Internet Draft                              Editor: Paul Hoffman
draft-ietf-smime-examples-02.txt
draft-ietf-smime-examples-03.txt            Internet Mail Consortium
September 29,
October 21, 1999
Expires in six months

                  Examples of S/MIME Messages

Status of this memo

This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026.

Internet-Drafts are working documents of the Internet Engineering Task
Force (IETF), its areas, and its working groups.  Note that other
groups may also distribute working documents as Internet-Drafts.

Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time.  It is inappropriate to use Internet- Drafts as reference
material or to cite them other than as "work in progress."

     The list of current Internet-Drafts can be accessed at
     http://www.ietf.org/ietf/1id-abstracts.txt

     The list of Internet-Draft Shadow Directories can be accessed at
     http://www.ietf.org/shadow.html.

To view the list Internet-Draft Shadow Directories, see
http://www.ietf.org/shadow.html.

Abstract

This document gives examples of message bodies formatted using S/MIME.
Specifically, it has examples of Cryptographic Message Syntax (CMS)
objects, S/MIME messages (including the MIME formatting), and Enhanced
Security Services for S/MIME (ESS). It includes examples of most or all
common CMS and ESS formats; in addition, it gives examples that show
common pitfalls in implementing CMS. The purpose of this document is to
help increase interoperability for S/MIME and other protocols that rely
on CMS.

This draft is being discussed on the 'ietf-smime' mailing list.  To
join the list, send a message to <ietf-smime-request@imc.org> with the
single word "subscribe" in the body of the message.  Also, there is a
Web site for the mailing list at <http://www.imc.org/ietf-smime/>.

1. Introduction

The examples in this document show the structure and format of CMS
message bodies, as described in [CMS]. They are useful to implementors
who use protocols that rely on CMS, such as the S/MIME message format
protocol. There are also examples of simple S/MIME messages [SMIME-MSG]
(including the MIME headers), and ESS messages [SMIME-ESS].

Every example in this document has been checked by two different
implementors. This strongly indicates (but does not assure) that the
examples are correct. All CMS implementors must read the CMS document
carefully before implementing from it. No one should use the examples
in this document as stand-alone explanations of how to create CMS
message bodies.

This document explicitly does not attempt to cover many PKIX [PKIX]
examples. Documents with examples of that format may be forthcoming.

2. Contributions To This Document

The examples shown here will be created and validated by many different
people. In the example listings in Appendix B, there is a tag with the
initials of the creator of the example, and one or more tags for the
people who validated the example.

Some of the examples are of mis-implementations of CMS and ESS. That
is, if a developer reading the CMS or ESS specification created a
message body that was illegal, and another developer agreed that the
mis-reading was potentially a pitfall for later developers, that
message body is also included here. To make it clear which examples are
bad, they are all put into a single section of this document with
(hopefully) explicit headings.

To contribute an implementation of an unimplemented example listed in
this document, to verify that you got the same results as an example
listed here, or to suggest a new example that should be listed, please
contact the document author at the address listed near the end of the
document.

3. Constants Used in the Examples

This section defines the data used in the rest of the document. The names
of the constants indicate their use. For example, AlicePrivDSSSign is the
private part of Alice's DSS signing key.

 - Alice is the creator of the message bodies in this spec.

 - Bob is the recipient of the messages.

 - Carl is a CA.

 - Diane sometimes gets involved with these folks.

 - Erica also sometimes gets involved.

3.1 Content of documents

ExContent is the following sentence:
     This is some sample content.
That is, it is the string of characters starting with "T" up to and
including the ".".

The hex for ExContent is
5468 6973 2069 7320 736f 6d65 2073 616d 706c 6520 636f 6e74 656e 742e

The MD5 hash of ExContent is
9898 cac8 fab7 691f f89d c207 24e7 4a04

The SHA-1 hash of ExContent is
406a ec08 5279 ba6e 1602 2d9e 0629 c022 9687 dd48

3.2 Private Keys

The following private keys are needed to create the samples.
To find the public keys, see the certificates in the next section.

AlicePrivDSSSign =
   0 30  331: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30  299:   SEQUENCE {
  11 06    7:     OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
            :       (ANSI X9.57 algorithm)
  20 30  286:     SEQUENCE {
  24 02  129:       INTEGER
            :         00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4
            :         47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94
            :         E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :         2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A
            :         E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F
            :         2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :         C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D
            :         B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B
            :         DB
 156 02   21:       INTEGER
            :         00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B
            :         62 8B F7 93 CD
 179 02  128:       INTEGER
            :         26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C
            :         76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD
            :         9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :         7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D
            :         EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23
            :         85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :         95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2
            :         BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39
            :       }
            :     }
 310 04   23:   OCTET STRING, encapsulates {
 312 02   21:       INTEGER
            :         00 BB 44 46 D1 A5 C9 46 07 2E D0 FE 7A D6 92 07
            :         F0 9A 85 89 3F
            :       }
            :   }

AlicePrivRSASign =
   0 30  630: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30   13:   SEQUENCE {
   9 06    9:     OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
            :       (PKCS #1)
  20 05    0:     NULL
            :     }
  22 04  608:   OCTET STRING, encapsulates {
  26 30  604:       SEQUENCE {
  30 02    1:         INTEGER 0
  33 02  129:         INTEGER
            :           00 E0 89 73 39 8D D8 F5 F5 E8 87 76 39 7F 4E B0
            :           05 BB 53 83 DE 0F B7 AB DC 7D C7 75 29 0D 05 2E
            :           6D 12 DF A6 86 26 D4 D2 6F AA 58 29 FC 97 EC FA
            :           82 51 0F 30 80 BE B1 50 9E 46 44 F1 2C BB D8 32
            :           CF C6 68 6F 07 D9 B0 60 AC BE EE 34 09 6A 13 F5
            :           F7 05 05 93 DF 5E BA 35 56 D9 61 FF 19 7F C9 81
            :           E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 9F 2D FA 55
            :           3A B9 99 77 02 A6 48 52 8C 4E F3 57 38 57 74 57
            :           5F
 165 02    3:         INTEGER 65537
 170 02  128:         INTEGER
            :           00 A4 03 C3 27 47 76 34 34 6C A6 86 B5 79 49 01
            :           4B 2E 8A D2 C8 62 B2 C7 D7 48 09 6A 8B 91 F7 36
            :           F2 75 D6 E8 CD 15 90 60 27 31 47 35 64 4D 95 CD
            :           67 63 CE B4 9F 56 AC 2F 37 6E 1C EE 0E BF 28 2D
            :           F4 39 90 6F 34 D8 6E 08 5B D5 65 6A D8 41 F3 13
            :           D7 2D 39 5E FE 33 CB FF 29 E4 03 0B 3D 05 A2 8F
            :           B7 F1 8E A2 76 37 B0 79 57 D3 2F 2B DE 87 06 22
            :           7D 04 66 5E C9 1B AF 8B 1A C3 EC 91 44 AB 7F 21
 301 02   65:         INTEGER
            :           00 F6 D6 E0 22 21 4C 5F 0A 70 FF 27 FC E5 B3 50
            :           6A 9D E5 0F B5 85 96 C6 40 FA A8 0A B4 9B 9B 0C
            :           55 C2 01 1D F9 37 82 8A 14 C8 F2 93 0E 92 CD A5
            :           66 21 B9 3C D2 06 BF B4 55 31 C9 DC AD CA 98 2D
            :           D1
 368 02   65:         INTEGER
            :           00 E8 DE B0 11 25 09 D2 02 51 01 DE 8A E8 98 50
            :           F5 77 77 61 A4 45 93 6B 08 55 96 73 5D F4 C8 5B
            :           12 93 22 73 8B 7F D3 70 7F F5 A4 AA BB 74 FD 3C
            :           22 6A DA 38 91 2A 86 5B 6C 14 E8 AE 4C 9E FA 8E
            :           2F
 435 02   65:         INTEGER
            :           00 97 4C F0 87 9B 17 7F EE 1B 83 1B 14 B6 0B 6A
            :           90 5F 86 27 51 E1 B7 A0 7F F5 E4 88 E3 59 B9 F9
            :           1E 9B D3 29 77 38 22 48 D7 22 B1 25 98 BA 3D 59
            :           53 B7 FA 1E 20 B2 C8 51 16 23 75 93 51 E7 AB CD
            :           F1
 502 02   64:         INTEGER
            :           2C F0 24 5B FA A0 CD 85 22 EA D0 6E 4F FA 6C CD
            :           21 D3 C8 E4 F1 84 44 48 64 73 D7 29 8F 7E 46 8C
            :           EC 15 DE E4 51 B3 94 E7 2C 99 2D 55 65 7B 24 EA
            :           A3 62 1F 3E 6C 4D 67 41 11 3B E1 BE E9 83 02 83
 568 02   64:         INTEGER
            :           58 88 D9 A1 50 38 84 6A AB 03 BC BB DF 4B F4 9C
            :           6F B8 B4 2A 25 FB F6 E4 05 2F 6E E2 88 89 21 6F
            :           4B 25 9E D0 AB 50 93 CA BF 40 71 EC 21 25 C5 7F
            :           FB 02 E9 21 96 B8 33 CD E2 C6 95 EE 6F 8D 5F 28
            :         }
            :       }
            :   }

BobPrivDHEncrypt =
   0 30  355: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30  312:   SEQUENCE {
  11 06    7:     OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
            :       (ANSI X9.42 number-type)
  20 30  299:     SEQUENCE {
  24 02  129:       INTEGER
            :         00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB 23 4D DF 2B
            :         25 C1 68 D2 9E A9 45 5B 36 F1 94 89 1A AF 7D 11
            :         24 9D 3D B9 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB
            :         AA CC 9E 28 05 95 A0 B3 17 76 C1 F7 25 35 61 02
            :         41 92 27 0C 5E AE 48 E5 F3 6E 38 EF 91 D1 CF 37
            :         FE 9A 40 97 C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA
            :         74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8 7E BC 3A AA
            :         43 0A 81 64 FC 63 F0 7B 71 98 FA C0 38 79 10 1A
            :         33
 156 02  129:       INTEGER
            :         00 BA 0B D7 74 3D E7 34 E5 4C 13 A7 95 96 BB F1
            :         E4 61 37 08 FB 12 C7 FB 9C 91 77 06 99 35 F0 48
            :         24 96 33 12 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
            :         5E 95 86 A2 73 C5 49 46 37 79 60 FD 77 05 09 48
            :         9B 70 8D 3C 05 F6 CE 44 2C 7F 7D 1B 2B 15 DD F3
            :         05 2F BE 85 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
            :         42 62 34 27 27 81 8E 6F 0F 5E 62 85 89 CC ED 21
            :         C3 91 70 06 54 EE 70 A8 92 55 5B 6E 19 22 4D 62
            :         A7
 288 02   33:       INTEGER
            :         00 C3 AB 4A 30 79 B3 D3 97 4E CA F5 A2 7D C7 70
            :         A3 45 F3 B3 A2 86 05 D2 3E 49 F9 9F D9 0A B3 BE
            :         BD
            :       }
            :     }
 323 04   34:   OCTET STRING, encapsulates {
 325 02   32:       INTEGER
            :         20 FC 67 82 EE CF 4A A6 C8 E5 83 D2 8C 3B 8A D2
            :         45 32 11 27 32 6C 86 EC 66 CA 71 AD F0 19 4D F7
            :       }
            :   }

BobPrivRSAEncrypt =
   0 30  630: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30   13:   SEQUENCE {
   9 06    9:     OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
            :       (PKCS #1)
  20 05    0:     NULL
            :     }
  22 04  608:   OCTET STRING, encapsulates {
  26 30  604:       SEQUENCE {
  30 02    1:         INTEGER 0
  33 02  129:         INTEGER
            :           00 E4 4B FF 18 B8 24 57 F4 77 FF 6E 73 7B 93 71
            :           5C BC 33 1A 92 92 72 23 D8 41 46 D0 CD 11 3A 04
            :           B3 8E AF 82 9D BD 51 1E 17 7A F2 76 2C 2B 86 39
            :           A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC A2 36 B1 ED
            :           E2 50 E2 32 09 8A 3F 9F 99 25 8F B8 4E AB B9 7D
            :           D5 96 65 DA 16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7
            :           29 CB 82 DD AC 44 E9 AA 93 94 29 0E F8 18 D6 C8
            :           57 5E F2 76 C4 F2 11 60 38 B9 1B 3C 1D 97 C9 6A
            :           F1
 165 02    3:         INTEGER 65537
 170 02  129:         INTEGER
            :           00 AE 73 E4 5B 5F 5B 66 5A C9 D7 C6 EF 38 5F 53
            :           21 2A 2F 62 FE DE 29 9A 7A 86 67 36 E7 7D 62 78
            :           75 3D 73 A0 BC 29 0E F3 8F BD C3 C9 C9 B6 F8 BA
            :           D6 13 9B C3 97 7A CA 6A F0 B8 85 65 4E 0F BD A7
            :           A8 F7 54 06 41 BD EB DC 20 77 90 DF 61 9B 9A 6F
            :           74 DE EA 3B D4 9C 87 60 ED 76 84 F1 6A 30 37 D5
            :           E0 90 16 F8 80 47 C3 19 6B ED 75 77 BA 4A ED 39
            :           B6 5D 02 47 3B 5F 1B C8 1C AB CB E8 F5 26 3F A4
            :           81
 302 02   65:         INTEGER
            :           00 FF DF 09 A0 56 0B 42 52 9E C4 4D 93 B3 B0 49
            :           BB DE E7 81 7D 28 99 D0 B1 48 BA 0B 39 E1 1C 7B
            :           22 18 33 B6 40 F6 BF DC AE 1D D0 A1 AD 04 71 5A
            :           61 0A 6E 3B CE 30 DA 36 9F 65 25 29 BB A7 0E 7F
            :           0B
 369 02   65:         INTEGER
            :           00 E4 69 68 18 5F F9 57 D0 7C 66 89 0F BA 63 1D
            :           72 CB 20 A4 81 76 64 89 CD 7D D1 C2 27 A9 2E AC
            :           7A 56 9A 85 07 D9 30 03 A3 03 AB 7F 88 92 50 24
            :           01 AA 1B 07 1F 20 4C B7 C9 7B 56 F7 B6 C2 7E AB
            :           73
 436 02   64:         INTEGER
            :           57 36 6C 8F 8C 04 76 6C B6 D4 EE 24 44 00 F8 80
            :           E2 AF 42 01 A9 0F 14 84 F8 E7 00 E0 8F 8C 27 A4
            :           2D 5F A2 E5 6D B5 63 C0 AD 44 E9 76 91 A7 19 49
            :           2E 46 F8 77 85 4B 3B 87 04 F0 AF D2 D8 54 26 95
 502 02   64:         INTEGER
            :           64 A1 0F AC 55 74 1B BD 0D 61 7B 17 03 CD B0 E6
            :           A7 19 1D 80 AF F1 41 48 D8 1A B6 88 14 A0 2C 7A
            :           C5 76 D4 0F 0E 1F 7A 2A B2 6E 37 04 AB 39 45 73
            :           BA 46 A8 0F 8D 82 5F 22 14 05 CF A2 A3 F3 7C 83
 568 02   64:         INTEGER
            :           26 1E 1D 1C A1 98 2B E4 DB 38 E8 57 6E 6B 73 19
            :           88 61 3A FA 74 4A 36 8B 47 68 5D 50 EB 26 E3 EA
            :           7D 9B 4E 65 A9 AF 7B AB 4B 2E 76 51 3D A8 D0 11
            :           AB A3 D6 A8 C0 27 36 1D 54 0B AA A7 D1 6D 8D FA
            :         }
            :       }
            :   }

CarlPrivDSSSign =
   0 30  330: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30  299:   SEQUENCE {
  11 06    7:     OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
            :       (ANSI X9.57 algorithm)
  20 30  286:     SEQUENCE {
  24 02  129:       INTEGER
            :         00 B6 49 18 3E 8A 44 C1 29 71 94 4C 01 C4 12 C1
            :         7A 79 CB 54 4D AB 1E 81 FB C6 4C B3 0E 94 09 06
            :         EB 01 D4 B1 C8 71 4B C7 45 C0 50 25 5D 9C FC DA
            :         E4 6D D3 E2 86 48 84 82 7D BA 15 95 4A 16 F6 46
            :         ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16 7B B9 50 01
            :         48 93 8B EB 25 15 51 97 55 DC 8F 53 0E 10 A9 50
            :         FC 70 B7 CD 30 54 FD DA DE A8 AA 22 B5 A1 AF 8B
            :         CC 02 88 E7 8B 70 5F B9 AD E1 08 D4 6D 29 2D D6
            :         E9
 156 02   21:       INTEGER
            :         00 DD C1 2F DF 53 CE 0B 34 60 77 3E 02 A4 BF 8A
            :         5D 98 B9 10 D5
 179 02  128:       INTEGER
            :         0C EE 57 9B 4B BD DA B6 07 6A 74 37 4F 55 7F 9D
            :         ED BC 61 0D EB 46 59 3C 56 0B 2B 5B 0C 91 CE A5
            :         62 52 69 CA E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
            :         AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 87 0B C7 CD
            :         F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D 5A 51 F5 4F
            :         44 79 35 5A 73 AA 7F 46 51 1F A9 42 16 9C 48 EB
            :         8A 79 61 B4 D5 2F 53 22 44 63 1F 86 B8 A3 58 06
            :         25 F8 29 C0 EF BA E0 75 F0 42 C4 63 65 52 9B 0A
            :       }
            :     }
 310 04   22:   OCTET STRING, encapsulates {
 312 02   20:       INTEGER
            :         19 B3 38 A5 21 62 31 50 E5 7F B9 3E 08 46 78 D1
            :         3E B5 E5 72
            :       }
            :   }

CarlPrivRSASign  =
   0 30  630: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30   13:   SEQUENCE {
   9 06    9:     OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
            :       (PKCS #1)
  20 05    0:     NULL
            :     }
  22 04  608:   OCTET STRING, encapsulates {
  26 30  604:       SEQUENCE {
  30 02    1:         INTEGER 0
  33 02  129:         INTEGER
            :           00 E4 4B FF 18 B8 24 57 F4 77 FF 6E 73 7B 93 71
            :           5C BC 33 1A 92 92 72 23 D8 41 46 D0 CD 11 3A 04
            :           B3 8E AF 82 9D BD 51 1E 17 7A F2 76 2C 2B 86 39
            :           A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC A2 36 B1 ED
            :           E2 50 E2 32 09 8A 3F 9F 99 25 8F B8 4E AB B9 7D
            :           D5 96 65 DA 16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7
            :           29 CB 82 DD AC 44 E9 AA 93 94 29 0E F8 18 D6 C8
            :           57 5E F2 76 C4 F2 11 60 38 B9 1B 3C 1D 97 C9 6A
            :           F1
 165 02    3:         INTEGER 65537
 170 02  129:         INTEGER
            :           00 AE 73 E4 5B 5F 5B 66 5A C9 D7 C6 EF 38 5F 53
            :           21 2A 2F 62 FE DE 29 9A 7A 86 67 36 E7 7D 62 78
            :           75 3D 73 A0 BC 29 0E F3 8F BD C3 C9 C9 B6 F8 BA
            :           D6 13 9B C3 97 7A CA 6A F0 B8 85 65 4E 0F BD A7
            :           A8 F7 54 06 41 BD EB DC 20 77 90 DF 61 9B 9A 6F
            :           74 DE EA 3B D4 9C 87 60 ED 76 84 F1 6A 30 37 D5
            :           E0 90 16 F8 80 47 C3 19 6B ED 75 77 BA 4A ED 39
            :           B6 5D 02 47 3B 5F 1B C8 1C AB CB E8 F5 26 3F A4
            :           81
 302 02   65:         INTEGER
            :           00 FF DF 09 A0 56 0B 42 52 9E C4 4D 93 B3 B0 49
            :           BB DE E7 81 7D 28 99 D0 B1 48 BA 0B 39 E1 1C 7B
            :           22 18 33 B6 40 F6 BF DC AE 1D D0 A1 AD 04 71 5A
            :           61 0A 6E 3B CE 30 DA 36 9F 65 25 29 BB A7 0E 7F
            :           0B
 369 02   65:         INTEGER
            :           00 E4 69 68 18 5F F9 57 D0 7C 66 89 0F BA 63 1D
            :           72 CB 20 A4 81 76 64 89 CD 7D D1 C2 27 A9 2E AC
            :           7A 56 9A 85 07 D9 30 03 A3 03 AB 7F 88 92 50 24
            :           01 AA 1B 07 1F 20 4C B7 C9 7B 56 F7 B6 C2 7E AB
            :           73
 436 02   64:         INTEGER
            :           57 36 6C 8F 8C 04 76 6C B6 D4 EE 24 44 00 F8 80
            :           E2 AF 42 01 A9 0F 14 84 F8 E7 00 E0 8F 8C 27 A4
            :           2D 5F A2 E5 6D B5 63 C0 AD 44 E9 76 91 A7 19 49
            :           2E 46 F8 77 85 4B 3B 87 04 F0 AF D2 D8 54 26 95
 502 02   64:         INTEGER
            :           64 A1 0F AC 55 74 1B BD 0D 61 7B 17 03 CD B0 E6
            :           A7 19 1D 80 AF F1 41 48 D8 1A B6 88 14 A0 2C 7A
            :           C5 76 D4 0F 0E 1F 7A 2A B2 6E 37 04 AB 39 45 73
            :           BA 46 A8 0F 8D 82 5F 22 14 05 CF A2 A3 F3 7C 83
 568 02   64:         INTEGER
            :           26 1E 1D 1C A1 98 2B E4 DB 38 E8 57 6E 6B 73 19
            :           88 61 3A FA 74 4A 36 8B 47 68 5D 50 EB 26 E3 EA
            :           7D 9B 4E 65 A9 AF 7B AB 4B 2E 76 51 3D A8 D0 11
            :           AB A3 D6 A8 C0 27 36 1D 54 0B AA A7 D1 6D 8D FA
            :         }
            :       }
            :   }

DianePrivDHEncrypt =
   0 30  354: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30  311:   SEQUENCE {
  11 06    7:     OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
            :       (ANSI X9.42 number-type)
  20 30  298:     SEQUENCE {
  24 02  129:       INTEGER
            :         00 CA 6E 91 C2 B0 BD A8 58 F2 31 21 74 BB 1F E4
            :         10 BD D0 93 A2 7E 61 E1 3D BA 23 04 16 D0 66 39
            :         BD 3B CD 05 74 48 F1 03 70 95 F4 05 63 6D 2E BF
            :         9A B7 FF 97 FF 39 BB 63 DB 4D A4 71 D8 94 9A B4
            :         F2 8A 3D 9F B7 5D 8D CA E2 AF B5 0F CF 05 65 82
            :         68 6E 43 D2 F4 04 5F 03 8B F9 50 F5 C8 6C 05 26
            :         BC BF 36 0F 5C C3 51 6A 67 E8 75 32 66 78 91 63
            :         E8 FE 34 E7 19 B6 70 6C 78 38 36 82 D2 34 36 C2
            :         DF
 156 02  128:       INTEGER
            :         6E D6 76 36 4B E4 59 07 57 5F 18 9A 10 D2 31 5C
            :         A6 10 B0 26 96 42 4D 7C A3 A1 D3 9E A5 80 B2 1F
            :         37 11 49 7C 8A 99 D8 56 3F 93 51 ED 6E 54 FB 6E
            :         DB B2 FC 34 C0 E7 CA 1E 58 2B D5 3D 3B DC AE 71
            :         21 D9 3B 56 B8 A7 F6 4D 22 52 5F 41 BA D5 1E 82
            :         69 6C DD 70 71 CC 6C 3B EF 84 A9 71 8B A9 3B 2A
            :         09 F8 BD FD CB 51 BC 2E 2E CA 3E 30 8C FA 54 9E
            :         7D 0D 03 E2 DF 63 62 6D F3 50 82 27 DC D1 99 F7
 287 02   33:       INTEGER
            :         00 AA 05 65 FB DD 4E A8 02 F1 34 39 E7 A3 FC 7D
            :         46 10 B8 5D F0 2E F2 C5 D1 5E A2 74 4C DA 0F 4E
            :         1F
            :       }
            :     }
 322 04   34:   OCTET STRING, encapsulates {
 324 02   32:       INTEGER
            :         58 2E 89 AB 57 34 7D 3C F5 9A 75 CB 7D 99 8A 19
            :         2F 3C 7A A6 85 C9 2F 1B 5A 47 03 E3 82 16 E4 9B
            :       }
            :   }

DianePrivDSSSign =
   0 30  331: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30  299:   SEQUENCE {
  11 06    7:     OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
            :       (ANSI X9.57 algorithm)
  20 30  286:     SEQUENCE {
  24 02  129:       INTEGER
            :         00 B6 49 18 3E 8A 44 C1 29 71 94 4C 01 C4 12 C1
            :         7A 79 CB 54 4D AB 1E 81 FB C6 4C B3 0E 94 09 06
            :         EB 01 D4 B1 C8 71 4B C7 45 C0 50 25 5D 9C FC DA
            :         E4 6D D3 E2 86 48 84 82 7D BA 15 95 4A 16 F6 46
            :         ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16 7B B9 50 01
            :         48 93 8B EB 25 15 51 97 55 DC 8F 53 0E 10 A9 50
            :         FC 70 B7 CD 30 54 FD DA DE A8 AA 22 B5 A1 AF 8B
            :         CC 02 88 E7 8B 70 5F B9 AD E1 08 D4 6D 29 2D D6
            :         E9
 156 02   21:       INTEGER
            :         00 DD C1 2F DF 53 CE 0B 34 60 77 3E 02 A4 BF 8A
            :         5D 98 B9 10 D5
 179 02  128:       INTEGER
            :         0C EE 57 9B 4B BD DA B6 07 6A 74 37 4F 55 7F 9D
            :         ED BC 61 0D EB 46 59 3C 56 0B 2B 5B 0C 91 CE A5
            :         62 52 69 CA E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
            :         AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 87 0B C7 CD
            :         F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D 5A 51 F5 4F
            :         44 79 35 5A 73 AA 7F 46 51 1F A9 42 16 9C 48 EB
            :         8A 79 61 B4 D5 2F 53 22 44 63 1F 86 B8 A3 58 06
            :         25 F8 29 C0 EF BA E0 75 F0 42 C4 63 65 52 9B 0A
            :       }
            :     }
 310 04   23:   OCTET STRING, encapsulates {
 312 02   21:       INTEGER
            :         00 96 95 F9 E0 C1 E0 41 2D 32 0F 8B 42 52 93 2A
            :         E6 1E 0E 21 29
            :       }
            :   }

DianePrivRSASignEncrypt =
   0 30  631: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30   13:   SEQUENCE {
   9 06    9:     OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
            :       (PKCS #1)
  20 05    0:     NULL
            :     }
  22 04  609:   OCTET STRING, encapsulates {
  26 30  605:       SEQUENCE {
  30 02    1:         INTEGER 0
  33 02  129:         INTEGER
            :           00 D6 FD B8 C0 70 C6 4C 25 EC EA CF EA 7C BB A2
            :           62 FA F0 E6 32 3A 53 FF B1 92 5A 17 F4 20 E1 99
            :           24 82 0A D0 F6 7C FB 44 CA 8B 27 06 F1 7E 26 03
            :           A9 76 9D CF EC A0 2C 70 96 F2 83 42 F6 D4 B7 28
            :           0A BB F8 BF 4A 4C 19 3F 07 DB A0 C1 60 1E B7 7E
            :           67 F7 DE B1 C3 60 49 AC 45 D7 F8 C6 EF 08 37 21
            :           93 47 EE F0 73 35 72 B0 02 C4 F3 11 C3 5E 47 E5
            :           0A B7 83 F1 DB 74 69 64 8B 44 1D 95 5D CD 28 C0
            :           85
 165 02    3:         INTEGER 65537
 170 02  128:         INTEGER
            :           3D BD CD C2 0E 61 14 5B 4B E7 BF 60 23 04 2B C5
            :           6B 35 A5 96 45 23 FC 69 7D 93 3C 0F D3 25 96 BA
            :           62 52 42 E2 96 CF FE 58 80 8F EB B1 8C BD D4 0D
            :           65 D0 3A 77 45 24 9E 0C EB 86 80 C3 AC 21 11 71
            :           44 E3 B2 A8 A9 2E AC 17 D2 A3 84 25 63 B5 BC 2F
            :           1E DD F6 21 FF 15 20 24 5B F1 80 2F D5 41 0E 32
            :           24 F7 D4 4A 32 9E B9 49 D8 19 8E 3F 39 8D 62 BD
            :           80 FC 0C 24 92 93 E4 C3 D7 05 91 53 BB 96 B6 41
 301 02   65:         INTEGER
            :           00 F3 B8 3F 4A D1 94 B0 91 60 13 41 92 0D 8D 44
            :           3F 77 1D FF 96 23 44 08 D4 0B 70 C9 1A AF E9 90
            :           94 F2 B0 D5 5F 4F 19 85 50 A1 90 91 AE BD 05 76
            :           52 B3 22 D8 A8 7C 8E 54 7F 00 72 4F 36 75 68 73
            :           B5
 368 02   65:         INTEGER
            :           00 E1 D2 E7 11 57 06 AE 72 95 22 16 AA 02 B4 5A
            :           ED 4E 9D 82 11 4F 96 3C 86 C9 10 8D 56 7B 31 75
            :           79 69 E7 75 68 38 00 4B 2E D2 26 32 DD B1 E2 E0
            :           2C 54 80 0A 75 BA D1 66 96 1B B0 0E A0 7E D2 BB
            :           91
 435 02   65:         INTEGER
            :           00 AF B6 BC DB 22 73 43 41 EC B4 B5 67 A9 A1 99
            :           FC EF D2 8E FD 1D FB E5 29 8B FE 0A DF D4 C8 5E
            :           57 25 0A 5D 2B D4 09 A0 56 5B C5 B1 62 FC 20 BE
            :           08 2D E3 07 B5 A1 E7 B3 FF C4 C0 A5 5F AC 12 5C
            :           A9
 502 02   65:         INTEGER
            :           00 B9 98 41 FC 08 50 1F 73 60 8A 01 A2 7C 52 8A
            :           20 5A EA 2C 89 D9 A5 19 DD 94 C6 1B C3 25 C0 82
            :           51 E4 EE 2B 9A 19 DC 73 ED E9 1D 27 D4 F8 6C 03
            :           DD AB 1D 08 7B B5 AC 7F E9 82 9B F1 89 8A 71 DB
            :           61
 569 02   64:         INTEGER
            :           01 07 21 97 5F 7A 60 A8 FD 5A 5C 07 DF A8 DE F7
            :           E2 B1 34 7D FC EB 91 BD B0 73 74 C8 C4 BE 3F 58
            :           45 30 06 90 B3 AC 69 CC B3 F7 3F 7C AC C7 B8 1B
            :           65 A1 16 39 39 B0 E3 74 7D CF CD C5 AC 6C BF E5
            :         }
            :       }
            :   }

EricaPrivDHEncryptBobParam =
   0 30  355: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30  312:   SEQUENCE {
  11 06    7:     OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
            :       (ANSI X9.42 number-type)
  20 30  299:     SEQUENCE {
  24 02  129:       INTEGER
            :         00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB 23 4D DF 2B
            :         25 C1 68 D2 9E A9 45 5B 36 F1 94 89 1A AF 7D 11
            :         24 9D 3D B9 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB
            :         AA CC 9E 28 05 95 A0 B3 17 76 C1 F7 25 35 61 02
            :         41 92 27 0C 5E AE 48 E5 F3 6E 38 EF 91 D1 CF 37
            :         FE 9A 40 97 C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA
            :         74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8 7E BC 3A AA
            :         43 0A 81 64 FC 63 F0 7B 71 98 FA C0 38 79 10 1A
            :         33
 156 02  129:       INTEGER
            :         00 BA 0B D7 74 3D E7 34 E5 4C 13 A7 95 96 BB F1
            :         E4 61 37 08 FB 12 C7 FB 9C 91 77 06 99 35 F0 48
            :         24 96 33 12 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
            :         5E 95 86 A2 73 C5 49 46 37 79 60 FD 77 05 09 48
            :         9B 70 8D 3C 05 F6 CE 44 2C 7F 7D 1B 2B 15 DD F3
            :         05 2F BE 85 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
            :         42 62 34 27 27 81 8E 6F 0F 5E 62 85 89 CC ED 21
            :         C3 91 70 06 54 EE 70 A8 92 55 5B 6E 19 22 4D 62
            :         A7
 288 02   33:       INTEGER
            :         00 C3 AB 4A 30 79 B3 D3 97 4E CA F5 A2 7D C7 70
            :         A3 45 F3 B3 A2 86 05 D2 3E 49 F9 9F D9 0A B3 BE
            :         BD
            :       }
            :     }
 323 04   34:   OCTET STRING, encapsulates {
 325 02   32:       INTEGER
            :         48 64 11 E4 17 01 12 E6 C1 D3 9C 70 7D 7C A6 97
            :         95 BD C8 95 07 F7 CF 41 11 A7 13 91 FB 30 3D 8C
            :       }
            :   }

MailListTripleDES =
255e 0d1c 07b6 46df b313 4cc8 43ba 8aa7 1f02 5b7c 0838 251f

MailListRC2 =
b70a 25fb c9d8 6a86 050c e0d7 11ea d4d9

3.3 Certificates

Note that Bob's and Diane's Diffie-Hellman encryption keys do *not*
share Diffie-Hellman parameters; however, Bob and Erica share Diffie-
Hellman parameters.

