focus on internet & telecom standardization topics

hist. pages: SIP/IMS, SEC...
  Home Search
Organizations
# IETF   # 3GPP   # ETSI
# Alliances, Fora, & other SDOs
Standardization work
# IETF WGs: RFCs   # RFC index
# 3GPP Specifications  
# ETSI TISPAN NGN   # ETSI SCP
# SIP RFC3261's Example  
# SIP Protocol Structure  
# SIP Dialogs & Routing  
# SIP Service Examples  
# SIP Authentication Service  
# ABNF Grammars  
# IMS Signalling flows  
# 2G-3G Network Evolution  
# Cryptography Basics  
# SSL/TLS Sequence Charts  
# PKI Certificate Examples  
# PKI's ASN.1 Definitions  
# CMS Examples  
# CMS's ASN.1 Definitions  
# Network Simulation  

RFC 4134:
Examples of CMS objects and S/MIME messages
10. Multiple Signers

Top Prev Next   RFC 4134 -- Examples of CMS objects and S/MIME messages
01. Overview  02. Private Keys  03. Enveloped-data  04. Encrypted-data  05. Basic Signed Content, DSS  06. Basic Signed Content, RSA 
07. Basic Signed Content, Detached Content  08. Fancier Signed Content  09. All RSA Signed Message  10. Multiple Signers 
11. Signing Using SKI  12. SignedData with Attributes  13. SignedData with Certificates Only  14. S/MIME Messages 

Navigation Tips: the ASN.1 Type in front of the icon has a link to itself, for a display at the top of the screen; and this very icon has a link to the top of the CMS message.
0301463
4069
15A01448
19301444
23021
26319
28307
30065
 
 
373043
39069
50A030
520428
 
 
82A01180
8630440
9030375
94A03
96021
 
99022
103309
105067
 
1143018
1163116
1183014
120063
125137
 
 
 
1343030
1361713
1511713
 
1663019
1683117
1703015
172063
177138
 
 
 
18730147
190309
192067
 
20103133
20502129
 
 
 
 
 
 
 
 
 
 
 
 
 
337A3129
34030127
3423012
344063
349011
352042
354300
 
 
 
3563014
358063
363011
366044
368032
 
 
 
3723031
374063
3790424
3813022
3838020
 
 
 
 
 
4053029
407063
4120422
4140420
 
 
 
 
 
4363031
438063
4430424
4453022
4478120
 
 
 
 
 
 
469309
471067
 
4800348
4833045
4850221
 
 
5080220
 
 
 
 
 
53030732
53430667
538A03
540021
 
543022
547309
549067
 
5583018
5603116
5623014
564063
569137
 
 
 
5783030
5801713
5951713
 
6103019
6123117
6143015
616063
621138
 
 
 
63130438
63530299
639067
64830286
65202129
 
 
 
 
 
 
 
 
 
 
 
7840221
 
 
80702128
 
 
 
 
 
 
 
 
 
 
 
 
 
93803132
94202128
 
 
 
 
 
 
 
 
 
 
 
 
 
1073A3129
107630127
10783012
1080063
1085011
1088042
1090300
 
 
 
10923014
1094063
1099011
1102044
1104032
 
 
 
11083031
1110063
11150424
11173022
11198020
 
 
 
 
 
11413029
1143063
11480422
11500420
 
 
 
 
 
11723031
1174063
11790424
11813022
11838120
 
 
 
 
 
 
1205309
1207067
 
12160348
12193045
12210220
 
 
12430221
 
 
 
 
 
 
126631198
12693097
1271021
12743024
12763018
12783116
12803014
1282063
1287137
 
 
 
1296022
 
1300307
1302065
 
1309309
1311067
 
13200446
13223044
13240220
 
 
13460220
 
 
 
 
 
13683097
1370021
13733024
13753018
13773116
13793014
1381063
1386137
 
 
 
1395022
 
1399307
1401065
 
1408309
1410067
 
14190446
14213044
14230220
 
 
14450220
 
 
 
 
 
 
 
 
 
