH0vz7G80 5281 |LLLkZHCPPmrAcqICFEvqwQzxzfd6nXbKJ27QvvLYm2pt 5282 |DianeDSSSignByCarlInherit.cer 5287 |MIIBujCCAXmgAwIBAgICANIwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT 5288 |k5MDgxNzAyMDgxMFoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIRGlhbmVEU1MwgZMw 5289 |CQYHKoZIzjgEAQOBhQACgYEAoAAXeCzufoFTLi5hCA+hm1FSGtpZqHMvEiW2CMvK7ypEdo 5290 |pSCeq9BSLVD/b9RtevmTgJDhPLTyzdHDT3HL8l/yPTO1nngpc3vjEk2BjI80k5W7fi5Sd+ 5291 |/IxFclt+Po9oTd1GeiK+jv/M2jkpoznln0PpVcnXW6aBZ8zAqs0uxSOjgYMwgYAwIAYDVR 5292 |0RBBkwF4EVZGlhbmVEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/ 5293 |BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0GA1UdDgQWBBRkMJ 5294 |l9XNxFC5k6Ui8Wv1hQ3c4rGDAJBgcqhkjOOAQDAzAAMC0CFH4MDIEXtJpUssMw64rEPMJS 5295 |Np6VAhUAxp8XwnFLrC45jT0QH5qzTbb5EaM= 5296 |DianeRSASignByCarl.cer 5301 |MIICCjCCAXOgAwIBAgIQRjRrx4AAVrwR024u1ZowkDANBgkqhkiG9w0BAQUFADASMRAwDg 5302 |YDVQQDEwdDYXJsUlNBMB4XDTk5MDgxOTA3MDAwMFoXDTM5MTIzMTIzNTk1OVowEzERMA8G 5303 |A1UEAxMIRGlhbmVSU0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANb9uMBwxkwl7O 5304 |rP6ny7omL68OYyOlP/sZJaF/Qg4ZkkggrQ9nz7RMqLJwbxfiYDqXadz+ygLHCW8oNC9tS3 5305 |KAq7+L9KTBk/B9ugwWAet35n996xw2BJrEXX+MbvCDchk0fu8HM1crACxPMRw15H5Qq3g/ 5306 |HbdGlki0QdlV3NKMCFAgMBAAGjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXg 5307 |MB8GA1UdIwQYMBaAFOngkCeseCB6mtNM8kI3TiKunji7MB0GA1UdDgQWBBSM88t1Do0x9t 5308 |Qp2kSSdbj+7U85DDANBgkqhkiG9w0BAQUFAAOBgQAds1GxmZbwRKjrFOr8wt+4M0sCPEHf 5309 |41N/6jR//NURDQAEiLjtvCNFA27xU7LAOxli3Nzhiv6n/KXXl9slfPMwxWOnOEqrJSEkgM 5310 |fYeIKMU+o+L2MQZtMnVZrc7zVe9iNx5v94e6lPe38uucRCc1dPqvgEtA3HU4jE8JIoM0RQ 5311 |oQ== 5312 |EricaDHEncryptByCarl.cer 5317 |MIIC6TCCAqigAwIBAgICANQwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT 5318 |k5MDgxNzAyMTcxNloXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHRXJpY2FESDCCAcQw 5319 |ggE4BgcqhkjOPgIBMIIBKwKBgQDsLM2k75omL2KnuyNN3yslwWjSnqlFWzbxlIkar30RJJ 5320 |09uTwp6NcjgDOmnkUCu6rMnigFlaCzF3bB9yU1YQJBkicMXq5I5fNuOO+R0c83/ppAl8gt 5321 |NZ6dk8b4Fa8/2nQ6t8STtbm7dmwfqH68OqpDCoFk/GPwe3GY+sA4eRAaMwKBgQC6C9d0Pe 5322 |c05UwTp5WWu/HkYTcI+xLH+5yRdwaZNfBIJJYzEgF+jewL9rLAY6cVxV6VhqJzxUlGN3lg 5323 |/XcFCUibcI08BfbORCx/fRsrFd3zBS++hSCPjfm0oEV0K/Q7nUJiNCcngY5vD15ihYnM7S 5324 |HDkXAGVO5wqJJVW24ZIk1ipwIhAMOrSjB5s9OXTsr1on3HcKNF87OihgXSPkn5n9kKs769 5325 |A4GFAAKBgQDRK+QdProYz3Ugxsdew8Rs6vMj2QkfRpj0zlm5ts7oOsYY+Fl3G5mw2tzAnQ 5326 |nkr/lhkSxHzEde3yszdvNn7HfoLDcwoYld88j2XBZK5LeM9XvVOP0UrOh6wn3uB5AnCnyH 5327 |qKLicDXqbt6eUDFr6QnaJRoBjuP/Jhx19cPOWvWehaOBgTB/MB8GA1UdEQQYMBaBFGVyaW 5328 |NhRGhAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgMIMB8GA1Ud 5329 |IwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0GA1UdDgQWBBSNUx1hVX9gNW2mNqLFk/ 5330 |ia/cB1dDAJBgcqhkjOOAQDAzAAMC0CFD5RQgjjUi6qu4+9GDhxy5iDvkeeAhUAtLMVhZkR 5331 |BkAfQFmN1BstzYHx6Gg= 5332 |CarlDSSCRLEmpty.crl 5339 |MG0wLjAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MXDTk5MDgyMDA3MDAwMFowCQ 5340 |YHKoZIzjgEAwMwADAtAhRiPzYXMVguZ1B59QlLjK3Ua/RknwIVALU7TqFMe/0Pw42btv7D 5341 |XW/eZSh9 5342 |CarlDSSCRLForAll.crl 5347 |MIHYMIGZMAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUxcNOTkwODI3MDcwMDAwWj 5348 |BpMBMCAgDIFw05OTA4MjIwNzAwMDBaMBMCAgDJFw05OTA4MjIwNzAwMDBaMBMCAgDTFw05 5349 |OTA4MjIwNzAwMDBaMBMCAgDSFw05OTA4MjIwNzAwMDBaMBMCAgDUFw05OTA4MjQwNzAwMD 5350 |BaMAkGByqGSM44BAMDLwAwLAIUfmVSdjP+NHMX0feW+aDU2G1cfT0CFAJ6W7fVWxjBz4fv 5351 |ftok8yqDnDWh 5352 |CarlDSSCRLForCarl.crl 