AliceDSSSignByCarlNoInherit =
   0 30  734: SEQUENCE {
   4 30  669:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02    2:     INTEGER 200
  17 30    9:     SEQUENCE {
  19 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :         (ANSI X9.57 algorithm)
            :       }
  28 30   18:     SEQUENCE {
  30 31   16:       SET {
  32 30   14:         SEQUENCE {
  34 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  39 13    7:           PrintableString 'CarlDSS'
            :           }
            :         }
            :       }
  48 30   30:     SEQUENCE {
  50 17   13:       UTCTime '990817011049Z'
  65 17   13:       UTCTime '391231235959Z'
            :       }
  80 30   19:     SEQUENCE {
  82 31   17:       SET {
  84 30   15:         SEQUENCE {
  86 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  91 13    8:           PrintableString 'AliceDSS'
            :           }
            :         }
            :       }
 101 30  438:     SEQUENCE {
 105 30  299:       SEQUENCE {
 109 06    7:         OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
            :           (ANSI X9.57 algorithm)
 118 30  286:         SEQUENCE {
 122 02  129:           INTEGER
            :             00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4
            :             47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94
            :             E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :             2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A
            :             E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F
            :             2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :             C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D
            :             B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B
            :             DB
 254 02   21:           INTEGER
            :             00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B
            :             62 8B F7 93 CD
 277 02  128:           INTEGER
            :             26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C
            :             76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD
            :             9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :             7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D
            :             EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23
            :             85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :             95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2
            :             BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39
            :           }
            :         }
 408 03  132:       BIT STRING 0 unused bits, encapsulates {
 412 02  128:           INTEGER
            :             5C E3 B9 5A 75 14 96 0B A9 7A DD E3 3F A9 EC AC
            :             5E DC BD B7 13 11 34 A6 16 89 28 11 23 D9 34 86
            :             67 75 75 13 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
            :             1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 A5 A0 4A E3
            :             85 D6 CE 06 80 3F E8 23 7E 1A F2 24 AB 53 1A B8
            :             27 0D 1E EF 08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :             F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 32 84 F0 7E
            :             41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2 83 E5 B8
            :           }
            :       }
 543 A3  131:     [3] {
 546 30  128:       SEQUENCE {
 549 30   32:         SEQUENCE {
 551 06    3:           OBJECT IDENTIFIER subjectAltName (2 5 29 17)
            :             (X.509 id-ce (2 5 29))
 556 04   25:           OCTET STRING, encapsulates {
 558 30   23:               SEQUENCE {
 560 81   21:                 [1] 'aliceDss@examples.com'
            :                 }
            :               }
            :           }
 583 30   12:         SEQUENCE {
 585 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :             (X.509 id-ce (2 5 29))
 590 01    1:           BOOLEAN TRUE
 593 04    2:           OCTET STRING, encapsulates {
 595 30    0:               SEQUENCE {}
            :               }
            :           }
 597 30   14:         SEQUENCE {
 599 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 604 01    1:           BOOLEAN TRUE
 607 04    4:           OCTET STRING, encapsulates {
 609 03    2:               BIT STRING 6 unused bits
            :                 '11'B
            :               }
            :           }
 613 30   31:         SEQUENCE {
 615 06    3:           OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
            :             (X.509 id-ce (2 5 29))
 620 04   24:           OCTET STRING, encapsulates {
 622 30   22:               SEQUENCE {
 624 80   20:                 [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43
            :                   2B 93 F1 1F
            :                 }
            :               }
            :           }
 646 30   29:         SEQUENCE {
 648 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
            :             (X.509 id-ce (2 5 29))
 653 04   22:           OCTET STRING
            :             04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01
            :             E2 FD E3 97 FE CD
            :           }
            :         }
            :       }
            :     }
 677 30    9:   SEQUENCE {
 679 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :       (ANSI X9.57 algorithm)
            :     }
 688 03   48:   BIT STRING 0 unused bits, encapsulates {
 691 30   45:       SEQUENCE {
 693 02   21:         INTEGER
            :           00 98 B0 C6 3F CF 71 47 5A 35 A9 4A 8F C0 F8 24
            :           05 E8 46 94 8E
 716 02   20:         INTEGER
            :           5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9 A1 87 C1 A5
            :           7F 28 2D BB
            :         }
            :       }
            :   }

AliceRSASignByCarl =
   0 30  514:  522: SEQUENCE {
   4 30  367:  371:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02   16:     INTEGER
            :       46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
  31 30    9:   13:     SEQUENCE {
  33 06    5:    9:       OBJECT IDENTIFIER sha-1WithRSAEncryption
            :         sha1withRSAEncryption (1 3 14 3 2 29) 840 113549 1 1 5)
            :         (Oddball OIW OID)
  40         (PKCS #1)
  44 05    0:       NULL
            :       }
  42
  46 30   18:     SEQUENCE {
  44
  48 31   16:       SET {
  46
  50 30   14:         SEQUENCE {
  48
  52 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  53
  57 13    7:           PrintableString 'CarlRSA'
            :           }
            :         }
            :       }
  62
  66 30   30:     SEQUENCE {
  64
  68 17   13:       UTCTime '990919010847Z'
  79 '990819070000Z'
  83 17   13:       UTCTime '391231235959Z'
            :       }
  94
  98 30   19:     SEQUENCE {
  96
 100 31   17:       SET {
  98
 102 30   15:         SEQUENCE {
 100
 104 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
 105
 109 13    8:           PrintableString 'AliceRSA'
            :           }
            :         }
            :       }
 115
 119 30  159:     SEQUENCE {
 118
 122 30   13:       SEQUENCE {
 120
 124 06    9:         OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
            :           (PKCS #1)
 131
 135 05    0:         NULL
            :         }
 133
 137 03  141:       BIT STRING 0 unused bits, encapsulates {
 137
 141 30  137:           SEQUENCE {
 140
 144 02  129:             INTEGER
            :               00 E0 89 73 39 8D D8 F5 F5 E8 87 76 39 7F 4E B0
            :               05 BB 53 83 DE 0F B7 AB DC 7D C7 75 29 0D 05 2E
            :               6D 12 DF A6 86 26 D4 D2 6F AA 58 29 FC 97 EC FA
            :               82 51 0F 30 80 BE B1 50 9E 46 44 F1 2C BB D8 32
            :               CF C6 68 6F 07 D9 B0 60 AC BE EE 34 09 6A 13 F5
            :               F7 05 05 93 DF 5E BA 35 56 D9 61 FF 19 7F C9 81
            :               E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 9F 2D FA 55
            :               3A B9 99 77 02 A6 48 52 8C 4E F3 57 38 57 74 57
            :               5F
 272
 276 02    3:             INTEGER 65537
            :             }
            :           }
            :       }
 277
 281 A3   96:     [3] {
 279
 283 30   94:       SEQUENCE {
 281
 285 30   12:         SEQUENCE {
 283
 287 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :             (X.509 id-ce (2 5 29))
 288
 292 01    1:           BOOLEAN TRUE
 291
 295 04    2:           OCTET STRING, encapsulates {
 293
 297 30    0:               SEQUENCE {}
            :               }
            :           }
 295
 299 30   14:         SEQUENCE {
 297
 301 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 302
 306 01    1:           BOOLEAN TRUE
 305
 309 04    4:           OCTET STRING, encapsulates {
 307
 311 03    2:               BIT STRING 6 unused bits
            :                 '11'B
            :               }
            :           }
 311
 315 30   31:         SEQUENCE {
 313
 317 06    3:           OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
            :             (X.509 id-ce (2 5 29))
 318
 322 04   24:           OCTET STRING, encapsulates {
 320
 324 30   22:               SEQUENCE {
 322
 326 80   20:                 [0]
            :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 4E 22
            :                   AE 9E 38 BB
            :                 }
            :               }
            :           }
 344
 348 30   29:         SEQUENCE {
 346
 350 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
            :             (X.509 id-ce (2 5 29))
 351
 355 04   22:           OCTET STRING
            :             04 14 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D CE EC
            :             3C A0 3A E3 FF 50
            :           }
            :         }
            :       }
            :     }
 375
 379 30    9:   13:   SEQUENCE {
 377
 381 06    5:    9:     OBJECT IDENTIFIER sha-1WithRSAEncryption
            :       sha1withRSAEncryption (1 3 14 3 2 29) 840 113549 1 1 5)
            :       (Oddball OIW OID)
 384       (PKCS #1)
 392 05    0:     NULL
            :     }
 386
 394 03  129:   BIT STRING 0 unused bits
            :     BF 34 32 E6 FC 6A 88 41 7D F0 5C 99 A1 93 B7 49
            :     B7 02     52 FF B3 8B 54 1E 08 BF F3 6D 0C 12 08 7D 8E CB 84 AC 93 D7 58 2B 00 A1 9C C4 48
            :     48 99 DD 02 C3 C6 05 F8 D2 25 F1 A3 9C C9 33 01     6E 59 EC 56 93 A6 4A 22 40 5F 8B 14 79 7E 83 4F
            :     8A     F5 3F DE 21 97 16 58 70 76 0E 6F 77 43 32 B2 20 51 A3 1A 1F
            :     97 48 80 5C 83 B0 B8 93 0B 03 44 AE BF E1 E6 B3 6A 04 79 39 EE BE A4 8C
            :     E1 E9 E5 9D 50 07     06 C6 45 E2 81 08 D5 89 58 0C 28 1B 2D A5 8B 22 DC 12 50 E3 F3 B4 3D 9E 1C
            :     E5 93 9E B1 CD 33 F9 E0 AB 98 71 09 F8 EB B0     4A E3 D7 44 34 D4 CB 53 FC BA A9 8B AA B6 E9 B0
            :     9C EC     C3 AB 74 F1 88 D8 AE 03 D1 FE 60 E1 62 14 B1 A2 23 2A F1 B0 C6 38 EA 87 02 1E 10 BB 99
            :     D2 C8 8D     C4 BE 36 C0 08 BA 13 65 37 3E 36 F3 31 42 73 18 1F 5E EE 9B 72 02 27 C2 85 3D 04 2E
            :   }

BobDHEncryptByCarl =
   0 30  866: SEQUENCE {
   4 30  801:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02    2:     INTEGER 201
  17 30    9:     SEQUENCE {
  19 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :         (ANSI X9.57 algorithm)
            :       }
  28 30   18:     SEQUENCE {
  30 31   16:       SET {
  32 30   14:         SEQUENCE {
  34 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  39 13    7:           PrintableString 'CarlDSS'
            :           }
            :         }
            :       }
  48 30   30:     SEQUENCE {
  50 17   13:       UTCTime '990817011828Z'
  65 17   13:       UTCTime '391231235959Z'
            :       }
  80 30   16:     SEQUENCE {
  82 31   14:       SET {
  84 30   12:         SEQUENCE {
  86 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  91 13    5:           PrintableString 'bobDH'
            :           }
            :         }
            :       }
  98 30  578:     SEQUENCE {
 102 30  439:       SEQUENCE {
 106 06    7:         OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
            :           (ANSI X9.42 number-type)
 115 30  426:         SEQUENCE {
 119 02  129:           INTEGER
            :             00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB 23 4D DF 2B
            :             25 C1 68 D2 9E A9 45 5B 36 F1 94 89 1A AF 7D 11
            :             24 9D 3D B9 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB
            :             AA CC 9E 28 05 95 A0 B3 17 76 C1 F7 25 35 61 02
            :             41 92 27 0C 5E AE 48 E5 F3 6E 38 EF 91 D1 CF 37
            :             FE 9A 40 97 C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA
            :             74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8 7E BC 3A AA
            :             43 0A 81 64 FC 63 F0 7B 71 98 FA C0 38 79 10 1A
            :             33
 251 02  129:           INTEGER
            :             00 BA 0B D7 74 3D E7 34 E5 4C 13 A7 95 96 BB F1
            :             E4 61 37 08 FB 12 C7 FB 9C 91 77 06 99 35 F0 48
            :             24 96 33 12 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
            :             5E 95 86 A2 73 C5 49 46 37 79 60 FD 77 05 09 48
            :             9B 70 8D 3C 05 F6 CE 44 2C 7F 7D 1B 2B 15 DD F3
            :             05 2F BE 85 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
            :             42 62 34 27 27 81 8E 6F 0F 5E 62 85 89 CC ED 21
            :             C3 91 70 06 54 EE 70 A8 92 55 5B 6E 19 22 4D 62
            :             A7
 383 02   33:           INTEGER
            :             00 C3 AB 4A 30 79 B3 D3 97 4E CA F5 A2 7D C7 70
            :             A3 45 F3 B3 A2 86 05 D2 3E 49 F9 9F D9 0A B3 BE
            :             BD
 418 02   97:           INTEGER
            :             01 34 FE C2 33 48 EB F6 3B 97 D9 E4 97 A7 60 A5
            :             25 69 34 FB FD 46 2A D6 C9 C4 C5 F7 D6 F4 04 19
            :             8D 94 D9 8A 37 68 69 67 55 FB F2 6B 0E 47 C5 5B
            :             0B 4B 0E 1C 1A 8B 7B 75 B7 AA C3 AA D7 EB 3B DA
            :             2A 8D 02 87 37 47 83 D7 31 B4 25 A8 AC BB 11 88
            :             53 1C 11 92 B6 69 E7 2E 90 C1 7A FC 87 F4 F6 D7
            :             1A
 517 30   26:           SEQUENCE {
 519 03   21:             BIT STRING 0 unused bits
            :               B9 FF 1C 93 44 67 37 D1 B2 F8 57 9A 32 4A C9 4A
            :               FF 3B EC 1E
 542 02    1:             INTEGER 29
            :             }
            :           }
            :         }
 545 03  132:       BIT STRING 0 unused bits, encapsulates {
 549 02  128:           INTEGER
            :             6F D4 F6 CD 94 9A 6E AF 5B 57 17 96 75 BB 0F B9
            :             48 E9 90 37 0D 15 20 C2 55 1E 13 E2 AE 71 17 84
            :             C3 0E 74 AE 8A 55 7F 28 7D 8B D7 28 22 9C 76 46
            :             D7 3B 4F 9D D1 4D 1B B2 DB 51 94 C5 6D 54 96 40
            :             38 8A 38 81 63 4A 8C C3 1E 09 89 74 A6 58 D5 C8
            :             5A 3D CF BB B8 23 7F 9C 1F 7D 78 FA 9E F9 90 9E
            :             91 E7 4B C2 A4 BE 45 06 78 42 58 3D 9F 63 2C EF
            :             84 D4 67 E5 FB C6 6D A2 36 29 67 90 46 DB 4E 48
            :           }
            :       }
 680 A3  127:     [3] {
 682 30  125:       SEQUENCE {
 684 30   29:         SEQUENCE {
 686 06    3:           OBJECT IDENTIFIER subjectAltName (2 5 29 17)
            :             (X.509 id-ce (2 5 29))
 691 04   22:           OCTET STRING, encapsulates {
 693 30   20:               SEQUENCE {
 695 81   18:                 [1] 'bobDh@examples.com'
            :                 }
            :               }
            :           }
 715 30   12:         SEQUENCE {
 717 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :             (X.509 id-ce (2 5 29))
 722 01    1:           BOOLEAN TRUE
 725 04    2:           OCTET STRING, encapsulates {
 727 30    0:               SEQUENCE {}
            :               }
            :           }
 729 30   14:         SEQUENCE {
 731 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 736 01    1:           BOOLEAN TRUE
 739 04    4:           OCTET STRING, encapsulates {
 741 03    2:               BIT STRING 3 unused bits
            :                 '10000'B
            :               }
            :           }
 745 30   31:         SEQUENCE {
 747 06    3:           OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
            :             (X.509 id-ce (2 5 29))
 752 04   24:           OCTET STRING, encapsulates {
 754 30   22:               SEQUENCE {
 756 80   20:                 [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43
            :                   2B 93 F1 1F
            :                 }
            :               }
            :           }
 778 30   29:         SEQUENCE {
 780 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
            :             (X.509 id-ce (2 5 29))
 785 04   22:           OCTET STRING
            :             04 14 26 FF 19 48 C3 59 33 68 56 8D 7E C8 80 68
            :             5C CF 3C 72 DD 26
            :           }
            :         }
            :       }
            :     }
 809 30    9:   SEQUENCE {
 811 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :       (ANSI X9.57 algorithm)
            :     }
 820 03   48:   BIT STRING 0 unused bits, encapsulates {
 823 30   45:       SEQUENCE {
 825 02   20:         INTEGER
            :           15 EA 15 43 E3 49 22 86 C1 BB E5 DA E4 0E B8 09
            :           E0 D5 72 35
 847 02   21:         INTEGER
            :           00 AE 4F 51 29 73 71 75 A9 81 EB ED 9D 5E 00 19
            :           7E F0 DE 5A D6
            :         }
            :       }
            :   }

BobRSASignByCarl =
   0 30  512:  520: SEQUENCE {
   4 30  365:  369:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02   16:     INTEGER
            :       46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
  31 30    9:   13:     SEQUENCE {
  33 06    5:    9:       OBJECT IDENTIFIER sha-1WithRSAEncryption
            :         sha1withRSAEncryption (1 3 14 3 2 29) 840 113549 1 1 5)
            :         (Oddball OIW OID)
  40         (PKCS #1)
  44 05    0:       NULL
            :       }
  42
  46 30   18:     SEQUENCE {
  44
  48 31   16:       SET {
  46
  50 30   14:         SEQUENCE {
  48
  52 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  53
  57 13    7:           PrintableString 'CarlRSA'
            :           }
            :         }
            :       }
  62
  66 30   30:     SEQUENCE {
  64
  68 17   13:       UTCTime '990919010902Z'
  79 '990819070000Z'
  83 17   13:       UTCTime '391231235959Z'
            :       }
  94
  98 30   17:     SEQUENCE {
  96
 100 31   15:       SET {
  98
 102 30   13:         SEQUENCE {
 100
 104 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
 105
 109 13    6:           PrintableString 'BobRSA'
            :           }
            :         }
            :       }
 113
 117 30  159:     SEQUENCE {
 116
 120 30   13:       SEQUENCE {
 118
 122 06    9:         OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
            :           (PKCS #1)
 129
 133 05    0:         NULL
            :         }
 131
 135 03  141:       BIT STRING 0 unused bits, encapsulates {
 135
 139 30  137:           SEQUENCE {
 138
 142 02  129:             INTEGER
            :               00 CA 5C E1 2E EC CF C1 3B 5D 10 1B DF 54 35 71
            :               99 0A 09 D8 3D E4 61 BF A0 BE 0A BE 11 A4 3C B5
            :               38 41 41 48 04 E1 5B B1 17 1C 53 B5 F4 C5 15 D3
            :               FE 0C FB 0C AC EA 80 18 36 03 7E 41 93 53 D7 40
            :               74 49 DB D9 C6 AF FE D6 CA 0D CA 01 84 8F A1 E9
            :               A3 00 21 27 51 D5 40 19 AA E3 C0 30 78 5B A0 B2
            :               E6 C1 2D 24 36 CB AE 44 10 82 B0 DD 74 D7 F6 EB
            :               51 27 B2 A7 B6 AD 78 CA A7 1B 59 51 18 EF 28 0C
            :               53
 270
 274 02    3:             INTEGER 65537
            :             }
            :           }
            :       }
 275
 279 A3   96:     [3] {
 277
 281 30   94:       SEQUENCE {
 279
 283 30   12:         SEQUENCE {
 281
 285 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :             (X.509 id-ce (2 5 29))
 286
 290 01    1:           BOOLEAN TRUE
 289
 293 04    2:           OCTET STRING, encapsulates {
 291
 295 30    0:               SEQUENCE {}
            :               }
            :           }
 293
 297 30   14:         SEQUENCE {
 295
 299 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 300
 304 01    1:           BOOLEAN TRUE
 303
 307 04    4:           OCTET STRING, encapsulates {
 305
 309 03    2:               BIT STRING 5 unused bits
            :                 '100'B
            :               }
            :           }
 309
 313 30   31:         SEQUENCE {
 311
 315 06    3:           OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
            :             (X.509 id-ce (2 5 29))
 316
 320 04   24:           OCTET STRING, encapsulates {
 318
 322 30   22:               SEQUENCE {
 320
 324 80   20:                 [0]
            :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 4E 22
            :                   AE 9E 38 BB
            :                 }
            :               }
            :           }
 342
 346 30   29:         SEQUENCE {
 344
 348 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
            :             (X.509 id-ce (2 5 29))
 349
 353 04   22:           OCTET STRING
            :             04 14 E8 F4 B8 67 D8 B3 96 A4 2A F3 11 AA 29 D3
            :             95 5A 86 16 B4 24
            :           }
            :         }
            :       }
            :     }
 373
 377 30    9:   13:   SEQUENCE {
 375
 379 06    5:    9:     OBJECT IDENTIFIER sha-1WithRSAEncryption
            :       sha1withRSAEncryption (1 3 14 3 2 29) 840 113549 1 1 5)
            :       (Oddball OIW OID)
 382       (PKCS #1)
 390 05    0:     NULL
            :     }
 384
 392 03  129:   BIT STRING 0 unused bits
            :     98 FA AF 7D 21 01     2B 53 8A E0 38 69 0C 19 2D AA B3 88 BC F1 EF 12 5F 4D D9 42 67 BE 58 49
            :     30 D8 8E     A9 58 4C 42 F1 F5 68 B6 4E BC E1 2C 4D 07 A4 9E B2 7E 68 57 8D 0C 43 5C D7 DB D0
            :     1E 45 D1 F7     95 33 E2 A0 75 CA 13 C8 53 BC 33 26
            :     9B B3 C8 50 DF CD 84 6A 1B E8 48 C8 42 D0 81 63 4C F0 EF 5F 23 D6 90 7C 3F 62 92 86 E4 D2
            :     6C 33 19 BE 02 69 F6 16 31 7F D4 99     64 AB 2E B5 CA 5D 58 57 04 DF 80 7A F3
            :     3B F8 1B 39 29 7D 26 51 37 03 73 B0 CD A5
            :     6B 22 3F F6 15 3D 30 75 C9 5D D5 0B FF C9 B8 7B F0 09 2C A1 86
            :     F3 75 CD 54 67 AD 8B 1E 7B EC 7E AB 25 2B 14 71
            :     32 8A F1 AE 97 DE D7 F5     98 D1 19 16 A9 A7 AD C7 15 AF 53 F0 60 EB 3B 3C F4 0F 24 98 7A A4 A4
            :     3E A8 25 91 B2 C4 5F     BA E6 C2 4E 6A 15 57 47 50 BC B2 FA 80 07 EA C4 93 92 8B 49 17 FE 42 58
            :   }

CarlDSSSelf =
   0 30  667: SEQUENCE {
   4 30  602:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02    1:     INTEGER 1
  16 30    9:     SEQUENCE {
  18 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :         (ANSI X9.57 algorithm)
            :       }
  27 30   18:     SEQUENCE {
  29 31   16:       SET {
  31 30   14:         SEQUENCE {
  33 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  38 13    7:           PrintableString 'CarlDSS'
            :           }
            :         }
            :       }
  47 30   30:     SEQUENCE {
  49 17   13:       UTCTime '990816225050Z'
  64 17   13:       UTCTime '391231235959Z'
            :       }
  79 30   18:     SEQUENCE {
  81 31   16:       SET {
  83 30   14:         SEQUENCE {
  85 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  90 13    7:           PrintableString 'CarlDSS'
            :           }
            :         }
            :       }
  99 30  439:     SEQUENCE {
 103 30  299:       SEQUENCE {
 107 06    7:         OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
            :           (ANSI X9.57 algorithm)
 116 30  286:         SEQUENCE {
 120 02  129:           INTEGER
            :             00 B6 49 18 3E 8A 44 C1 29 71 94 4C 01 C4 12 C1
            :             7A 79 CB 54 4D AB 1E 81 FB C6 4C B3 0E 94 09 06
            :             EB 01 D4 B1 C8 71 4B C7 45 C0 50 25 5D 9C FC DA
            :             E4 6D D3 E2 86 48 84 82 7D BA 15 95 4A 16 F6 46
            :             ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16 7B B9 50 01
            :             48 93 8B EB 25 15 51 97 55 DC 8F 53 0E 10 A9 50
            :             FC 70 B7 CD 30 54 FD DA DE A8 AA 22 B5 A1 AF 8B
            :             CC 02 88 E7 8B 70 5F B9 AD E1 08 D4 6D 29 2D D6
            :             E9
 252 02   21:           INTEGER
            :             00 DD C1 2F DF 53 CE 0B 34 60 77 3E 02 A4 BF 8A
            :             5D 98 B9 10 D5
 275 02  128:           INTEGER
            :             0C EE 57 9B 4B BD DA B6 07 6A 74 37 4F 55 7F 9D
            :             ED BC 61 0D EB 46 59 3C 56 0B 2B 5B 0C 91 CE A5
            :             62 52 69 CA E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
            :             AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 87 0B C7 CD
            :             F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D 5A 51 F5 4F
            :             44 79 35 5A 73 AA 7F 46 51 1F A9 42 16 9C 48 EB
            :             8A 79 61 B4 D5 2F 53 22 44 63 1F 86 B8 A3 58 06
            :             25 F8 29 C0 EF BA E0 75 F0 42 C4 63 65 52 9B 0A
            :           }
            :         }
 406 03  133:       BIT STRING 0 unused bits, encapsulates {
 410 02  129:           INTEGER
            :             00 99 87 74 27 03 66 A0 B1 C0 AD DC 2C 75 BB E1
            :             6C 44 9C DA 21 6D 4D 47 6D B1 62 09 E9 D8 AE 1E
            :             F2 3A B4 94 B1 A3 8E 7A 9B 71 4E 00 94 C9 B4 25
            :             4E B9 60 96 19 24 01 F3 62 0C FE 75 C0 FB CE D8
            :             68 00 E3 FD D5 70 4F DF 23 96 19 06 94 F4 B1 61
            :             8F 3A 57 B1 08 11 A4 0B 26 25 F0 52 76 81 EA 0B
            :             62 0D 95 2A E6 86 BA 72 B2 A7 50 83 0B AA 27 CD
            :             1B A9 4D 89 9A D7 8D 18 39 84 3F 8B C5 56 4D 80
            :             7A
            :           }
            :       }
 542 A3   66:     [3] {
 544 30   64:       SEQUENCE {
 546 30   15:         SEQUENCE {
 548 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :             (X.509 id-ce (2 5 29))
 553 01    1:           BOOLEAN TRUE
 556 04    5:           OCTET STRING, encapsulates {
 558 30    3:               SEQUENCE {
 560 01    1:                 BOOLEAN TRUE
            :                 }
            :               }
            :           }
 563 30   14:         SEQUENCE {
 565 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 570 01    1:           BOOLEAN TRUE
 573 04    4:           OCTET STRING, encapsulates {
 575 03    2:               BIT STRING 1 unused bits
            :                 '1100001'B
            :               }
            :           }
 579 30   29:         SEQUENCE {
 581 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
            :             (X.509 id-ce (2 5 29))
 586 04   22:           OCTET STRING
            :             04 14 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20
            :             BC 43 2B 93 F1 1F
            :           }
            :         }
            :       }
            :     }
 610 30    9:   SEQUENCE {
 612 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :       (ANSI X9.57 algorithm)
            :     }
 621 03   48:   BIT STRING 0 unused bits, encapsulates {
 624 30   45:       SEQUENCE {
 626 02   20:         INTEGER
            :           6B A9 F0 4E 7A 5A 79 E3 F9 BE 3D 2B C9 06 37 E9
            :           11 17 A1 13
 648 02   21:         INTEGER
            :           00 8F 34 69 2A 8B B1 3C 03 79 94 32 4D 12 1F CE
            :           89 FB 46 B2 3B
            :         }
            :       }
            :   }

DianeDHEncryptByCarl

CarlRSASelf =
   0 30  869:  491: SEQUENCE {
   4 30  805:  340:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02    2:   16:     INTEGER 211
  17
            :       46 34 6B C7 80 00 56 BC 11 D3 6E 2E 9F F2 50 20
  31 30    9:   13:     SEQUENCE {
  19
  33 06    7:    9:       OBJECT IDENTIFIER dsaWithSha1
            :         sha1withRSAEncryption (1 2 840 10040 4 3) 113549 1 1 5)
            :         (ANSI X9.57 algorithm)         (PKCS #1)
  44 05    0:       NULL
            :       }
  28
  46 30   18:     SEQUENCE {
  30
  48 31   16:       SET {
  32
  50 30   14:         SEQUENCE {
  34
  52 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  39
  57 13    7:           PrintableString 'CarlDSS' 'CarlRSA'
            :           }
            :         }
            :       }
  48
  66 30   30:     SEQUENCE {
  50
  68 17   13:       UTCTime '990817021657Z'
  65 '990818070000Z'
  83 17   13:       UTCTime '391231235959Z'
            :       }
  80
  98 30   18:     SEQUENCE {
  82
 100 31   16:       SET {
  84
 102 30   14:         SEQUENCE {
  86
 104 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  91
 109 13    7:           PrintableString 'DianeDH' 'CarlRSA'
            :           }
            :         }
            :       }
 100
 118 30  577:  159:     SEQUENCE {
 104
 121 30  438:   13:       SEQUENCE {
 108
 123 06    7:    9:         OBJECT IDENTIFIER dhPublicNumber rsaEncryption (1 2 840 10046 2 113549 1 1 1)
            :           (ANSI X9.42 number-type)
 117           (PKCS #1)
 134 05    0:         NULL
            :         }
 136 03  141:       BIT STRING 0 unused bits, encapsulates {
 140 30  425:  137:           SEQUENCE {
 121
 143 02  129:             INTEGER
            :               00 CA 6E 91 C2 B0 BD A8 58 F2 31 21 74 BB 1F E4
            :             10 BD D0 93 A2 7E 61 E1 3D BA 23 04 16 D0 66 39
            :             BD 3B CD 05 74 48 F1 03 70 95 F4 05 63 6D 2E BF
            :             9A B7 4B FF 97 18 B8 24 57 F4 77 FF 39 BB 63 DB 4D A4 6E 73 7B 93 71
            :               5C BC 33 1A 92 92 72 23 D8 94 9A B4 41 46 D0 CD 11 3A 04
            :             F2 8A 3D 9F B7 5D 8D CA E2               B3 8E AF B5 0F CF 05 65 82
            :             68 6E 43 D2 F4 04 5F 03 8B F9 50 F5 C8 6C 05 26
            :             BC BF 36 0F 5C C3 9D BD 51 6A 67 E8 75 32 66 78 91 63 1E 17 7A F2 76 2C 2B 86 39
            :               A7 BD D7 8D 1A 53 EC E4 00 D5 E8 FE 34 E7 19 B6 70 6C 78 38 36 82 D2 34 EC A2 36 C2 B1 ED
            :             DF
 253 02  128:           INTEGER               E2 50 E2 32 09 8A 3F 9F 99 25 8F B8 4E AB B9 7D
            :             6E D6 76 36 4B E4 59 07 57 5F 18 9A 10 D2 31 5C
            :             A6 10 B0 26 96 42 4D 7C A3 A1 D3 9E A5 80 B2 1F
            :             37 11 49 7C 8A 99 D8 56 3F 93 51 ED 6E 54 FB 6E
            :             DB B2 FC 34 C0 E7 CA 1E 58 2B               D5 3D 3B DC 96 65 DA 16 A0 C5 BE 0E AE 71
            :             21 D9 3B 56 B8 A7 F6 4D 22 52 5F 41 BA D5 1E 82
            :             69 6C DD 70 71 CC 6C 3B 44 5B EF 84 A9 71 8B A9 3B 2A 5E F4 A7
            :             09 F8 BD FD               29 CB 51 BC 2E 2E CA 3E 30 8C FA 54 9E
            :             7D 0D 03 E2 DF 63 62 6D F3 50 82 27 DC D1 99 F7
 384 02   33:           INTEGER
            :             00 AA 05 65 FB DD 4E A8 02 F1 34 39 E7 A3 FC 7D AC 44 E9 AA 93 94 29 0E F8 18 D6 C8
            :             46 10 B8 5D F0 2E F2 C5 D1               57 5E A2 74 4C DA 0F 4E F2 76 C4 F2 11 60 38 B9 1B 3C 1D 97 C9 6A
            :             1F
 419               F1
 275 02   97:    3:             INTEGER 65537
            :             01 30 CD 03 82 CD 3F 32 3A 5F 16 5E F2 13 5F 52             }
            :             1B DF FF AA 3B 06 3C 7F 81 26 1C B7 0C A0 14 09           }
            :             1B 5D 26 FD 71 33 8C F2 AC 41 7E 0D AC 35 95 90       }
 280 A3   66:     [3] {
 282 30   64:       SEQUENCE {
 284 30   15:         SEQUENCE {
 286 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :             7E A5 AD AB 55 50 80 F0 D2 B9 2A 11 4D 76 45 76             (X.509 id-ce (2 5 29))
 291 01    1:           BOOLEAN TRUE
 294 04    5:           OCTET STRING, encapsulates {
 296 30    3:               SEQUENCE {
 298 01    1:                 BOOLEAN TRUE
            :             3F 0C 38 AE 72 59 C6 EC BD EF E7 6E 60 23 93 B9                 }
            :             27 02 44 7E 4A D3 DA 39 3A 9A 63 43 3C 1B 23 C5               }
            :             62
 518           }
 301 30   26:   14:         SEQUENCE {
 520
 303 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 308 01    1:           BOOLEAN TRUE
 311 04    4:           OCTET STRING, encapsulates {
 313 03   21:    2:               BIT STRING 0 1 unused bits
            :               D0 FD D6                 '1100001'B
            :               }
            :           }
 317 30   29:         SEQUENCE {
 319 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
            :             (X.509 id-ce (2 5 29))
 324 04   22:           OCTET STRING
            :             04 14 E9 E0 46 97 D1 A7 7F BB FF 90 27 AC 78 20 7A 9A 43 F0 62 64 D3 4C F2 42 37
            :               B3 7C 97 AB
 543 02    1:             INTEGER 122             4E 22 AE 9E 38 BB
            :           }
            :         }
            :       }
 546
            :     }
 348 30   13:   SEQUENCE {
 350 06    9:     OBJECT IDENTIFIER
            :       sha1withRSAEncryption (1 2 840 113549 1 1 5)
            :       (PKCS #1)
 361 05    0:     NULL
            :     }
 363 03  132:  129:   BIT STRING 0 unused bits, encapsulates {
 550 02  128:           INTEGER bits
            :             60 5E 6E EF 61 55 77 3F 9D 6A 11 10 F4     B7 9E D4 04 D3 C9 B8
            :             72 A0 1F 89 DF E4 BC 21 FD ED 29 E4 9F 50 D6 8F 8E F9 FF 89 89 15 2E 4C DB 0C
            :             67 97 14 E0 34 19 8F 3D 58 52 1E DC     F0 48 0F 32 61 EE C4 04 EC 12 5D 05 4E 4F 2D FF 0F 64 59
            :             C6 88 85 78 AC 01     7E 0A C3 ED 18 FD E3 56 40 37 A7 07 B5 F0 38 12
            :     61 50 ED EF DD 3F E3 0B B8 61 A5 A4 9B 3C E6 9E
            :     9C 54 9A B6 95 D6 DA 6C 3B B5 2D 45 35 CE 86 6D 90 4B 58 48 2E 9D 49 01
            :             0F B2 E3 2A 4E 47 C3 B1 4D 2A 7A C9 B7 E5 C6 68     76 FA B9 B9 31 F9 F9 6B 12 53 A0 F5 14 60 9B 7D
            :             8A 73 AE     CA 3E F2 53 21 B3 CF 09 C4 62 A3 E8 6B B0 BB DC DE
            :             0D 2E 66 48 37 A8 DB A2 4B FB 6F AD E6 74 D7 DB FA A6 92 4B 41
            :             0A C6 54 0B 8B 1A 9D 2F FF 60 0B 0B 08 D9 42 3F 5A EA
            :           }     14 41 63 5D CD BE C8 0E C1 DA 6A 8D 53 34 18 02
            :   }
 681 A3  129:     [3] {
 684

