focus on internet & telecom standardization topics

hist. pages: SIP/IMS, SEC...

Home

Organizations

# # #

Standardization work

# #



		# SIP RFC3261's Example

		# SIP Protocol Structure

		# SIP Dialogs & Routing

		# SIP Service Examples

		# SIP Authentication Service

		# ABNF Grammars

		# IMS Signalling flows

		# 2G-3G Network Evolution

		# Cryptography Basics

		# SSL/TLS Sequence Charts

		# PKI Certificate Examples

		# PKI's ASN.1 Definitions

		# CMS Examples

		# CMS's ASN.1 Definitions

		# Network Simulation

RFC 4134:
Examples of CMS objects and S/MIME messages
09. All RSA Signed Message

Top

RFC 4134 -- Examples of CMS objects and S/MIME messages

01. Overview 02. Private Keys 03. Enveloped-data 04. Encrypted-data 05. Basic Signed Content, DSS 06. Basic Signed Content, RSA
07. Basic Signed Content, Detached Content 08. Fancier Signed Content 09. All RSA Signed Message 10. Multiple Signers
11. Signing Using SKI 12. SignedData with Attributes 13. SignedData with Certificates Only 14. S/MIME Messages


Navigation Tips:	the ASN.1 Type in front of the icon has a link to itself, for a display at the top of the screen; and this very icon has a link to the top of the CMS message.

0	30	ndef
2	06	9
13	A0	ndef
15	30	ndef
17	02	1
20	31	11
22	30	9
24	06	5
31	05	0


33	30	ndef
35	06	9
46	A0	ndef
48	24	ndef
50	04	4
56	04	24



88	A0	ndef
90	30	491
94	30	340
98	A0	3
100	02	1

103	02	16


121	30	13
123	06	9
134	05	0

136	30	18
138	31	16
140	30	14
142	06	3
147	13	7



156	30	30
158	17	13
173	17	13

188	30	18
190	31	16
192	30	14
194	06	3
199	13	7



208	30	159
211	30	13
213	06	9
224	05	0

226	03	141
230	30	137
233	02	129











365	02	3



370	A3	66
372	30	64
374	30	15
376	06	3
381	01	1
384	04	5
386	30	3
388	01	1



391	30	14
393	06	3
398	01	1
401	04	4
403	03	2



407	30	29
409	06	3
414	04	22
416	04	20








438	30	13
440	06	9
451	05	0

453	03	129












585	30	556
589	30	405
593	A0	3
595	02	1

598	02	16


616	30	13
618	06	9
629	05	0

631	30	18
633	31	16
635	30	14
637	06	3
642	13	7



651	30	30
653	17	13
668	17	13

683	30	19
685	31	17
687	30	15
689	06	3
694	13	8



704	30	159
707	30	13
709	06	9
720	05	0

722	03	141
726	30	137
729	02	129











861	02	3



866	A3	129
869	30	127
871	30	12
873	06	3
878	01	1
881	04	2
883	30	0



885	30	14
887	06	3
892	01	1
895	04	4
897	03	2



901	30	31
903	06	3
908	04	24
910	30	22
912	80	20





934	30	29
936	06	3
941	04	22
943	04	20





965	30	31
967	06	3
972	04	24
974	30	22
976	81	20






998	30	13
1000	06	9
1011	05	0

1013	03	129













1147	31	203
1150	30	200
1153	02	1
1156	30	38
1158	30	18
1160	31	16
1162	30	14
1164	06	3
1169	13	7



1178	02	16



1196	30	9
1198	06	5
1205	05	0

1207	30	13
1209	06	9
1220	05	0

1222	04	128

SEQUENCE { ContentInfo

OBJECT IDENTIFIER signedData ( 1 2 840 113549 1 7 2 ) contentType ContentType

[0] { content

SEQUENCE { SignedData

INTEGER 1 version CMSVersion

SET { digestAlgorithms DigestAlgorithmIdentifiers

SEQUENCE {

OBJECT IDENTIFIER sha1 ( 1 3 14 3 2 26 )
NULL

}

SEQUENCE { encapContentInfo EncapsulatedContentInfo

OBJECT IDENTIFIER data ( 1 2 840 113549 1 7 1 ) eContentType ContentType

[0] { eContent

OCTET STRING {

OCTET STRING 'This'
OCTET STRING ' is some sample content.'