SEQUENCE {   ContentInfo
OBJECT IDENTIFIER signedData ( 1  2  840  113549  1  7  2 )   contentType   ContentType
[0] {   content
SEQUENCE {   SignedData
INTEGER 1   version   CMSVersion
SET {   digestAlgorithms   DigestAlgorithmIdentifiers
SEQUENCE {
OBJECT IDENTIFIER sha1 ( 1  3  14  3  2  26 )
}
}
SEQUENCE {   encapContentInfo   EncapsulatedContentInfo
OBJECT IDENTIFIER data ( 1  2  840  113549  1  7  1 )   eContentType   ContentType
[0] {   eContent
OCTET STRING 'This is some sample content.'
}
}
[0] {   certificates   CertificateSet
SEQUENCE {   certificate   Certificate   (DianeDSSSignByCarlInherit)
SEQUENCE {   tbsCertificate   TBSCertificate
[0] {   version   Version
INTEGER 2
}
INTEGER 210   serialNumber   CertificateSerialNumber
SEQUENCE {   signature   AlgorithmIdentifier
OBJECT IDENTIFIER dsaWithSha1 ( 1  2  840  10040  4  3 )
}
SEQUENCE {   issuer   Name
SET {   RelativeDistinguishedName
SEQUENCE {
OBJECT IDENTIFIER commonName ( 2  5  4  3 )
PrintableString 'CarlDSS'
}
}
}
SEQUENCE {   validity   Validity
UTCTime '990817020810Z'   notBefore   Time
UTCTime '391231235959Z'   notAfter   Time
}
SEQUENCE {   subject   Name
SET {   RelativeDistinguishedName
SEQUENCE {
OBJECT IDENTIFIER commonName ( 2  5  4  3 )
PrintableString 'DianeDSS'
}
}
}
SEQUENCE {   subjectPublicKeyInfo   SubjectPublicKeyInfo
SEQUENCE {   algorithm   AlgorithmIdentifier
OBJECT IDENTIFIER dsa ( 1  2  840  10040  4  1 )
}
BIT STRING 0 unused bits, encapsulates {   subjectPublicKey
INTEGER   DSAPublicKey
00 A0 00 17 78 2C EE 7E 81 53 2E 2E
61 08 0F A1 9B 51 52 1A DA 59 A8 73
2F 12 25 B6 08 CB CA EF 2A 44 76 8A
52 09 EA BD 05 22 D5 0F F6 FD 46 D7
AF 99 38 09 0E 13 CB 4F 2C DD 1C 34
F7 1C BF 25 FF 23 D3 3B 59 E7 82 97
37 BE 31 24 D8 18 C8 F3 49 39 5B B7
E2 E5 27 7E FC 8C 45 72 5B 7E 3E 8F
68 4D DD 46 7A 22 BE 8E FF CC DA 39
29 A3 39 E5 9F 43 E9 55 C9 D7 5B A6
81 67 CC C0 AA CD 2E C5 23
}
}
[3] {   extensions   Extensions
SEQUENCE {
SEQUENCE {   extension
OBJECT IDENTIFIER basicConstraints ( 2  5  29  19 )
BOOLEAN TRUE
OCTET STRING, encapsulates {   extnValue
SEQUENCE {   BasicConstraints
}
}
}
SEQUENCE {   extension
OBJECT IDENTIFIER keyUsage ( 2  5  29  15 )
BOOLEAN TRUE
OCTET STRING, encapsulates {   extnValue
BIT STRING 6 unused bits   KeyUsage
'11'B   digitalSignature & nonRepudiation
}
}
SEQUENCE {   extension
OBJECT IDENTIFIER authorityKeyIdentifier ( 2  5  29  35 )
OCTET STRING, encapsulates {   extnValue
SEQUENCE {   AuthorityKeyIdentifier
[0]   keyIdentifier   KeyIdentifier
70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43 2B 93 F1 1F
}
}
}
SEQUENCE {   extension
OBJECT IDENTIFIER subjectKeyIdentifier ( 2  5  29  14 )
OCTET STRING, encapsulates {   extnValue
OCTET STRING   SubjectKeyIdentifier
KeyIdentifier
64 30 99 7D 5C DC 45 0B 99 3A 52 2F
16 BF 58 50 DD CE 2B 18
}
}
SEQUENCE {   extension
OBJECT IDENTIFIER subjectAltName ( 2  5  29  17 )