DianeDHEncryptByCarl =
   0 30  127:  869: SEQUENCE {
 686
   4 30   31:  805:   SEQUENCE {
 688 06
   8 A0    3:           OBJECT IDENTIFIER subjectAltName (2 5 29 17)
            :             (X.509 id-ce (2 5 29))
 693 04   24:           OCTET STRING, encapsulates {
 695 30   22:               SEQUENCE     [0] {
 697 81   20:                 [1] 'dianeDh@examples.com'
            :                 }
            :               }
  10 02    1:       INTEGER 2
            :       }
 719
  13 02    2:     INTEGER 211
  17 30   12:    9:     SEQUENCE {
 721
  19 06    3:    7:       OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :             (X.509 id-ce (2 5 29))
 726 01    1:           BOOLEAN TRUE
 729 04    2:           OCTET STRING, encapsulates {
 731 30    0:               SEQUENCE {} dsaWithSha1 (1 2 840 10040 4 3)
            :               }         (ANSI X9.57 algorithm)
            :       }
 733
  28 30   18:     SEQUENCE {
  30 31   16:       SET {
  32 30   14:         SEQUENCE {
 735
  34 06    3:           OBJECT IDENTIFIER keyUsage commonName (2 5 29 15) 4 3)
            :             (X.509 id-ce             (X.520 id-at (2 5 29))
 740 01    1:           BOOLEAN TRUE
 743 04    4:           OCTET STRING, encapsulates {
 745 03    2:               BIT STRING 3 unused bits 4))
  39 13    7:           PrintableString 'CarlDSS'
            :                 '10000'B           }
            :         }
            :       }
 749
  48 30   31:   30:     SEQUENCE {
 751
  50 17   13:       UTCTime '990817021657Z'
  65 17   13:       UTCTime '391231235959Z'
            :       }
  80 30   18:     SEQUENCE {
  82 31   16:       SET {
  84 30   14:         SEQUENCE {
  86 06    3:           OBJECT IDENTIFIER authorityKeyIdentifier commonName (2 5 29 35) 4 3)
            :             (X.509 id-ce             (X.520 id-at (2 5 29))
 756 04   24:           OCTET STRING, encapsulates {
 758 30   22:               SEQUENCE {
 760 80   20:                 [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43
            :                   2B 93 F1 1F 4))
  91 13    7:           PrintableString 'DianeDH'
            :           }
            :         }
            :       }
 782
 100 30   29:  577:     SEQUENCE {
 784
 104 30  438:       SEQUENCE {
 108 06    3:    7:         OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
            :             (X.509 id-ce (2 5 29))
 789 04   22:           OCTET STRING
            :             04 14 47 F3 4F CD 75 7D A8 52 21 A8 61 36 57 B5
            :             F8 9A EE DB 30 46
            :           }
            :         }
            :       }
            :     }
 813 30    9:   SEQUENCE {
 815 06    7:     OBJECT IDENTIFIER dsaWithSha1 dhPublicNumber (1 2 840 10040 4 3) 10046 2 1)
            :           (ANSI X9.57 algorithm)
            :     }
 824 03   47:   BIT STRING 0 unused bits, encapsulates {
 827 X9.42 number-type)
 117 30   44:  425:         SEQUENCE {
 829
 121 02   20:  129:           INTEGER
            :           7D 64 1E             00 CA 6E 91 C2 B0 BD A8 58 F2 31 21 74 BB 1F 4B F3 EC 6F 34 2C B2 E4 64 70 8F 3E
            :           6A C0 72             10 BD D0 93 A2
 851 02   20:         INTEGER 7E 61 E1 3D BA 23 04 16 D0 66 39
            :           4B EA C1 0C F1             BD 3B CD F7 7A 9D 76 05 74 48 F1 03 70 95 F4 05 63 6D 2E BF
            :             9A B7 FF 97 FF 39 BB 63 DB 4D A4 71 D8 94 9A B4
            :             F2 8A 3D 9F B7 5D 8D CA 27 E2 AF B5 0F CF 05 65 82
            :             68 6E D0 BE F2 43 D2 F4 04 5F 03 8B F9 50 F5 C8 6C 05 26
            :           D8 9B             BC BF 36 0F 5C C3 51 6A 6D 67 E8 75 32 66 78 91 63
            :         }             E8 FE 34 E7 19 B6 70 6C 78 38 36 82 D2 34 36 C2
            :       }             DF
 253 02  128:           INTEGER
            :   }

DianeDSSSignByCarlInherit =
   0 30  442: SEQUENCE {
   4 30  377:   SEQUENCE {
   8 A0    3:     [0] {             6E D6 76 36 4B E4 59 07 57 5F 18 9A 10 02    1:       INTEGER 2 D2 31 5C
            :       }
  13 02    2:     INTEGER 210
  17 30    9:     SEQUENCE {
  19 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)             A6 10 B0 26 96 42 4D 7C A3 A1 D3 9E A5 80 B2 1F
            :         (ANSI X9.57 algorithm)             37 11 49 7C 8A 99 D8 56 3F 93 51 ED 6E 54 FB 6E
            :       }
  28 30   18:     SEQUENCE {
  30 31   16:       SET {
  32 30   14:         SEQUENCE {             DB B2 FC 34 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  39 13    7:           PrintableString 'CarlDSS' C0 E7 CA 1E 58 2B D5 3D 3B DC AE 71
            :           }             21 D9 3B 56 B8 A7 F6 4D 22 52 5F 41 BA D5 1E 82
            :         }             69 6C DD 70 71 CC 6C 3B EF 84 A9 71 8B A9 3B 2A
            :       }
  48             09 F8 BD FD CB 51 BC 2E 2E CA 3E 30   30:     SEQUENCE {
  50 17   13:       UTCTime '990817020810Z'
  65 17   13:       UTCTime '391231235959Z' 8C FA 54 9E
            :       }
  80 30   19:     SEQUENCE {             7D 0D 03 E2 DF 63 62 6D F3 50 82 31   17:       SET {
  84 30   15:         SEQUENCE {
  86 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3) 27 DC D1 99 F7
 384 02   33:           INTEGER
            :             (X.520 id-at (2 5 4))
  91 13    8:           PrintableString 'DianeDSS'             00 AA 05 65 FB DD 4E A8 02 F1 34 39 E7 A3 FC 7D
            :           }             46 10 B8 5D F0 2E F2 C5 D1 5E A2 74 4C DA 0F 4E
            :         }             1F
 419 02   97:           INTEGER
            :       }
 101             01 30  147:     SEQUENCE {
 104 CD 03 82 CD 3F 32 3A 5F 16 5E F2 13 5F 52
            :             1B DF FF AA 3B 06 3C 7F 81 26 1C B7 0C A0 14 09
            :             1B 5D 26 FD 71 33 8C F2 AC 41 7E 0D AC 35 95 90
            :             7E A5 AD AB 55 50 80 F0 D2 B9 2A 11 4D 76 45 76
            :             3F 0C 38 AE 72 59 C6 EC BD EF E7 6E 60 23 93 B9
            :             27 02 44 7E 4A D3 DA 39 3A 9A 63 43 3C 1B 23 C5
            :             62
 518 30    9:   26:           SEQUENCE {
 106 06    7:         OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
 520 03   21:             BIT STRING 0 unused bits
            :           (ANSI X9.57 algorithm)               D0 FD D6 E0 46 97 D1 A7 7F BB FF 9A 43 F0 62 64
            :               B3 7C 97 AB
 543 02    1:             INTEGER 122
            :             }
 115
            :           }
            :         }
 546 03  133:  132:       BIT STRING 0 unused bits, encapsulates {
 119
 550 02  129:  128:           INTEGER
            :             00 A0 00 17 78 2C EE 7E 81 53 2E 2E             60 5E 6E EF 61 08 0F A1 55 77 3F 9D 6A 11 10 F4 D3 C9 B8
            :             9B 51 52 1A DA 59 A8 73 2F 12 25 B6 08 CB CA EF             72 A0 1F 89 DF E4 BC 21 FD E4 9F 50 D6 8F 8E F9
            :             2A 44 76 8A             67 97 14 E0 34 19 8F 3D 58 52 09 EA BD 1E DC 5D 05 22 D5 0F F6 FD 46 D7
            :             AF 99 38 09 0E 13 CB 4E 4F 2C DD 1C 34 F7 1C BF 25
            :             FF 23 D3 3B 59 E7 82 97 37 BE 31 24 D8 18 C8 F3             C6 88 85 78 AC 01 6C 35 CE 86 6D 90 4B 58 48 2E
            :             49 39 5B             0F B2 E3 2A 4E 47 C3 B1 4D 2A 7A C9 B7 E2 E5 27 7E FC 8C 45 72 5B 7E 3E 8F
            : C6 68 4D DD 46 7A 22 BE 8E FF CC DA 39 29
            :             8A 73 AE 53 21 B3 CF 09 C4 62 A3 39 E5 E8 B0 BB DC DE
            :             9F 43 E9 55 C9 D7 5B A6 81 67 CC C0 AA CD             0D 2E C5 66 48 37 A8 DB A2 4B FB DB FA A6 92 4B 41
            :             23             0A C6 54 0B 8B 1A 9D 2F FF 60 0B 0B 08 D9 42 3F
            :           }
            :       }
 251
 681 A3  131:  129:     [3] {
 254
 684 30  128:  127:       SEQUENCE {
 257
 686 30   32:   31:         SEQUENCE {
 259
 688 06    3:           OBJECT IDENTIFIER subjectAltName (2 5 29 17)
            :             (X.509 id-ce (2 5 29))
 264
 693 04   25:   24:           OCTET STRING, encapsulates {
 266
 695 30   23:   22:               SEQUENCE {
 268
 697 81   21:   20:                 [1] 'dianeDss@examples.com' 'dianeDh@examples.com'
            :                 }
            :               }
            :           }
 291
 719 30   12:         SEQUENCE {
 293
 721 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :             (X.509 id-ce (2 5 29))
 298
 726 01    1:           BOOLEAN TRUE
 301
 729 04    2:           OCTET STRING, encapsulates {
 303
 731 30    0:               SEQUENCE {}
            :               }
            :           }
 305
 733 30   14:         SEQUENCE {
 307
 735 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 312
 740 01    1:           BOOLEAN TRUE
 315
 743 04    4:           OCTET STRING, encapsulates {
 317
 745 03    2:               BIT STRING 6 3 unused bits
            :                 '11'B                 '10000'B
            :               }
            :           }
 321
 749 30   31:         SEQUENCE {
 323
 751 06    3:           OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
            :             (X.509 id-ce (2 5 29))
 328
 756 04   24:           OCTET STRING, encapsulates {
 330
 758 30   22:               SEQUENCE {
 332
 760 80   20:                 [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43
            :                   2B 93 F1 1F
            :                 }
            :               }
            :           }
 354
 782 30   29:         SEQUENCE {
 356
 784 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
            :             (X.509 id-ce (2 5 29))
 361
 789 04   22:           OCTET STRING
            :             04 14 64 30 99 47 F3 4F CD 75 7D 5C DC 45 0B 99 3A A8 52 2F 16 BF 21 A8 61 36 57 B5
            :             58 50 DD CE 2B 18             F8 9A EE DB 30 46
            :           }
            :         }
            :       }
            :     }
 385
 813 30    9:   SEQUENCE {
 387
 815 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :       (ANSI X9.57 algorithm)
            :     }
 396
 824 03   48:   47:   BIT STRING 0 unused bits, encapsulates {
 399
 827 30   45:   44:       SEQUENCE {
 401
 829 02   20:         INTEGER
            :           7E 0C 0C 81 17 B4 9A 54           7D 64 1E 1F 4B F3 EC 6F 34 2C B2 C3 30 EB 8A C4 3C C2 E4 64 70 8F 3E
            :           52 36 9E 95
 423           6A C0 72 A2
 851 02   21:   20:         INTEGER
            :           00 C6 9F 17 C2 71           4B AC 2E 39 8D 3D 10 1F 9A B3 EA C1 0C F1 CD F7 7A 9D 76 CA 27 6E D0 BE F2
            :           4D B6 F9 11 A3           D8 9B 6A 6D
            :         }
            :       }
            :   }

DianeRSASignEncryptByCarl

DianeDSSSignByCarlInherit =
   0 30  514:  442: SEQUENCE {
   4 30  367:  377:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02   16:    2:     INTEGER
            :       46 34 6B C7 80 00 56 BC 11 D3 6E 2E D5 9A 30 90
  31 210
  17 30    9:     SEQUENCE {
  33
  19 06    5:    7:       OBJECT IDENTIFIER sha-1WithRSAEncryption dsaWithSha1 (1 3 14 3 2 29) 840 10040 4 3)
            :         (Oddball OIW OID)
  40 05    0:       NULL         (ANSI X9.57 algorithm)
            :       }
  42
  28 30   18:     SEQUENCE {
  44
  30 31   16:       SET {
  46
  32 30   14:         SEQUENCE {
  48
  34 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  53
  39 13    7:           PrintableString 'CarlRSA' 'CarlDSS'
            :           }
            :         }
            :       }
  62
  48 30   30:     SEQUENCE {
  64
  50 17   13:       UTCTime '990919010916Z'
  79 '990817020810Z'
  65 17   13:       UTCTime '391231235959Z'
            :       }
  94
  80 30   19:     SEQUENCE {
  96
  82 31   17:       SET {
  98
  84 30   15:         SEQUENCE {
 100
  86 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
 105
  91 13    8:           PrintableString 'DianeRSA' 'DianeDSS'
            :           }
            :         }
            :       }
 115
 101 30  159:  147:     SEQUENCE {
 118
 104 30   13:    9:       SEQUENCE {
 120
 106 06    9:    7:         OBJECT IDENTIFIER rsaEncryption dsa (1 2 840 113549 1 1 10040 4 1)
            :           (PKCS #1)
 131 05    0:         NULL           (ANSI X9.57 algorithm)
            :         }
 133
 115 03  141:  133:       BIT STRING 0 unused bits, encapsulates {
 137 30  137:           SEQUENCE {
 140
 119 02  129:           INTEGER
            :             00 D6 FD B8 C0 70 C6 4C 25 EC EA CF EA 7C BB A2
            :               62 FA F0 E6 32 3A 53 FF B1 92 5A A0 00 17 F4 20 E1 99 78 2C EE 7E 81 53 2E 2E 61 08 0F A1
            :               24 82 0A D0 F6 7C FB 44             9B 51 52 1A DA 59 A8 73 2F 12 25 B6 08 CB CA 8B 27 06 F1 7E 26 03 EF
            :               A9             2A 44 76 9D CF EC A0 2C 70 96 F2 83 42 8A 52 09 EA BD 05 22 D5 0F F6 D4 B7 28 FD 46 D7
            :               0A BB F8             AF 99 38 09 0E 13 CB 4F 2C DD 1C 34 F7 1C BF 4A 4C 19 3F 07 DB A0 C1 60 1E B7 7E 25
            :               67 F7 DE B1 C3 60 49 AC 45 D7 F8 C6 EF 08             FF 23 D3 3B 59 E7 82 97 37 21 BE 31 24 D8 18 C8 F3
            :               93 47 EE F0 73 35             49 39 5B B7 E2 E5 27 7E FC 8C 45 72 B0 02 C4 F3 11 C3 5E 47 5B 7E 3E 8F
            :             68 4D DD 46 7A 22 BE 8E FF CC DA 39 29 A3 39 E5
            :               0A B7 83 F1 DB 74 69 64 8B 44 1D 95 5D CD 28             9F 43 E9 55 C9 D7 5B A6 81 67 CC C0 AA CD 2E C5
            :               85
 272 02    3:             INTEGER 65537
            :             }             23
            :           }
            :       }
 277
 251 A3   96:  131:     [3] {
 279
 254 30   94:  128:       SEQUENCE {
 281
 257 30   32:         SEQUENCE {
 259 06    3:           OBJECT IDENTIFIER subjectAltName (2 5 29 17)
            :             (X.509 id-ce (2 5 29))
 264 04   25:           OCTET STRING, encapsulates {
 266 30   23:               SEQUENCE {
 268 81   21:                 [1] 'dianeDss@examples.com'
            :                 }
            :               }
            :           }
 291 30   12:         SEQUENCE {
 283
 293 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :             (X.509 id-ce (2 5 29))
 288
 298 01    1:           BOOLEAN TRUE
 291
 301 04    2:           OCTET STRING, encapsulates {
 293
 303 30    0:               SEQUENCE {}
            :               }
            :           }
 295
 305 30   14:         SEQUENCE {
 297
 307 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 302
 312 01    1:           BOOLEAN TRUE
 305
 315 04    4:           OCTET STRING, encapsulates {
 307
 317 03    2:               BIT STRING 5 6 unused bits
            :                 '111'B                 '11'B
            :               }
            :           }
 311
 321 30   31:         SEQUENCE {
 313
 323 06    3:           OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
            :             (X.509 id-ce (2 5 29))
 318
 328 04   24:           OCTET STRING, encapsulates {
 320
 330 30   22:               SEQUENCE {
 322
 332 80   20:                 [0]
            :                   E9 E0 90 27 AC 78 20 7A 9A                   70 44 3E 82 2E 6F 87 DE 4A D3 4C F2 42 37 4E 22 75 E3 3D 20 BC 43
            :                   AE 9E 38 BB                   2B 93 F1 1F
            :                 }
            :               }
            :           }
 344
 354 30   29:         SEQUENCE {
 346
 356 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
            :             (X.509 id-ce (2 5 29))
 351
 361 04   22:           OCTET STRING
            :             04 14 8C F3 CB 75 0E 8D 31 F6 D4 29 DA 44 92 75 64 30 99 7D 5C DC 45 0B 99 3A 52 2F 16 BF
            :             B8 FE ED 4F 39 0C             58 50 DD CE 2B 18
            :           }
            :         }
            :       }
            :     }
 375
 385 30    9:   SEQUENCE {
 377
 387 06    5:    7:     OBJECT IDENTIFIER sha-1WithRSAEncryption dsaWithSha1 (1 3 14 3 2 29) 840 10040 4 3)
            :       (Oddball OIW OID)
 384 05    0:     NULL       (ANSI X9.57 algorithm)
            :     }
 386
 396 03  129:   48:   BIT STRING 0 unused bits
            :     CA 88 C7 37 A9 AE 26 CB 2B 79 82 22 4F 4A 0D 1C bits, encapsulates {
 399 30   45:       SEQUENCE {
 401 02   20:         INTEGER
            :     A7 20           7E 0C 0C 81 17 B4 9A 54 B2 E0 68 F5 42 DE 59 6B B3 FD 25 C0 39 B8
            : C3 30 EB C0 8B 69 A2 16 55 CE 06 7E 26 5F C6 5E 51 02
            :     3F 95 D5 A7 F7 F2 7D 23 6F 2B AC 7C CB 6F 90 0F
            :     44 5D 44 22 53 D5 42 38 18 8A C4 3C C2
            :           52 D7 B8 AB 82 6F 36 9E 95
 423 02   21:         INTEGER
            :           00 C6 9F 17 C2 71 4B AC 2E 39 8D 3D 10 1F 9A B3
            :           4D B6 BC A9 E7 13 44 36 76 16 23 00 12 6B 6F 7D F9 11 A3
            :     C6 C9 BE 79 2C B9 2D 69 D3 1D B1 1D BA 5A 20 85         }
            :     CA 5B 88 46 36 B5 E5 0E 15 85 B7 E2 5E 7B CA 1A       }
            :   }

EricaDHEncryptByCarl

DianeRSASignEncryptByCarl =
   0 30  745:  522: SEQUENCE {
   4 30  680:  371:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02    2:   16:     INTEGER 212
  17
            :       46 34 6B C7 80 00 56 BC 11 D3 6E 2E D5 9A 30    9: 90
  31 30   13:     SEQUENCE {
  19
  33 06    7:    9:       OBJECT IDENTIFIER dsaWithSha1
            :         sha1withRSAEncryption (1 2 840 10040 4 3) 113549 1 1 5)
            :         (ANSI X9.57 algorithm)         (PKCS #1)
  44 05    0:       NULL
            :       }
  28
  46 30   18:     SEQUENCE {
  30
  48 31   16:       SET {
  32
  50 30   14:         SEQUENCE {
  34
  52 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  39
  57 13    7:           PrintableString 'CarlDSS' 'CarlRSA'
            :           }
            :         }
            :       }
  48
  66 30   30:     SEQUENCE {
  50
  68 17   13:       UTCTime '990817021716Z'
  65 '990819070000Z'
  83 17   13:       UTCTime '391231235959Z'
            :       }
  80
  98 30   18:   19:     SEQUENCE {
  82
 100 31   16:   17:       SET {
  84
 102 30   14:   15:         SEQUENCE {
  86
 104 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  91
 109 13    7:    8:           PrintableString 'EricaDH' 'DianeRSA'
            :           }
            :         }
            :       }
 100
 119 30  452:  159:     SEQUENCE {
 104
 122 30  312:   13:       SEQUENCE {
 108
 124 06    7:    9:         OBJECT IDENTIFIER dhPublicNumber rsaEncryption (1 2 840 10046 2 113549 1 1 1)
            :           (ANSI X9.42 number-type)
 117           (PKCS #1)
 135 05    0:         NULL
            :         }
 137 03  141:       BIT STRING 0 unused bits, encapsulates {
 141 30  299:  137:           SEQUENCE {
 121
 144 02  129:             INTEGER
            :               00 D6 FD B8 C0 70 C6 4C 25 EC 2C CD A4 EF 9A 26 2F 62 A7 EA CF EA 7C BB 23 4D DF 2B A2
            :             25 C1 68 D2 9E A9 45 5B 36 F1 94 89 1A AF 7D 11               62 FA F0 E6 32 3A 53 FF B1 92 5A 17 F4 20 E1 99
            :               24 9D 3D B9 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB 82 0A D0 F6 7C FB 44 CA 8B 27 06 F1 7E 26 03
            :             AA CC 9E               A9 76 9D CF EC A0 2C 70 96 F2 83 42 F6 D4 B7 28 05 95
            :               0A BB F8 BF 4A 4C 19 3F 07 DB A0 B3 17 76 C1 F7 25 35 61 02 60 1E B7 7E
            :             41 92 27 0C 5E AE 48 E5 F3 6E 38               67 F7 DE B1 C3 60 49 AC 45 D7 F8 C6 EF 91 D1 CF 08 37 21
            :             FE 9A 40 97 C8 2D 35 9E 9D               93 C6 F8 15 AF 3F DA
            :             74 3A B7 47 EE F0 73 35 72 B0 02 C4 93 B5 B9 BB 76 6C 1F A8 7E BC 3A AA F3 11 C3 5E 47 E5
            :             43               0A 81 B7 83 F1 DB 74 69 64 FC 63 F0 7B 71 98 FA 8B 44 1D 95 5D CD 28 C0 38 79 10 1A
            :             33
 253               85
 276 02  129:    3:             INTEGER 65537
            :             00 BA 0B D7 74 3D E7 34 E5 4C 13 A7 95 96 BB F1             }
            :             E4 61 37 08 FB 12 C7 FB 9C 91 77 06 99 35 F0 48           }
            :             24 96 33 12 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
            :             5E 95 86 A2 73 C5 49 46 37 79 60 FD 77 05 09 48
            :             9B 70 8D 3C 05 F6 CE 44 2C 7F 7D 1B 2B 15 DD F3
            :             05 2F BE 85 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
            :             42 62 34 27 27 81 8E 6F 0F 5E 62 85 89 CC ED 21
            :             C3 91 70       }
 281 A3   96:     [3] {
 283 30   94:       SEQUENCE {
 285 30   12:         SEQUENCE {
 287 06 54 EE 70 A8 92 55 5B 6E 19 22 4D 62
            :             A7
 385 02   33:           INTEGER    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :             00 C3 AB 4A             (X.509 id-ce (2 5 29))
 292 01    1:           BOOLEAN TRUE
 295 04    2:           OCTET STRING, encapsulates {
 297 30 79 B3 D3 97 4E CA F5 A2 7D C7 70
            :             A3 45 F3 B3 A2 86 05 D2 3E 49 F9 9F D9 0A B3 BE
            :             BD    0:               SEQUENCE {}
            :               }
            :           }
 420
 299 30   14:         SEQUENCE {
 301 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 306 01    1:           BOOLEAN TRUE
 309 04    4:           OCTET STRING, encapsulates {
 311 03  133:    2:               BIT STRING 0 5 unused bits, encapsulates {
 424 02  129:           INTEGER bits
            :             00 D1 2B E4 1D 3E BA 18 CF 75 20 C6 C7 5E C3 C4
            :             6C EA F3 23 D9 09 1F 46 98 F4 CE 59 B9 B6 CE E8
            :             3A C6 18 F8 59 77 1B 99 B0 DA DC C0 9D 09 E4 AF
            :             F9 61 91 2C 47 CC 47 5E DF 2B 33 76 F3 67 EC 77
            :             E8 2C 37 30 A1 89 5D F3 C8 F6 5C 16 4A E4 B7 8C
            :             F5 7B D5 38 FD 14 AC E8 7A C2 7D EE 07 90 27 0A
            :             7C 87 A8 A2 E2 70 35 EA 6E DE 9E 50 31 6B E9 09
            :             DA 25 1A 01 8E E3 FF 26 1C 75 F5 C3 CE 5A F5 9E
            :             85                 '111'B
            :               }
            :           }
 556 A3  129:     [3] {
 559 30  127:       SEQUENCE {
 561
 315 30   31:         SEQUENCE {
 563
 317 06    3:           OBJECT IDENTIFIER subjectAltName authorityKeyIdentifier (2 5 29 17) 35)
            :             (X.509 id-ce (2 5 29))
 568
 322 04   24:           OCTET STRING, encapsulates {
 570
 324 30   22:               SEQUENCE {
 572 81
 326 80   20:                 [1] 'ericaDh@examples.com'                 [0]
            :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 4E 22
            :                   AE 9E 38 BB
            :                 }
            :               }
            :           }
 594
 348 30   12:   29:         SEQUENCE {
 596
 350 06    3:           OBJECT IDENTIFIER basicConstraints subjectKeyIdentifier (2 5 29 19) 14)
            :             (X.509 id-ce (2 5 29))
 601 01    1:           BOOLEAN TRUE
 604
 355 04    2:   22:           OCTET STRING, encapsulates {
 606 30    0:               SEQUENCE {} STRING
            :             04 14 8C F3 CB 75 0E 8D 31 F6 D4 29 DA 44 92 75
            :             B8 FE ED 4F 39 0C
            :           }
            :         }
 608
            :       }
            :     }
 379 30   14:   13:   SEQUENCE {
 610
 381 06    3:    9:     OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 615 01    1:           BOOLEAN TRUE
 618 04    4:           OCTET STRING, encapsulates {
 620 03    2:               BIT STRING 3 unused bits
            :                 '10000'B
            :               }       sha1withRSAEncryption (1 2 840 113549 1 1 5)
            :       (PKCS #1)
 392 05    0:     NULL
            :     }
 624 30   31:         SEQUENCE {
 626 06    3:           OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
 394 03  129:   BIT STRING 0 unused bits
            :             (X.509 id-ce (2 5 29))
 631     1D B3 51 B1 99 96 F0 44 A8 EB 14 EA FC C2 DF B8
            :     33 4B 02 3C 41 DF E3 53 7F EA 34 7F FC D5 11 0D
            :     00 04   24:           OCTET STRING, encapsulates {
 633 88 B8 ED BC 23 45 03 6E F1 53 B2 C0 3B 19
            :     62 DC DC E1 8A FE A7 FC A5 D7 97 DB 25 7C F3 30   22:               SEQUENCE {
 635
            :     C5 63 A7 38 4A AB 25 21 24 80   20:                 [0] C7 D8 78 82 8C 53
            :                   70 44     EA 3E 82 2E 6F 87 DE 4A 2F 63 10 66 D3 75 E3 3D 20 BC 43 27 55 9A DC EF 35 5E F6 23
            :                   2B 93 F1 1F     71 E6 FF 78 7B A9 4F 7B 7F 2E B9 C4 42 73 57 4F
            :                 }     AA F8 04 B4 0D C7 53 88 C4 F0 92 28 33 44 50 A1
            :   }

EricaDHEncryptByCarl =
   0 30  745: SEQUENCE {
   4 30  680:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
 657
  13 02    2:     INTEGER 212
  17 30   29:    9:     SEQUENCE {
 659
  19 06    3:    7:       OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
            :             (X.509 id-ce (2 5 29))
 664 04   22:           OCTET STRING
            :             04 14 8D 53 1D 61 55 7F 60 35 6D A6 36 A2 C5 93
            :             F8 9A FD C0 75 74
            :           }
            :         }
            :       }
            :     }
 688 30    9:   SEQUENCE {
 690 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) dsaWithSha1 (1 2 840 10040 4 3)
            :         (ANSI X9.57 algorithm)
            :       }
 699 03   48:   BIT STRING 0 unused bits, encapsulates {
 702 30   45:       SEQUENCE {
 704 02   20:         INTEGER
            :           3E 51 42 08 E3 52 2E AA BB 8F BD 18 38 71 CB 98
            :           83 BE 47 9E
 726 02   21:         INTEGER
            :           00 B4 B3 15 85 99 11 06 40 1F 40 59 8D D4 1B 2D
            :           CD 81 F1 E8 68
            :         }
            :       }
            :   }

3.4 CRLs

CarlCRL is a CRL from Carl that contains three revocations.