5357 |MIGDMEQwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTFw05OTA4MjUwNzAwMDBaMB 5358 |QwEgIBARcNOTkwODIyMDcwMDAwWjAJBgcqhkjOOAQDAzAAMC0CFQCzH8VPej3sdtVg+d55 5359 |IuxPsJD+lwIUWovDhLxmhxu/eYJbCl0H9rqpBSk= 5360 |CarlRSACRLEmpty.crl 5365 |MIHHMDIwDQYJKoZIhvcNAQEEBQAwEjEQMA4GA1UEAxMHQ2FybFJTQRcNOTkwODIwMDcwMD 5366 |AwWjANBgkqhkiG9w0BAQQFAAOBgQCpxSG4E3x087UR7ATzIEWGHgtuf4NtX/Q0dgZZJQ4E 5367 |PYgJiIE3xNwgmPoXgQs3lKy0j3tRiRSky3JzFAe8IpxAoQf8RHyFDwuI0e7hDq/2FnStoa 5368 |/BAHUAZOqlmvYLCKLblRlfpqe5OUUlCg72XoTn+LlayRjCDriglr6BOoBtyQ== 5369 |CarlRSACRLForAll.crl 5374 |MIIBMzCBnTANBgkqhkiG9w0BAQQFADASMRAwDgYDVQQDEwdDYXJsUlNBFw05OTA4MjcwNz 5375 |AwMDBaMGkwIQIQRjRrx4AAVrwR024uxBCzsBcNOTkwODIyMDcwMDAwWjAhAhBGNGvHgABW 5376 |vBHTbi7VmjCQFw05OTA4MjIwNzAwMDBaMCECEEY0a8eAAFa8EdNuLs1dcdAXDTk5MDgyND 5377 |A3MDAwMFowDQYJKoZIhvcNAQEEBQADgYEAv7OXqlPwMiEWK3eSemu7l8jc6vH6ZhYwDrWe 5378 |XPCB1F6zbsGIa4zUXsVN+0deZvNdq+W0GDZgqE2cPInsbye/NVBxgcK5RFtiiRkSMal7mt 5379 |PMZssR2QsQR3etTyLZ5X8w8lv8lFGlWHY7H6hGph/2od5Voe0xiGmXDwjT1AxgWx4= 5380 |CarlRSACRLForCarl.crl 5385 |MIHsMFcwDQYJKoZIhvcNAQEEBQAwEjEQMA4GA1UEAxMHQ2FybFJTQRcNOTkwODI1MDcwMD 5386 |AwWjAjMCECEEY0a8eAAFa8EdNuLp/yUCAXDTk5MDgyMjA3MDAwMFowDQYJKoZIhvcNAQEE 5387 |BQADgYEAIe8h1MEahZVJa8pFYtzXCf+pUS6O2UcY+vjlct1P7XR04/NlMmUoLJodV+XVJg 5388 |bq1eYjlYSNDome7psML84H96PRa4VMD//m3fzczXMsHn3csHHFTPwBblJXaR45Y98SIjDH 5389 |E1WUBW4qAKlbxCpmlGLONjPCK2NHJZ3z3nDuAFY= 5390 |4.1.bin 5397 |MIAGCSqGSIb3DQEHAaCAJIAEBFRoaXMEGCBpcyBzb21lIHNhbXBsZSBjb250ZW50LgAAAA 5398 |AAAA== 5399 |<4.1.bin 5401 |* Example from section 4.2 5402 |* Creator: [JS] 5403 |>4.2.bin 5404 |MCsGCSqGSIb3DQEHAaAeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQu 5405 |<4.2.bin 5407 |* Example from section 5.1 5408 |* Creator: [JS] 5409 |>5.1.bin 5410 |MIIDnwYJKoZIhvcNAQcCoIIDkDCCA4wCAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa 5411 |AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIIC4jCCAt4wggKdoAMCAQICAgDI 5412 |MAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUzAeFw05OTA4MTcwMTEwNDlaFw0zOT 5413 |EyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlRFNTMIIBtjCCASsGByqGSM44BAEwggEe 5414 |AoGBAIGNze2D6gqeOT7CSCij5EeT3Q7XqA7sU8WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+ 5415 |HZMMg23j+bv7dM3F9piuR10DcMkQiVm96nXvn89J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UI 5416 |ddU5dhDEeL3/nbCElzfy5FEbteQJllzzflvbAhUA4kemGkVmuBPG2o+4NyErYov3k80CgY 5417 |AmONAUiTKqOfs+bdlLWWpMdiM5BAI1XPLLGjDDHlBd3ZtZ4s2qBT1YwHuiNrhuB699ikIl 5418 |p/R1z0oIXks+kPht6pzJIYo7dhTpzi5dowfNI4W4LzABfG1JiRGJNkS9+MiVSlNWteL5c+ 5419 |waYTYfEX/Cve3RUP+YdMLRgUpgObo2OQOBhAACgYBc47ladRSWC6l63eM/qeysXty9txMR 5420 |NKYWiSgRI9k0hmd1dRMSPUNbb+VRv/qJ8qIbPiR9PQeNW2PIu0WloErjhdbOBoA/6CN+Gv 5421 |Ikq1MauCcNHu8Iv2YUgFxirGX6FYvxuzTU0pY39mFHssQyhPB+QUD9RqdjTjPypeL08oPl 5422 |uKOBgzCBgDAgBgNVHREEGTAXgRVhbGljZURzc0BleGFtcGxlcy5jb20wDAYDVR0TAQH/BA 5423 |IwADAOBgNVHQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8w 5424 |HQYDVR0OBBYEFL5sobPjwfftQ3CkzhMB4v3jl/7NMAkGByqGSM44BAMDMAAwLQIVAJiwxj 5425 |/PcUdaNalKj8D4JAXoRpSOAhRbn0jAjKHBApxE6umhh8GlfygtuzFnMGUCAQEwGDASMRAw 5426 |DgYDVQQDEwdDYXJsRFNTAgIAyDAJBgUrDgMCGgUAMAkGByqGSM44BAMEMDAtAhQI0EV9Y+ 5427 |E57GKwMMIprULqlk+RhgIVAKaG7op6BafgB+b5iL+T+5ZNdtOSAA== 5428 |<5.1.bin 5430 |* Example from section 5.2 5431 |* Creator: [JS] 5432 |>5.2.bin 5433 |MIIDMAYJKoZIhvcNAQcCoIIDITCCAx0CAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa 5434 |AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIICDjCCAgowggFzoAMCAQICEEY0 5435 |a8eAAFa8EdNuLsQQs7AwDQYJKoZIhvcNAQEFBQAwEjEQMA4GA1UEAxMHQ2FybFJTQTAeFw 5436 |05OTA4MTkwNzAwMDBaFw0zOTEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlUlNBMIGf 5437 |MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgiXM5jdj19eiHdjl/TrAFu1OD3g+3q9x9x3 5438 |UpDQUubRLfpoYm1NJvqlgp/Jfs+oJRDzCAvrFQnkZE8Sy72DLPxmhvB9mwYKy+7jQJahP1 5439 |9wUFk99eujVW2WH/GX/Jgeb4bOqHQHDvrG0sdJ8t+lU6uZl3AqZIUoxO81c4V3RXXwIDAQ 5440 |ABo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBTp4JAn 5441 |rHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQUd9K00bdMioqjzkWdzuw8oDrj/1AwDQYJKo 5442 |ZIhvcNAQEFBQADgYEAUv+zi1QeCL/zbQwSCH2Oy25Z7FaTpkoiQF+LFHl+g0/1P94hlxZY 5443 |cHYysiBRoxofl0iAXIOwuJMLA0Suv76kjAbGReKBCNWJWAwoGy2lixxK49dENNTLU/y6qY 5444 |uqtumww6t08SrxsMY46ocCHhC7mcS+NsAIuhNlNz428zFCcxgxgcswgcgCAQEwJjASMRAw 5445 |DgYDVQQDEwdDYXJsUlNBAhBGNGvHgABWvBHTbi7EELOwMAkGBSsOAwIaBQAwDQYJKoZIhv 5446 |cNAQEBBQAEgYAvI4LS8wlfuAxY606dv4mageV1xJE909DVe7bV/pShiqzjxIT1zWBOJ5X2 5447 |zwCGdnU/K/Dn1AJnp/XHjRYEpbO159ky8CTv5yBE1Z8HxVMk+s4BHQ8XE6cqlZ0r5AOVFA 5448 |vpOQ26zm6cngzomOZVE9Rob9AH16KxYkzjj6/94NVdxw== 5449 |<5.2.bin 5451 |* Example from section 5.3 5452 |* Creator: [JS] 5453 |>5.3.bin 5454 |MIIDfwYJKoZIhvcNAQcCoIIDcDCCA2wCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAa 5455 |CCAuIwggLeMIICnaADAgECAgIAyDAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1Mw 5456 |HhcNOTkwODE3MDExMDQ5WhcNMzkxMjMxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUz 5457 |CCAbYwggErBgcqhkjOOAQBMIIBHgKBgQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QI 5458 |T/+U4XNIfgzW80RI0f6fr6ShiS/h2TDINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL9 5459 |1DqItU8T+wBwhHTV2Iw8O1s+NVCHXVOXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJH 5460 |phpFZrgTxtqPuDchK2KL95PNAoGAJjjQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd 5461 |2bWeLNqgU9WMB7oja4bgevfYpCJaf0dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8w 5462 |AXxtSYkRiTZEvfjIlUpTVrXi+XPsGmE2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXO 5463 |O5WnUUlgupet3jP6nsrF7cvbcTETSmFokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0H 5464 |jVtjyLtFpaBK44XWzgaAP+gjfhryJKtTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7 5465 |LEMoTwfkFA/UanY04z8qXi9PKD5bijgYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhh 5466 |bXBsZXMuY29tMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFH 5467 |BEPoIub4feStN14z0gvEMrk/EfMB0GA1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJ 5468 |BgcqhkjOOAQDAzAAMC0CFQCYsMY/z3FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoY 5469 |fBpX8oLbsxZzBlAgEBMBgwEjEQMA4GA1UEAxMHQ2FybERTUwICAMgwCQYFKw4DAhoFADAJ 5470 |BgcqhkjOOAQDBDAwLAIUFdDc7v/UNluTDc9pPTdFoDSaYzUCFEl1dkwzAAqrkP3vnEeAIf 5471 |FJ6gIVAAA= 5472 |<5.3.bin 5474 |* Example from section 5.4 5475 |* Creator: [JS] 5476 |>5.4.bin 5477 |MIIHsAYJKoZIhvcNAQcCoIIHoTCCB50CAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa 5478 |AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIIFgTCCApswggJaoAMCAQICAQEw 5479 |CQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDTk5MDgxNjIyNTA1MFoXDTM5MT 5480 |IzMTIzNTk1OVowEjEQMA4GA1UEAxMHQ2FybERTUzCCAbcwggErBgcqhkjOOAQBMIIBHgKB 5481 |gQC2SRg+ikTBKXGUTAHEEsF6ectUTasegfvGTLMOlAkG6wHUschxS8dFwFAlXZz82uRt0+ 5482 |KGSISCfboVlUoW9kbt3faY0rt+igqKuhZ7uVABSJOL6yUVUZdV3I9TDhCpUPxwt80wVP3a 5483 |3qiqIrWhr4vMAojni3Bfua3hCNRtKS3W6QIVAN3BL99Tzgs0YHc+AqS/il2YuRDVAoGADO 5484 |5Xm0u92rYHanQ3T1V/ne28YQ3rRlk8VgsrWwyRzqViUmnK4W0+vb/+4be5K2E8rcuuReMG 5485 |rIwinZxEhwvHzfAc2bVOXXPerw7JHVpR9U9EeTVac6p/RlEfqUIWnEjrinlhtNUvUyJEYx 5486 |+GuKNYBiX4KcDvuuB18ELEY2VSmwoDgYUAAoGBAJmHdCcDZqCxwK3cLHW74WxEnNohbU1H 5487 |bbFiCenYrh7yOrSUsaOOeptxTgCUybQlTrlglhkkAfNiDP51wPvO2GgA4/3VcE/fI5YZBp 5488 |T0sWGPOlexCBGkCyYl8FJ2geoLYg2VKuaGunKyp1CDC6onzRupTYma140YOYQ/i8VWTYB6 5489 |o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUcEQ+gi 5490 |5vh95K03XjPSC8QyuT8R8wCQYHKoZIzjgEAwMwADAtAhRrqfBOelp54/m+PSvJBjfpEReh 5491 |EwIVAI80aSqLsTwDeZQyTRIfzon7RrI7MIIC3jCCAp2gAwIBAgICAMgwCQYHKoZIzjgEAz 5492 |ASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDTk5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVow 5493 |EzERMA8GA1UEAxMIQWxpY2VEU1MwggG2MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp 5494 |45PsJIKKPkR5PdDteoDuxTxauECE//lOFzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zc 5495 |X2mK5HXQNwyRCJWb3qde+fz0ny/dQ6iLVPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsI 5496 |SXN/LkURu15AmWXPN+W9sCFQDiR6YaRWa4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t 5497 |2UtZakx2IzkEAjVc8ssaMMMeUF3dm1nizaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G 5498 |3qnMkhijt2FOnOLl2jB80jhbgvMAF8bUmJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ 5499 |/5h0wtGBSmA5ujY5A4GEAAKBgFzjuVp1FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3 5500 |V1ExI9Q1tv5VG/+onyohs+JH09B41bY8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ 5501 |ZhSAXGKsZfoVi/G7NNTSljf2YUeyxDKE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GDMIGAMCAGA1 5502 |UdEQQZMBeBFWFsaWNlRHNzQGV4YW1wbGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB 5503 |/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvm 5504 |yhs+PB9+1DcKTOEwHi/eOX/s0wCQYHKoZIzjgEAwMwADAtAhUAmLDGP89xR1o1qUqPwPgk 5505 |BehGlI4CFFufSMCMocECnETq6aGHwaV/KC27oYHbMIHYMIGZMAkGByqGSM44BAMwEjEQMA 5506 |4GA1UEAxMHQ2FybERTUxcNOTkwODI3MDcwMDAwWjBpMBMCAgDIFw05OTA4MjIwNzAwMDBa 5507 |MBMCAgDJFw05OTA4MjIwNzAwMDBaMBMCAgDTFw05OTA4MjIwNzAwMDBaMBMCAgDSFw05OT 5508 |A4MjIwNzAwMDBaMBMCAgDUFw05OTA4MjQwNzAwMDBaMAkGByqGSM44BAMDLwAwLAIUfmVS 5509 |djP+NHMX0feW+aDU2G1cfT0CFAJ6W7fVWxjBz4fvftok8yqDnDWhMYH6MIH3AgEBMBgwEj 5510 |EQMA4GA1UEAxMHQ2FybERTUwICAMgwCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJAzELBgkq 5511 |hkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTk5MTAxNTIyMjYxMFowIwYJKoZIhvcNAQkEMR 5512 |YEFEBq7AhSebpuFgItngYpwCKWh91IMAkGByqGSM44BAMEMDAuAhUAlwKrgdhJ/cptibRq 5513 |xQmW7uN2Ni8CFQDHPn57Pdbk0x1vh4sYA/LfGCt3daExMC8GCyqGSIb3DQEJEAIEMSAwHg 5514 |wRU01pbWUgRXhhbXBsZSA1LjQGCSqGSIb3DQEHAQ== 5515 |<5.4.bin 5517 |* Example from section 5.5 5518 |* Creator: [JS] 5519 |>5.5.bin 5520 |MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAaCAJIAEBF 5521 |RoaXMEGCBpcyBzb21lIHNhbXBsZSBjb250ZW50LgAAAAAAAKCCA/0wggHrMIIBVKADAgEC 5522 |AhBGNGvHgABWvBHTbi6f8lAgMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNVBAMTB0NhcmxSU0 5523 |EwHhcNOTkwODE4MDcwMDAwWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQDEwdDYXJsUlNB 5524 |MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkS/8YuCRX9Hf/bnN7k3FcvDMakpJyI9 5525 |hBRtDNEToEs46vgp29UR4XevJ2LCuGOae9140aU+zkANXo7KI2se3iUOIyCYo/n5klj7hO 5526 |q7l91ZZl2hagxb4OrkRb7170pynLgt2sROmqk5QpDvgY1shXXvJ2xPIRYDi5Gzwdl8lq8Q 