OCTET STRING, encapsulates {   extnValue
SEQUENCE {   GeneralNames
[1] 'DianeDSS@example.com'   rfc822Name
}
}
}
}
}
}
SEQUENCE {   signatureAlgorithm   AlgorithmIdentifier
OBJECT IDENTIFIER dsaWithSha1 ( 1  2  840  10040  4  3 )
}
BIT STRING 0 unused bits, encapsulates {   signatureValue
SEQUENCE {   Dss-Sig-Value
INTEGER   r
00 A1 1A F8 17 0E 3E 5D A8 8C F4 B6
55 33 1E 4B E3 2C AC B9 5F
INTEGER   s
28 4B 10 45 58 D2 1C 9D 55 35 14 18
91 B2 3F 39 DF B5 6E D3
}
}
}
SEQUENCE {   certificate   Certificate   (AliceDSSSignByCarlNoInherit)
SEQUENCE {   tbsCertificate   TBSCertificate
[0] {   version   Version
INTEGER 2
}
INTEGER 200   serialNumber   CertificateSerialNumber
SEQUENCE {   signature   AlgorithmIdentifier
OBJECT IDENTIFIER dsaWithSha1 ( 1  2  840  10040  4  3 )
}
SEQUENCE {   issuer   Name
SET {   RelativeDistinguishedName
SEQUENCE {
OBJECT IDENTIFIER commonName ( 2  5  4  3 )
PrintableString 'CarlDSS'
}
}
}
SEQUENCE {   validity   Validity
UTCTime '990817011049Z'   notBefore   Time
UTCTime '391231235959Z'   notAfter   Time
}
SEQUENCE {   subject   Name
SET {   RelativeDistinguishedName
SEQUENCE {
OBJECT IDENTIFIER commonName ( 2  5  4  3 )
PrintableString 'AliceDSS'
}
}
}
SEQUENCE {   subjectPublicKeyInfo   SubjectPublicKeyInfo
SEQUENCE {   algorithm   AlgorithmIdentifier
OBJECT IDENTIFIER dsa ( 1  2  840  10040  4  1 )
SEQUENCE {   parameters   Dss-Parms
INTEGER   p
00 81 8D CD ED 83 EA 0A 9E 39 3E C2
48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
53 C5 AB 84 08 4F FF 94 E1 73 48 7E
0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
DC 5F 69 8A E4 75 D0 37 0C 91 08 95
9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
78 BD FF 9D B0 84 97 37 F2 E4 51 1B
B5 E4 09 96 5C F3 7E 5B DB
INTEGER   q
00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
B8 37 21 2B 62 8B F7 93 CD
INTEGER   g
26 38 D0 14 89 32 AA 39 FB 3E 6D D9
4B 59 6A 4C 76 23 39 04 02 35 5C F2
CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30
01 7C 6D 49 89 11 89 36 44 BD F8 C8
95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
1F 11 7F C2 BD ED D1 50 FF 98 74 C2
D1 81 4A 60 39 BA 36 39
}
}
BIT STRING 0 unused bits, encapsulates {   subjectPublicKey
INTEGER   DSAPublicKey
5C E3 B9 5A 75 14 96 0B A9 7A DD E3
3F A9 EC AC 5E DC BD B7 13 11 34 A6
16 89 28 11 23 D9 34 86 67 75 75 13
12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
A5 A0 4A E3 85 D6 CE 06 80 3F E8 23
7E 1A F2 24 AB 53 1A B8 27 0D 1E EF
08 BF 66 14 80 5C 62 AC 65 FA 15 8B
F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
32 84 F0 7E 41 40 FD 46 A7 63 4E 33
F2 A5 E2 F4 F2 83 E5 B8
}
}
[3] {   extensions   Extensions
SEQUENCE {
SEQUENCE {   extension
OBJECT IDENTIFIER basicConstraints ( 2  5  29  19 )
BOOLEAN TRUE
OCTET STRING, encapsulates {   extnValue
SEQUENCE {   BasicConstraints
}
}
}
SEQUENCE {   extension
OBJECT IDENTIFIER keyUsage ( 2  5  29  15 )
BOOLEAN TRUE