CarlDSSCRLForAll =
   0
  28 30  216:   18:     SEQUENCE {
   3
  30  153:   SEQUENCE 31   16:       SET {
   6
  32 30    9:   14:         SEQUENCE {
   8
  34 06    7:    3:           OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 commonName (2 5 4 3)
            :         (ANSI X9.57 algorithm)             (X.520 id-at (2 5 4))
  39 13    7:           PrintableString 'CarlDSS'
            :           }
            :         }
            :       }
  48 30   30:     SEQUENCE {
  50 17   13:       UTCTime '990817021716Z'
  65 17   13:       UTCTime '391231235959Z'
            :       }
  80 30   18:     SEQUENCE {
  19
  82 31   16:       SET {
  21
  84 30   14:         SEQUENCE {
  23
  86 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  28
  91 13    7:           PrintableString 'CarlDSS' 'EricaDH'
            :           }
            :         }
            :       }
  37 17   13:     UTCTime '990827070000Z'
  52
 100 30  105:  452:     SEQUENCE {
  54
 104 30   19:  312:       SEQUENCE {
  56 02    2:         INTEGER 200
  60 17   13:         UTCTime '990822070000Z'
 108 06    7:         OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
            :         }
  75           (ANSI X9.42 number-type)
 117 30   19:  299:         SEQUENCE {
  77
 121 02    2:  129:           INTEGER 201
  81 17   13:         UTCTime '990822070000Z'
            :         }
  96 30   19:       SEQUENCE {
  98 02    2:         INTEGER 211
 102 17   13:         UTCTime '990822070000Z'             00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB 23 4D DF 2B
            :         }
 117 30   19:       SEQUENCE {
 119 02    2:         INTEGER 210
 123 17   13:         UTCTime '990822070000Z'             25 C1 68 D2 9E A9 45 5B 36 F1 94 89 1A AF 7D 11
            :         }
 138 30   19:       SEQUENCE {
 140             24 9D 3D B9 3C 29 E8 D7 23 80 33 A6 9E 45 02    2:         INTEGER 212
 144 BB
            :             AA CC 9E 28 05 95 A0 B3 17   13:         UTCTime '990824070000Z' 76 C1 F7 25 35 61 02
            :         }             41 92 27 0C 5E AE 48 E5 F3 6E 38 EF 91 D1 CF 37
            :       }             FE 9A 40 97 C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA
            :     }
 159 30    9:   SEQUENCE {
 161 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)             74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8 7E BC 3A AA
            :       (ANSI X9.57 algorithm)             43 0A 81 64 FC 63 F0 7B 71 98 FA C0 38 79 10 1A
            :     }
 170 03   47:   BIT STRING 0 unused bits, encapsulates {
 173 30   44:       SEQUENCE {
 175             33
 253 02   20:  129:           INTEGER
            :           7E 65 52 76 33 FE             00 BA 0B D7 74 3D E7 34 73 17 D1 F7 E5 4C 13 A7 95 96 F9 A0 D4 D8 BB F1
            :           6D 5C 7D 3D
 197 02   20:         INTEGER             E4 61 37 08 FB 12 C7 FB 9C 91 77 06 99 35 F0 48
            :           02 7A 5B B7 D5 5B 18 C1 CF 87 EF 7E DA             24 F3 2A 96 33 12 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
            :           83 9C 35 A1             5E 95 86 A2 73 C5 49 46 37 79 60 FD 77 05 09 48
            :         }             9B 70 8D 3C 05 F6 CE 44 2C 7F 7D 1B 2B 15 DD F3
            :       }             05 2F BE 85 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
            :   }

CarlDSSCRLForCarl =
   0 30  131: SEQUENCE {
   3 30   68:   SEQUENCE {
   5 30    9:     SEQUENCE {
   7             42 62 34 27 27 81 8E 6F 0F 5E 62 85 89 CC ED 21
            :             C3 91 70 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 54 EE 70 A8 92 55 5B 6E 19 22 4D 62
            :         (ANSI X9.57 algorithm)             A7
 385 02   33:           INTEGER
            :       }
  16 30   18:     SEQUENCE {
  18 31   16:       SET {
  20             00 C3 AB 4A 30   14:         SEQUENCE {
  22 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3) 79 B3 D3 97 4E CA F5 A2 7D C7 70
            :             (X.520 id-at (2 5 4))
  27 13    7:           PrintableString 'CarlDSS'             A3 45 F3 B3 A2 86 05 D2 3E 49 F9 9F D9 0A B3 BE
            :           }             BD
            :           }
            :         }
  36 17   13:     UTCTime '990825070000Z'
  51 30   20:     SEQUENCE {
  53 30   18:       SEQUENCE {
  55 02    1:         INTEGER 1
  58 17   13:         UTCTime '990822070000Z'
            :         }
            :       }
            :     }
  73 30    9:   SEQUENCE {
  75 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :       (ANSI X9.57 algorithm)
            :     }
  84
 420 03   48:  133:       BIT STRING 0 unused bits, encapsulates {
  87 30   45:       SEQUENCE {
  89
 424 02   21:  129:           INTEGER
            :             00 B3 D1 2B E4 1D 3E BA 18 CF 75 20 C6 C7 5E C3 C4
            :             6C EA F3 23 D9 09 1F C5 4F 7A 3D EC 76 D5 60 46 98 F4 CE 59 B9 B6 CE E8
            :             3A C6 18 F8 59 77 1B 99 B0 DA DC C0 9D 09 E4 AF
            :             F9 DE 79 22 61 91 2C 47 CC 47 5E DF 2B 33 76 F3 67 EC 77
            :           4F B0             E8 2C 37 30 A1 89 5D F3 C8 F6 5C 16 4A E4 B7 8C
            :             F5 7B D5 38 FD 14 AC E8 7A C2 7D EE 07 90 FE 97
 112 02   20:         INTEGER 27 0A
            :           5A 8B C3 84 BC 66             7C 87 1B BF 79 82 5B 0A 5D 07 F6 A8 A2 E2 70 35 EA 6E DE 9E 50 31 6B E9 09
            :           BA A9 05 29             DA 25 1A 01 8E E3 FF 26 1C 75 F5 C3 CE 5A F5 9E
            :         }             85
            :           }
            :       }

CarlDSSCRLEmpty =
   0 30  109: SEQUENCE
 556 A3  129:     [3] {
   2
 559 30   46:  127:       SEQUENCE {
   4
 561 30    9:   31:         SEQUENCE {
   6
 563 06    7:    3:           OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) subjectAltName (2 5 29 17)
            :         (ANSI X9.57 algorithm)             (X.509 id-ce (2 5 29))
 568 04   24:           OCTET STRING, encapsulates {
 570 30   22:               SEQUENCE {
 572 81   20:                 [1] 'ericaDh@examples.com'
            :                 }
  15
            :               }
            :           }
 594 30   18:   12:         SEQUENCE {
  17 31   16:       SET
 596 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :             (X.509 id-ce (2 5 29))
 601 01    1:           BOOLEAN TRUE
 604 04    2:           OCTET STRING, encapsulates {
  19
 606 30    0:               SEQUENCE {}
            :               }
            :           }
 608 30   14:         SEQUENCE {
  21
 610 06    3:           OBJECT IDENTIFIER commonName keyUsage (2 5 4 3) 29 15)
            :             (X.520 id-at             (X.509 id-ce (2 5 4))
  26 13    7:           PrintableString 'CarlDSS' 29))
 615 01    1:           BOOLEAN TRUE
 618 04    4:           OCTET STRING, encapsulates {
 620 03    2:               BIT STRING 3 unused bits
            :                 '10000'B
            :               }
            :           }
 624 30   31:         SEQUENCE {
 626 06    3:           OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
            :             (X.509 id-ce (2 5 29))
 631 04   24:           OCTET STRING, encapsulates {
 633 30   22:               SEQUENCE {
 635 80   20:                 [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43
            :                   2B 93 F1 1F
            :                 }
            :               }
            :           }
 657 30   29:         SEQUENCE {
 659 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
            :             (X.509 id-ce (2 5 29))
 664 04   22:           OCTET STRING
            :             04 14 8D 53 1D 61 55 7F 60 35 17   13:     UTCTime '990820070000Z' 6D A6 36 A2 C5 93
            :             F8 9A FD C0 75 74
            :           }
  50
            :         }
            :       }
            :     }
 688 30    9:   SEQUENCE {
  52
 690 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :       (ANSI X9.57 algorithm)
            :     }
  61
 699 03   48:   BIT STRING 0 unused bits, encapsulates {
  64
 702 30   45:       SEQUENCE {
  66
 704 02   20:         INTEGER
            :           62 3F 36 17 31 58 2E 67 50 79 F5 09 4B 8C AD D4           3E 51 42 08 E3 52 2E AA BB 8F BD 18 38 71 CB 98
            :           6B F4 64 9F
  88           83 BE 47 9E
 726 02   21:         INTEGER
            :           00 B5 3B 4E A1 4C 7B FD 0F C3 B4 B3 15 85 99 11 06 40 1F 40 59 8D 9B B6 FE C3 5D D4 1B 2D
            :           6F DE 65 28 7D           CD 81 F1 E8 68
            :         }
            :       }
            :   }

CarlRSACRLForAll

3.4 CRLs

CarlCRL is a CRL from Carl that contains three revocations.

CarlDSSCRLForAll =
   0 30  307:  216: SEQUENCE {
   4
   3 30  157:  153:   SEQUENCE {
   7
   6 30   13:    9:     SEQUENCE {
   9
   8 06    9:    7:       OBJECT IDENTIFIER
            :         md5withRSAEncryption dsaWithSha1 (1 2 840 113549 1 1 4) 10040 4 3)
            :         (PKCS #1)
  20 05    0:       NULL         (ANSI X9.57 algorithm)
            :       }
  22
  17 30   18:     SEQUENCE {
  24
  19 31   16:       SET {
  26
  21 30   14:         SEQUENCE {
  28
  23 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  33
  28 13    7:           PrintableString 'CarlRSA' 'CarlDSS'
            :           }
            :         }
            :       }
  42
  37 17   13:     UTCTime '990827070000Z'
  57
  52 30  105:     SEQUENCE {
  59
  54 30   33:   19:       SEQUENCE {
  61
  56 02   16:    2:         INTEGER
            :           46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
  79 200
  60 17   13:         UTCTime '990822070000Z'
            :         }
  94
  75 30   33:   19:       SEQUENCE {
  96
  77 02   16:    2:         INTEGER 201
  81 17   13:         UTCTime '990822070000Z'
            :           46 34 6B C7 80 00 56 BC 11 D3 6E 2E D5 9A         }
  96 30 90
 114   19:       SEQUENCE {
  98 02    2:         INTEGER 211
 102 17   13:         UTCTime '990822070000Z'
            :         }
 129
 117 30   33:   19:       SEQUENCE {
 131
 119 02   16:    2:         INTEGER 210
 123 17   13:         UTCTime '990822070000Z'
            :           46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
 149         }
 138 30   19:       SEQUENCE {
 140 02    2:         INTEGER 212
 144 17   13:         UTCTime '990824070000Z'
            :         }
            :       }
            :     }
 164
 159 30   13:    9:   SEQUENCE {
 166
 161 06    9:    7:     OBJECT IDENTIFIER md5withRSAEncryption dsaWithSha1 (1 2 840 113549 1 1 4) 10040 4 3)
            :       (PKCS #1)
 177 05    0:     NULL       (ANSI X9.57 algorithm)
            :     }
 179
 170 03  129:   47:   BIT STRING 0 unused bits bits, encapsulates {
 173 30   44:       SEQUENCE {
 175 02   20:         INTEGER
            :     BF B3 97 AA 53 F0 32 21 16 2B 77 92 7A 6B BB 97           7E 65 52 76 33 FE 34 73 17 D1 F7 96 F9 A0 D4 D8
            :     C8 DC EA F1 FA 66 16 30 0E B5 9E           6D 5C F0 81 D4 5E 7D 3D
 197 02   20:         INTEGER
            :     B3 6E           02 7A 5B B7 D5 5B 18 C1 88 6B 8C D4 5E C5 4D FB 47 5E 66 CF 87 EF 7E DA 24 F3 5D 2A
            :     AB E5 B4 18 36 60 A8 4D           83 9C 3C 89 EC 6F 27 BF 35
            :     50 71 81 C2 B9 44 5B 62 89 19 12 31 A9 7B 9A D3
            :     CC 66 CB 11 D9 0B 10 47 77 AD 4F 22 D9 E5 7F 30
            :     F2 5B FC 94 51 A5 58 76 3B 1F A8 46 A6 1F F6 A1
            :     DE 55 A1 ED 31 88 69 97 0F 08 D3 D4 0C 60 5B 1E         }
            :       }

CarlRSACRLForCarl
            :   }

CarlDSSCRLForCarl =
   0 30  236:  131: SEQUENCE {
   3 30   87:   68:   SEQUENCE {
   5 30   13:    9:     SEQUENCE {
   7 06    9:    7:       OBJECT IDENTIFIER
            :         md5withRSAEncryption dsaWithSha1 (1 2 840 113549 1 1 4) 10040 4 3)
            :         (PKCS #1)
  18 05    0:       NULL         (ANSI X9.57 algorithm)
            :       }
  20
  16 30   18:     SEQUENCE {
  22
  18 31   16:       SET {
  24
  20 30   14:         SEQUENCE {
  26
  22 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  31
  27 13    7:           PrintableString 'CarlRSA' 'CarlDSS'
            :           }
            :         }
            :       }
  40
  36 17   13:     UTCTime '990825070000Z'
  55
  51 30   35:   20:     SEQUENCE {
  57
  53 30   33:   18:       SEQUENCE {
  59
  55 02   16:    1:         INTEGER
            :           46 34 6B C7 80 00 56 BC 11 D3 6E 2E 9F F2 50 20
  77 1
  58 17   13:         UTCTime '990822070000Z'
            :         }
            :       }
            :     }
  92
  73 30   13:    9:   SEQUENCE {
  94
  75 06    9:    7:     OBJECT IDENTIFIER md5withRSAEncryption dsaWithSha1 (1 2 840 113549 1 1 4) 10040 4 3)
            :       (PKCS #1)
 105 05    0:     NULL       (ANSI X9.57 algorithm)
            :     }
 107
  84 03  129:   48:   BIT STRING 0 unused bits
            :     21 EF 21 D4 C1 1A 85 95 49 6B CA 45 62 DC D7 09 bits, encapsulates {
  87 30   45:       SEQUENCE {
  89 02   21:         INTEGER
            :     FF A9 51 2E 8E D9 47 18 FA F8 E5 72 DD           00 B3 1F C5 4F ED 74
            :     74 E3 F3 65 32 65 28 2C 9A 1D 57 E5 7A 3D EC 76 D5 26 06 EA 60 F9 DE 79 22 EC
            :     D5 E6 23 95           4F B0 90 FE 97
 112 02   20:         INTEGER
            :           5A 8B C3 84 8D 0E 89 9E EE 9B 0C 2F CE BC 66 87 1B BF 79 82 5B 0A 5D 07 F7
            :     A3 D1 6B 85 4C 0F FF E6 DD FC DC CD 73 2C 1E 7D
            :     DC B0 71 C5 4C FC 01 6E 52 57 69 1E 39 63 DF 12 F6
            :     22 30 C7 13 55 94 05 6E 2A 00           BA A9 5B C4 2A 66 94 05 29
            :     62 CE 36 33 C2 2B 63 47 25 9D F3 DE 70 EE 00 56         }
            :       }

CarlRSACRLEmpty
            :   }

CarlDSSCRLEmpty =
   0 30  199:  109: SEQUENCE {
   3
   2 30   50:   46:   SEQUENCE {
   5
   4 30   13:    9:     SEQUENCE {
   7
   6 06    9:    7:       OBJECT IDENTIFIER
            :         md5withRSAEncryption dsaWithSha1 (1 2 840 113549 1 1 4) 10040 4 3)
            :         (PKCS #1)
  18 05    0:       NULL         (ANSI X9.57 algorithm)
            :       }
  20
  15 30   18:     SEQUENCE {
  22
  17 31   16:       SET {
  24
  19 30   14:         SEQUENCE {
  26
  21 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  31
  26 13    7:           PrintableString 'CarlRSA' 'CarlDSS'
            :           }
            :         }
            :       }
  40
  35 17   13:     UTCTime '990820070000Z'
            :     }
  55
  50 30    9:   SEQUENCE {
  52 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :       (ANSI X9.57 algorithm)
            :     }
  61 03   48:   BIT STRING 0 unused bits, encapsulates {
  64 30   45:       SEQUENCE {
  66 02   20:         INTEGER
            :           62 3F 36 17 31 58 2E 67 50 79 F5 09 4B 8C AD D4
            :           6B F4 64 9F
  88 02   21:         INTEGER
            :           00 B5 3B 4E A1 4C 7B FD 0F C3 8D 9B B6 FE C3 5D
            :           6F DE 65 28 7D
            :         }
            :       }
            :   }

CarlRSACRLForAll =
   0 30  307: SEQUENCE {
   4 30  157:   SEQUENCE {
   7 30   13:     SEQUENCE {
  57
   9 06    9:       OBJECT IDENTIFIER
            :         md5withRSAEncryption (1 2 840 113549 1 1 4)
            :         (PKCS #1)
  68
  20 05    0:       NULL
            :       }
  70 03  129:   BIT STRING 0 unused bits
  22 30   18:     SEQUENCE {
  24 31   16:       SET {
  26 30   14:         SEQUENCE {
  28 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :     A9 C5 21 B8             (X.520 id-at (2 5 4))
  33 13 7C 74 F3 B5 11 EC 04 F3 20 45 86    7:           PrintableString 'CarlRSA'
            :     1E 0B 6E 7F 83 6D 5F F4 34 76 06 59 25 0E 04 3D           }
            :     88 09 88 81 37 C4 DC 20 98 FA         }
            :       }
  42 17 81 0B 37 94 AC   13:     UTCTime '990827070000Z'
  57 30  105:     SEQUENCE {
  59 30   33:       SEQUENCE {
  61 02   16:         INTEGER
            :     B4 8F 7B 51 89 14 A4 CB 72 73 14 07           46 34 6B C7 80 00 56 BC 22 9C 40 11 D3 6E 2E C4 10 B3 B0
  79 17   13:         UTCTime '990822070000Z'
            :     A1 07 FC 44 7C 85 0F 0B 88 D1 EE E1 0E AF F6 16         }
  94 30   33:       SEQUENCE {
  96 02   16:         INTEGER
            :     74 AD A1 AF C1 00 75           46 34 6B C7 80 00 64 EA A5 56 BC 11 D3 6E 2E D5 9A F6 0B 08 A2 30 90
 114 17   13:         UTCTime '990822070000Z'
            :     DB 95 19 5F A6 A7 B9 39 45 25 0A 0E F6 5E 84 E7         }
 129 30   33:       SEQUENCE {
 131 02   16:         INTEGER
            :     F8 B9 5A C9 18 C2 0E B8 A0 96 BE 81 3A           46 34 6B C7 80 6D C9 00 56 BC 11 D3 6E 2E CD 5D 71 D0
 149 17   13:         UTCTime '990824070000Z'
            :         }

4. Trivial Examples

This section covers examples of small CMS types.

4.1 ContentInfo with Data type, BER

The object is a ContentInfo containing a Data object in BER format that is
ExContent.

   0
            :       }
            :     }
 164 30 NDEF:   13:   SEQUENCE {
   2
 166 06    9:     OBJECT IDENTIFIER data md5withRSAEncryption (1 2 840 113549 1 7 1) 1 4)
            :       (PKCS #7)
  13 A0 NDEF:   [0] {
  15 24 NDEF:     OCTET STRING {
  17 04    4:       OCTET STRING #1)
 177 05    0:     NULL
            :         54 68 69 73
  23 04   24:       OCTET     }
 179 03  129:   BIT STRING 0 unused bits
            :         20 69 73 20 73 6F 6D 65 20 73 61 6D 70 6C 65 20
            :         63 6F 6E 74 65     BF B3 97 AA 53 F0 32 21 16 2B 77 92 7A 6B BB 97
            :     C8 DC EA F1 FA 66 16 30 0E B5 9E 5C F0 81 D4 5E
            :     B3 6E 74 2E C1 88 6B 8C D4 5E C5 4D FB 47 5E 66 F3 5D
            :       }     AB E5 B4 18 36 60 A8 4D 9C 3C 89 EC 6F 27 BF 35
            :     }     50 71 81 C2 B9 44 5B 62 89 19 12 31 A9 7B 9A D3
            :     CC 66 CB 11 D9 0B 10 47 77 AD 4F 22 D9 E5 7F 30
            :     F2 5B FC 94 51 A5 58 76 3B 1F A8 46 A6 1F F6 A1
            :     DE 55 A1 ED 31 88 69 97 0F 08 D3 D4 0C 60 5B 1E
            :   }

4.2 ContentInfo with Data type, DER

The object is a ContentInfo containing a Data object in DER format that is
ExContent.

CarlRSACRLForCarl =
   0 30   43:  236: SEQUENCE {
   2
   3 30   87:   SEQUENCE {
   5 30   13:     SEQUENCE {
   7 06    9:       OBJECT IDENTIFIER data
            :         md5withRSAEncryption (1 2 840 113549 1 7 1) 1 4)
            :         (PKCS #7)
  13 A0   30:   [0] {
  15 04   28:     OCTET STRING
            :       54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
            :       70 6C 65 20 63 6F 6E 74 65 6E 74 2E #1)
  18 05    0:       NULL
            :       }
  20 30   18:     SEQUENCE {
  22 31   16:       SET {
  24 30   14:         SEQUENCE {
  26 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :   }

5.  Signed-data

5.1 Basic signed content, DSS

A SignedData with no attribute certificates, signed by Alice using
DH-DSS, just her certificate (not Carl's root cert), no CRL. The
message is ExContent, and is included in the eContent. There are no
signed or unsigned attributes.

   0 30  183: SEQUENCE {
   3 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)             (X.520 id-at (2 5 4))
  31 13    7:           PrintableString 'CarlRSA'
            :     (PKCS #7)
  14 A0  169:   [0] {           }
            :         }
            :       }
  40 17   13:     UTCTime '990825070000Z'
  55 30  166:   35:     SEQUENCE {
  20 02    1:       INTEGER 1
  23 31   11:       SET {
  25
  57 30    9:   33:       SEQUENCE {
  27 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
  59 02   16:         INTEGER
            :             (OIW)           46 34 05    0:           NULL 6B C7 80 00 56 BC 11 D3 6E 2E 9F F2 50 20
  77 17   13:         UTCTime '990822070000Z'
            :         }
            :       }
  36
            :     }
  92 30   43:   13:   SEQUENCE {
  38
  94 06    9:     OBJECT IDENTIFIER data md5withRSAEncryption (1 2 840 113549 1 7 1) 1 4)
            :       (PKCS #7)
  49 A0   30:         [0] {
  51 04   28:           OCTET #1)
 105 05    0:     NULL
            :     }
 107 03  129:   BIT STRING 0 unused bits
            :             54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D     21 EF 21 D4 C1 1A 85 95 49 6B CA 45 62 DC D7 09
            :             70 6C 65 20 63 6F 6E 74 65 6E 74     FF A9 51 2E 8E D9 47 18 FA F8 E5 72 DD 4F ED 74
            :           }     74 E3 F3 65 32 65 28 2C 9A 1D 57 E5 D5 26 06 EA
            :         }
  81 31  103:       SET     D5 E6 23 95 84 8D 0E 89 9E EE 9B 0C 2F CE 07 F7
            :     A3 D1 6B 85 4C 0F FF E6 DD FC DC CD 73 2C 1E 7D
            :     DC B0 71 C5 4C FC 01 6E 52 57 69 1E 39 63 DF 12
            :     22 30 C7 13 55 94 05 6E 2A 00 A9 5B C4 2A 66 94
            :     62 CE 36 33 C2 2B 63 47 25 9D F3 DE 70 EE 00 56
            :   }

CarlRSACRLEmpty =
   0 30  199: SEQUENCE {
  83
   3 30  101:   50:   SEQUENCE {
  85 02    1:           INTEGER 1
  88
   5 30   24:   13:     SEQUENCE {
  90
   7 06    9:       OBJECT IDENTIFIER
            :         md5withRSAEncryption (1 2 840 113549 1 1 4)
            :         (PKCS #1)
  18 05    0:       NULL
            :       }
  20 30   18:     SEQUENCE {
  92
  22 31   16:       SET {
  94
  24 30   14:         SEQUENCE {
  96
  26 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
 101
  31 13    7:           PrintableString 'CarlDSS' 'CarlRSA'
            :           }
            :         }
            :       }
 110 02    2:             INTEGER 200
  40 17   13:     UTCTime '990820070000Z'
            :     }
 114
  55 30    9:   13:   SEQUENCE {
 116
  57 06    5:    9:     OBJECT IDENTIFIER sha1 md5withRSAEncryption (1 3 14 3 2 26) 840 113549 1 1 4)
            :               (OIW)
 123       (PKCS #1)
  68 05    0:     NULL
            :     }
 125 30    9:           SEQUENCE {
 127 06    7:             OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
            :               (ANSI X9.57 algorithm)
            :             }
 136 04   48:           OCTET
  70 03  129:   BIT STRING 0 unused bits
            :             30 2D 02 14 70 9B 27 7D 99 E7 D2 0C C6     A9 C5 21 B8 13 7C 74 F3 B5 11 EC 04 F3 20 45 86
            :     1E 0B 6E 7F 83 6D 5F F4 34 76 06 59 25 0E 04 3D
            :             4B E2 21 B7 BD 8D 48 29 02 15 00 8B 2C 0C 06 CB     88 09 88 81 37 C4 DC 20 98 FA 17 81 0B 37 94 AC
            :             4A B5 06 4B A8 4C 0E 78 D1 3B 90 E9 D1 9F     B4 8F 7B 51 89 14 A4 00 CB 72 73 14 07 BC 22 9C 40
            :           }     A1 07 FC 44 7C 85 0F 0B 88 D1 EE E1 0E AF F6 16
            :         }     74 AD A1 AF C1 00 75 00 64 EA A5 9A F6 0B 08 A2
            :       }     DB 95 19 5F A6 A7 B9 39 45 25 0A 0E F6 5E 84 E7
            :     }     F8 B9 5A C9 18 C2 0E B8 A0 96 BE 81 3A 80 6D C9
            :   }

5.2 Basic signed content, RSA

Same as 5.1, except using RSA signatures. A SignedData

4. Trivial Examples

This section covers examples of small CMS types.

4.1 ContentInfo with no
attribute certificates, signed by Alice using RSA, just her certificate
(not Carl's root cert), no CRL. Data type, BER

The message is ExContent, and object is
included a ContentInfo containing a Data object in the eContent. There are no signed or unsigned attributes. BER format that is
ExContent.

   0 30  286: NDEF: SEQUENCE {
   4
   2 06    9:   OBJECT IDENTIFIER signedData data (1 2 840 113549 1 7 2) 1)
            :     (PKCS #7)
  15
  13 A0  271: NDEF:   [0] {
  19 30  267:     SEQUENCE
  15 24 NDEF:     OCTET STRING {
  17 04    4:       OCTET STRING
            :         54 68 69 73
  23 02    1:       INTEGER 1
  26 31   11:       SET {
  28 30    9:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) 04   24:       OCTET STRING
            :             (OIW)
  37 05    0:           NULL         20 69 73 20 73 6F 6D 65 20 73 61 6D 70 6C 65 20
            :         63 6F 6E 74 65 6E 74 2E
            :       }
            :     }
  39
            :   }

4.2 ContentInfo with Data type, DER

The object is a ContentInfo containing a Data object in DER format that is
ExContent.

   0 30   43: SEQUENCE {
  41
   2 06    9:   OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :     (PKCS #7)
  52
  13 A0   30:   [0] {
  54
  15 04   28:     OCTET STRING
            :       54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
            :       70 6C 65 20 63 6F 6E 74 65 6E 74 2E
            :     }
            :   }
  84 31  203:       SET {
  87

5.  Signed-data

5.1 Basic signed content, DSS

A SignedData with no attribute certificates, signed by Alice using
DH-DSS, just her certificate (not Carl's root cert), no CRL. The
message is ExContent, and is included in the eContent. There are no
signed or unsigned attributes.

   0 30  200:  927: SEQUENCE {
  90 02    1:           INTEGER
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1
  93 30   38:           SEQUENCE 7 2)
            :     (PKCS #7)
  15 A0  912:   [0] {
  95
  19 30   18:  908:     SEQUENCE {
  97
  23 02    1:       INTEGER 1
  26 31   16:   11:       SET {
  99 30   14:                 SEQUENCE {
 101 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 106 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
 115 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
            :             }
 133
  28 30    9:         SEQUENCE {
 135
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
 142
  37 05    0:           NULL
            :           }
 144
            :         }
  39 30   13:   43:       SEQUENCE {
 146
  41 06    9:         OBJECT IDENTIFIER
            :               rsaEncryption data (1 2 840 113549 1 1 7 1)
            :           (PKCS #1)
 157 05    0:             NULL
            :             }
 159 #7)
  52 A0   30:         [0] {
  54 04  128:   28:           OCTET STRING
            :             2F 23 82 D2 F3 09 5F B8 0C 58 EB 4E 9D BF 89 9A
            :             81 E5 75 C4 91 3D D3 D0 D5 7B B6 D5 FE 94 A1 8A
            :             AC E3 C4 84 F5 CD 60 4E 27 95 F6 CF 00 86 76 75
            :             3F 2B F0 E7 D4 02 67 A7 F5 C7 8D 16 04 A5 B3 B5
            :             E7 D9 32 F0 24 EF E7 20 44 D5 9F 07 C5 53 24 FA
            :             CE 01 1D 0F 17 13 A7 2A 95 9D 2B E4 03 95 14 0B
            :             E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6 55 13 D4             54 68
            : 69 73 20 69 73 20 73 6F D0 07 D7 A2 B1 62 4C E3 8F AF FD E0 D5 5D C7
            :           }
            :         } 6D 65 20 73 61 6D
            :       }             70 6C 65 20 63 6F 6E 74 65 6E 74 2E
            :           }
            :         }

5.3 Basic signed content, detached content

Same as 5.1, except with no eContent. A SignedData with no attribute
certificates, signed by Alice using DH-DSS, just her certificate (not
Carl's root cert), no CRL. The message is ExContent, but the eContent
is not included. There are no signed or unsigned attributes.

   0 30  151: SEQUENCE {
   3 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  14
  84 A0  137:  738:       [0] {
  17
  88 30  134:  734:         SEQUENCE {
  20
  92 30  669:           SEQUENCE {
  96 A0    3:             [0] {
  98 02    1:               INTEGER 1
  23 31   11:       SET {
  25 2
            :               }
 101 02    2:             INTEGER 200
 105 30    9:             SEQUENCE {
  27
 107 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
  34 05    0:           NULL
            :           }
            :         }
  36 30   11:       SEQUENCE {
  38 06    9:    7:               OBJECT IDENTIFIER data dsaWithSha1 (1 2 840 113549 1 7 1) 10040 4 3)
            :           (PKCS #7)                 (ANSI X9.57 algorithm)
            :               }
  49 31  103:       SET {
  51 30  101:         SEQUENCE {
  53 02    1:           INTEGER 1
  56 30   24:           SEQUENCE {
  58
 116 30   18:             SEQUENCE {
  60
 118 31   16:               SET {
  62
 120 30   14:                 SEQUENCE {
  64
 122 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
  69
 127 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
  78 02    2:             INTEGER 200
 136 30   30:             SEQUENCE {
 138 17   13:               UTCTime '990817011049Z'
 153 17   13:               UTCTime '391231235959Z'
            :               }
  82
 168 30    9:   19:             SEQUENCE {
  84
 170 31   17:               SET {
 172 30   15:                 SEQUENCE {
 174 06    5:    3:                   OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) commonName (2 5 4 3)
            :               (OIW)
  91 05    0:             NULL                     (X.520 id-at (2 5 4))
 179 13    8:                   PrintableString 'AliceDSS'
            :                   }
  93
            :                 }
            :               }
 189 30    9:  438:             SEQUENCE {
  95
 193 30  299:               SEQUENCE {
 197 06    7:                 OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
            :                   (ANSI X9.57 algorithm)
            :             }
 104 04   48:           OCTET STRING
            :
 206 30 2D  286:                 SEQUENCE {
 210 02 14 5E 5E 6B 69 04 A2 62 5D 8B 45 B2 55  129:                   INTEGER
            :             F9 75 1C 12 4E 88 88 21 02 15                   00 A3 C1 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 23 E0
            :             08 35 6F 25 22 7A 1E B6 14 BC 28 A3 E4 75 91 DB 25 00
            :           }
            :         }
            :       }                   47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94
            :     }                   E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A
            :                   E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F
            :                   2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D
            :                   B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B
            :                   DB
 342 02   21:                   INTEGER
            :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B
            :                   62 8B F7 93 CD
 365 02  128:                   INTEGER
            :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C
            :                   76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD
            :                   9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D
            :                   EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23
            :                   85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2
            :                   BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39
            :                   }
            :                 }
 496 03  132:               BIT STRING 0 unused bits, encapsulates {
 500 02  128:                   INTEGER
            :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3 3F A9 EC AC
            :                   5E DC BD B7 13 11 34 A6 16 89 28 11 23 D9 34 86
            :                   67 75 75 13 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
            :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 A5 A0 4A E3
            :                   85 D6 CE 06 80 3F E8 23 7E 1A F2 24 AB 53 1A B8
            :                   27 0D 1E EF 08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 32 84 F0 7E
            :                   41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2 83 E5 B8
            :                   }
            :               }
 631 A3  131:             [3] {
 634 30  128:               SEQUENCE {
 637 30   32:                 SEQUENCE {
 639 06    3:                   OBJECT IDENTIFIER subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
 644 04   25:                   OCTET STRING, encapsulates {
 646 30   23:                       SEQUENCE {
 648 81   21:                         [1] 'aliceDss@examples.com'
            :                         }
            :                       }
            :                   }
 671 30   12:                 SEQUENCE {
 673 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 678 01    1:                   BOOLEAN TRUE
 681 04    2:                   OCTET STRING, encapsulates {
 683 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 685 30   14:                 SEQUENCE {
 687 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
 692 01    1:                   BOOLEAN TRUE
 695 04    4:                   OCTET STRING, encapsulates {
 697 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
 701 30   31:                 SEQUENCE {
 703 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
 708 04   24:                   OCTET STRING, encapsulates {
 710 30   22:                       SEQUENCE {
 712 80   20:                         [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43
            :                   2B 93 F1 1F
            :                         }
            :                       }
            :                   }
 734 30   29:                 SEQUENCE {
 736 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
 741 04   22:                   OCTET STRING
            :                   04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01
            :                   E2 FD E3 97 FE CD
            :                   }
            :                 }
            :               }
            :             }
 765 30    9:           SEQUENCE {
 767 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
 776 03   48:           BIT STRING 0 unused bits, encapsulates {
 779 30   45:               SEQUENCE {
 781 02   21:                 INTEGER
            :                   00 98 B0 C6 3F CF 71 47 5A 35 A9 4A 8F C0 F8 24
            :                   05 E8 46 94 8E
 804 02   20:                 INTEGER
            :                   5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9 A1 87 C1 A5
            :                   7F 28 2D BB
            :                 }
            :               }
            :           }
            :         }
 826 31  103:       SET {
 828 30  101:         SEQUENCE {
 830 02    1:           INTEGER 1
 833 30   24:           SEQUENCE {
 835 30   18:             SEQUENCE {
 837 31   16:               SET {
 839 30   14:                 SEQUENCE {
 841 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 846 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 855 02    2:             INTEGER 200
            :             }
 859 30    9:           SEQUENCE {
 861 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
 868 05    0:             NULL
            :             }
 870 30    9:           SEQUENCE {
 872 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
 881 04   48:           OCTET STRING, encapsulates {
 883 30   45:               SEQUENCE {
 885 02   20:                 INTEGER
            :                   08 D0 45 7D 63 E1 39 EC 62 B0 30 C2 29 AD 42 EA
            :                   96 4F 91 86
 907 02   21:                 INTEGER
            :                   00 A6 86 EE 8A 7A 05 A7 E0 07 E6 F9 88 BF 93 FB
            :                   96 4D 76 D3 92
            :                 }
            :        	    }
            :        	  }
            :           }
            :         }
            :       }
            :     }
            :   }

5.2 Basic signed content, RSA

Same as 5.1, except using RSA signatures. A SignedData with no
attribute certificates, signed by Alice using RSA, just her certificate
(not Carl's root cert), no CRL. The message is ExContent, and is
included in the eContent. There are no signed or unsigned attributes.