5527 |IDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU 5528 |6eCQJ6x4IHqa00zyQjdOIq6eOLswDQYJKoZIhvcNAQEFBQADgYEAt57UBNPtKeT/iYkVLk 5529 |zbDPBIDzJh7sQE7BJdLf8PZFl+CsPtGP3jVkA3pwe18DgSYVDt790/4wu4YaWkmzzmnpxU 5530 |mraV1tpsO7UtRTWdSQF2+rm5Mfn5axJToPUUYJt9yj7yU2uwN2+t5nTX2/pa6hRBY13Nvs 5531 |gOwdpqjVM0GAIwggIKMIIBc6ADAgECAhBGNGvHgABWvBHTbi7EELOwMA0GCSqGSIb3DQEB 5532 |BQUAMBIxEDAOBgNVBAMTB0NhcmxSU0EwHhcNOTkwODE5MDcwMDAwWhcNMzkxMjMxMjM1OT 5533 |U5WjATMREwDwYDVQQDEwhBbGljZVJTQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA 5534 |4IlzOY3Y9fXoh3Y5f06wBbtTg94Pt6vcfcd1KQ0FLm0S36aGJtTSb6pYKfyX7PqCUQ8wgL 5535 |6xUJ5GRPEsu9gyz8ZobwfZsGCsvu40CWoT9fcFBZPfXro1Vtlh/xl/yYHm+Gzqh0Bw76xt 5536 |LHSfLfpVOrmZdwKmSFKMTvNXOFd0V18CAwEAAaNgMF4wDAYDVR0TAQH/BAIwADAOBgNVHQ 5537 |8BAf8EBAMCBsAwHwYDVR0jBBgwFoAU6eCQJ6x4IHqa00zyQjdOIq6eOLswHQYDVR0OBBYE 5538 |FHfStNG3TIqKo85Fnc7sPKA64/9QMA0GCSqGSIb3DQEBBQUAA4GBAFL/s4tUHgi/820MEg 5539 |h9jstuWexWk6ZKIkBfixR5foNP9T/eIZcWWHB2MrIgUaMaH5dIgFyDsLiTCwNErr++pIwG 5540 |xkXigQjViVgMKBstpYscSuPXRDTUy1P8uqmLqrbpsMOrdPEq8bDGOOqHAh4Qu5nEvjbACL 5541 |oTZTc+NvMxQnMYMYHLMIHIAgEBMCYwEjEQMA4GA1UEAxMHQ2FybFJTQQIQRjRrx4AAVrwR 5542 |024uxBCzsDAJBgUrDgMCGgUAMA0GCSqGSIb3DQEBAQUABIGALyOC0vMJX7gMWOtOnb+Jmo 5543 |HldcSRPdPQ1Xu21f6UoYqs48SE9c1gTieV9s8AhnZ1Pyvw59QCZ6f1x40WBKWztefZMvAk 5544 |7+cgRNWfB8VTJPrOAR0PFxOnKpWdK+QDlRQL6TkNus5unJ4M6JjmVRPUaG/QB9eisWJM44 5545 |+v/eDVXccAAAAAAAA= 5546 |<5.5.bin 5548 |* Example from section 5.6 5549 |* Creator: [JS] 5550 |>5.6.bin 5551 |MIIFxQYJKoZIhvcNAQcCoIIFtjCCBbICAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa 5552 |AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIIEoDCCAbowggF5oAMCAQICAgDS 5553 |MAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUzAeFw05OTA4MTcwMjA4MTBaFw0zOT 5554 |EyMzEyMzU5NTlaMBMxETAPBgNVBAMTCERpYW5lRFNTMIGTMAkGByqGSM44BAEDgYUAAoGB 5555 |AKAAF3gs7n6BUy4uYQgPoZtRUhraWahzLxIltgjLyu8qRHaKUgnqvQUi1Q/2/UbXr5k4CQ 5556 |4Ty08s3Rw09xy/Jf8j0ztZ54KXN74xJNgYyPNJOVu34uUnfvyMRXJbfj6PaE3dRnoivo7/ 5557 |zNo5KaM55Z9D6VXJ11umgWfMwKrNLsUjo4GDMIGAMCAGA1UdEQQZMBeBFWRpYW5lRHNzQG 5558 |V4YW1wbGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAW 5559 |gBRwRD6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUZDCZfVzcRQuZOlIvFr9YUN3OKx 5560 |gwCQYHKoZIzjgEAwMwADAtAhR+DAyBF7SaVLLDMOuKxDzCUjaelQIVAMafF8JxS6wuOY09 5561 |EB+as022+RGjMIIC3jCCAp2gAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYX 5562 |JsRFNTMB4XDTk5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxp 5563 |Y2VEU1MwggG2MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDu 5564 |xTxauECE//lOFzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde 5565 |+fz0ny/dQ6iLVPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9 5566 |sCFQDiR6YaRWa4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssa 5567 |MMMeUF3dm1nizaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB8 5568 |0jhbgvMAF8bUmJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GE 5569 |AAKBgFzjuVp1FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyoh 5570 |s+JH09B41bY8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTS 5571 |ljf2YUeyxDKE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GDMIGAMCAGA1UdEQQZMBeBFWFsaWNlRH 5572 |NzQGV4YW1wbGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSME 5573 |GDAWgBRwRD6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/e 5574 |OX/s0wCQYHKoZIzjgEAwMwADAtAhUAmLDGP89xR1o1qUqPwPgkBehGlI4CFFufSMCMocEC 