OCTET STRING, encapsulates {   extnValue
BIT STRING 6 unused bits   KeyUsage
'11'B   digitalSignature & nonRepudiation
}
}
SEQUENCE {   extension
OBJECT IDENTIFIER authorityKeyIdentifier ( 2  5  29  35 )
OCTET STRING, encapsulates {   extnValue
SEQUENCE {   AuthorityKeyIdentifier
[0]   keyIdentifier   KeyIdentifier
70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43 2B 93 F1 1F
}
}
}
SEQUENCE {   extension
OBJECT IDENTIFIER subjectKeyIdentifier ( 2  5  29  14 )
OCTET STRING, encapsulates {   extnValue
OCTET STRING   SubjectKeyIdentifier
KeyIdentifier
BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
13 01 E2 FD E3 97 FE CD
}
}
SEQUENCE {   extension
OBJECT IDENTIFIER subjectAltName ( 2  5  29  17 )
OCTET STRING, encapsulates {   extnValue
SEQUENCE {   GeneralNames
[1] 'AliceDSS@example.com'   rfc822Name
}
}
}
}
}
}
SEQUENCE {   signatureAlgorithm   AlgorithmIdentifier
OBJECT IDENTIFIER dsaWithSha1 ( 1  2  840  10040  4  3 )
}
BIT STRING 0 unused bits, encapsulates {   signatureValue
SEQUENCE {   Dss-Sig-Value
INTEGER   r
55 0C A4 19 1F 42 2B 89 71 22 33 8D
83 6A B5 3D 67 6B BF 45
INTEGER   s
00 9F 61 53 52 54 0B 5C B2 DD DA E7
76 1D E2 10 52 5B 43 5E BD
}
}
}
}
SET {   signerInfos   SignerInfos
SEQUENCE {   SignerInfo   (Alice's signature)
INTEGER 1   version   CMSVersion
SEQUENCE {   sid   IssuerAndSerialNumber
SEQUENCE {   issuer   Name
SET {   RelativeDistinguishedName
SEQUENCE {
OBJECT IDENTIFIER commonName ( 2  5  4  3 )
PrintableString 'CarlDSS'
}
}
}
INTEGER 200   serialNumber   CertificateSerialNumber   (AliceDSS)
}
SEQUENCE {   digestAlgorithm   DigestAlgorithmIdentifier
OBJECT IDENTIFIER sha1 ( 1  3  14  3  2  26 )
}
SEQUENCE {   signatureAlgorithm   SignatureAlgorithmIdentifier
OBJECT IDENTIFIER dsaWithSha1 ( 1  2  840  10040  4  3 )
}
OCTET STRING, encapsulates {   signature   SignatureValue
SEQUENCE {   Dss-Sig-Value
INTEGER   r
48 24 DE 8B 85 F2 16 AF EC 82 61 A9
54 D0 2D 04 A1 CC 5A 4F
INTEGER   s
17 ED D5 77 02 EE 75 13 D8 10 BD 3D
97 17 20 88 BB FD 7B 81
}
}
}
SEQUENCE {   SignerInfo   (Diane's signature)
INTEGER 1   version   CMSVersion
SEQUENCE {   sid   IssuerAndSerialNumber
SEQUENCE {   issuer   Name
SET {   RelativeDistinguishedName
SEQUENCE {
OBJECT IDENTIFIER commonName ( 2  5  4  3 )
PrintableString 'CarlDSS'
}
}
}
INTEGER 210   serialNumber   CertificateSerialNumber   (DianeDSS)
}
SEQUENCE {   digestAlgorithm   DigestAlgorithmIdentifier
OBJECT IDENTIFIER sha1 ( 1  3  14  3  2  26 )
}
SEQUENCE {   signatureAlgorithm   SignatureAlgorithmIdentifier
OBJECT IDENTIFIER dsaWithSha1 ( 1  2  840  10040  4  3 )
}
OCTET STRING, encapsulates {   signature   SignatureValue
SEQUENCE {   Dss-Sig-Value
INTEGER   r
15 FF 81 4D 8C AD 80 4E 9B 35 58 04
37 6E 63 6E E9 5B 83 FA
INTEGER   s
06 7E 58 4E 2B 31 84 41 ED 49 79 38
3E 77 D2 A6 8C 75 08 21
}
}
}
}
}
}
}
Last update: November 19, 2009 
© 2005-2010 Joël Repiquet, All Rights Reserved.