   0 30  816: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  15 A0  801:   [0] {
  19 30  797:     SEQUENCE {
  23 02    1:       INTEGER 1
  26 31   11:       SET {
  28 30    9:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
  37 05    0:           NULL
            :           }
            :         }
  39 30   43:       SEQUENCE {
  41 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  52 A0   30:         [0] {
  54 04   28:           OCTET STRING
            :             54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
            :             70 6C 65 20 63 6F 6E 74 65 6E 74 2E
            :           }
            :         }
  84 A0  526:       [0] {
  88 30  522:         SEQUENCE {
  92 30  371:           SEQUENCE {
  96 A0    3:             [0] {
  98 02    1:               INTEGER 2
            :               }
 101 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
 119 30   13:             SEQUENCE {
 121 06    9:               OBJECT IDENTIFIER
            :                 sha1withRSAEncryption (1 2 840 113549 1 1 5)
            :                 (PKCS #1)
 132 05    0:               NULL
            :               }
 134 30   18:             SEQUENCE {
 136 31   16:               SET {
 138 30   14:                 SEQUENCE {
 140 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 145 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
 154 30   30:             SEQUENCE {
 156 17   13:               UTCTime '990819070000Z'
 171 17   13:               UTCTime '391231235959Z'
            :               }
 186 30   19:             SEQUENCE {
 188 31   17:               SET {
 190 30   15:                 SEQUENCE {
 192 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 197 13    8:                   PrintableString 'AliceRSA'
            :                   }
            :                 }
            :               }
 207 30  159:             SEQUENCE {
 210 30   13:               SEQUENCE {
 212 06    9:                 OBJECT IDENTIFIER
            :                   rsaEncryption (1 2 840 113549 1 1 1)
            :                   (PKCS #1)
 223 05    0:                 NULL
            :                 }
 225 03  141:               BIT STRING 0 unused bits, encapsulates {
 229 30  137:                   SEQUENCE {
 232 02  129:                     INTEGER
            :                   00 E0 89 73 39 8D D8 F5 F5 E8 87 76 39 7F 4E B0
            :                   05 BB 53 83 DE 0F B7 AB DC 7D C7 75 29 0D 05 2E
            :                   6D 12 DF A6 86 26 D4 D2 6F AA 58 29 FC 97 EC FA
            :                   82 51 0F 30 80 BE B1 50 9E 46 44 F1 2C BB D8 32
            :                   CF C6 68 6F 07 D9 B0 60 AC BE EE 34 09 6A 13 F5
            :                   F7 05 05 93 DF 5E BA 35 56 D9 61 FF 19 7F C9 81
            :                   E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 9F 2D FA 55
            :                   3A B9 99 77 02 A6 48 52 8C 4E F3 57 38 57 74 57
            :                   5F
 364 02    3:                     INTEGER 65537
            :                     }
            :                   }
            :               }
 369 A3   96:             [3] {
 371 30   94:               SEQUENCE {
 373 30   12:                 SEQUENCE {
 375 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 380 01    1:                   BOOLEAN TRUE
 383 04    2:                   OCTET STRING, encapsulates {
 385 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 387 30   14:                 SEQUENCE {
 389 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
 394 01    1:                   BOOLEAN TRUE
 397 04    4:                   OCTET STRING, encapsulates {
 399 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
 403 30   31:                 SEQUENCE {
 405 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
 410 04   24:                   OCTET STRING, encapsulates {
 412 30   22:                       SEQUENCE {
 414 80   20:                         [0]
            :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 4E 22
            :                   AE 9E 38 BB
            :                         }
            :                       }
            :                   }
 436 30   29:                 SEQUENCE {
 438 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
 443 04   22:                   OCTET STRING
            :                   04 14 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D CE EC
            :                   3C A0 3A E3 FF 50
            :                   }
            :                 }
            :               }
            :             }
 467 30   13:           SEQUENCE {
 469 06    9:             OBJECT IDENTIFIER
            :               sha1withRSAEncryption (1 2 840 113549 1 1 5)
            :               (PKCS #1)
 480 05    0:             NULL
            :             }
 482 03  129:           BIT STRING 0 unused bits
            :             52 FF B3 8B 54 1E 08 BF F3 6D 0C 12 08 7D 8E CB
            :             6E 59 EC 56 93 A6 4A 22 40 5F 8B 14 79 7E 83 4F
            :             F5 3F DE 21 97 16 58 70 76 32 B2 20 51 A3 1A 1F
            :             97 48 80 5C 83 B0 B8 93 0B 03 44 AE BF BE A4 8C
            :             06 C6 45 E2 81 08 D5 89 58 0C 28 1B 2D A5 8B 1C
            :             4A E3 D7 44 34 D4 CB 53 FC BA A9 8B AA B6 E9 B0
            :             C3 AB 74 F1 2A F1 B0 C6 38 EA 87 02 1E 10 BB 99
            :             C4 BE 36 C0 08 BA 13 65 37 3E 36 F3 31 42 73 18
            :           }
            :         }
 614 31  203:       SET {
 617 30  200:         SEQUENCE {
 620 02    1:           INTEGER 1
 623 30   38:           SEQUENCE {
 625 30   18:             SEQUENCE {
 627 31   16:               SET {
 629 30   14:                 SEQUENCE {
 631 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 636 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
 645 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
            :             }
 663 30    9:           SEQUENCE {
 665 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
 672 05    0:             NULL
            :             }
 674 30   13:           SEQUENCE {
 676 06    9:             OBJECT IDENTIFIER
            :               rsaEncryption (1 2 840 113549 1 1 1)
            :               (PKCS #1)
 687 05    0:             NULL
            :             }
 689 04  128:           OCTET STRING
            :             2F 23 82 D2 F3 09 5F B8 0C 58 EB 4E 9D BF 89 9A
            :             81 E5 75 C4 91 3D D3 D0 D5 7B B6 D5 FE 94 A1 8A
            :             AC E3 C4 84 F5 CD 60 4E 27 95 F6 CF 00 86 76 75
            :             3F 2B F0 E7 D4 02 67 A7 F5 C7 8D 16 04 A5 B3 B5
            :             E7 D9 32 F0 24 EF E7 20 44 D5 9F 07 C5 53 24 FA
            :             CE 01 1D 0F 17 13 A7 2A 95 9D 2B E4 03 95 14 0B
            :             E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6 55 13 D4 68
            :             6F D0 07 D7 A2 B1 62 4C E3 8F AF FD E0 D5 5D C7
            :           }
            :         }
            :       }
            :     }
            :   }

5.3 Basic signed content, detached content

Same as 5.1, except with no eContent. A SignedData with no attribute
certificates, signed by Alice using DH-DSS, just her certificate (not
Carl's root cert), no CRL. The message is ExContent, but the eContent
is not included. There are no signed or unsigned attributes.

   0 30  895: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  15 A0  880:   [0] {
  19 30  876:     SEQUENCE {
  23 02    1:       INTEGER 1
  26 31   11:       SET {
  28 30    9:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
  37 05    0:           NULL
            :           }
            :         }
  39 30   11:       SEQUENCE {
  41 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
            :         }
  52 A0  738:       [0] {
  56 30  734:         SEQUENCE {
  60 30  669:           SEQUENCE {
  64 A0    3:             [0] {
  66 02    1:               INTEGER 2
            :               }
  69 02    2:             INTEGER 200
  73 30    9:             SEQUENCE {
  75 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)
            :               }
  84 30   18:             SEQUENCE {
  86 31   16:               SET {
  88 30   14:                 SEQUENCE {
  90 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
  95 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 104 30   30:             SEQUENCE {
 106 17   13:               UTCTime '990817011049Z'
 121 17   13:               UTCTime '391231235959Z'
            :               }
 136 30   19:             SEQUENCE {
 138 31   17:               SET {
 140 30   15:                 SEQUENCE {
 142 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 147 13    8:                   PrintableString 'AliceDSS'
            :                   }
            :                 }
            :               }
 157 30  438:             SEQUENCE {
 161 30  299:               SEQUENCE {
 165 06    7:                 OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
            :                   (ANSI X9.57 algorithm)
 174 30  286:                 SEQUENCE {
 178 02  129:                   INTEGER
            :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4
            :                   47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94
            :                   E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A
            :                   E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F
            :                   2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D
            :                   B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B
            :                   DB
 310 02   21:                   INTEGER
            :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B
            :                   62 8B F7 93 CD
 333 02  128:                   INTEGER
            :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C
            :                   76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD
            :                   9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D
            :                   EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23
            :                   85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2
            :                   BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39
            :                   }
            :                 }
 464 03  132:               BIT STRING 0 unused bits, encapsulates {
 468 02  128:                   INTEGER
            :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3 3F A9 EC AC
            :                   5E DC BD B7 13 11 34 A6 16 89 28 11 23 D9 34 86
            :                   67 75 75 13 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
            :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 A5 A0 4A E3
            :                   85 D6 CE 06 80 3F E8 23 7E 1A F2 24 AB 53 1A B8
            :                   27 0D 1E EF 08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 32 84 F0 7E
            :                   41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2 83 E5 B8
            :                   }
            :               }
 599 A3  131:             [3] {
 602 30  128:               SEQUENCE {
 605 30   32:                 SEQUENCE {
 607 06    3:                   OBJECT IDENTIFIER subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
 612 04   25:                   OCTET STRING, encapsulates {
 614 30   23:                       SEQUENCE {
 616 81   21:                         [1] 'aliceDss@examples.com'
            :                         }
            :                       }
            :                   }
 639 30   12:                 SEQUENCE {
 641 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 646 01    1:                   BOOLEAN TRUE
 649 04    2:                   OCTET STRING, encapsulates {
 651 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 653 30   14:                 SEQUENCE {
 655 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
 660 01    1:                   BOOLEAN TRUE
 663 04    4:                   OCTET STRING, encapsulates {
 665 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
 669 30   31:                 SEQUENCE {
 671 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
 676 04   24:                   OCTET STRING, encapsulates {
 678 30   22:                       SEQUENCE {
 680 80   20:                         [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43
            :                   2B 93 F1 1F
            :                         }
            :                       }
            :                   }
 702 30   29:                 SEQUENCE {
 704 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
 709 04   22:                   OCTET STRING
            :                   04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01
            :                   E2 FD E3 97 FE CD
            :                   }
            :                 }
            :               }
            :             }
 733 30    9:           SEQUENCE {
 735 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
 744 03   48:           BIT STRING 0 unused bits, encapsulates {
 747 30   45:               SEQUENCE {
 749 02   21:                 INTEGER
            :                   00 98 B0 C6 3F CF 71 47 5A 35 A9 4A 8F C0 F8 24
            :                   05 E8 46 94 8E
 772 02   20:                 INTEGER
            :                   5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9 A1 87 C1 A5
            :                   7F 28 2D BB
            :                 }
            :               }
            :           }
            :         }
 794 31  103:       SET {
 796 30  101:         SEQUENCE {
 798 02    1:           INTEGER 1
 801 30   24:           SEQUENCE {
 803 30   18:             SEQUENCE {
 805 31   16:               SET {
 807 30   14:                 SEQUENCE {
 809 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 814 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 823 02    2:             INTEGER 200
            :             }
 827 30    9:           SEQUENCE {
 829 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
 836 05    0:             NULL
            :             }
 838 30    9:           SEQUENCE {
 840 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
 849 04   48:           OCTET STRING, encapsulates {
 851 30   44:               SEQUENCE {
 853 02   20:                 INTEGER
            :                   15 D0 DC EE FF D4 36 5B 93 0D CF 69 3D 37 45 A0
            :                   34 9A 63 35
 875 02   20:                 INTEGER
            :                   49 75 76 4C 33 00 0A AB 90 FD EF 9C 47 80 21 F1
            :                   49 EA 02 15
            :                 }
            :               }
            :           }
            :         }
            :       }
            :     }
            :   }

5.4 Fancier signed content

Same as 5.1, but includes Carl's root cert, Carl's CRL, some signed and
unsigned attributes (Countersignature by Diane). A SignedData with no
attribute certificates, signed by Alice using DH-DSS, her certificate
and Carl's root cert, Carl's DSS CRL. The message is ExContent, and is
included in the eContent. The signed attributes are Content Type,
Message Digest and Signing Time; the unsigned attributes are content
hint and counter signature.

   0 30 1968: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  15 A0 1953:   [0] {
  19 30 1949:     SEQUENCE {
  23 02    1:       INTEGER 1
  26 31   11:       SET {
  28 30    9:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
  37 05    0:           NULL
            :           }
            :         }
  39 30   43:       SEQUENCE {
  41 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  52 A0   30:         [0] {
  54 04   28:           OCTET STRING
            :             54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
            :             70 6C 65 20 63 6F 6E 74 65 6E 74 2E
            :           }
            :         }
  84 A0 1409:       [0] {
  88 30  667:         SEQUENCE {
  92 30  602:           SEQUENCE {
  96 A0    3:             [0] {
  98 02    1:               INTEGER 2
            :               }
 101 02    1:             INTEGER 1
 104 30    9:             SEQUENCE {
 106 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)
            :               }
 115 30   18:             SEQUENCE {
 117 31   16:               SET {
 119 30   14:                 SEQUENCE {
 121 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 126 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 135 30   30:             SEQUENCE {
 137 17   13:               UTCTime '990816225050Z'
 152 17   13:               UTCTime '391231235959Z'
            :               }
 167 30   18:             SEQUENCE {
 169 31   16:               SET {
 171 30   14:                 SEQUENCE {
 173 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 178 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 187 30  439:             SEQUENCE {
 191 30  299:               SEQUENCE {
 195 06    7:                 OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
            :                   (ANSI X9.57 algorithm)
 204 30  286:                 SEQUENCE {
 208 02  129:                   INTEGER
            :                   00 B6 49 18 3E 8A 44 C1 29 71 94 4C 01 C4 12 C1
            :                   7A 79 CB 54 4D AB 1E 81 FB C6 4C B3 0E 94 09 06
            :                   EB 01 D4 B1 C8 71 4B C7 45 C0 50 25 5D 9C FC DA
            :                   E4 6D D3 E2 86 48 84 82 7D BA 15 95 4A 16 F6 46
            :                   ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16 7B B9 50 01
            :                   48 93 8B EB 25 15 51 97 55 DC 8F 53 0E 10 A9 50
            :                   FC 70 B7 CD 30 54 FD DA DE A8 AA 22 B5 A1 AF 8B
            :                   CC 02 88 E7 8B 70 5F B9 AD E1 08 D4 6D 29 2D D6
            :                   E9
 340 02   21:                   INTEGER
            :                   00 DD C1 2F DF 53 CE 0B 34 60 77 3E 02 A4 BF 8A
            :                   5D 98 B9 10 D5
 363 02  128:                   INTEGER
            :                   0C EE 57 9B 4B BD DA B6 07 6A 74 37 4F 55 7F 9D
            :                   ED BC 61 0D EB 46 59 3C 56 0B 2B 5B 0C 91 CE A5
            :                   62 52 69 CA E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
            :                   AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 87 0B C7 CD
            :                   F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D 5A 51 F5 4F
            :                   44 79 35 5A 73 AA 7F 46 51 1F A9 42 16 9C 48 EB
            :                   8A 79 61 B4 D5 2F 53 22 44 63 1F 86 B8 A3 58 06
            :                   25 F8 29 C0 EF BA E0 75 F0 42 C4 63 65 52 9B 0A
            :                   }
            :                 }
 494 03  133:               BIT STRING 0 unused bits, encapsulates {
 498 02  129:                   INTEGER
            :                   00 99 87 74 27 03 66 A0 B1 C0 AD DC 2C 75 BB E1
            :                   6C 44 9C DA 21 6D 4D 47 6D B1 62 09 E9 D8 AE 1E
            :                   F2 3A B4 94 B1 A3 8E 7A 9B 71 4E 00 94 C9 B4 25
            :                   4E B9 60 96 19 24 01 F3 62 0C FE 75 C0 FB CE D8
            :                   68 00 E3 FD D5 70 4F DF 23 96 19 06 94 F4 B1 61
            :                   8F 3A 57 B1 08 11 A4 0B 26 25 F0 52 76 81 EA 0B
            :                   62 0D 95 2A E6 86 BA 72 B2 A7 50 83 0B AA 27 CD
            :                   1B A9 4D 89 9A D7 8D 18 39 84 3F 8B C5 56 4D 80
            :                   7A
            :                   }
            :               }
 630 A3   66:             [3] {
 632 30   64:               SEQUENCE {
 634 30   15:                 SEQUENCE {
 636 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 641 01    1:                   BOOLEAN TRUE
 644 04    5:                   OCTET STRING, encapsulates {
 646 30    3:                       SEQUENCE {
 648 01    1:                         BOOLEAN TRUE
            :                         }
            :                       }
            :                   }
 651 30   14:                 SEQUENCE {
 653 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
 658 01    1:                   BOOLEAN TRUE
 661 04    4:                   OCTET STRING, encapsulates {
 663 03    2:                       BIT STRING 1 unused bits
            :                         '1100001'B
            :                       }
            :                   }
 667 30   29:                 SEQUENCE {
 669 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
 674 04   22:                   OCTET STRING
            :                   04 14 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20
            :                   BC 43 2B 93 F1 1F
            :                   }
            :                 }
            :               }
            :             }
 698 30    9:           SEQUENCE {
 700 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
 709 03   48:           BIT STRING 0 unused bits, encapsulates {
 712 30   45:               SEQUENCE {
 714 02   20:                 INTEGER
            :                   6B A9 F0 4E 7A 5A 79 E3 F9 BE 3D 2B C9 06 37 E9
            :                   11 17 A1 13
 736 02   21:                 INTEGER
            :                   00 8F 34 69 2A 8B B1 3C 03 79 94 32 4D 12 1F CE
            :                   89 FB 46 B2 3B
            :                 }
            :               }
            :           }
 759 30  734:         SEQUENCE {
 763 30  669:           SEQUENCE {
 767 A0    3:             [0] {
 769 02    1:               INTEGER 2
            :               }
 772 02    2:             INTEGER 200
 776 30    9:             SEQUENCE {
 778 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)
            :               }
 787 30   18:             SEQUENCE {
 789 31   16:               SET {
 791 30   14:                 SEQUENCE {
 793 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 798 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 807 30   30:             SEQUENCE {
 809 17   13:               UTCTime '990817011049Z'
 824 17   13:               UTCTime '391231235959Z'
            :               }
 839 30   19:             SEQUENCE {
 841 31   17:               SET {
 843 30   15:                 SEQUENCE {
 845 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 850 13    8:                   PrintableString 'AliceDSS'
            :                   }
            :                 }
            :               }
 860 30  438:             SEQUENCE {
 864 30  299:               SEQUENCE {
 868 06    7:                 OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
            :                   (ANSI X9.57 algorithm)
 877 30  286:                 SEQUENCE {
 881 02  129:                   INTEGER
            :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4
            :                   47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94
            :                   E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A
            :                   E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F
            :                   2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D
            :                   B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B
            :                   DB
1013 02   21:                   INTEGER
            :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B
            :                   62 8B F7 93 CD
1036 02  128:                   INTEGER
            :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C
            :                   76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD
            :                   9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D
            :                   EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23
            :                   85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2
            :                   BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39
            :                   }
            :                 }
1167 03  132:               BIT STRING 0 unused bits, encapsulates {
1171 02  128:                   INTEGER
            :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3 3F A9 EC AC
            :                   5E DC BD B7 13 11 34 A6 16 89 28 11 23 D9 34 86
            :                   67 75 75 13 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
            :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 A5 A0 4A E3
            :                   85 D6 CE 06 80 3F E8 23 7E 1A F2 24 AB 53 1A B8
            :                   27 0D 1E EF 08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 32 84 F0 7E
            :                   41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2 83 E5 B8
            :                   }
            :               }
1302 A3  131:             [3] {
1305 30  128:               SEQUENCE {
1308 30   32:                 SEQUENCE {
1310 06    3:                   OBJECT IDENTIFIER subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
1315 04   25:                   OCTET STRING, encapsulates {
1317 30   23:                       SEQUENCE {
1319 81   21:                         [1] 'aliceDss@examples.com'
            :                         }
            :                       }
            :                   }
1342 30   12:                 SEQUENCE {
1344 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
1349 01    1:                   BOOLEAN TRUE
1352 04    2:                   OCTET STRING, encapsulates {
1354 30    0:                       SEQUENCE {}
            :                       }
            :                   }
1356 30   14:                 SEQUENCE {
1358 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
1363 01    1:                   BOOLEAN TRUE
1366 04    4:                   OCTET STRING, encapsulates {
1368 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
1372 30   31:                 SEQUENCE {
1374 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
1379 04   24:                   OCTET STRING, encapsulates {
1381 30   22:                       SEQUENCE {
1383 80   20:                         [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43
            :                   2B 93 F1 1F
            :                         }

5.4 Fancier signed content

Same as 5.1, but includes Carl's root cert, Carl's CRL, some signed and
unsigned attributes (Countersignature by Diane). A SignedData with no
attribute certificates, signed by Alice using DH-DSS, her certificate
and Carl's root cert, Carl's DSS CRL. The message is ExContent, and is
included in the eContent. The signed attributes are Content Type,
Message Digest and Signing Time; the unsigned attributes are content
hint and counter signature.
            :                       }
            :                   }
1405 30   29:                 SEQUENCE {
1407 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
1412 04   22:                   OCTET STRING
            :                   04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01
            :                   E2 FD E3 97 FE CD
            :                   }
            :                 }
            :               }
            :             }
1436 30    9:           SEQUENCE {
1438 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
1447 03   48:           BIT STRING 0 unused bits, encapsulates {
1450 30   45:               SEQUENCE {
1452 02   21:                 INTEGER
            :                   00 98 B0 C6 3F CF 71 47 5A 35 A9 4A 8F C0 F8 24
            :                   05 E8 46 94 8E
1475 02   20:                 INTEGER
            :                   5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9 A1 87 C1 A5
            :                   7F 28 2D BB
            :                 }
            :               }
            :           }
            :         }
1497 A1  219:       [1] {
1500 30 2152:  216:         SEQUENCE {
   4 06
1503 30  153:           SEQUENCE {
1506 30    9:             SEQUENCE {
1508 06    7:               OBJECT IDENTIFIER signedData dsaWithSha1 (1 2 840 113549 1 7 2) 10040 4 3)
            :     (PKCS #7)
  15 A0 2137:   [0] {
  19                 (ANSI X9.57 algorithm)
            :               }
1517 30 2133:   18:             SEQUENCE {
  23 02    1:       INTEGER 3
  26
1519 31   11:   16:               SET {
  28
1521 30    9:   14:                 SEQUENCE {
  30
1523 06    5:    3:                   OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) commonName (2 5 4 3)
            :             (OIW)
  37 05    0:           NULL                     (X.520 id-at (2 5 4))
1528 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
  39
            :               }
1537 17   13:             UTCTime '990827070000Z'
1552 30   43:  105:             SEQUENCE {
  41 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  52 A0   30:         [0]
1554 30   19:               SEQUENCE {
  54 04   28:           OCTET STRING
            :             54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
            :             70 6C 65 20 63 6F 6E 74 65 6E 74 2E
1556 02    2:                 INTEGER 200
1560 17   13:                 UTCTime '990822070000Z'
            :                 }
1575 30   19:               SEQUENCE {
1577 02    2:                 INTEGER 201
1581 17   13:                 UTCTime '990822070000Z'
            :                 }
  84 A0 1409:       [0] {
  88
1596 30  667:   19:               SEQUENCE {
  92
1598 02    2:                 INTEGER 211
1602 17   13:                 UTCTime '990822070000Z'
            :                 }
1617 30  602:   19:               SEQUENCE {
  96 A0    3:             [0]
1619 02    2:                 INTEGER 210
1623 17   13:                 UTCTime '990822070000Z'
            :                 }
1638 30   19:               SEQUENCE {
  98
1640 02    1:    2:                 INTEGER 2 212
1644 17   13:                 UTCTime '990824070000Z'
            :                 }
            :               }
 101 02    1:             INTEGER 1
 104
            :             }
1659 30    9:           SEQUENCE {
 106
1661 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
 115
1670 03   47:           BIT STRING 0 unused bits, encapsulates {
1673 30   44:               SEQUENCE {
1675 02   20:                 INTEGER
            :                   7E 65 52 76 33 FE 34 73 17 D1 F7 96 F9 A0 D4 D8
            :                   6D 5C 7D 3D
1697 02   20:                 INTEGER
            :                   02 7A 5B B7 D5 5B 18 C1 CF 87 EF 7E DA 24 F3 2A
            :                   83 9C 35 A1
            :                 }
            :               }
            :           }
            :         }
1719 31  250:       SET {
1722 30  247:         SEQUENCE {
1725 02    1:           INTEGER 1
1728 30   24:           SEQUENCE {
1730 30   18:             SEQUENCE {
 117
1732 31   16:               SET {
 119
1734 30   14:                 SEQUENCE {
 121
1736 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 126
1741 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 135
1750 02    2:             INTEGER 200
            :             }
1754 30   30:    9:           SEQUENCE {
 137 17   13:               UTCTime '990816225050Z'
 152
1756 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
1763 05    0:             NULL
            :             }
1765 A0   93:           [0] {
1767 30   24:             SEQUENCE {
1769 06    9:               OBJECT IDENTIFIER
            :                 contentType (1 2 840 113549 1 9 3)
            :                 (PKCS #9 (1 2 840 113549 1 9))
1780 31   11:               SET {
1782 06    9:                 OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :                   (PKCS #7)
            :                 }
            :               }
1793 30   28:             SEQUENCE {
1795 06    9:               OBJECT IDENTIFIER
            :                 signingTime (1 2 840 113549 1 9 5)
            :                 (PKCS #9 (1 2 840 113549 1 9))
1806 31   15:               SET {
1808 17   13:                 UTCTime '391231235959Z' '991015222610Z'
            :                 }
 167
            :               }
1823 30   18:   35:             SEQUENCE {
 169
1825 06    9:               OBJECT IDENTIFIER
            :                 messageDigest (1 2 840 113549 1 9 4)
            :                 (PKCS #9 (1 2 840 113549 1 9))
1836 31   16:   22:               SET {
 171 30   14:                 SEQUENCE {
 173
1838 04   20:                 OCTET STRING
            :                   40 6A EC 08 52 79 BA 6E 16 02 2D 9E 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3) 29 C0 22
            :                     (X.520 id-at (2 5 4))
 178 13    7:                   PrintableString 'CarlDSS'                   96 87 DD 48
            :                 }
            :               }
            :             }
 187 30  439:             SEQUENCE {
 191
1860 30  299:    9:           SEQUENCE {
 195
1862 06    7:             OBJECT IDENTIFIER dsa dsaWithSha1 (1 2 840 10040 4 1) 3)
            :               (ANSI X9.57 algorithm)
 204
            :             }
1871 04   48:           OCTET STRING, encapsulates {
1873 30  286:   46:               SEQUENCE {
 208
1875 02  129:   21:                 INTEGER
            :                   00 B6 49 18 3E 8A 44 C1 29 71 94 4C 01 C4 12 C1
            :                   7A 79 CB 54 4D 97 02 AB 1E 81 FB C6 4C B3 0E 94 D8 49 FD CA 6D 89 B4 6A C5 09 06 96
            :                   EB 01 D4 B1 C8 71 4B C7 45 C0 50 25 5D 9C FC DA                   EE E3 76 36 2F
1898 02   21:                 INTEGER
            :                   00 C7 3E 7E 7B 3D D6 E4 6D D3 E2 86 48 84 82 7D BA 15 95 4A 16 F6 46 1D 6F 87 8B 18 03 F2
            :                   ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16 7B B9 50 01                   DF 18 2B 77 75
            :                   48 93 8B EB 25 15 51 97 55 DC 8F 53 0E 10 A9 50                 }
            :                   FC 70 B7 CD               }
1921 A1   49:           [1] {
1923 30   47:             SEQUENCE {
1925 06   11:               OBJECT IDENTIFIER
            :                 id-aa-contentHint (1 2 840 113549 1 9 16 2 4)
            :                 (S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2))
1938 31   32:               SET {
1940 30 54 FD DA DE A8 AA 22 B5 A1 AF 8B   30:                 SEQUENCE {
1942 0C   17:                   UTF8String (1997) 'SMime Example 5.4'
1961 06    9:                   OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :                   CC 02 88 E7 8B 70 5F B9 AD E1 08 D4 6D 29 2D D6                     (PKCS #7)
            :                   E9
 340 02   21:                   INTEGER                   }
            :                   00 DD C1 2F DF 53 CE 0B 34 60 77 3E 02 A4 BF 8A                 }
            :                   5D 98 B9 10 D5
 363 02  128:                   INTEGER               }
            :                   0C EE 57 9B 4B BD DA B6 07 6A 74 37 4F 55 7F 9D             }
            :                   ED BC 61 0D EB 46 59 3C 56 0B 2B 5B 0C 91 CE A5           }
            :                   62 52 69 CA E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C         }
            :                   AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 87 0B C7 CD       }
            :                   F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D 5A 51 F5 4F     }
            :                   44 79 35 5A 73 AA 7F 46 51 1F A9 42 16 9C 48 EB   }

5.5 All RSA signed message

Same as 5.2, but includes Carl's RSA root cert (but no CRL). A
SignedData with no attribute certificates, signed by Alice using RSA,
her certificate and Carl's root cert, no CRL. The message is ExContent,
and is included in the eContent. There are no signed or unsigned
attributes.