}

[0] { certificates CertificateSet

SEQUENCE { certificate Certificate (CarlRSASelf )

SEQUENCE { tbsCertificate TBSCertificate

[0] { version Version

INTEGER 2

}

INTEGER serialNumber CertificateSerialNumber

46 34 6B C7 80 00 56 BC 11 D3 6E 2E
9F F2 50 20

SEQUENCE { signature AlgorithmIdentifier

OBJECT IDENTIFIER sha1withRSAEncryption ( 1 2 840 113549 1 1 5 )
NULL

}

SEQUENCE { issuer Name

SET { RelativeDistinguishedName

SEQUENCE {

OBJECT IDENTIFIER commonName ( 2 5 4 3 )

PrintableString 'CarlRSA'

}

SEQUENCE { validity Validity

UTCTime '990818070000Z' notBefore Time

UTCTime '391231235959Z' notAfter Time

}

SEQUENCE { subject Name

SET { RelativeDistinguishedName

SEQUENCE {

OBJECT IDENTIFIER commonName ( 2 5 4 3 )

PrintableString 'CarlRSA'

}

SEQUENCE { subjectPublicKeyInfo SubjectPublicKeyInfo

SEQUENCE { algorithm AlgorithmIdentifier

OBJECT IDENTIFIER rsaEncryption ( 1 2 840 113549 1 1 1 )
NULL

}

BIT STRING 0 unused bits, encapsulates { subjectPublicKey

SEQUENCE { RSAPublicKey

INTEGER modulus

00 E4 4B FF 18 B8 24 57 F4 77 FF 6E
73 7B 93 71 5C BC 33 1A 92 92 72 23
D8 41 46 D0 CD 11 3A 04 B3 8E AF 82
9D BD 51 1E 17 7A F2 76 2C 2B 86 39
A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC
A2 36 B1 ED E2 50 E2 32 09 8A 3F 9F
99 25 8F B8 4E AB B9 7D D5 96 65 DA
16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7
29 CB 82 DD AC 44 E9 AA 93 94 29 0E
F8 18 D6 C8 57 5E F2 76 C4 F2 11 60
38 B9 1B 3C 1D 97 C9 6A F1

INTEGER 65537 publicExponent

}

[3] { extensions Extensions

SEQUENCE {

SEQUENCE { extension

OBJECT IDENTIFIER basicConstraints ( 2 5 29 19 )

BOOLEAN TRUE

OCTET STRING, encapsulates { extnValue

SEQUENCE { BasicConstraints

BOOLEAN TRUE

}

SEQUENCE { extension

OBJECT IDENTIFIER keyUsage ( 2 5 29 15 )

BOOLEAN TRUE

OCTET STRING, encapsulates { extnValue

BIT STRING 1 unused bits KeyUsage

'1100001'B digitalSignature & nonRepudiation & cRLSign

}

SEQUENCE { extension

OBJECT IDENTIFIER subjectKeyIdentifier ( 2 5 29 14 )

OCTET STRING, encapsulates { extnValue

OCTET STRING SubjectKeyIdentifier

KeyIdentifier

E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
42 37 4E 22 AE 9E 38 BB

}

SEQUENCE { signatureAlgorithm AlgorithmIdentifier

OBJECT IDENTIFIER sha1withRSAEncryption ( 1 2 840 113549 1 1 5 )
NULL

}

BIT STRING 0 unused bits signatureValue

B7 9E D4 04 D3 ED 29 E4 FF 89 89 15
2E 4C DB 0C F0 48 0F 32 61 EE C4 04
EC 12 5D 2D FF 0F 64 59 7E 0A C3 ED
18 FD E3 56 40 37 A7 07 B5 F0 38 12
61 50 ED EF DD 3F E3 0B B8 61 A5 A4
9B 3C E6 9E 9C 54 9A B6 95 D6 DA 6C
3B B5 2D 45 35 9D 49 01 76 FA B9 B9
31 F9 F9 6B 12 53 A0 F5 14 60 9B 7D
CA 3E F2 53 6B B0 37 6F AD E6 74 D7
DB FA 5A EA 14 41 63 5D CD BE C8 0E
C1 DA 6A 8D 53 34 18 02

}

SEQUENCE { certificate Certificate (AliceRSASignByCarl)

SEQUENCE { tbsCertificate TBSCertificate

[0] { version Version

INTEGER 2

}

INTEGER serialNumber CertificateSerialNumber

46 34 6B C7 80 00 56 BC 11 D3 6E 2E
C4 10 B3 B0

SEQUENCE { signature AlgorithmIdentifier

OBJECT IDENTIFIER sha1withRSAEncryption ( 1 2 840 113549 1 1 5 )
NULL

}

SEQUENCE { issuer Name

SET { RelativeDistinguishedName

SEQUENCE {

OBJECT IDENTIFIER commonName ( 2 5 4 3 )

PrintableString 'CarlRSA'

}

SEQUENCE { validity Validity

UTCTime '990919010847Z' notBefore Time

UTCTime '391231235959Z' notAfter Time

}

SEQUENCE { subject Name

SET { RelativeDistinguishedName

SEQUENCE {

OBJECT IDENTIFIER commonName ( 2 5 4 3 )

PrintableString 'AliceRSA'