5575 |nETq6aGHwaV/KC27MYHOMGUCAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyDAJBgUrDg 5576 |MCGgUAMAkGByqGSM44BAMEMDAtAhUAyy2Bew0/TYoNtgo8hkiyIltPtBwCFHUAIGeWncXd 5577 |t15HlLIBpVIVDCaiADBlAgEBMBgwEjEQMA4GA1UEAxMHQ2FybERTUwICANIwCQYFKw4DAh 5578 |oFADAJBgcqhkjOOAQDBDAwLQIUH0ucgGL/GXdumvxmRcj9bUl6uoQCFQCE0uTmjLzEEnJ0 5579 |T9lQpKhm+yrpzwA= 5580 |<5.6.bin 5582 |* Example from section 5.7 5583 |* Creator: [JS] 5584 |>5.7.bin 5585 |MIICxwYJKoZIhvcNAQcCoIICuDCCArQCAQMxCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa 5586 |AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIICDjCCAgowggFzoAMCAQICEEY0 5587 |a8eAAFa8EdNuLsQQs7AwDQYJKoZIhvcNAQEFBQAwEjEQMA4GA1UEAxMHQ2FybFJTQTAeFw 5588 |05OTA4MTkwNzAwMDBaFw0zOTEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlUlNBMIGf 5589 |MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgiXM5jdj19eiHdjl/TrAFu1OD3g+3q9x9x3 5590 |UpDQUubRLfpoYm1NJvqlgp/Jfs+oJRDzCAvrFQnkZE8Sy72DLPxmhvB9mwYKy+7jQJahP1 5591 |9wUFk99eujVW2WH/GX/Jgeb4bOqHQHDvrG0sdJ8t+lU6uZl3AqZIUoxO81c4V3RXXwIDAQ 5592 |ABo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBTp4JAn 5593 |rHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQUd9K00bdMioqjzkWdzuw8oDrj/1AwDQYJKo 5594 |ZIhvcNAQEFBQADgYEAUv+zi1QeCL/zbQwSCH2Oy25Z7FaTpkoiQF+LFHl+g0/1P94hlxZY 5595 |cHYysiBRoxofl0iAXIOwuJMLA0Suv76kjAbGReKBCNWJWAwoGy2lixxK49dENNTLU/y6qY 5596 |uqtumww6t08SrxsMY46ocCHhC7mcS+NsAIuhNlNz428zFCcxgxYzBhAgEDgBS+bKGz48H3 5597 |7UNwpM4TAeL945f+zTAJBgUrDgMCGgUAMAkGByqGSM44BAMEMDAtAhUAuDiXKFri4/5Obi 5598 |QApjfyDYwfHO4CFGa17jvYK0YL4GTQ9bmtXOwP7XsSAA== 5599 |<5.7.bin 5601 |* Example from section 5.8 5602 |* Creator: [JS] 5603 |>5.8.eml 5604 |TUlNRS1WZXJzaW9uOiAxLjANCkNvbnRlbnQtVHlwZTogbXVsdGlwYXJ0L3NpZ25lZDsNCg 5605 |lwcm90b2NvbD0iYXBwbGljYXRpb24veC1wa2NzNy1zaWduYXR1cmUiOw0KCW1pY2FsZz1T 5606 |SEExOw0KCWJvdW5kYXJ5PSItLS0tPV9OZXh0UGFydF8wMDBfMDAwMF8wMUJFRjhCOC40Rj 5607 |dENUY4MCINCg0KLS0tLS0tPV9OZXh0UGFydF8wMDBfMDAwMF8wMUJFRjhCOC40RjdENUY4 5608 |MA0KDQpUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuDQotLS0tLS09X05leHRQYXJ0Xz 5609 |AwMF8wMDAwXzAxQkVGOEI4LjRGN0Q1RjgwDQpDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9u 5610 |L3gtcGtjczctc2lnbmF0dXJlOw0KCW5hbWU9InNtaW1lLnA3cyINCkNvbnRlbnQtVHJhbn 5611 |NmZXItRW5jb2Rpbmc6IGJhc2U2NA0KQ29udGVudC1EaXNwb3NpdGlvbjogYXR0YWNobWVu 5612 |dDsNCglmaWxlbmFtZT0ic21pbWUucDdzIg0KDQpNSUdYQmdrcWhraUc5dzBCQndLZ2dZa3 5613 |dnWVlDQVFFeEN6QUpCZ1VyRGdNQ0dnVUFNQXNHQ1NxR1NJYjNEUUVIQVRGbk1HVUNBUUV3 5614 |R0RBUw0KTVJBd0RnWURWUVFERXdkRFlYSnNSRk5UQWdJQXlEQUpCZ1VyRGdNQ0dnVUFNQW 5615 |tHQnlxR1NNNDRCQUVFTURBdEFoUmVYbXRwQktKaVhZdEYNCnNsWDVkUndTVG9pSUlRSVZB 5616 |S1BCU0NQZ0NEVnZKU0o2SHJZVXZPUjFrZHNsQUE9PQ0KDQotLS0tLS09X05leHRQYXJ0Xz 5617 |AwMF8wMDAwXzAxQkVGOEI4LjRGN0Q1RjgwLS0NCg== 5618 |<5.8.eml 5620 |* Example from section 5.9 5621 |* Creator: [JS] 5622 |>5.9.eml 5623 |U3ViamVjdDogRXhhbXBsZSA1LjkNCk1JTUUtVmVyc2lvbjogMS4wDQpDb250ZW50LVR5cG 5624 |U6IGFwcGxpY2F0aW9uL3BrY3M3LW1pbWU7IG5hbWU9InNtaW1lLnA3bSI7IHNtaW1lLXR5 5625 |cGU9c2lnbmVkLWRhdGENCkNvbnRlbnQtVHJhbnNmZXItRW5jb2Rpbmc6IGJhc2U2NA0KQ2 5626 |9udGVudC1EaXNwb3NpdGlvbjogYXR0YWNobWVudDsgZmlsZW5hbWU9InNtaW1lLnA3bSIN 5627 |Cg0KTUlHM0Jna3Foa2lHOXcwQkJ3S2dnYWt3Z2FZQ0FRRXhDekFKQmdVckRnTUNHZ1VBTU 5628 |NzR0NTcUdTSWIzRFFFSEFhQWVCQnhVYUdseklHbHoNCklITnZiV1VnYzJGdGNHeGxJR052 5629 |Ym5SbGJuUXVNV2N3WlFJQkFUQVlNQkl4RURBT0JnTlZCQU1UQjBOaGNteEVVMU1DQWdESU 