   0 30 NDEF: SEQUENCE {
   2 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :                   8A 79 61 B4 D5 2F 53     (PKCS #7)
  13 A0 NDEF:   [0] {
  15 30 NDEF:     SEQUENCE {
  17 02    1:       INTEGER 1
  20 31   11:       SET {
  22 44 63 1F 86 B8 A3 58 30    9:         SEQUENCE {
  24 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :                   25 F8 29 C0 EF BA E0 75 F0 42 C4 63 65 52 9B 0A             (OIW)
  31 05    0:           NULL
            :           }
            :         }
 494 03  133:               BIT STRING 0 unused bits, encapsulates
  33 30 NDEF:       SEQUENCE {
 498 02  129:                   INTEGER
  35 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :                   00 99 87 74 27 03 66           (PKCS #7)
  46 A0 B1 C0 AD DC 2C 75 BB E1
            :                   6C 44 9C DA 21 6D 4D 47 6D B1 62 09 E9 D8 AE 1E
            :                   F2 3A B4 94 B1 A3 8E 7A 9B 71 4E 00 94 C9 B4 25
            :                   4E B9 60 96 19 NDEF:         [0] {
  48 24 01 F3 62 0C FE 75 C0 FB CE D8 NDEF:           OCTET STRING {
  50 04    4:             OCTET STRING
            :               54 68 00 E3 FD D5 70 4F DF 23 96 19 06 94 F4 B1 61
            :                   8F 3A 57 B1 08 11 A4 0B 26 25 F0 52 76 81 EA 0B 69 73
  56 04   24:             OCTET STRING
            :                   62 0D 95 2A E6 86 BA 72 B2 A7 50 83 0B AA 27 CD               20 69 73 20 73 6F 6D 65 20 73 61 6D 70 6C 65 20
            :                   1B A9 4D 89 9A D7 8D 18 39 84 3F 8B C5 56 4D 80               63 6F 6E 74 65 6E 74 2E
            :                   7A             }
            :           }
            :         }
 630 A3   66:             [3]
  88 A0 1021:       [0] {
 632
  92 30   64:  491:         SEQUENCE {
 634
  96 30   15:  340:           SEQUENCE {
 636 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 641 01    1:                   BOOLEAN TRUE
 644 04    5:                   OCTET STRING, encapsulates {
 646 30
 100 A0    3:                       SEQUENCE             [0] {
 648 01
 102 02    1:                         BOOLEAN TRUE
            :                         }               INTEGER 2
            :               }
 105 02   16:             INTEGER
            :                   }
 651               46 34 6B C7 80 00 56 BC 11 D3 6E 2E 9F F2 50 20
 123 30   14:   13:             SEQUENCE {
 653
 125 06    3:    9:               OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
 658 01    1:                   BOOLEAN TRUE
 661 04    4:                   OCTET STRING, encapsulates {
 663 03    2:                       BIT STRING                 sha1withRSAEncryption (1 2 840 113549 1 unused bits
            :                         '1100001'B 1 5)
            :                       }                 (PKCS #1)
 136 05    0:               NULL
            :               }
 667
 138 30   29:   18:             SEQUENCE {
 669
 140 31   16:               SET {
 142 30   14:                 SEQUENCE {
 144 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier commonName (2 5 29 14) 4 3)
            :                     (X.509 id-ce                     (X.520 id-at (2 5 29))
 674 04   22:                   OCTET STRING 4))
 149 13    7:                   PrintableString 'CarlRSA'
            :                   04 14 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20                   }
            :                   BC 43 2B 93 F1 1F                 }
            :               }
 158 30   30:             SEQUENCE {
 160 17   13:               UTCTime '990818070000Z'
 175 17   13:               UTCTime '391231235959Z'
            :               }
 190 30   18:             SEQUENCE {
 192 31   16:               SET {
 194 30   14:                 SEQUENCE {
 196 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                   }                     (X.520 id-at (2 5 4))
 201 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
 698
 210 30    9:  159:             SEQUENCE {
 700
 213 30   13:               SEQUENCE {
 215 06    7:    9:                 OBJECT IDENTIFIER dsaWithSha1
            :                   rsaEncryption (1 2 840 10040 4 3) 113549 1 1 1)
            :               (ANSI X9.57 algorithm)                   (PKCS #1)
 226 05    0:                 NULL
            :                 }
 709
 228 03   48:  141:               BIT STRING 0 unused bits, encapsulates {
 712
 232 30   45:  137:                   SEQUENCE {
 714
 235 02   20:  129:                     INTEGER
            :                   6B A9 F0 4E 7A 5A 79 E3 F9 BE 3D 2B C9 06 37 E9                   00 E4 4B FF 18 B8 24 57 F4 77 FF 6E 73 7B 93 71
            :                   5C BC 33 1A 92 92 72 23 D8 41 46 D0 CD 11 3A 04
            :                   B3 8E AF 82 9D BD 51 1E 17 A1 13
 736 02   21:                 INTEGER 7A F2 76 2C 2B 86 39
            :                   A7 BD D7 8D 1A 53 EC E4 00 8F 34 69 2A 8B D5 E8 EC A2 36 B1 3C 03 79 94 32 4D 12 1F CE
            :                   89 FB 46 B2 3B
            :                 } ED
            :               }                   E2 50 E2 32 09 8A 3F 9F 99 25 8F B8 4E AB B9 7D
            :           }
 759 30  734:         SEQUENCE {
 763 30  669:           SEQUENCE {
 767                   D5 96 65 DA 16 A0    3:             [0] {
 769 02    1:               INTEGER 2 C5 BE 0E AE 44 5B EF 5E F4 A7
            :               }
 772 02    2:             INTEGER 200
 776 30    9:             SEQUENCE {
 778 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)                   29 CB 82 DD AC 44 E9 AA 93 94 29 0E F8 18 D6 C8
            :                 (ANSI X9.57 algorithm)                   57 5E F2 76 C4 F2 11 60 38 B9 1B 3C 1D 97 C9 6A
            :               }
 787 30   18:             SEQUENCE {
 789 31   16:               SET {
 791 30   14:                 SEQUENCE {
 793 06                   F1
 367 02    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 798 13    7:                   PrintableString 'CarlDSS'                     INTEGER 65537
            :                     }
            :                   }
            :               }
 807 30   30:             SEQUENCE
 372 A3   66:             [3] {
 809 17   13:               UTCTime '990817011049Z'
 824 17   13:               UTCTime '391231235959Z'
            :               }
 839
 374 30   19:   64:               SEQUENCE {
 841 31   17:               SET {
 843
 376 30   15:                 SEQUENCE {
 845
 378 06    3:                   OBJECT IDENTIFIER commonName basicConstraints (2 5 4 3) 29 19)
            :                     (X.520 id-at                     (X.509 id-ce (2 5 4))
 850 13    8:                   PrintableString 'AliceDSS'
            :                   }
            :                 }
            :               }
 860 30  438:             SEQUENCE {
 864 30  299:               SEQUENCE {
 868 06    7:                 OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
            :                   (ANSI X9.57 algorithm)
 877 30  286:                 SEQUENCE {
 881 02  129:                   INTEGER
            :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4
            :                   47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94
            :                   E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A
            :                   E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F
            :                   2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3 29))
 383 01    1:                   BOOLEAN TRUE
 386 04    5:                   OCTET STRING, encapsulates {
 388 30    3:                       SEQUENCE {
 390 01    1:                         BOOLEAN TRUE
            :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D                         }
            :                   B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B                       }
            :                   DB
1013 02   21:                   INTEGER                   }
 393 30   14:                 SEQUENCE {
 395 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B                     (X.509 id-ce (2 5 29))
 400 01    1:                   BOOLEAN TRUE
 403 04    4:                   OCTET STRING, encapsulates {
 405 03    2:                       BIT STRING 1 unused bits
            :                   62 8B F7 93 CD
1036 02  128:                   INTEGER                         '1100001'B
            :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C                       }
            :                   76 23 39 04 02 35 5C F2 CB 1A                   }
 409 30 C3 1E 50 5D DD   29:                 SEQUENCE {
 411 06    3:                   OBJECT IDENTIFIER
            :                   9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF                     subjectKeyIdentifier (2 5 29 14)
            :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D                     (X.509 id-ce (2 5 29))
 416 04   22:                   OCTET STRING
            :                   EA 9C C9 21 8A 3B 76                   04 14 E9 CE 2E 5D A3 07 CD 23 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37
            :                   85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8                   4E 22 AE 9E 38 BB
            :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2                   }
            :                   BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39                 }
            :               }
            :             }
1167
 440 30   13:           SEQUENCE {
 442 06    9:             OBJECT IDENTIFIER
            :               sha1withRSAEncryption (1 2 840 113549 1 1 5)
            :               (PKCS #1)
 453 05    0:             NULL
            :             }
 455 03  132:  129:           BIT STRING 0 unused bits, encapsulates {
1171 02  128:                   INTEGER
            :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3 3F A9 EC AC bits
            :                   5E DC BD             B7 13 11 34 A6 16 9E D4 04 D3 ED 29 E4 FF 89 28 11 23 D9 34 86 89 15 2E 4C DB 0C
            :                   67 75 75 13             F0 48 0F 32 61 EE C4 04 EC 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 5D 2D FF 0F 64 59
            :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 A5 A0 4A             7E 0A C3 ED 18 FD E3 56 40 37 A7 07 B5 F0 38 12
            :                   85 D6 CE 06 80             61 50 ED EF DD 3F E8 23 7E 1A F2 24 AB 53 1A E3 0B B8 61 A5 A4 9B 3C E6 9E
            :                   27 0D 1E EF 08 BF 66 14 80 5C 62 AC 65             9C 54 9A B6 95 D6 DA 6C 3B B5 2D 45 35 9D 49 01
            :             76 FA 15 8B B9 B9 31 F9 F9 6B 12 53 A0 F5 14 60 9B 7D
            :                   F1 BB 34 D4 D2 96             CA 3E F2 53 6B B0 37 F6 61 47 B2 C4 32 84 F0 7E 6F AD E6 74 D7 DB FA 5A EA
            :             14 41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2 83 E5 B8
            :                   } 5D CD BE C8 0E C1 DA 6A 8D 53 34 18 02
            :           }
1302 A3  131:             [3] {
1305
 587 30  128:  522:         SEQUENCE {
1308
 591 30   32:  371:           SEQUENCE {
1310 06
 595 A0    3:                   OBJECT IDENTIFIER subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
1315 04   25:                   OCTET STRING, encapsulates {
1317 30   23:                       SEQUENCE             [0] {
1319 81   21:                         [1] 'aliceDss@examples.com'
            :                         }
 597 02    1:               INTEGER 2
            :               }
 600 02   16:             INTEGER
            :                   }
1342               46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
 618 30   12:   13:             SEQUENCE {
1344
 620 06    3:    9:               OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
1349 01    1:                   BOOLEAN TRUE
1352 04    2:                   OCTET STRING, encapsulates {
1354 30    0:                       SEQUENCE {}                 sha1withRSAEncryption (1 2 840 113549 1 1 5)
            :                       }                 (PKCS #1)
 631 05    0:               NULL
            :               }
1356
 633 30   14:   18:             SEQUENCE {
1358 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
1363 01    1:                   BOOLEAN TRUE
1366 04    4:                   OCTET STRING, encapsulates
 635 31   16:               SET {
1368 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
1372
 637 30   31:   14:                 SEQUENCE {
1374
 639 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
1379 04   24:                   OCTET STRING, encapsulates {
1381 30   22:                       SEQUENCE {
1383 80   20:                         [0] IDENTIFIER commonName (2 5 4 3)
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43                     (X.520 id-at (2 5 4))
 644 13    7:                   PrintableString 'CarlRSA'
            :                   2B 93 F1 1F                   }
            :                 }
            :               }
 653 30   30:             SEQUENCE {
 655 17   13:               UTCTime '990819070000Z'
 670 17   13:               UTCTime '391231235959Z'
            :               }
1405
 685 30   29:   19:             SEQUENCE {
1407
 687 31   17:               SET {
 689 30   15:                 SEQUENCE {
 691 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier commonName (2 5 29 14) 4 3)
            :                     (X.509 id-ce                     (X.520 id-at (2 5 29))
1412 04   22:                   OCTET STRING
            :                   04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 4))
 696 13 01
            :                   E2 FD E3 97 FE CD
            :                   }    8:                   PrintableString 'AliceRSA'
            :                   }
            :                 }
            :               }
1436
 706 30    9:  159:             SEQUENCE {
1438
 709 30   13:               SEQUENCE {
 711 06    7:    9:                 OBJECT IDENTIFIER dsaWithSha1
            :                   rsaEncryption (1 2 840 10040 4 3) 113549 1 1 1)
            :               (ANSI X9.57 algorithm)                   (PKCS #1)
 722 05    0:                 NULL
            :                 }
1447
 724 03   48:  141:               BIT STRING 0 unused bits, encapsulates {
1450
 728 30   45:  137:                   SEQUENCE {
1452
 731 02   21:  129:                     INTEGER
            :                   00 98 E0 89 73 39 8D D8 F5 F5 E8 87 76 39 7F 4E B0 C6 3F
            :                   05 BB 53 83 DE 0F B7 AB DC 7D C7 75 29 0D 05 2E
            :                   6D 12 DF A6 86 26 D4 D2 6F AA 58 29 FC 97 EC FA
            :                   82 51 0F 30 80 BE B1 50 9E 46 44 F1 2C BB D8 32
            :                   CF 71 47 5A C6 68 6F 07 D9 B0 60 AC BE EE 34 09 6A 13 F5
            :                   F7 05 05 93 DF 5E BA 35 A9 4A 8F C0 56 D9 61 FF 19 7F C9 81
            :                   E6 F8 24 6C EA 87 40 70 EF AC 6D 2C 74 9F 2D FA 55
            :                   05 E8 46 94 8E
1475                   3A B9 99 77 02   20:                 INTEGER
            :                   5B 9F A6 48 C0 52 8C A1 C1 02 9C 44 EA E9 A1 87 C1 A5
            :                   7F 28 2D BB 4E F3 57 38 57 74 57
            :                 }                   5F
 863 02    3:                     INTEGER 65537
            :                     }
            :                   }
            :               }
1497 A1  219:       [1] {
1500 30  216:         SEQUENCE
 868 A3   96:             [3] {
1503
 870 30  153:   94:               SEQUENCE {
1506
 872 30    9:   12:                 SEQUENCE {
1508
 874 06    7:    3:                   OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm) basicConstraints (2 5 29 19)
            :               }
1517                     (X.509 id-ce (2 5 29))
 879 01    1:                   BOOLEAN TRUE
 882 04    2:                   OCTET STRING, encapsulates {
 884 30   18:    0:                       SEQUENCE {
1519 31   16:               SET {
1521 {}
            :                       }
            :                   }
 886 30   14:                 SEQUENCE {
1523
 888 06    3:                   OBJECT IDENTIFIER commonName keyUsage (2 5 4 3) 29 15)
            :                     (X.520 id-at                     (X.509 id-ce (2 5 4))
1528 13    7:                   PrintableString 'CarlDSS' 29))
 893 01    1:                   BOOLEAN TRUE
 896 04    4:                   OCTET STRING, encapsulates {
 898 03    2:                       BIT STRING 6 unused bits
            :                   }                         '11'B
            :                       }
            :                   }
1537 17   13:             UTCTime '990827070000Z'
1552 30  105:             SEQUENCE {
1554
 902 30   19:   31:                 SEQUENCE {
1556 02    2:                 INTEGER 200
1560 17   13:                 UTCTime '990822070000Z'
 904 06    3:                   OBJECT IDENTIFIER
            :                 }
1575                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
 909 04   24:                   OCTET STRING, encapsulates {
 911 30   19:   22:                       SEQUENCE {
1577 02    2:                 INTEGER 201
1581 17   13:                 UTCTime '990822070000Z'
 913 80   20:                         [0]
            :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 4E 22
            :                   AE 9E 38 BB
            :                         }
1596 30   19:               SEQUENCE {
1598 02    2:                 INTEGER 211
1602 17   13:                 UTCTime '990822070000Z'
            :                       }
1617 30   19:               SEQUENCE {
1619 02    2:                 INTEGER 210
1623 17   13:                 UTCTime '990822070000Z'
            :                   }
1638
 935 30   19:   29:                 SEQUENCE {
1640 02    2:                 INTEGER 212
1644 17   13:                 UTCTime '990824070000Z'
 937 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
 942 04   22:                   OCTET STRING
            :                   04 14 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D CE EC
            :                   3C A0 3A E3 FF 50
            :                   }
            :                 }
            :               }
1659
            :             }
 966 30    9:   13:           SEQUENCE {
1661
 968 06    7:    9:             OBJECT IDENTIFIER dsaWithSha1
            :               sha1withRSAEncryption (1 2 840 10040 4 3) 113549 1 1 5)
            :               (ANSI X9.57 algorithm)               (PKCS #1)
 979 05    0:             NULL
            :             }
1670
 981 03   47:  129:           BIT STRING 0 unused bits, encapsulates {
1673 30   44:               SEQUENCE {
1675 02   20:                 INTEGER bits
            :                   7E 65             52 76 33 FE 34 73 17 D1 F7 96 F9 A0 D4 D8
            : FF B3 8B 54 1E 08 BF F3 6D 5C 0C 12 08 7D 3D
1697 02   20:                 INTEGER 8E CB
            :                   02 7A 5B B7 D5 5B 18 C1 CF 87 EF             6E 59 EC 56 93 A6 4A 22 40 5F 8B 14 79 7E DA 24 F3 2A 83 4F
            :             F5 3F DE 21 97 16 58 70 76 32 B2 20 51 A3 1A 1F
            :             97 48 80 5C 83 9C 35 A1 B0 B8 93 0B 03 44 AE BF BE A4 8C
            :             06 C6 45 E2 81 08 D5 89 58 0C 28 1B 2D A5 8B 1C
            :             4A E3 D7 44 34 D4 CB 53 FC BA A9 8B AA B6 E9 B0
            :                 }             C3 AB 74 F1 2A F1 B0 C6 38 EA 87 02 1E 10 BB 99
            :               }             C4 BE 36 C0 08 BA 13 65 37 3E 36 F3 31 42 73 18
            :           }
            :         }
1719
1113 31  433:  203:       SET {
1723
1116 30  429:  200:         SEQUENCE {
1727
1119 02    1:           INTEGER 3
1730 80   20:           [0]
            :             BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01 E2 FD
            :             E3 97 FE CD
1752 1
1122 30    9:   38:           SEQUENCE {
1754 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
1761 05    0:             NULL
            :             }
1763 A0   93:           [0] {
1765
1124 30   24:   18:             SEQUENCE {
1767 06    9:               OBJECT IDENTIFIER
            :                 contentType (1 2 840 113549 1 9 3)
            :                 (PKCS #9 (1 2 840 113549 1 9))
1778
1126 31   11:   16:               SET {
1780 06    9:                 OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :                   (PKCS #7)
            :                 }
            :               }
1791
1128 30   28:   14:                 SEQUENCE {
1793
1130 06    9:    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                 signingTime (1 2 840 113549 1 9 5)
            :                 (PKCS #9 (1 2 840 113549 1 9))
1804 31   15:               SET {
1806 17   13:                 UTCTime '990912025153Z'                     (X.520 id-at (2 5 4))
1135 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
1821 30   35:             SEQUENCE {
1823 06    9:               OBJECT IDENTIFIER
            :                 messageDigest (1 2 840 113549 1 9 4)
            :                 (PKCS #9 (1 2 840 113549 1 9))
1834 31   22:               SET {
1836 04   20:                 OCTET STRING
            :                   40 6A EC 08 52 79 BA 6E 16 02 2D 9E 06 29 C0 22
            :                   96 87 DD 48
            :               }
1144 02   16:             INTEGER
            :               }               46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
            :             }
1858
1162 30    9:           SEQUENCE {
1860
1164 06    7:    5:             OBJECT IDENTIFIER dsa sha1 (1 3 14 3 2 840 10040 4 1) 26)
            :               (ANSI X9.57 algorithm)               (OIW)
1171 05    0:             NULL
            :             }
1869 04   48:           OCTET STRING, encapsulates {
1871
1173 30   45:   13:           SEQUENCE {
1873 02   21:                 INTEGER
1175 06    9:             OBJECT IDENTIFIER
            :                   00 BC AF 04 79 B7 BF 42 AC EB BB 7B C2 D0 8C B3               rsaEncryption (1 2 840 113549 1 1 1)
            :                   53 20 83 F1 BC
1869               (PKCS #1)
1186 05    0:             NULL
            :             }
1188 04   48:  128:           OCTET STRING
            :             30 2D 02 15 00 BC AF 04 79 B7 BF 42 AC             2F 23 82 D2 F3 09 5F B8 0C 58 EB BB 7B 4E 9D BF 89 9A
            :             C2             81 E5 75 C4 91 3D D3 D0 8C B3 53 20 83 F1 BC 02 14 69 96 55 5D FB D5 7B B6 D5 FE 94 A1 8A
            :             78 1E             AC E3 C4 84 F5 CD 60 4E 27 95 F6 CF 00 86 76 75
            :             3F 2B F0 E7 5B B8 05 5D 21 12 08 D4 02 67 A7 F5 5F 34 29 00
1919 A1  234:           [1] {
1922 30   47:             SEQUENCE {
1924 06   11:               OBJECT IDENTIFIER C7 8D 16 04 A5 B3 B5
            :             E7 D9 32 F0 24 EF E7 20 44 D5 9F 07 C5 53 24 FA
            :             CE 01 1D 0F 17 13 A7 2A 95 9D 2B E4 03 95 14 0B
            :             E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6 55 13 D4 68
            :                 id-aa-contentHint (1 2 840 113549 1 9 16 2 4)             6F D0 07 D7 A2 B1 62 4C E3 8F AF FD E0 D5 5D C7
            :                 (S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2))
1937 31   32:               SET {
1939 30   30:                 SEQUENCE {
1941 0C   17:                   UTF8String (1997) 'SMime Example 5.4'
1960 06    9:                   OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)           }
            :                     (PKCS #7)         }
            :       }
            :     }
            :   }
1971

5.6 Multiple signers

Similar to 5.1, but the message is also signed by Diane. Two
SignedDatas (one for Alice, one for Diane) with no attribute
certificates, each signed using DH-DSS, Alice's and Diane's certificate
(not Carl's root cert), no CRL. The message is ExContent, and is
included in the eContent. There are no signed or unsigned attributes.

   0 30  182: 1477: SEQUENCE {
1974
   4 06    9:   OBJECT IDENTIFIER
            :                 countersignature signedData (1 2 840 113549 1 9 6) 7 2)
            :     (PKCS #9 (1 2 840 113549 1 9))
1985 31  168:               SET #7)
  15 A0 1462:   [0] {
1988
  19 30  165: 1458:     SEQUENCE {
1991
  23 02    1:       INTEGER 1
1994 30   24:                   SEQUENCE {
1996 30   18:                     SEQUENCE {
1998
  26 31   16:   11:       SET {
2000 30   14:                         SEQUENCE {
2002 06    3:                           OBJECT IDENTIFIER commonName (2 5 4 3)
            :                             (X.520 id-at (2 5 4))
2007 13    7:                           PrintableString 'CarlDSS'
            :                           }
            :                         }
            :                       }
2016 02    2:                     INTEGER 210
            :                     }
2020
  28 30    9:         SEQUENCE {
2022
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :                       (OIW)
2029 05    0:                     NULL
            :                     }
2031 A0   63:                   [0] {
2033 30   24:                     SEQUENCE {
2035 06    9:                       OBJECT IDENTIFIER
            :                         contentType (1 2 840 113549 1 9 3)
            :                         (PKCS #9 (1 2 840 113549 1 9))
2046 31   11:                       SET {
2048 06    9:                         OBJECT IDENTIFIER
            :                           data (1 2 840 113549 1 7 1) 3 14 3 2 26)
            :                           (PKCS #7)             (OIW)
  37 05    0:           NULL
            :           }
            :         }
2059
  39 30   35:   43:       SEQUENCE {
2061
  41 06    9:         OBJECT IDENTIFIER
            :                         messageDigest data (1 2 840 113549 1 9 4) 7 1)
            :           (PKCS #9 (1 2 840 113549 1 9))
2072 31   22:                       SET #7)
  52 A0   30:         [0] {
2074
  54 04   20:   28:           OCTET STRING
            :             54 68 69 73 57 91 A6 3E 88 33 6E 51 31 81 E0 11 08 46 8C 20 69 73 20 73 6F 6D 65 20 73 61 6D
            :                   EE 50 E3 5B             70 6C 65 20 63 6F 6E 74 65 6E 74 2E
            :           }
            :         }
  84 A0 1184:       [0] {
  88 30  442:         SEQUENCE {
  92 30  377:           SEQUENCE {
  96 A0    3:             [0] {
  98 02    1:               INTEGER 2
            :               }
2096
 101 02    2:             INTEGER 210
 105 30    9:             SEQUENCE {
2098
 107 06    7:               OBJECT IDENTIFIER dsa dsaWithSha1 (1 2 840 10040 4 1) 3)
            :                 (ANSI X9.57 algorithm)
            :               }
2107 04   47:                   OCTET STRING
            :
 116 30 2D 02 14 4A C8 41 50 E9 22 70 C6 FB F9 23 25
            :                   A1 37 B6 3D 5E 5E 67 3E 02 15 00 AC BA 9C B9 56
            :                   8E 86 AE 19 29 D2 8D F3 6B 48 B5 DD 62 B7 C7   18:             SEQUENCE {
 118 31   16:               SET {
 120 30   14:                 SEQUENCE {
 122 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                   }                     (X.520 id-at (2 5 4))
 127 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 136 30   30:             SEQUENCE {
 138 17   13:               UTCTime '990817020810Z'
 153 17   13:               UTCTime '391231235959Z'
            :               }
 168 30   19:             SEQUENCE {
 170 31   17:               SET {
 172 30   15:                 SEQUENCE {
 174 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :         }                     (X.520 id-at (2 5 4))
 179 13    8:                   PrintableString 'DianeDSS'
            :                   }
            :                 }
            :               }

5.5 All RSA signed message

Same as 5.2, but includes Carl's RSA root cert (but no CRL). A
SignedData with no attribute certificates, signed by Alice using RSA,
her certificate and Carl's root cert, no CRL. The message is ExContent,
and is included in the eContent. There are no signed or unsigned
attributes.

   0
 189 30  147:             SEQUENCE {
 192 30 1295:    9:               SEQUENCE {
   4
 194 06    9:    7:                 OBJECT IDENTIFIER signedData dsa (1 2 840 113549 1 7 2) 10040 4 1)
            :     (PKCS #7)
  15 A0 1280:   [0] {
  19 30 1276:     SEQUENCE                   (ANSI X9.57 algorithm)
            :                 }
 203 03  133:               BIT STRING 0 unused bits, encapsulates {
  23
 207 02    1:  129:                   INTEGER 1
  26
            :                   00 A0 00 17 78 2C EE 7E 81 53 2E 2E 61 08 0F A1
            :                   9B 51 52 1A DA 59 A8 73 2F 12 25 B6 08 CB CA EF
            :                   2A 44 76 8A 52 09 EA BD 05 22 D5 0F F6 FD 46 D7
            :                   AF 99 38 09 0E 13 CB 4F 2C DD 1C 34 F7 1C BF 25
            :                   FF 23 D3 3B 59 E7 82 97 37 BE 31   11:       SET {
  28 30    9:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) 24 D8 18 C8 F3
            :                   49 39 5B B7 E2 E5 27 7E FC 8C 45 72 5B 7E 3E 8F
            :                   68 4D DD 46 7A 22 BE 8E FF CC DA 39 29 A3 39 E5
            :                   9F 43 E9 55 C9 D7 5B A6 81 67 CC C0 AA CD 2E C5
            :             (OIW)
  37 05    0:           NULL                   23
            :                   }
            :               }
  39
 339 A3  131:             [3] {
 342 30   43:  128:               SEQUENCE {
  41
 345 30   32:                 SEQUENCE {
 347 06    9:    3:                   OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) subjectAltName (2 5 29 17)
            :           (PKCS #7)
  52 A0   30:         [0] {
  54                     (X.509 id-ce (2 5 29))
 352 04   28:   25:                   OCTET STRING
            :             54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D STRING, encapsulates {
 354 30   23:                       SEQUENCE {
 356 81   21:                         [1] 'dianeDss@examples.com'
            :             70 6C 65 20 63 6F 6E 74 65 6E 74 2E                         }
            :                       }
            :                   }
  84 A0 1005:       [0] {
  88 30  483:         SEQUENCE {
  92
 379 30  336:   12:                 SEQUENCE {
  96 A0
 381 06    3:             [0] {
  98 02                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 386 01    1:               INTEGER 2                   BOOLEAN TRUE
 389 04    2:                   OCTET STRING, encapsulates {
 391 30    0:                       SEQUENCE {}
            :                       }
 101 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E 9F F2 50 20
 119                   }
 393 30    9:   14:                 SEQUENCE {
 121
 395 06    5:    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :                 sha-1WithRSAEncryption (1 3 14 3 2 29)                     (X.509 id-ce (2 5 29))
 400 01    1:                   BOOLEAN TRUE
 403 04    4:                   OCTET STRING, encapsulates {
 405 03    2:                       BIT STRING 6 unused bits
            :                 (Oddball OIW OID)
 128 05    0:               NULL                         '11'B
            :                       }
 130 30   18:             SEQUENCE {
 132 31   16:               SET {
 134
            :                   }
 409 30   14:   31:                 SEQUENCE {
 136
 411 06    3:                   OBJECT IDENTIFIER commonName
            :                     authorityKeyIdentifier (2 5 4 3) 29 35)
            :                     (X.520 id-at                     (X.509 id-ce (2 5 4))
 141 13    7:                   PrintableString 'CarlRSA' 29))
 416 04   24:                   OCTET STRING, encapsulates {
 418 30   22:                       SEQUENCE {
 420 80   20:                         [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43
            :                   }                   2B 93 F1 1F
            :                         }
            :                       }
 150 30   30:             SEQUENCE {
 152 17   13:               UTCTime '990919010746Z'
 167 17   13:               UTCTime '391231235959Z'
            :                   }
 182 30   18:             SEQUENCE {
 184 31   16:               SET {
 186
 442 30   14:   29:                 SEQUENCE {
 188
 444 06    3:                   OBJECT IDENTIFIER commonName
            :                     subjectKeyIdentifier (2 5 4 3) 29 14)
            :                     (X.520 id-at                     (X.509 id-ce (2 5 4))
 193 13    7:                   PrintableString 'CarlRSA' 29))
 449 04   22:                   OCTET STRING
            :                   04 14 64 30 99 7D 5C DC 45 0B 99 3A 52 2F 16 BF
            :                   58 50 DD CE 2B 18
            :                   }
            :                 }
            :               }
 202 30  159:             SEQUENCE {
 205
            :             }
 473 30   13:    9:           SEQUENCE {
 207
 475 06    9:    7:             OBJECT IDENTIFIER
            :                   rsaEncryption dsaWithSha1 (1 2 840 113549 1 1 1) 10040 4 3)
            :                   (PKCS #1)
 218 05    0:                 NULL               (ANSI X9.57 algorithm)
            :             }
 220
 484 03  141:   48:           BIT STRING 0 unused bits, encapsulates {
 224
 487 30  137:   45:               SEQUENCE {
 227
 489 02  129:   20:                 INTEGER
            :                   00 E4 4B FF 18 B8 24 57 F4 77 FF 6E 73 7B 93 71
            :                   5C BC 33 1A 92 92 72 23 D8 41 46 D0 CD 11 3A 04
            :                   B3 8E AF 82 9D BD 51 1E 17 7A F2 76 2C 2B 86 39
            :                   A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC A2 36 B1 ED
            :                   E2 50 E2 32 09 8A 3F 9F 99 25 8F B8 4E AB B9 7D
            :                   D5 96 65 DA 16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7
            :                   29 CB 82 DD AC 44 E9 AA 93 94 29 0E F8 18 D6 C8
            :                   57 5E F2 76                   7E 0C 0C 81 17 B4 9A 54 B2 C3 30 EB 8A C4 F2 11 60 38 B9 1B 3C 1D 97 C9 6A C2
            :                   F1
 359                   52 36 9E 95
 511 02    3:   21:                 INTEGER 65537
            :                   00 C6 9F 17 C2 71 4B AC 2E 39 8D 3D 10 1F 9A B3
            :                   4D B6 F9 11 A3
            :                 }
            :               }
            :           }
 364 A3   66:             [3] {
 366
 534 30   64:  734:         SEQUENCE {
 368
 538 30   15:  669:           SEQUENCE {
 370 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 375 01    1:                   BOOLEAN TRUE
 378 04    5:                   OCTET STRING, encapsulates {
 380 30
 542 A0    3:                       SEQUENCE             [0] {
 382 01
 544 02    1:                         BOOLEAN TRUE               INTEGER 2
            :               }
 547 02    2:             INTEGER 200
 551 30    9:             SEQUENCE {
 553 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :                       }                 (ANSI X9.57 algorithm)
            :               }
 385
 562 30   18:             SEQUENCE {
 564 31   16:               SET {
 566 30   14:                 SEQUENCE {
 387
 568 06    3:                   OBJECT IDENTIFIER keyUsage commonName (2 5 29 15) 4 3)
            :                     (X.509 id-ce                     (X.520 id-at (2 5 29))
 392 01    1:                   BOOLEAN TRUE
 395 04    4:                   OCTET STRING, encapsulates {
 397 03    2:                       BIT STRING 1 unused bits 4))
 573 13    7:                   PrintableString 'CarlDSS'
            :                         '1100001'B                   }
            :                 }
            :               }
 401
 582 30   29:   30:             SEQUENCE {
 403
 584 17   13:               UTCTime '990817011049Z'
 599 17   13:               UTCTime '391231235959Z'
            :               }
 614 30   19:             SEQUENCE {
 616 31   17:               SET {
 618 30   15:                 SEQUENCE {
 620 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier commonName (2 5 29 14) 4 3)
            :                     (X.509 id-ce                     (X.520 id-at (2 5 29))
 408 04   22:                   OCTET STRING
            :                   04 14 E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37
            :                   4E 22 AE 9E 38 BB
            :                   } 4))
 625 13    8:                   PrintableString 'AliceDSS'
            :                   }
            :                 }
            :               }
 432
 635 30    9:  438:             SEQUENCE {
 639 30  299:               SEQUENCE {
 434
 643 06    5:    7:                 OBJECT IDENTIFIER
            :               sha-1WithRSAEncryption dsa (1 3 14 3 2 29)
            :               (Oddball OIW OID)
 441 05    0:             NULL 840 10040 4 1)
            :             }
 443 03                   (ANSI X9.57 algorithm)
 652 30  286:                 SEQUENCE {
 656 02  129:           BIT STRING 0 unused bits                   INTEGER
            :             2B 71 B4 B7 6C 4E 08 C2                   00 81 8D CD ED 83 EA A9 3D 52 DE 77 76 9D
            :             40 F7 26 70 5F 30 AC 06 78 0A 9B C7 22 55 C3 72
            :             6A 86 9E C3 54 40 02 53 85 61 75 D9 0F 35 71 BE 39 3E C2 48 28 A3 E4
            :                   47 93 DD 0E D7 4E 4B B6 B7 8C 00 CE 15 32 38 70 A8 0E EC 53 C5 AB 84 08 4F FF 94
            :                   E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :                   2F E1 D9 30 C8 36 DE 3F 9B 3C EE 72 BF B7 4C DC 5F 69 8A
            :             0A 22 8F B1 1B 3C                   E4 75 D0 BD 97 15 C7 EB 52 31 E1 51 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F
            :             A1 3D 5A F2 EA 90 A1 99                   2F DD 43 A8 8B FD 18 0C 2C 8A C4 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :             89 62 7F 6B 69                   C3 B5 B3 F2 BF DE C5 44 E3 D1 E1 86 74 55 08 75 D5 39 76 10 C4 78 BD FF 9D
            :             57 34 68 73 90 06 FA AC 6B                   B0 84 97 37 F2 E4 51 1B B5 E4 09 96 9E 5F 80 90 3B BC 5C F3 7E 5B
            :           }
 575 30  514:         SEQUENCE {
 579 30  367:           SEQUENCE {
 583 A0    3:             [0] {
 585                   DB
 788 02    1:   21:                   INTEGER 2
            :               }
 588                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B
            :                   62 8B F7 93 CD
 811 02   16:  128:                   INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
 606 30    9:             SEQUENCE {
 608 06    5:               OBJECT IDENTIFIER
            :                 sha-1WithRSAEncryption (1 3                   26 38 D0 14 3 2 29)
            :                 (Oddball OIW OID)
 615 05    0:               NULL 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C
            :               }
 617 30   18:             SEQUENCE {
 619 31   16:               SET {
 621                   76 23 39 04 02 35 5C F2 CB 1A 30   14:                 SEQUENCE {
 623 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 628 13    7:                   PrintableString 'CarlRSA'
            :                   } C3 1E 50 5D DD
            :                 }                   9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :               }
 637 30   30:             SEQUENCE {
 639 17   13:               UTCTime '990919010847Z'
 654 17   13:               UTCTime '391231235959Z'                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D
            :               }
 669 30   19:             SEQUENCE {
 671 31   17:               SET {
 673 30   15:                 SEQUENCE {
 675 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)                   EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23
            :                     (X.520 id-at (2 5 4))
 680 13    8:                   PrintableString 'AliceRSA'                   85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :                   }                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2
            :                 }                   BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39
            :                   }
 690 30  159:             SEQUENCE {
 693 30   13:               SEQUENCE {
 695 06    9:                 OBJECT IDENTIFIER
            :                   rsaEncryption (1 2 840 113549 1 1 1)
            :                   (PKCS #1)
 706 05    0:                 NULL
            :                 }
 708
 942 03  141:  132:               BIT STRING 0 unused bits, encapsulates {
 712 30  137:                   SEQUENCE {
 715
 946 02  129:  128:                   INTEGER
            :                   00 E0 89 73 39 8D D8 F5 F5 E8 87 76 39 7F 4E B0
            :                   05 BB 53 83 DE 0F B7 AB DC 7D C7                   5C E3 B9 5A 75 29 0D 05 2E 14 96 0B A9 7A DD E3 3F A9 EC AC
            :                   6D 12 DF                   5E DC BD B7 13 11 34 A6 16 89 28 11 23 D9 34 86 26 D4 D2 6F AA 58 29 FC 97 EC FA
            :                   82                   67 75 75 13 12 3D 43 5B 6F E5 51 0F 30 80 BE B1 50 9E 46 44 F1 2C BB D8 32 BF FA 89 F2 A2
            :                   CF C6 68 6F                   1B 3E 24 7D 3D 07 D9 B0 60 AC BE EE 34 09 6A 13 F5 8D 5B 63 C8 BB 45 A5 A0 4A E3
            :                   F7 05 05 93 DF 5E BA 35 56 D9 61 FF 19 7F C9 81                   85 D6 CE 06 80 3F E8 23 7E 1A F2 24 AB 53 1A B8
            :                   E6 F8 6C EA 87 40 70                   27 0D 1E EF 08 BF 66 14 80 5C 62 AC 6D 2C 74 9F 2D 65 FA 55
            :                   3A B9 99 77 02 A6 48 52 8C 4E F3 57 38 57 74 57 15 8B
            :                   5F
 847 02    3:                     INTEGER 65537                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 32 84 F0 7E
            :                     }                   41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2 83 E5 B8
            :                   }
            :               }
 852
1077 A3   96:  131:             [3] {
 854
1080 30   94:  128:               SEQUENCE {
1083 30   32:                 SEQUENCE {
1085 06    3:                   OBJECT IDENTIFIER subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
1090 04   25:                   OCTET STRING, encapsulates {
1092 30   23:                       SEQUENCE {
 856
1094 81   21:                         [1] 'aliceDss@examples.com'
            :                         }
            :                       }
            :                   }
1117 30   12:                 SEQUENCE {
 858
1119 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 863
1124 01    1:                   BOOLEAN TRUE
 866
1127 04    2:                   OCTET STRING, encapsulates {
 868
1129 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 870
1131 30   14:                 SEQUENCE {
 872
1133 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
 877
1138 01    1:                   BOOLEAN TRUE
 880
1141 04    4:                   OCTET STRING, encapsulates {
 882
1143 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
 886
1147 30   31:                 SEQUENCE {
 888
1149 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
 893
1154 04   24:                   OCTET STRING, encapsulates {
 895
1156 30   22:                       SEQUENCE {
1158 80   20:                         [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20 BC 43
            :                   2B 93 F1 1F
            :                         }
            :                       }
            :                   }
1180 30   29:                 SEQUENCE {
1182 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
1187 04   22:                   OCTET STRING
            :                   04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01
            :                   E2 FD E3 97 FE CD
            :                   }
            :                 }
            :               }
            :             }
1211 30    9:           SEQUENCE {
1213 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
1222 03   48:           BIT STRING 0 unused bits, encapsulates {
1225 30   22:   45:               SEQUENCE {
 897 80
1227 02   21:                 INTEGER
            :                   00 98 B0 C6 3F CF 71 47 5A 35 A9 4A 8F C0 F8 24
            :                   05 E8 46 94 8E
1250 02   20:                         [0]                 INTEGER
            :                   5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 4E 22 A1 87 C1 A5
            :                   AE 9E 38                   7F 28 2D BB
            :                 }
            :               }
            :           }
 919
            :         }
1272 31  206:       SET {
1275 30   29:  101:         SEQUENCE {
1277 02    1:           INTEGER 1
1280 30   24:           SEQUENCE {
1282 30   18:             SEQUENCE {
1284 31   16:               SET {
1286 30   14:                 SEQUENCE {
 921
1288 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier commonName (2 5 29 14) 4 3)
            :                     (X.509 id-ce                     (X.520 id-at (2 5 29))
 926 04   22:                   OCTET STRING
            :                   04 14 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D CE EC
            :                   3C A0 3A E3 FF 50 4))
1293 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
1302 02    2:             INTEGER 200
            :             }
 950
1306 30    9:           SEQUENCE {
 952
1308 06    5:             OBJECT IDENTIFIER
            :               sha-1WithRSAEncryption sha1 (1 3 14 3 2 29) 26)
            :               (Oddball OIW OID)
 959               (OIW)
1315 05    0:             NULL
            :             }
 961 03  129:           BIT STRING 0 unused bits
1317 30    9:           SEQUENCE {
1319 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :             BF 34 32 E6 FC 6A 88 41 7D F0 5C 99 A1 93 B7 49               (ANSI X9.57 algorithm)
            :             B7 02 52 1E CB 84 AC 93 D7 58 2B 00 A1 9C C4 48             }
1328 04   48:           OCTET STRING
            :             48 99 DD             30 2D 02 C3 C6 05 F8 D2 25 F1 A3 9C C9 33 01
            : 15 00 CB 2D 81 7B 0D 3F 4D 8A 76 0E 6F 77 43 A3 BF E1 E6 B3 6A 04 79 39 EE 0D B6 0A
            :             E1 E9 E5 9D 50 07 8B             3C 86 48 B2 22 DC 12 50 E3 F3 5B 4F B4 3D 9E
            :             E5 93 9E B1 CD 33 F9 E0 AB 98 71 09 F8 EB B0 FC
            :             9C EC F1 88 D8 AE 03 D1 FE 60 E1 62 1C 02 14 B1 A2 23 75 00 20 67 96
            :             D2 C8 8D 18 1F             9D C5 DD B7 5E EE 9B 72 02 27 C2 85 3D 04 2E
            :           } 47 94 B2 01 A5 52 15 0C 26 A2 00
            :           }
1093 31  203:       SET {
1096
1378 30  200:  101:         SEQUENCE {
1099
1380 02    1:           INTEGER 1
1102
1383 30   38:   24:           SEQUENCE {
1104
1385 30   18:             SEQUENCE {
1106
1387 31   16:               SET {
1108
1389 30   14:                 SEQUENCE {
1110
1391 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
1115
1396 13    7:                   PrintableString 'CarlRSA' 'CarlDSS'
            :                   }
            :                 }
            :               }
1124
1405 02   16:    2:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0 210
            :             }
1142
1409 30    9:           SEQUENCE {
1144
1411 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
1151
1418 05    0:             NULL
            :             }
1153
1420 30   13:    9:           SEQUENCE {
1155
1422 06    9:    7:             OBJECT IDENTIFIER
            :               rsaEncryption dsaWithSha1 (1 2 840 113549 1 1 1) 10040 4 3)
            :               (PKCS #1)
1166 05    0:             NULL               (ANSI X9.57 algorithm)
            :             }
1168 04  128:           OCTET STRING
            :             2F 23 82 D2 F3 09 5F B8 0C 58 EB 4E 9D BF 89 9A
            :             81 E5 75 C4 91 3D D3 D0 D5 7B B6 D5 FE 94 A1 8A
            :             AC E3 C4 84 F5 CD 60 4E 27 95 F6 CF 00 86 76 75
            :             3F 2B F0 E7 D4 02 67 A7 F5 C7 8D 16 04 A5 B3 B5
            :             E7 D9 32 F0 24 EF E7 20 44 D5 9F 07 C5 53 24 FA
1431 04   48:           OCTET STRING
            :             CE 01 1D 0F 17 13 A7 2A 95 9D 2B E4 03 95             30 2D 02 14 0B 1F 4B 9C 80 62 FF 19 77 6E 9A FC 66
            :             E9 39 0D             45 C8 FD 6D 49 7A BA CE 6E 9C 9E 0C E8 98 84 02 15 00 84 D2 E4 E6 55 13 D4 68 8C
            :             6F D0 07 D7 A2 B1 62 4C E3 8F AF FD E0 D5 5D C7             BC C4 12 72 74 4F D9 50 A4 A8 66 FB 2A E9 CF 00
            :           }
            :         }
            :       }
            :     }
            :   }