}

SEQUENCE { subjectPublicKeyInfo SubjectPublicKeyInfo

SEQUENCE { algorithm AlgorithmIdentifier

OBJECT IDENTIFIER rsaEncryption ( 1 2 840 113549 1 1 1 )
NULL

}

BIT STRING 0 unused bits, encapsulates { subjectPublicKey

SEQUENCE { RSAPublicKey

INTEGER modulus

00 E0 89 73 39 8D D8 F5 F5 E8 87 76
39 7F 4E B0 05 BB 53 83 DE 0F B7 AB
DC 7D C7 75 29 0D 05 2E 6D 12 DF A6
86 26 D4 D2 6F AA 58 29 FC 97 EC FA
82 51 0F 30 80 BE B1 50 9E 46 44 F1
2C BB D8 32 CF C6 68 6F 07 D9 B0 60
AC BE EE 34 09 6A 13 F5 F7 05 05 93
DF 5E BA 35 56 D9 61 FF 19 7F C9 81
E6 F8 6C EA 87 40 70 EF AC 6D 2C 74
9F 2D FA 55 3A B9 99 77 02 A6 48 52
8C 4E F3 57 38 57 74 57 5F

INTEGER 65537 publicExponent

}

[3] { extensions Extensions

SEQUENCE {

SEQUENCE { extension

OBJECT IDENTIFIER basicConstraints ( 2 5 29 19 )

BOOLEAN TRUE

OCTET STRING, encapsulates { extnValue

SEQUENCE { BasicConstraints

}

SEQUENCE { extension

OBJECT IDENTIFIER keyUsage ( 2 5 29 15 )

BOOLEAN TRUE

OCTET STRING, encapsulates { extnValue

BIT STRING 6 unused bits KeyUsage

'11'B digitalSignature & nonRepudiation

}

SEQUENCE { extension

OBJECT IDENTIFIER authorityKeyIdentifier ( 2 5 29 35 )

OCTET STRING, encapsulates { extnValue

SEQUENCE { AuthorityKeyIdentifier

[0] keyIdentifier KeyIdentifier

E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
42 37 4E 22 AE 9E 38 BB

}

SEQUENCE { extension

OBJECT IDENTIFIER subjectKeyIdentifier ( 2 5 29 14 )

OCTET STRING, encapsulates { extnValue

OCTET STRING SubjectKeyIdentifier

KeyIdentifier

77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D
CE EC 3C A0 3A E3 FF 50

}

SEQUENCE { extension

OBJECT IDENTIFIER subjectAltName ( 2 5 29 17 )

OCTET STRING, encapsulates { extnValue

SEQUENCE { GeneralNames

[1] 'AliceDSS@example.com' rfc822Name

}

SEQUENCE { signatureAlgorithm AlgorithmIdentifier

OBJECT IDENTIFIER sha1withRSAEncryption ( 1 2 840 113549 1 1 5 )
NULL

}

BIT STRING 0 unused bits signatureValue

3E 70 47 A8 48 CC 13 58 8F CA 51 71
6B 4E 36 18 5D 04 7E 80 B1 8D 4D CC
CA A3 8F CC 7D 56 C8 BC CF 6E B3 1C
59 A9 20 AA 05 81 A8 4E 25 AD A7 70
14 75 2F F5 C7 9B D1 0E E9 63 D2 64
B7 C6 66 6E 73 21 54 DF F4 BA 25 5D
7D 49 D3 94 6B 22 36 74 73 B8 4A EC
2F 64 ED D3 3D D2 A7 42 C5 E8 37 8A
B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA
F9 EE 63 6A D8 3F 4B 25 09 B5 D8 1A
76 AE EB 9B DB 49 B0 22

}

SET { signerInfos SignerInfos

SEQUENCE { SignerInfo

INTEGER 1 version CMSVersion

SEQUENCE { sid IssuerAndSerialNumber

SEQUENCE { issuer Name

SET { RelativeDistinguishedName

SEQUENCE {

OBJECT IDENTIFIER commonName ( 2 5 4 3 )

PrintableString 'CarlRSA'

}

INTEGER serialNumber CertificateSerialNumber (AliceRSA)

46 34 6B C7 80 00 56 BC 11 D3 6E 2E
C4 10 B3 B0

}

SEQUENCE { digestAlgorithm DigestAlgorithmIdentifier

OBJECT IDENTIFIER sha1 ( 1 3 14 3 2 26 )
NULL

}

SEQUENCE { signatureAlgorithm SignatureAlgorithmIdentifier

OBJECT IDENTIFIER rsaEncryption ( 1 2 840 113549 1 1 1 )
NULL

}

OCTET STRING signature SignatureValue

2F 23 82 D2 F3 09 5F B8 0C 58 EB 4E
9D BF 89 9A 81 E5 75 C4 91 3D D3 D0
D5 7B B6 D5 FE 94 A1 8A AC E3 C4 84
F5 CD 60 4E 27 95 F6 CF 00 86 76 75
3F 2B F0 E7 D4 02 67 A7 F5 C7 8D 16
04 A5 B3 B5 E7 D9 32 F0 24 EF E7 20
44 D5 9F 07 C5 53 24 FA CE 01 1D 0F
17 13 A7 2A 95 9D 2B E4 03 95 14 0B
E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6
55 13 D4 68 6F D0 07 D7 A2 B1 62 4C
E3 8F AF FD E0 D5 5D C7

}

Last update: November 19, 2009

focus on internet & telecom standardization topics

RFC 4134: Examples of CMS objects and S/MIME messages 09. All RSA Signed Message

RFC 4134:
Examples of CMS objects and S/MIME messages
09. All RSA Signed Message