5630 |1Ba0dCU3NPDQpBd0lhQlFBd0NRWUhLb1pJempnRUFRUXdNQzBDRkhDYkozMlo1OUlNeHNV 5631 |aEMwdmlJYmU5alVncEFoVUFpeXdNQnN0S3RRWkxxRXdPZU5FNw0Ka09uUm42UUENCg== 5632 |<5.9.eml 5634 |* Example from section 6.1 5635 |* Creator: [JS] 5636 |>6.1.bin 5637 |MIIBYwYJKoZIhvcNAQcDoIIBVDCCAVACAQIxggEEoYIBAAIBA6CBlqGBkzAJBgcqhkjOPg 5638 |IBA4GFAAKBgQDCpFbngGwR7EgB9w76sCDSnG8xLIX4SpyyuLoXtvUoMbyyXlPTjMm143kg 5639 |jwPlZ39OAmouwmd/cZpEC+zAfRlv7l8u1TIA1HzCFlZ+7a9o3QxzaJU2zlxRrS4gZNAeO8 5640 |hXPWVAuBrNbafLHJ7Fg3Nm3dKG7uGc7bGdMDJBTFI9GDAaBgcqhkjOPgIBMA8GCyqGSIb3 5641 |DQEJEAMGBQAwRjBEMBgwEjEQMA4GA1UEAxMHQ2FybERTUwICAMkEKFFGV0E0HNbHzTZLpJ 5642 |O3FuYu8FgknG1L6ZCLD0a45ZMZ/3zwVk1P+vUwQwYJKoZIhvcNAQcBMBQGCCqGSIb3DQMH 5643 |BAju8h/ugAjOaoAgnrtsnrgUQyzLspCOpH2K2K6WiHMIgJU+0d/oL0/cc5g= 5644 |<6.1.bin 5646 |* Example from section 6.2 5647 |* Creator: [JS] 5648 |>6.2.bin 5649 |MIAGCSqGSIb3DQEHA6CAMIACAQAxgcAwgb0CAQAwJjASMRAwDgYDVQQDEwdDYXJsUlNBAh 5650 |BGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUABIGAxcCPZxKcEElJFF2A1iRQWThB 5651 |XLdbsAsSFc1UgI5io6/RFSmmbLXAMvc5XwwvMpBlXOPVK1X2ITcJWpq0ltSWIEkGk2fqC8 5652 |EgPV2yY36M+Ynzn78eGe02BIMFihVakqSKtD6JwWk1DXS3gX8Cy3rXZVEFFbZ4D/K0gPdg 5653 |eit1iOkwgAYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAj0z/pDdDkS9KCABIGwG86612X7vG 5654 |AFlWVCP2DbLXjF8n+TNJXiYvOZPtiiy8jlUBDYRc0n74M7O7BB5tcq3ldTrxCXH4k9ape4 5655 |v+FyK/DWm+UJ1GvW9Lr/UGo88BaM3fQ05YXMqQMe3uNxGX+JnSctcZNTqMwVeVgVNsNTey 5656 |JRrY8xq2A6HLdlWl+QFnsrXR4KtNWhZJPdT00xgYSAYMNWmcyhwMiuEJ5MyF7wGKkyMACT 5657 |Env8FL981HS0sGwAAAAAAAAAAAAA 5658 |<6.2.bin 5660 |* Example from section 6.3 5661 |* Creator: [JS] 5662 |>6.3.bin 5663 |MIAGCSqGSIb3DQEHA6CAMIACAQAxgcAwgb0CAQAwJjASMRAwDgYDVQQDEwdDYXJsUlNBAh 5664 |BGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUABIGAhAB4rKlq+e2+J3+hRf5zSwVU 5665 |FNffmycRaJfmMnaj1ki0TeQVsL+oWB9d8lwwqOnHY+SVtKsqNj5pnFkNZ1/yghUhexo7WW 5666 |iq8bDGjNsOslTcM9Fk0UypdAgUEYoWdGo68DM1HDRwM78KxkSRyLEhvLGjZd0UvAXX4ufc 5667 |fzpZfh8wgAYJKoZIhvcNAQcBMBoGCCqGSIb3DQMCMA4CAgCgBAicBNIZLipVoaCABIGwjo 5668 |cuIuQwYZuWzOqtDNbXAxsUYDeLGoAsEk92t3Z34geEMwvMZetbMpto84ZtfbGiRBAdwBTh 5669 |8sbxKBe6htUvbTffguvRLSSAcWJNDahpEKnhRXWGTauDYVtwfW3CXfOAMdNw/XMtdU2TVJ 5670 |86qKjcMDT9STaIlzdPJA/7AyJMZOoz68XGI4cBchNv52I9EmIN+0SIMiSRBUaNDgA5ihSK 5671 |yhlYS4+9uzWJr/mZFpHw570AAAAAAAAAAAAA 5672 |<6.3.bin 5674 |* Example from section 6.4 5675 |* Creator: [JS] 5676 |>6.4.bin 5677 |MIICZwYJKoZIhvcNAQcDoIICWDCCAlQCAQIxggIIoYIBAAIBA6CBlqGBkzAJBgcqhkjOPg 5678 |IBA4GFAAKBgAPKBS54Y4aVfcbjOAgz014G+8WY+t5mQi5vuzVHc+5/Q4KDDI3vH2GPUsZc 5679 |u4VGCc0KHnVEUay4q4WIxrMGl8lHsopWVYu+0zzJOvCo1Uw6VhmbZXXpKxRm2LtmcC5kRk 5680 |G9M+FQ+NXKpXRqCQHTbXSFITNTq8I9KghAz/msLffQADAaBgcqhkjOPgIBMA8GCyqGSIb3 5681 |DQEJEAMGBQAwRjBEMBgwEjEQMA4GA1UEAxMHQ2FybERTUwICANMEKIgkfFJzwwL/24lJCA 5682 |697g5JGEcZtJVfFhK57TRPmWsvyo6Uh1ZmCFGhggEAAgEDoIGWoYGTMAkGByqGSM4+AgED 5683 |gYUAAoGAXFhyPsZokQ/46wfrwUZgE0t61OWsYQxn0Q0Kq+iBMSVqtebz71Od51G1HaTjOM 5684 |frldmA2IVldhL7ep7ysT84H+ryfGEmY3OqIuL9FZqcFzFYDE6g3oSJt4FwYj6bRUetufyU 5685 |laWZ9IaNC8507HHcyqZxNzEBTIwBWYxJrvz7ZOoAMBoGByqGSM4+AgEwDwYLKoZIhvcNAQ 5686 |kQAwYFADBGMEQwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyQQoOSoW0SErcjgMQAFVoRcZ 5687 |BL79JJsz5Ry8xdh7p0UV0lvlWgmlIhh73zBDBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECB 5688 |PjQZyFMBUfgCC6j3HZyJLO1Ain9XORKW3hMwjexFjConvwmksGRO/W5Q== 5689 |<6.4.bin 5691 |* Example from section 6.5 5692 |* Creator: [JS] 5693 |>6.5.bin 5694 |MIIBqgYJKoZIhvcNAQcDoIIBmzCCAZcCAQIxggFLoYIBRwIBA6CBlqGBkzAJBgcqhkjOPg 5695 |IBA4GFAAKBgB5vuElZhqnuNBcpvKBahFGrzppBOLYpp3xJJI2DpqD4LJobHamGZGKJS/lb 5696 |NZMMNtP3BlHVSl6t3HbS7VNGGtQKhFsmp9BMmtYkoZ660iEwe0XFNswrSk8Zdw1IInlm2e 5697 |tRSlo7XSXl+lh5D1NJGx/p+XlzDbxJYe3bTYFnnmioADAaBgcqhkjOPgIBMA8GCyqGSIb3 5698 |DQEJEAMGBQAwgYwwRDAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDJBCj/IIORXxDPOIDfUC 5699 |BGwzA7fSvj28EYB+MHhStsqyYHuSzl3YlAfenVMEQwGDASMRAwDgYDVQQDEwdDYXJsRFNT 5700 |AgIA1AQovxPCSqLUCGorYEq4oW0xQ/drrjVkI9DmgHm+XyUsUeO5DkTzg3m0DjBDBgkqhk 5701 |iG9w0BBwEwFAYIKoZIhvcNAwcECCPff9s9mAD4gCB0KQIzTVEuxMWuMth/mwHr0s3CMgqq 5702 |kI2pkfMhMo5Odg== 5703 |<6.5.bin 5705 |* Example from section 6.6 5706 |* Creator: [JS] 5707 |>6.6.eml 5708 |U3ViamVjdDogVGVzdCBzdWJqZWN0DQpNSU1FLVZlcnNpb246IDEuMA0KQ29udGVudC1UeX 5709 |BlOiBhcHBsaWNhdGlvbi94LXBrY3M3LW1pbWU7DQoJbmFtZT0ic21pbWUucDdtIjsNCglz 5710 |bWltZS10eXBlPWVudmVsb3BlZC1kYXRhDQpDb250ZW50LVRyYW5zZmVyLUVuY29kaW5nOi 5711 |BiYXNlNjQNCkNvbnRlbnQtRGlzcG9zaXRpb246IGF0dGFjaG1lbnQ7DQoJZmlsZW5hbWU9 5712 |InNtaW1lLnA3bSINClgtTWltZU9MRTogUHJvZHVjZWQgQnkgTWljcm9zb2Z0IE1pbWVPTE 5713 |UgVjUuMDAuMjExNS4zMDANCg0KTUlBR0NTcUdTSWIzRFFFSEE2Q0FNSUFDQVFJeGdnRmRv 5714 |WUlCQkFJQkE2Q0JsYUdCa2pBSkJnY3Foa2pPUGdJQkE0R0VBQUtCZ0UzNA0KOE84V1lrYi 5715 |ttaDlKeXdJbUlKMWowUElqODRTbnBLY2xxTzMxRWNTY1p6a1NpUVFQK2dxcGhJbWZFd0lH 5716 |aDdQN3l3dW9GdXhkb3Q4Qw0KMlgvbkR1YmhycktJbUczWjk2aC9GQWg2L3JnQTZQMTByMn 5717 |llc1YxUXZxZkdnWUJoOStvOXpxL1MxK1E4c3NGSDlqMW5aelRMTEwzcg0Kckc4VzR6dG11 5718 |NHFYK1E4OU1COEdDeXFHU0liM0RRRUpFQU1GTUJBR0N5cUdTSWIzRFFFSkVBTUhBZ0U2TU 5719 |VZd1JEQVlNQkl4RURBTw0KQmdOVkJBTVRCME5oY214RVUxTUNBZ0RKQkNoVEV2L0lpWWI1 5720 |OGZKcEJjMU1RQUoxRlNHMzNMZEZicFJxOFFpck1VMTJKaUhkOXFBSg0Kamo5Q29sTUNBUV 5721 |F3RXdRUlRXRnBiRXhwYzNSVWNtbHdiR1ZFUlZNd0R3WUxLb1pJaHZjTkFRa1FBd1lGQUFR 5722 |by9KVjI1cWlwc2xidQ0KdWJaRExzbEVCOTNZNHJHdE9KSHB5bU51K3U1RmU3YnB5cFZ0an 5723 |c0VldqQ0FCZ2txaGtpRzl3MEJCd0V3R1FZSUtvWklodmNOQXdJdw0KRFFJQk9nUUlqM2hQ 5724 |OUZnMnlFcWdnQVFnNGxZTE9nbjBOdU9yU0FMTHZ0TjROemVWdFlKMDdoc1cyT1o3RnFRTm 5725 |11b0FBQUFBQUFBQQ0KQUFBQQ0K 5726 |<6.6.eml 5728 |* Example from section 7.0 5729 |* Creator: [JS] 5730 |>7.0.bin 5731 |MFoGCSqGSIb3DQEHBaBNMEsCAQAwBwYFKw4DAhowJwYJKoZIhvcNAQcBoBoEGFRoaXMgc2 5732 |9tZSBzYW1wZSBjb250ZW50LgQUQGrsCFJ5um4WAi2eBinAIpaH3Ug= 5733 |<7.0.bin 5735 |* Example from section 8.0 5736 |* Creator: [JS] 5737 |>8.0.bin 5738 |MFcGCSqGSIb3DQEHBqBKMEgCAQAwQwYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAiza2v7Yj 5739 |EIToAg12/RF4+9AvhCMfXB0qL3SkFZSClk9nUkglQiPa+a+OQ= 5740 |<8.0.bin 5742 D. Acknowledgments 5744 The following people contributed ideas and/or examples to this 5745 document. They are listed by their real names, with the initials used 5746 in the examples after their names. 5748 Blake Ramsdell [BR] 5749 Paul Hoffman [PH] 5750 Jim Schaad [JS] 5751 . . . 5753 The examples are displayed with a modified version of Peter Gutmann's 5754 "dumpasn1" program. Peter and Jim Schaad and Blake Ramsdell have been 5755 updating the program based on input from the process of writing this 5756 draft. 5758 E. Differences between -02 and -03 5760 Changed 5.1 through 5.7 to use the right OID. 5762 Changed all the RSA certs and CRLs. 5764 F. Editor's Address 5766 Paul Hoffman 5767 Internet Mail Consortium 5768 127 Segre Place 5769 Santa Cruz, CA 95060 USA 5770 phoffman@imc.org