5.6 Multiple signers

Similar to

5.7 Signing using SKI

Same as 5.1, but the message is also signed by Diane. Two
SignedDatas (one for Alice, one for Diane) signature uses the SKI instead of the
issuer/serial number in the cert. A SignedData with no attribute
certificates, each signed by Alice using DH-DSS, Alice's and Diane's just her certificate (not
Carl's root cert), identified by the SKI, no CRL. The message is
ExContent, and is included in the eContent. There are no signed or
unsigned attributes.

   0 30  289:  711: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  15 A0  274:  696:   [0] {
  19 30  270:  692:     SEQUENCE {
  23 02    1:       INTEGER 1 3
  26 31   11:       SET {
  28 30    9:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
  37 05    0:           NULL
            :           }
            :         }
  39 30   43:       SEQUENCE {
  41 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  52 A0   30:         [0] {
  54 04   28:           OCTET STRING
            :             54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
            :             70 6C 65 20 63 6F 6E 74 65 6E 74 2E
            :           }
            :         }
  84 31  206:       SET A0  526:       [0] {
  87
  88 30  101:  522:         SEQUENCE {
  89
  92 30  371:           SEQUENCE {
  96 A0    3:             [0] {
  98 02    1:               INTEGER 2
            :               }
 101 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
 119 30   13:             SEQUENCE {
 121 06    9:               OBJECT IDENTIFIER
            :                 sha1withRSAEncryption (1 2 840 113549 1
  92 1 5)
            :                 (PKCS #1)
 132 05    0:               NULL
            :               }
 134 30   18:             SEQUENCE {
 136 31   16:               SET {
 138 30   14:                 SEQUENCE {
 140 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 145 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
 154 30   24:   30:             SEQUENCE {
  94
 156 17   13:               UTCTime '990819070000Z'
 171 17   13:               UTCTime '391231235959Z'
            :               }
 186 30   18:   19:             SEQUENCE {
  96
 188 31   16:   17:               SET {
  98
 190 30   14:   15:                 SEQUENCE {
 100
 192 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 105
 197 13    7:    8:                   PrintableString 'CarlDSS'
            :                   } 'AliceRSA'
            :                   }
            :                 }
 114 02    2:             INTEGER 200
            :               }
 118
 207 30    9:  159:             SEQUENCE {
 120 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
 127 05    0:             NULL
            :             }
 129
 210 30    9:   13:               SEQUENCE {
 131
 212 06    7:    9:                 OBJECT IDENTIFIER dsa
            :                   rsaEncryption (1 2 840 10040 4 113549 1 1 1)
            :               (ANSI X9.57 algorithm)                   (PKCS #1)
 223 05    0:                 NULL
            :                 }
 140 04   48:           OCTET STRING,
 225 03  141:               BIT STRING 0 unused bits, encapsulates {
 142
 229 30   44:  137:                   SEQUENCE {
 144
 232 02   20:  129:                     INTEGER
            :                   01 1A 49 BA 75                   00 E0 89 73 39 8D D8 F5 F5 E8 87 76 39 7F 4E B0 A7 62 36 FC E9
            :                   05 BB 53 83 DE 0F B7 AB DC 7D AE F7 C5 57 C7 75 29 0D 05 2E
            :                   02                   6D 12 DF A6 86 98 8E
 166 02   20:                 INTEGER 26 D4 D2 6F AA 58 29 FC 97 EC FA
            :                   6D 1B A8 BD 51 10                   82 51 26 0F 30 80 BE B1 50 9E 46 44 F1 2C BB D8 32
            :                   CF C6 68 6F 07 D9 B0 60 AC BE EE 34 09 6A 13 F5
            :                   F7 05 05 93 DF 5E BA 35 56 D9 61 FF 19 7F C9 81
            :                   E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 9F 2D FA 55
            :                   3A B9 99 77 02 A6 48 52 8C 4E F3 89 96 E6 B8 F1 AF 5E 57 38 57 74 57
            :                   55 DD 3D 21                   5F
 364 02    3:                     INTEGER 65537
            :                     }
            :                   }
            :               }
 190 30  101:         SEQUENCE
 369 A3   96:             [3] {
 192 02    1:           INTEGER 1
 195
 371 30   24:   94:               SEQUENCE {
 197
 373 30   18:   12:                 SEQUENCE {
 199 31   16:               SET
 375 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 380 01    1:                   BOOLEAN TRUE
 383 04    2:                   OCTET STRING, encapsulates {
 201
 385 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 387 30   14:                 SEQUENCE {
 203
 389 06    3:                   OBJECT IDENTIFIER commonName keyUsage (2 5 4 3) 29 15)
            :                     (X.520 id-at                     (X.509 id-ce (2 5 4))
 208 13    7:                   PrintableString 'CarlDSS'
            :                   } 29))
 394 01    1:                   BOOLEAN TRUE
 397 04    4:                   OCTET STRING, encapsulates {
 399 03    2:                       BIT STRING 6 unused bits
            :                 }                         '11'B
            :                       }
 217 02    2:             INTEGER 210
            :                   }
 221
 403 30    9:   31:                 SEQUENCE {
 223
 405 06    5:    3:                   OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
 230 05    0:             NULL                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
 410 04   24:                   OCTET STRING, encapsulates {
 412 30   22:                       SEQUENCE {
 414 80   20:                         [0]
            :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 4E 22
            :                   AE 9E 38 BB
            :                         }
 232
            :                       }
            :                   }
 436 30    9:   29:                 SEQUENCE {
 234
 438 06    7:    3:                   OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
            :               (ANSI X9.57 algorithm)                     subjectKeyIdentifier (2 5 29 14)
            :             }
 243                     (X.509 id-ce (2 5 29))
 443 04   48:           OCTET STRING
            :             30 2D 02 15 00 CF 86 F1 54 70 E3 AD 5A 54 EC FE   22:                   OCTET STRING
            :             F3 CF F5 0C 8E 9E A2 64 7F 02                   04 14 61 1A 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D 19 31 CE EC
            :             47 A0 32 A7                   3C A0 27 D3 91 03 C4 07 E0 72 8D 8E 00
            :           } 3A E3 FF 50
            :                   }
            :                 }
            :               }
            :             }

5.7 Signing using SKI

Same as 5.1, but the signature uses the SKI instead of the
issuer/serial number in the cert. A SignedData with no attribute
certificates, signed by Alice using DH-DSS, just her certificate (not
Carl's root cert), identified by the SKI, no CRL. The message is
ExContent, and is included in the eContent. There are no signed or
unsigned attributes.

   0
 467 30  179:   13:           SEQUENCE {
   3
 469 06    9:             OBJECT IDENTIFIER signedData
            :               sha1withRSAEncryption (1 2 840 113549 1 7 2) 1 5)
            :               (PKCS #7)
  14 A0  165:   [0] {
  17 30  162:     SEQUENCE {
  20 02    1:       INTEGER 3
  23 31   11:       SET {
  25 30    9:         SEQUENCE {
  27 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
  34 #1)
 480 05    0:             NULL
            :           }             }
 482 03  129:           BIT STRING 0 unused bits
            :             52 FF B3 8B 54 1E 08 BF F3 6D 0C 12 08 7D 8E CB
            :             6E 59 EC 56 93 A6 4A 22 40 5F 8B 14 79 7E 83 4F
            :             F5 3F DE 21 97 16 58 70 76 32 B2 20 51 A3 1A 1F
            :             97 48 80 5C 83 B0 B8 93 0B 03 44 AE BF BE A4 8C
            :             06 C6 45 E2 81 08 D5 89 58 0C 28 1B 2D A5 8B 1C
            :             4A E3 D7 44 34 D4 CB 53 FC BA A9 8B AA B6 E9 B0
            :         }
  36 30   43:       SEQUENCE {             C3 AB 74 F1 2A F1 B0 C6 38 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  49 A0   30:         [0] {
  51 04   28:           OCTET STRING EA 87 02 1E 10 BB 99
            :             54 68 69 73 20 69 73 20 73 6F 6D             C4 BE 36 C0 08 BA 13 65 20 37 3E 36 F3 31 42 73 61 6D
            :             70 6C 65 20 63 6F 6E 74 65 6E 74 2E 18
            :           }
            :         }
  81
 614 31   99:       SET {
  83
 616 30   97:         SEQUENCE {
  85
 618 02    1:           INTEGER 3
  88
 621 80   20:           [0]
            :             BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01 E2 FD
            :             E3 97 FE CD
 110
 643 30    9:           SEQUENCE {
 112
 645 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
 119
 652 05    0:             NULL
            :             }
 121
 654 30    9:           SEQUENCE {
 123
 656 06    7:             OBJECT IDENTIFIER dsa dsaWithSha1 (1 2 840 10040 4 1) 3)
            :               (ANSI X9.57 algorithm)
            :             }
 132
 665 04   48:           OCTET STRING
            : STRING, encapsulates {
 667 30 2D   45:               SEQUENCE {
 669 02 14 4F F6 62 B6 CA 8D D6 CC A8 A8 CA 9A   21:                 INTEGER
            :             C9 CB 96 96 2C 1D DA 8F 02 15                   00 B7 B8 38 97 28 5A E2 9D 06 1E
            :             F8 22 5E 93 E3 FE 0B 4E 6E 24 00 A6 BF F0 3C 29 37 F2
            :                   0D 8C 1F 1C EE
 692 02   20:                 INTEGER
            :                   66 B5 EE 3B D8 2B 46 0B E0 64 D0 F5 B9 AD 5C EC
            :                   0F ED 15 85 83 00 7B 12
            :                 }
            :               }
            :             }
            :           }
            :         }
            :       }
            :     }
            :   }

5.8 S/MIME multipart/signed message

A full S/MIME message, including MIME, that includes the body part from
5.3 and the body containing the content of the message.

MIME-Version: 1.0
Content-Type: multipart/signed;
	protocol="application/x-pkcs7-signature";
	micalg=SHA1;
	boundary="----=_NextPart_000_0000_01BEF8B8.4F7D5F80"

------=_NextPart_000_0000_01BEF8B8.4F7D5F80

This is some sample content.
------=_NextPart_000_0000_01BEF8B8.4F7D5F80
Content-Type: application/x-pkcs7-signature;
	name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
	filename="smime.p7s"

MIGXBgkqhkiG9w0BBwKggYkwgYYCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAT
FnMGUCAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyDAJBgUrDgMCGgUAMAkGByqG
SM44BAEEMDAtAhReXmtpBKJiXYtFslX5dRwSToiIIQIVAKPBSCPgCDVvJSJ6HrYUvO
R1kdslAA==

------=_NextPart_000_0000_01BEF8B8.4F7D5F80--

5.9 S/MIME application/pkcs7-mime signed message

A full S/MIME message, including MIME, that includes the body part from
5.1.

Subject: Example 5.9
MIME-Version: 1.0
Content-Type: application/pkcs7-mime; name="smime.p7m";
              smime-type=signed-data
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7m"

MIG3BgkqhkiG9w0BBwKggakwgaYCAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa
AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuMWcwZQIBATAYMBIxEDAOBgNV
BAMTB0NhcmxEU1MCAgDIMAkGBSsOAwIaBQAwCQYHKoZIzjgEAQQwMC0CFHCbJ32Z59
IMxsUhC0viIbe9jUgpAhUAiywMBstKtQZLqEwOeNE7kOnRn6QA

6.  Enveloped-data

6.1 Basic encrypted content, TripleDES and DH

An EnvelopedData from Alice to Bob of ExContent using TripleDES for
encrypting and Diffie-Hellman for key management. Does not have a
OriginatorInfo or any attributes.

   0 30  355: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
            :     (PKCS #7)
  15 A0  340:   [0] {
  19 30  336:     SEQUENCE {
  23 02    1:       INTEGER 2
  26 31  260:       SET {
  30 A1  256:         [1] {
  34 02    1:           INTEGER 3
  37 A0  150:           [0] {
  40 A1  147:             [1] {
  43 30    9:               SEQUENCE {
  45 06    7:                 OBJECT IDENTIFIER
            :                   dhPublicNumber (1 2 840 10046 2 1)
            :                   (ANSI X9.42 number-type)
            :                 }
  54 03  133:               BIT STRING 0 unused bits, encapsulates {
  58 02  129:                   INTEGER
            :                   00 C2 A4 56 E7 80 6C 11 EC 48 01 F7 0E FA B0 20
            :                   D2 9C 6F 31 2C 85 F8 4A 9C B2 B8 BA 17 B6 F5 28
            :                   31 BC B2 5E 53 D3 8C C9 B5 E3 79 20 8F 03 E5 67
            :                   7F 4E 02 6A 2E C2 67 7F 71 9A 44 0B EC C0 7D 19
            :                   6F EE 5F 2E D5 32 00 D4 7C C2 16 56 7E ED AF 68
            :                   DD 0C 73 68 95 36 CE 5C 51 AD 2E 20 64 D0 1E 3B
            :                   C8 57 3D 65 40 B8 1A CD 6D A7 CB 1C 9E C5 83 73
            :                   66 DD D2 86 EE E1 9C ED B1 9D 30 32 41 4C 52 3D
            :                   18
            :                   }
            :               }
            :             }
 190 30   26:           SEQUENCE {
 192 06    7:             OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
            :               (ANSI X9.42 number-type)
 201 30   15:             SEQUENCE {
 203 06   11:               OBJECT IDENTIFIER '1 2 840 113549 1 9 16 3 6'
 216 05    0:               NULL
            :               }
            :             }
 218 30   70:           SEQUENCE {
 220 30   68:             SEQUENCE {
 222 30   24:               SEQUENCE {
 224 30   18:                 SEQUENCE {
 226 31   16:                   SET {
 228 30   14:                     SEQUENCE {
 230 06    3:                       OBJECT IDENTIFIER commonName (2 5 4 3)
            :                         (X.520 id-at (2 5 4))
 235 13    7:                       PrintableString 'CarlDSS'
            :                       }
            :                     }
            :                   }
 244 02    2:                 INTEGER 201
            :                 }
 248 04   40:               OCTET STRING
            :                 51 46 57 41 34 1C D6 C7 CD 36 4B A4 93 B7 16 E6
            :                 2E F0 58 24 9C 6D 4B E9 90 8B 0F 46 B8 E5 93 19
            :                 FF 7C F0 56 4D 4F FA F5
            :               }
            :             }
            :           }
            :         }
 290 30   67:       SEQUENCE {
 292 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
 303 30   20:         SEQUENCE {
 305 06    8:           OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
            :             (RSADSI encryptionAlgorithm (1 2 840 113549 3))
 315 04    8:           OCTET STRING
            :             EE F2 1F EE 80 08 CE 6A
            :           }
 325 80   32:         [0]
            :           9E BB 6C 9E B8 14 43 2C CB B2 90 8E A4 7D 8A D8
            :           AE 96 88 73 08 80 95 3E D1 DF E8 2F 4F DC 73 98
            :         }
            :       }
            :     }
            :   }

Some additional information on this example:

3DES CEK
  cd 4f 7c 83 73 c4 26 ce 5d b0 cd ea 7c 16 15 cb
  2f 8c a8 20 16 0e c8 2a

Ephemeral X (reverse the bytes)
  2e 92 4e b9 2a bd ab 1e cb 5b d8 3b c5 6c b0 ef
  2d 89 7b 0e e7 d6 33 8c 1f 33 81 6d 2d d1 61 4f

ZZ
  de 42 2f c3 fb 44 ab ce 71 3f f6 3a aa dc 09 d1
  ca 30 97 22 73 eb de 6a af 87 e1 74 62 60 73 c7
  93 1f 2e 26 b3 09 8f 1c 93 31 33 63 5f 0e ad 89
  89 f5 1a cb 8c 3f b7 8f 50 b3 9a fe 06 b0 8a 68
  c0 f7 b1 fe 20 af 96 f2 a6 cf de 12 1e 74 f9 38
  d1 90 da 4d 10 45 b2 6a be 3f f9 3b 61 c0 6d 8f
  bc 2e c8 a3 e6 d8 e2 a8 52 ea 58 65 b3 93 99 b7
  77 91 67 e6 04 e5 ca ce 46 86 b0 83 17 d9 de 1d

3DES KEK (no parity check)
  02 1f 67 5c 92 58 e5 5a 2a fb 3b ed 94 6b 39 8a
  b1 38 a7 8c 63 fc d6 14

wrapped key
  51 46 57 41 34 1c d6 c7 cd 36 4b a4 93 b7 16 e6
  2e f0 58 24 9c 6d 4b e9 90 8b 0f 46 b8 e5 93 19
  ff 7c f0 56 4d 4f fa f5

3DES CEK
  1c b6 57 1a 25 bc f8 13 5b 01 1a d5 a2 46 31 7a
  85 fe 4f 62 45 4a 2a 43

6.2 Basic encrypted content, TripleDES and RSA

Same as 6.1, except with RSA for key management. An EnvelopedData from
Alice to Bob of ExContent using TripleDES for encrypting and RSA for
key management. Does not have a OriginatorInfo or any attributes.

   0 30 NDEF: SEQUENCE {
   2 06    9:   OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
            :     (PKCS #7)
  13 A0 NDEF:   [0] {
  15 30 NDEF:     SEQUENCE {
  17 02    1:       INTEGER 0
  20 31  192:       SET {
  23 30  189:         SEQUENCE {
  26 02    1:           INTEGER 0
  29 30   38:           SEQUENCE {
  31 30   18:             SEQUENCE {
  33 31   16:               SET {
  35 30   14:                 SEQUENCE {
  37 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
  42 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
  51 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
            :             }
  69 30   13:           SEQUENCE {
  71 06    9:             OBJECT IDENTIFIER
            :               rsaEncryption (1 2 840 113549 1 1 1)
            :               (PKCS #1)
  82 05    0:             NULL
            :             }
  84 04  128:           OCTET STRING
            :             C5 C0 8F 67 12 9C 10 49 49 14 5D 80 D6 24 50 59
            :             38 41 5C B7 5B B0 0B 12 15 CD 54 80 8E 62 A3 AF
            :             D1 15 29 A6 6C B5 C0 32 F7 39 5F 0C 2F 32 90 65
            :             5C E3 D5 2B 55 F6 21 37 09 5A 9A B4 96 D4 96 20
            :             49 06 93 67 EA 0B C1 20 3D 5D B2 63 7E 8C F9 89
            :             F3 9F BF 1E 19 ED 36 04 83 05 8A 15 5A 92 A4 8A
            :             B4 3E 89 C1 69 35 0D 74 B7 81 7F 02 CB 7A D7 65
            :             51 05 15 B6 78 0F F2 B4 80 F7 60 7A 2B 75 88 E9
            :           }
            :         }
 215 30 NDEF:       SEQUENCE {
 217 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
 228 30   20:         SEQUENCE {
 230 06    8:           OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
            :             (RSADSI encryptionAlgorithm (1 2 840 113549 3))
 240 04    8:           OCTET STRING
            :             F4 CF FA 43 74 39 12 F4
            :           }
 250 A0 NDEF:         [0] {
 252 04  176:           OCTET STRING
            :             1B CE BA D7 65 FB BC 60 05 95 65 42 3F 60 DB 2D
            :             78 C5 F2 7F 93 34 95 E2 62 F3 99 3E D8 A2 CB C8
            :             E5 50 10 D8 45 CD 27 EF 83 3B 3B B0 41 E6 D7 2A
            :             DE 57 53 AF 10 97 1F 89 3D 6A 97 B8 BF E1 72 2B
            :             F0 D6 9B E5 09 D4 6B D6 F4 BA FF 50 6A 3C F0 16
            :             8C DD F4 34 E5 85 CC A9 03 1E DE E3 71 19 7F 89
            :             9D 27 2D 71 93 53 A8 CC 15 79 58 15 36 C3 53 7B
            :             22 51 AD 8F 31 AB 60 3A 1C B7 65 5A 5F 90 16 7B
            :             2B 5D 1E 0A B4 D5 A1 64 93 DD 4F 4D 31 81 84 80
            :             60 C3 56 99 CC A1 C0 C8 AE 10 9E 4C C8 5E F0 18
            :             A9 32 30 00 93 12 7B FC 14 BF 7C D4 74 B4 B0 6C
            :           }
            :         }
            :       }
            :     }
            :   }

6.3 Basic encrypted content, RC2/40 and RSA

Same as 6.1, except using RC2/40 for encryption and RSA for key
management. An EnvelopedData from Alice to Bob of ExContent using
RC2/40 for encrypting and RSA for key management. Does not have a
OriginatorInfo or any attributes.

   0 30 NDEF: SEQUENCE {
   2 06    9:   OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
            :     (PKCS #7)
  13 A0 NDEF:   [0] {
  15 30 NDEF:     SEQUENCE {
  17 02    1:       INTEGER 0
  20 31  192:       SET {
  23 30  189:         SEQUENCE {
  26 02    1:           INTEGER 0
  29 30   38:           SEQUENCE {
  31 30   18:             SEQUENCE {
  33 31   16:               SET {
  35 30   14:                 SEQUENCE {
  37 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
  42 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
  51 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
            :             }
  69 30   13:           SEQUENCE {
  71 06    9:             OBJECT IDENTIFIER
            :               rsaEncryption (1 2 840 113549 1 1 1)
            :               (PKCS #1)
  82 05    0:             NULL
            :             }
  84 04  128:           OCTET STRING
            :             84 00 78 AC A9 6A F9 ED BE 27 7F A1 45 FE 73 4B
            :             05 54 14 D7 DF 9B 27 11 68 97 E6 32 76 A3 D6 48
            :             B4 4D E4 15 B0 BF A8 58 1F 5D F2 5C 30 A8 E9 C7
            :             63 E4 95 B4 AB 2A 36 3E 69 9C 59 0D 67 5F F2 82
            :             15 21 7B 1A 3B 59 68 AA F1 B0 C6 8C DB 0E B2 54
            :             DC 33 D1 64 D1 4C A9 74 08 14 11 8A 16 74 6A 3A
            :             F0 33 35 1C 34 70 33 BF 0A C6 44 91 C8 B1 21 BC
            :             B1 A3 65 DD 14 BC 05 D7 E2 E7 DC 7F 3A 59 7E 1F
            :           }
            :         }
 215 30 NDEF:       SEQUENCE {
 217 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
 228 30   26:         SEQUENCE {
 230 06    8:           OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2)
            :             (RSADSI encryptionAlgorithm (1 2 840 113549 3))
 240 30   14:           SEQUENCE {
 242 02    2:             INTEGER 160
 246 04    8:             OCTET STRING
            :               9C 04 D2 19 2E 2A 55 A1
            :             }
            :           }
 256 A0 NDEF:         [0] {
 258 04  176:           OCTET STRING
            :             8E 87 2E 22 E4 30 61 9B 96 CC EA AD 0C D6 D7 03
            :             1B 14 60 37 8B 1A 80 2C 12 4F 76 B7 76 77 E2 07
            :             84 33 0B CC 65 EB 5B 32 9B 68 F3 86 6D 7D B1 A2
            :             44 10 1D C0 14 E1 F2 C6 F1 28 17 BA 86 D5 2F 6D
            :             37 DF 82 EB D1 2D 24 80 71 62 4D 0D A8 69 10 A9
            :             E1 45 75 86 4D AB 83 61 5B 70 7D 6D C2 5D F3 80
            :             31 D3 70 FD 73 2D 75 4D 93 54 9F 3A A8 A8 DC 30
            :             34 FD 49 36 88 97 37 4F 24 0F FB 03 22 4C 64 EA
            :             33 EB C5 C6 23 87 01 72 13 6F E7 62 3D 12 62 0D
            :             FB 44 88 32 24 91 05 46 8D 0E 00 39 8A 14 8A CA
            :             19 58 4B 8F BD BB 35 89 AF F9 99 16 91 F0 E7 BD
            :           }
            :         }
            :       }
            :     }
            :   }

6.4 Encrypted content, two recipients, no shared keying material

Same as 6.1, except sent to both Bob and Diane. An EnvelopedData from
Alice to Bob and Diane of ExContent using TripleDES for encrypting and
Diffie-Hellman for key management. Does not have a OriginatorInfo or
any attributes.

   0 30  615: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
            :     (PKCS #7)
  15 A0  600:   [0] {
  19 30  596:     SEQUENCE {
  23 02    1:       INTEGER 2
  26 31  520:       SET {
  30 A1  256:         [1] {
  34 02    1:           INTEGER 3
  37 A0  150:           [0] {
  40 A1  147:             [1] {
  43 30    9:               SEQUENCE {
  45 06    7:                 OBJECT IDENTIFIER
            :                   dhPublicNumber (1 2 840 10046 2 1)
            :                   (ANSI X9.42 number-type)
            :                 }
  54 03  133:               BIT STRING 0 unused bits
            :                 02 81 80 03 CA 05 2E 78 63 86 95 7D C6 E3 38 08
            :                 33 D3 5E 06 FB C5 98 FA DE 66 42 2E 6F BB 35 47
            :                 73 EE 7F 43 82 83 0C 8D EF 1F 61 8F 52 C6 5C BB
            :                 85 46 09 CD 0A 1E 75 44 51 AC B8 AB 85 88 C6 B3
            :                 06 97 C9 47 B2 8A 56 55 8B BE D3 3C C9 3A F0 A8
            :                 D5 4C 3A 56 19 9B 65 75 E9 2B 14 66 D8 BB 66 70
            :                 2E 64 46 41 BD 33 E1 50 F8 D5 CA A5 74 6A 09 01
            :                 D3 6D 74 85 21 33 53 AB C2 3D 2A 08 40 CF F9 AC
            :                 2D F7 D0 00
            :               }
            :             }
 190 30   26:           SEQUENCE {
 192 06    7:             OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
            :               (ANSI X9.42 number-type)
 201 30   15:             SEQUENCE {
 203 06   11:               OBJECT IDENTIFIER '1 2 840 113549 1 9 16 3 6'
 216 05    0:               NULL
            :               }
            :             }
 218 30   70:           SEQUENCE {
 220 30   68:             SEQUENCE {
 222 30   24:               SEQUENCE {
 224 30   18:                 SEQUENCE {
 226 31   16:                   SET {
 228 30   14:                     SEQUENCE {
 230 06    3:                       OBJECT IDENTIFIER commonName (2 5 4 3)
            :                         (X.520 id-at (2 5 4))
 235 13    7:                       PrintableString 'CarlDSS'
            :                       }
            :                     }
            :                   }
 244 02    2:                 INTEGER 211
            :                 }
 248 04   40:               OCTET STRING
            :                 88 24 7C 52 73 C3 02 FF DB 89 49 08 0E BD EE 0E
            :                 49 18 47 19 B4 95 5F 16 12 B9 ED 34 4F 99 6B 2F
            :                 CA 8E 94 87 56 66 08 51
            :               }
            :             }
            :           }
 290 A1  256:         [1] {
 294 02    1:           INTEGER 3
 297 A0  150:           [0] {
 300 A1  147:             [1] {
 303 30    9:               SEQUENCE {
 305 06    7:                 OBJECT IDENTIFIER
            :                   dhPublicNumber (1 2 840 10046 2 1)
            :                   (ANSI X9.42 number-type)
            :                 }
 314 03  133:               BIT STRING 0 unused bits
            :                 02 81 80 5C 58 72 3E C6 68 91 0F F8 EB 07 EB C1
            :                 46 60 13 4B 7A D4 E5 AC 61 0C 67 D1 0D 0A AB E8
            :                 81 31 25 6A B5 E6 F3 EF 53 9D E7 51 B5 1D A4 E3
            :                 38 C7 EB 95 D9 80 D8 85 65 76 12 FB 7A 9E F2 B1
            :                 3F 38 1F EA F2 7C 61 26 63 73 AA 22 E2 FD 15 9A
            :                 9C 17 31 58 0C 4E A0 DE 84 89 B7 81 70 62 3E 9B
            :                 45 47 AD B9 FC 94 95 A5 99 F4 86 8D 0B CE 74 EC
            :                 71 DC CA A6 71 37 31 01 4C 8C 01 59 8C 49 AE FC
            :                 FB 64 EA 00
            :               }
            :             }
 450 30   26:           SEQUENCE {
 452 06    7:             OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
            :               (ANSI X9.42 number-type)
 461 30   15:             SEQUENCE {
 463 06   11:               OBJECT IDENTIFIER '1 2 840 113549 1 9 16 3 6'
 476 05    0:               NULL
            :               }
            :             }
 478 30   70:           SEQUENCE {
 480 30   68:             SEQUENCE {
 482 30   24:               SEQUENCE {
 484 30   18:                 SEQUENCE {
 486 31   16:                   SET {
 488 30   14:                     SEQUENCE {
 490 06    3:                       OBJECT IDENTIFIER commonName (2 5 4 3)
            :                         (X.520 id-at (2 5 4))
 495 13    7:                       PrintableString 'CarlDSS'
            :                       }
            :                     }
            :                   }
 504 02    2:                 INTEGER 201
            :                 }
 508 04   40:               OCTET STRING
            :                 39 2A 16 D1 21 2B 72 38 0C 40 01 55 A1 17 19 04
            :                 BE FD 24 9B 33 E5 1C BC C5 D8 7B A7 45 15 D2 5B
            :                 E5 5A 09 A5 22 18 7B DF
            :               }
            :             }
            :           }
            :         }
 550 30   67:       SEQUENCE {
 552 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
 563 30   20:         SEQUENCE {
 565 06    8:           OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
            :             (RSADSI encryptionAlgorithm (1 2 840 113549 3))
 575 04    8:           OCTET STRING
            :             13 E3 41 9C 85 30 15 1F
            :           }
 585 80   32:         [0]
            :           BA 8F 71 D9 C8 92 CE D4 08 A7 F5 73 91 29 6D E1
            :           33 08 DE C4 58 C2 A2 7B F0 9A 4B 06 44 EF D6 E5
            :         }
            :       }
            :     }
            :   }

6.5 Encrypted content, two recipients, shared keying material

Same as 6.4, except sent to Bob and Erica using keys that have shared
parameters so the result does not include the UKMs. An EnvelopedData
from Alice to Bob and Erica of ExContent using TripleDES for encrypting
and Diffie-Hellman for key management. Does not have a OriginatorInfo
or any attributes. Uses BobPubDHSharedEncrypt and
DianePubDHSharedEncrypt for keys.

   0 30  426: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
            :     (PKCS #7)
  15 A0  411:   [0] {
  19 30  407:     SEQUENCE {
  23 02    1:       INTEGER 2
  26 31  331:       SET {
  30 A1  327:         [1] {
  34 02    1:           INTEGER 3
  37 A0  150:           [0] {
  40 A1  147:             [1] {
  43 30    9:               SEQUENCE {
  45 06    7:                 OBJECT IDENTIFIER
            :                   dhPublicNumber (1 2 840 10046 2 1)
            :                   (ANSI X9.42 number-type)
            :                 }
  54 03  133:               BIT STRING 0 unused bits
            :                 02 81 80 1E 6F B8 49 59 86 A9 EE 34 17 29 BC A0
            :                 5A 84 51 AB CE 9A 41 38 B6 29 A7 7C 49 24 8D 83
            :                 A6 A0 F8 2C 9A 1B 1D A9 86 64 62 89 4B F9 5B 35
            :                 93 0C 36 D3 F7 06 51 D5 4A 5E AD DC 76 D2 ED 53
            :                 46 1A D4 0A 84 5B 26 A7 D0 4C 9A D6 24 A1 9E BA
            :                 D2 21 30 7B 45 C5 36 CC 2B 4A 4F 19 77 0D 48 22
            :                 79 66 D9 EB 51 4A 5A 3B 5D 25 E5 FA 58 79 0F 53
            :                 49 1B 1F E9 F9 79 73 0D BC 49 61 ED DB 4D 81 67
            :                 9E 68 A8 00
            :               }
            :             }
 190 30   26:           SEQUENCE {
 192 06    7:             OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
            :               (ANSI X9.42 number-type)
 201 30   15:             SEQUENCE {
 203 06   11:               OBJECT IDENTIFIER '1 2 840 113549 1 9 16 3 6'
 216 05    0:               NULL
            :               }
            :             }
 218 30  140:           SEQUENCE {
 221 30   68:             SEQUENCE {
 223 30   24:               SEQUENCE {
 225 30   18:                 SEQUENCE {
 227 31   16:                   SET {
 229 30   14:                     SEQUENCE {
 231 06    3:                       OBJECT IDENTIFIER commonName (2 5 4 3)
            :                         (X.520 id-at (2 5 4))
 236 13    7:                       PrintableString 'CarlDSS'
            :                       }
            :                     }
            :                   }
 245 02    2:                 INTEGER 201
            :                 }
 249 04   40:               OCTET STRING
            :                 FF 20 83 91 5F 10 CF 38 80 DF 50 20 46 C3 30 3B
            :                 7D 2B E3 DB C1 18 07 E3 07 85 2B 6C AB 26 07 B9
            :                 2C E5 DD 89 40 7D E9 D5
            :               }
 291 30   68:             SEQUENCE {
 293 30   24:               SEQUENCE {
 295 30   18:                 SEQUENCE {
 297 31   16:                   SET {
 299 30   14:                     SEQUENCE {
 301 06    3:                       OBJECT IDENTIFIER commonName (2 5 4 3)
            :                         (X.520 id-at (2 5 4))
 306 13    7:                       PrintableString 'CarlDSS'
            :                       }
            :                     }
            :                   }
 315 02    2:                 INTEGER 212
            :                 }
 319 04   40:               OCTET STRING
            :                 BF 13 C2 4A A2 D4 08 6A 2B 60 4A B8 A1 6D 31 43
            :                 F7 6B AE 35 64 23 D0 E6 80 79 BE 5F 25 2C 51 E3
            :                 B9 0E 44 F3 83 79 B4 0E
            :               }
            :             }
            :           }
            :         }
 361 30   67:       SEQUENCE {
 363 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
 374 30   20:         SEQUENCE {
 376 06    8:           OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
            :             (RSADSI encryptionAlgorithm (1 2 840 113549 3))
 386 04    8:           OCTET STRING
            :             23 DF 7F DB 3D 98 00 F8
            :           }
 396 80   32:         [0]
            :           74 29 02 33 4D 51 2E C4 C5 AE 32 D8 7F 9B 01 EB
            :           D2 CD C2 32 0A AA 90 8D A9 91 F3 21 32 8E 4E 76
            :         }
            :       }
            :     }
            :   }

6.6 Encrypted content, TripleDES and DH, previously-distributed keys

Same as 6.1, except sent using a previously-distributed key. An
EnvelopedData from Alice to Bob of ExContent using TripleDES for
encrypting and Diffie-Hellman for key management, using the
MailListTripleDES key. Does not have a OriginatorInfo or any
attributes.

Subject: Test subject
MIME-Version: 1.0
Content-Type: application/x-pkcs7-mime;
	name="smime.p7m";
	smime-type=enveloped-data
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
	filename="smime.p7m"
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2115.300

MIAGCSqGSIb3DQEHA6CAMIACAQIxggFdoYIBBAIBA6CBlaGBkjAJBgcqhkjOPgIBA4
GEAAKBgE348O8WYkb+mh9JywImIJ1j0PIj84SnpKclqO31EcScZzkSiQQP+gqphImf
EwIGh7P7ywuoFuxdot8C2X/nDubhrrKImG3Z96h/FAh6/rgA6P10r2yesV1QvqfGgY
Bh9+o9zq/S1+Q8ssFH9j1nZzTLLL3rrG8W4ztmu4qX+Q89MB8GCyqGSIb3DQEJEAMF
MBAGCyqGSIb3DQEJEAMHAgE6MEYwRDAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDJBC
hTEv/IiYb58fJpBc1MQAJ1FSG33LdFbpRq8QirMU12JiHd9qAJjj9ColMCAQQwEwQR
TWFpbExpc3RUcmlwbGVERVMwDwYLKoZIhvcNAQkQAwYFAAQo/JV25qipslbuubZDLs
lEB93Y4rGtOJHpymNu+u5Fe7bpypVtjw4VWjCABgkqhkiG9w0BBwEwGQYIKoZIhvcN
AwIwDQIBOgQIj3hP9Fg2yEqggAQg4lYLOgn0NuOrSALLvtN4NzeVtYJ07hsW2OZ7Fq
QNmuoAAAAAAAAAAAAA

6.7 Encrypted content, RC2/40 and RSA, previously-distributed keys

Same as 6.1, except sent using a previously-distributed key. An
EnvelopedData from Alice to Bob of ExContent using RC2/40 for
encrypting and RSA for key management, using the MailListRC2 key. Does
not have a OriginatorInfo or any attributes.

XXXXX

6.8 S/MIME application/pkcs7-mime encrypted message

A full S/MIME message, including MIME, that includes the body part from
6.1.

XXXXX

7. Digested-data

A DigestedData from Alice to Bob of ExContent using SHA-1.

   0 30   90: SEQUENCE {
   2 06    9:   OBJECT IDENTIFIER digestedData (1 2 840 113549 1 7 5)
            :     (PKCS #7)
  13 A0   77:   [0] {
  15 30   75:     SEQUENCE {
  17 02    1:       INTEGER 0
  20 30    7:       SEQUENCE {
  22 06    5:         OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :           (OIW)
            :         }
  29 30   39:       SEQUENCE {
  31 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  42 A0   26:         [0] {
  44 04   24:           OCTET STRING
            :             54 68 69 73 20 73 6F 6D 65 20 73 61 6D 70 65 20
            :             63 6F 6E 74 65 6E 74 2E
            :           }
            :         }
  70 04   20:       OCTET STRING
            :         40 6A EC 08 52 79 BA 6E 16 02 2D 9E 06 29 C0 22
            :         96 87 DD 48
            :       }
            :     }
            :   }

8. Encrypted-data

An EncryptedData from Alice to Bob of ExContent with no attributes.

   0 30   87: SEQUENCE {
   2 06    9:   OBJECT IDENTIFIER encryptedData (1 2 840 113549 1 7 6)
            :     (PKCS #7)
  13 A0   74:   [0] {
  15 30   72:     SEQUENCE {
  17 02    1:       INTEGER 0
  20 30   67:       SEQUENCE {
  22 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  33 30   20:         SEQUENCE {
  35 06    8:           OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
            :             (RSADSI encryptionAlgorithm (1 2 840 113549 3))
  45 04    8:           OCTET STRING
            :             B3 6B 6B FB 62 31 08 4E
            :           }
  55 80   32:         [0]
            :           D7 6F D1 17 8F BD 02 F8 42 31 F5 C1 D2 A2 F7 4A
            :           41 59 48 29 64 F6 75 24 82 54 22 3D AF 9A F8 E4
            :         }
            :       }
            :     }
            :   }

The TripleDES key is:
  73 7c 79 1f 25 ea d0 e0 46 29 25 43 52 f7 dc 62
  91 e5 cb 26 91 7a da 32

9. Authenticated-data

9.1 Authenticated data with no autenticated attributes

An AutenticatedData from Alice to Bob using XXXXXXXXXX with no
authenticated attributes.

XXXXX

9.2 Authenticated data with autenticated attributes

An AutenticatedData from Alice to Bob using XXXXXXXXXX with the
content-type and message-digest authenticated attributes.

XXXXX

10. Key Wrapping

This section shows the steps needed to wrap keys, as described in
section 12.6 of [CMS].

10.1 Wrapping RC2

This example shows how to wrap an RC2 key.

The CEK to be wrapped is
b70a 25fb c9d8 6a86 050c e0d7 11ea d4d9

The random value used is
4845 cce7 fd12 50

The hash of the CEK is
0a6f f19f db40 4988

The CEK initialization vector is
c7d9 0059 b29e 97f7

The KEK is
fd04 fd08 0607 07fb 0003 feff fd02 fe05

The "Pre Encrypt #1" is
10b7 0a25 fbc9 d86a 8605 0ce0 d711 ead4
d9 4845 cce7 fd12 500a 6ff1 9fdb 4049 88

The "Pre Encrypt #2" is
a7 f7 1f a3 07 8a a9 9f 32 99 8e ff 9e d7 8c ac
b8 70 ce 04 f5 55 8c e4 60 12 93 37 59 a2 1d a0
f7 97 9e b2 59 00 d9 c7

The wrapped CEK is
70e6 99fb 5701 f783 3330 fb71 e87c 85a4
20bd c99a f05d 22af 5a0e 48d3 5f31 3898
6cba afb4 b28d 4f35

10.2 Wrapping TripleDES

This example shows how to wrap an TripleDES key.

The CEK to be wrapped is
2923 bf85 e06d d6ae 5291 49f1 f1ba e9ea b3a7 da3d 860d 3e98

The hash of the CEK is
181b 7e96 86e04a4e

The CEK initialization vector is
5dd4 cbfc 96f5 453b

The KEK is
255e 0d1c 07b6 46df b313 4cc8 43ba 8aa7 1f02 5b7c 0838 251f

The "Pre Encrypt #1" is
 29 23 bf 85 e0 6d d6 ae 52 91 49 f1 f1 ba e9 ea
 b3 a7 da 3d 86 0d 3e 98 18 1b 7e 96 86 e0 4a 4e

The "Pre Encrypt #2" is
  49 84 9d 72 5f cc 4d a4 f6 60 79 7a 3b 97 1f 5c
  03 cc 92 ef 04 32 9a b4 2a dd 75 c6 89 a7 c1 cf
  3b 45 f5 96 fc cb d4 5d

The wrapped CEK is
  69 01 07 61 8e f0 92 b3 b4 8c a1 79 6b 23 4a e9
  fa 33 eb b4 15 96 04 03 7d b5 d6 a8 4e b3 aa c2
  76 8c 63 27 75 a4 67 d4

11. ESS Examples

11.1 ReceiptRequest

Alice asks Diane for a reciept on the message in 5.1.

XXXXX

11.2 Receipt

Diane gives Alice a receipt for the message in 11.1.

XXXXX

11.3 eSSSecurityLabel

Alice includes a security label in the message in 5.1.

XXXXX

11.4 EquivalentLabels

Alice uses an EquivalentLabels in the message in 11.3.

XXXXX

11.5 mlExpansionHistory

The mailing list sends a message with a mlExpansionHistory attribute.

XXXXX

11.6 SigningCertificate

Alice uses a SigningCertificate attribute in the message in 5.1.

XXXXX

12. Security Considerations

Because this document shows examples of S/MIME, CMS, and ESS messages,
this document also inherits all of the security considerations from
[SMIME-MSG], [CMS], and [SMIME-ESS].

The Perl script in Appendix B writes to the user's local hard drive. A
malicious attacker could modify the Perl script in this document. Be
sure to read the Perl code carefully before executing it.

A. References

[CMS] Cryptographic Message Syntax, RFC 2630.

[PKIX] PKIX Certificate and CRL Profile, RFC 2459.

[SMIME-MSG] S/MIME Version 3 Message Specification. RFC 2633.

[SMIME-ESS] Enhanced Security Services for S/MIME, RFC 2634.

B. Binaries of the Examples

This section contains the binaries of the examples shown in the rest of
the document. The binaries are stored in a modified Base64 format.
There is a Perl program that, when run over the contents of this
document, will extract the following binaries and write them out to
disk. The program works with Perl for Unix and Windows 95/98/NT (and
possibly Macintosh).

B.1 How the binaries and extractor works

The program in the next section looks for lines that begin with a '|'
character (or some whitespace followed by a '|'), ignoring all other
lines. If the line begins with '|', the second character tells what
kind of line it is:
   A line that begins with |* is a comment
   A line that begins with |> gives the name of a new file to start
   A line that begins with |< tells to end the file (and checks the
         file name for sanity)
   A line that begins with |anythingelse is a Base64 line

The program writes out a series of files, so you should run this in an
empty directory. The program will overwrite files (if it can), but won't
delete other files already in the directory.

Run this program with this document as the standard input, such as:
    extractsample <draft-ietf-smime-examples

If you want to extract without the program, copy all the lines between
the "|>" and "|<" markers, remove any page breaks, and remove the "|"
in the first column of each line. The result is a valid Base64 blob that
can be processed by any Base64 decoder.

B.2 Example extraction program

#!/usr/bin/perl

# CMS Samples extraction program. v 1.1

# Get all the input as an array of lines
@AllIn = (); while (<STDIN>) { push(@AllIn, $_) }

$Base64Chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqr' .
    'stuvwxyz0123456789+/=';
$LineCount = 0; $CurrFile = '';

foreach $Line (@AllIn) {
    $LineCount++;  # Keep the line counter for error messages
    $Line =~ s/^\s*//;  # Get rid of leading whitespace
    chomp($Line);  # Get rid of CR or CRLF at the end of the line
    if(substr($Line, 0, 1) ne '|') { next }  # Not a special line
    elsif(substr($Line, 1, 1) eq '*') { next }  # It is a comment
    elsif(substr($Line, 1, 1) eq '>')
        { &StartNewFile(substr($Line, 2)) }  # Start a new file
    elsif(substr($Line, 1, 1) eq '<')
        { &EndCurrFile(substr($Line, 2)) }  # End the current file
    else { &DoBase64(substr($Line, 1)) }  # It is a line of Base64
}

sub StartNewFile {
    $TheNewFile = shift(@_);
    if($CurrFile ne '') { die "Was about to start a new file at " .
        "line $LineCount, but the old file, $CurrFile, was open\n" }
    open(OUT, ">$TheNewFile") or
        die "Could not open $TheNewFile for writing: $!\n";
    binmode(OUT);  # This is needed for Windows, is a noop on Unix
    $CurrFile = $TheNewFile;
    $LeftOver = 0;  # Amount left from previous Base64 character
    $NextPos = 0;  # Bit position to start the next Base64 character
                   #     (bits are numbered 01234567)
    $OutString = '';  # Holds the text going out to the file
}

sub EndCurrFile {
    $FileToEnd = shift(@_);
    if($CurrFile ne $FileToEnd) { die "Was about to close " .
        "$FileToEnd at line $LineCount, but that name didn't match " .
        "the name of the currently open file, $CurrFile\n" }
    print OUT $OutString;
    close(OUT);
    $CurrFile = '';
}

sub DoBase64 {
    $TheIn = shift(@_);
	if($CurrFile eq '') { die "Got some Base64 at line $LineCount, " .
		"but appear to not be writing to any particular file" }
    @Chars = split(//, $TheIn);  # Make an array of the characters
    foreach $ThisChar (@Chars) {
		# $ThisVal is the position in the string and the Base64 value
        $ThisVal = index($Base64Chars, $ThisChar);
        if($ThisVal == -1) { die "At line $LineCount, found the " .
            "character $ThisChar, which is not a Base64 character\n" }
        if($ThisVal == 64) { last }  # It is a "=", so we're done
        if ($NextPos == 0 ) {
            # Don't output anything, just fill the left of $LeftOver
            $LeftOver = $ThisVal * 4;
            $NextPos = 6;
        } elsif ($NextPos == 2) {
			# Add $ThisVal to $LeftOver, output, and reset
            $OutString .= chr($LeftOver + $ThisVal);
            $LeftOver = 0;
            $NextPos = 0;
        } elsif ($NextPos == 4) {
            # Add upper 4 bits of $ThisVal to $LeftOver and output
            $Upper4 = ($ThisVal & 60);
            $OutString .= chr($LeftOver + ($Upper4/4));
            $LeftOver = (($ThisVal - $Upper4) * 64);
            $NextPos = 2;
        } elsif ($NextPos == 6) {
            # Add upper 2 bits of $ThisVal to $LeftOver and output
            $Upper2 = ($ThisVal & 48);
            $OutString .= chr($LeftOver + ($Upper2/16));
            $LeftOver = (($ThisVal - $Upper2) * 16);
            $NextPos = 4;
        } else { die "\$NextPos has an illegal value: $NextPos." }
    }
}

C. Examples by section

Example from section 3.1 (content)

|* ExContent is just the message
|* Creator: [PH]
|>ExContent.bin
|VGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50Lg==
|<ExContent.bin

Examples from section 3.2 (private keys)

|* AlicePrivDSSSign.pri
|* Creator: [JS]
|>AlicePrivDSSSign.pri
|MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBAIGNze2D6gqeOT7CSCij5EeT3Q7XqA7sU8
|WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+HZMMg23j+bv7dM3F9piuR10DcMkQiVm96nXvn8
|9J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UIddU5dhDEeL3/nbCElzfy5FEbteQJllzzflvbAh
|UA4kemGkVmuBPG2o+4NyErYov3k80CgYAmONAUiTKqOfs+bdlLWWpMdiM5BAI1XPLLGjDD
|HlBd3ZtZ4s2qBT1YwHuiNrhuB699ikIlp/R1z0oIXks+kPht6pzJIYo7dhTpzi5dowfNI4
|W4LzABfG1JiRGJNkS9+MiVSlNWteL5c+waYTYfEX/Cve3RUP+YdMLRgUpgObo2OQQXAhUA
|u0RG0aXJRgcu0P561pIH8JqFiT8=
|<AlicePrivDSSSign.pri

|* AlicePrivRSASign.pri
|* Creator: [JS]
|>AlicePrivRSASign.pri
|MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAOCJczmN2PX16Id2OX9OsA
|W7U4PeD7er3H3HdSkNBS5tEt+mhibU0m+qWCn8l+z6glEPMIC+sVCeRkTxLLvYMs/GaG8H
|2bBgrL7uNAlqE/X3BQWT3166NVbZYf8Zf8mB5vhs6odAcO+sbSx0ny36VTq5mXcCpkhSjE
|7zVzhXdFdfAgMBAAECgYAApAPDJ0d2NDRspoa1eUkBSy6K0shissfXSAlqi5H3NvJ11ujN
|FZBgJzFHNWRNlc1nY860n1asLzduHO4Ovygt9DmQbzTYbghb1WVq2EHzE9ctOV7+M8v/Ke
|QDCz0Foo+38Y6idjeweVfTLyvehwYifQRmXskbr4saw+yRRKt/IQJBAPbW4CIhTF8KcP8n
|/OWzUGqd5Q+1hZbGQPqoCrSbmwxVwgEd+TeCihTI8pMOks2lZiG5PNIGv7RVMcncrcqYLd
|ECQQDo3rARJQnSAlEB3oromFD1d3dhpEWTawhVlnNd9MhbEpMic4t/03B/9aSqu3T9PCJq
|2jiRKoZbbBTorkye+o4vAkEAl0zwh5sXf+4bgxsUtgtqkF+GJ1Hht6B/9eSI41m5+R6b0y
|l3OCJI1yKxJZi6PVlTt/oeILLIURYjdZNR56vN8QJALPAkW/qgzYUi6tBuT/pszSHTyOTx
|hERIZHPXKY9+RozsFd7kUbOU5yyZLVVleyTqo2IfPmxNZ0ERO+G+6YMCgwJAWIjZoVA4hG
|qrA7y730v0nG+4tCol+/bkBS9u4oiJIW9LJZ7Qq1CTyr9AcewhJcV/+wLpIZa4M83ixpXu
|b41fKA==
|<AlicePrivRSASign.pri

|* BobPrivDHEncrypt.pri
|* Creator: [JS]
|>BobPrivDHEncrypt.pri
|MIIBYwIBADCCATgGByqGSM4+AgEwggErAoGBAOwszaTvmiYvYqe7I03fKyXBaNKeqUVbNv
|GUiRqvfREknT25PCno1yOAM6aeRQK7qsyeKAWVoLMXdsH3JTVhAkGSJwxerkjl824475HR
|zzf+mkCXyC01np2TxvgVrz/adDq3xJO1ubt2bB+ofrw6qkMKgWT8Y/B7cZj6wDh5EBozAo
|GBALoL13Q95zTlTBOnlZa78eRhNwj7Esf7nJF3Bpk18EgkljMSAX6N7Av2ssBjpxXFXpWG
|onPFSUY3eWD9dwUJSJtwjTwF9s5ELH99GysV3fMFL76FII+N+bSgRXQr9DudQmI0JyeBjm
|8PXmKFicztIcORcAZU7nCoklVbbhkiTWKnAiEAw6tKMHmz05dOyvWifcdwo0Xzs6KGBdI+
|Sfmf2Qqzvr0EIgIgIPxngu7PSqbI5YPSjDuK0kUyEScybIbsZspxrfAZTfc=
|<BobPrivDHEncrypt.pri

|* BobPrivRSAEncrypt.pri
|* Creator: [JS]
|>BobPrivRSAEncrypt.pri
|MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAORL/xi4JFf0d/9uc3uTcV
|y8MxqSknIj2EFG0M0ROgSzjq+Cnb1RHhd68nYsK4Y5p73XjRpT7OQA1ejsojax7eJQ4jIJ
|ij+fmSWPuE6ruX3VlmXaFqDFvg6uRFvvXvSnKcuC3axE6aqTlCkO+BjWyFde8nbE8hFgOL
|kbPB2XyWrxAgMBAAECgYEArnPkW19bZlrJ18bvOF9TISovYv7eKZp6hmc2531ieHU9c6C8
|KQ7zj73Dycm2+LrWE5vDl3rKavC4hWVOD72nqPdUBkG969wgd5DfYZuab3Te6jvUnIdg7X
|aE8WowN9XgkBb4gEfDGWvtdXe6Su05tl0CRztfG8gcq8vo9SY/pIECQQD/3wmgVgtCUp7E
|TZOzsEm73ueBfSiZ0LFIugs54Rx7IhgztkD2v9yuHdChrQRxWmEKbjvOMNo2n2UlKbunDn
|8LAkEA5GloGF/5V9B8ZokPumMdcssgpIF2ZInNfdHCJ6kurHpWmoUH2TADowOrf4iSUCQB
|qhsHHyBMt8l7Vve2wn6rcwJAVzZsj4wEdmy21O4kRAD4gOKvQgGpDxSE+OcA4I+MJ6QtX6
|LlbbVjwK1E6XaRpxlJLkb4d4VLO4cE8K/S2FQmlQJAZKEPrFV0G70NYXsXA82w5qcZHYCv
|8UFI2Bq2iBSgLHrFdtQPDh96KrJuNwSrOUVzukaoD42CXyIUBc+io/N8gwJAJh4dHKGYK+
|TbOOhXbmtzGYhhOvp0SjaLR2hdUOsm4+p9m05lqa97q0sudlE9qNARq6PWqMAnNh1UC6qn
|0W2N+g==
|<BobPrivRSAEncrypt.pri

|* CarlPrivDSSSign.pri
|* Creator: [JS]
|>CarlPrivDSSSign.pri
|MIIBSgIBADCCASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8
|ZMsw6UCQbrAdSxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5
|UAFIk4vrJRVRl1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAh
|UA3cEv31POCzRgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytb
|DJHOpWJSacrhbT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0
|R5NVpzqn9GUR+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgQWAhQZ
|szilIWIxUOV/uT4IRnjRPrXlcg==
|<CarlPrivDSSSign.pri

|* CarlPrivRSASign.pri
|* Creator: [JS]
|>CarlPrivRSASign.pri
|MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAORL/xi4JFf0d/9uc3uTcV
|y8MxqSknIj2EFG0M0ROgSzjq+Cnb1RHhd68nYsK4Y5p73XjRpT7OQA1ejsojax7eJQ4jIJ
|ij+fmSWPuE6ruX3VlmXaFqDFvg6uRFvvXvSnKcuC3axE6aqTlCkO+BjWyFde8nbE8hFgOL
|kbPB2XyWrxAgMBAAECgYEArnPkW19bZlrJ18bvOF9TISovYv7eKZp6hmc2531ieHU9c6C8
|KQ7zj73Dycm2+LrWE5vDl3rKavC4hWVOD72nqPdUBkG969wgd5DfYZuab3Te6jvUnIdg7X
|aE8WowN9XgkBb4gEfDGWvtdXe6Su05tl0CRztfG8gcq8vo9SY/pIECQQD/3wmgVgtCUp7E
|TZOzsEm73ueBfSiZ0LFIugs54Rx7IhgztkD2v9yuHdChrQRxWmEKbjvOMNo2n2UlKbunDn
|8LAkEA5GloGF/5V9B8ZokPumMdcssgpIF2ZInNfdHCJ6kurHpWmoUH2TADowOrf4iSUCQB
|qhsHHyBMt8l7Vve2wn6rcwJAVzZsj4wEdmy21O4kRAD4gOKvQgGpDxSE+OcA4I+MJ6QtX6
|LlbbVjwK1E6XaRpxlJLkb4d4VLO4cE8K/S2FQmlQJAZKEPrFV0G70NYXsXA82w5qcZHYCv
|8UFI2Bq2iBSgLHrFdtQPDh96KrJuNwSrOUVzukaoD42CXyIUBc+io/N8gwJAJh4dHKGYK+
|TbOOhXbmtzGYhhOvp0SjaLR2hdUOsm4+p9m05lqa97q0sudlE9qNARq6PWqMAnNh1UC6qn
|0W2N+g==
|<CarlPrivRSASign.pri

|* DianePrivDHEncrypt.pri
|* Creator: [JS]
|>DianePrivDHEncrypt.pri
|MIIBYgIBADCCATcGByqGSM4+AgEwggEqAoGBAMpukcKwvahY8jEhdLsf5BC90JOifmHhPb
|ojBBbQZjm9O80FdEjxA3CV9AVjbS6/mrf/l/85u2PbTaRx2JSatPKKPZ+3XY3K4q+1D88F
|ZYJobkPS9ARfA4v5UPXIbAUmvL82D1zDUWpn6HUyZniRY+j+NOcZtnBseDg2gtI0NsLfAo
|GAbtZ2NkvkWQdXXxiaENIxXKYQsCaWQk18o6HTnqWAsh83EUl8ipnYVj+TUe1uVPtu27L8
|NMDnyh5YK9U9O9yucSHZO1a4p/ZNIlJfQbrVHoJpbN1wccxsO++EqXGLqTsqCfi9/ctRvC
|4uyj4wjPpUnn0NA+LfY2Jt81CCJ9zRmfcCIQCqBWX73U6oAvE0Oeej/H1GELhd8C7yxdFe
|onRM2g9OHwQiAiBYLomrVzR9PPWadct9mYoZLzx6poXJLxtaRwPjghbkmw==
|<DianePrivDHEncrypt.pri

|* DianePrivRSASignEncrypt.pri
|* Creator: [JS]
|>DianePrivRSASignEncrypt.pri
|MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBANb9uMBwxkwl7OrP6ny7om
|L68OYyOlP/sZJaF/Qg4ZkkggrQ9nz7RMqLJwbxfiYDqXadz+ygLHCW8oNC9tS3KAq7+L9K
|TBk/B9ugwWAet35n996xw2BJrEXX+MbvCDchk0fu8HM1crACxPMRw15H5Qq3g/HbdGlki0
|QdlV3NKMCFAgMBAAECgYA9vc3CDmEUW0vnv2AjBCvFazWllkUj/Gl9kzwP0yWWumJSQuKW
|z/5YgI/rsYy91A1l0Dp3RSSeDOuGgMOsIRFxROOyqKkurBfSo4QlY7W8Lx7d9iH/FSAkW/
|GAL9VBDjIk99RKMp65SdgZjj85jWK9gPwMJJKT5MPXBZFTu5a2QQJBAPO4P0rRlLCRYBNB
|kg2NRD93Hf+WI0QI1AtwyRqv6ZCU8rDVX08ZhVChkJGuvQV2UrMi2Kh8jlR/AHJPNnVoc7
|UCQQDh0ucRVwaucpUiFqoCtFrtTp2CEU+WPIbJEI1WezF1eWnndWg4AEsu0iYy3bHi4CxU
|gAp1utFmlhuwDqB+0ruRAkEAr7a82yJzQ0HstLVnqaGZ/O/Sjv0d++Upi/4K39TIXlclCl
|0r1AmgVlvFsWL8IL4ILeMHtaHns//EwKVfrBJcqQJBALmYQfwIUB9zYIoBonxSiiBa6iyJ
|2aUZ3ZTGG8MlwIJR5O4rmhncc+3pHSfU+GwD3asdCHu1rH/pgpvxiYpx22ECQAEHIZdfem
|Co/VpcB9+o3vfisTR9/OuRvbBzdMjEvj9YRTAGkLOsacyz9z98rMe4G2WhFjk5sON0fc/N
|xaxsv+U=
|<DianePrivRSASignEncrypt.pri

|* DianePrivDSSSign.pri
|* Creator: [JS]
|>DianePrivDSSSign.pri
|MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8
|ZMsw6UCQbrAdSxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5
|UAFIk4vrJRVRl1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAh
|UA3cEv31POCzRgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytb
|DJHOpWJSacrhbT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0
|R5NVpzqn9GUR+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgQXAhUA
|lpX54MHgQS0yD4tCUpMq5h4OISk=
|<DianePrivDSSSign.pri

|* EricaPrivDHEncryptBobParam.pri
|* Creator: [JS]
|>EricaPrivDHEncryptBobParam.pri
|MIIBYwIBADCCATgGByqGSM4+AgEwggErAoGBAOwszaTvmiYvYqe7I03fKyXBaNKeqUVbNv
|GUiRqvfREknT25PCno1yOAM6aeRQK7qsyeKAWVoLMXdsH3JTVhAkGSJwxerkjl824475HR
|zzf+mkCXyC01np2TxvgVrz/adDq3xJO1ubt2bB+ofrw6qkMKgWT8Y/B7cZj6wDh5EBozAo
|GBALoL13Q95zTlTBOnlZa78eRhNwj7Esf7nJF3Bpk18EgkljMSAX6N7Av2ssBjpxXFXpWG
|onPFSUY3eWD9dwUJSJtwjTwF9s5ELH99GysV3fMFL76FII+N+bSgRXQr9DudQmI0JyeBjm
|8PXmKFicztIcORcAZU7nCoklVbbhkiTWKnAiEAw6tKMHmz05dOyvWifcdwo0Xzs6KGBdI+
|Sfmf2Qqzvr0EIgIgSGQR5BcBEubB05xwfXyml5W9yJUH989BEacTkfswPYw=
|<EricaPrivDHEncryptBobParam.pri

|* MailListTripleDES.bin
|* Creator: [JS]
|>MailListTripleDES.bin
|JV4NHAe2Rt+zE0zIQ7qKpx8CW3wIOCUf
|<MailListTripleDES.bin

|* MailListRc2.bin
|* Creator: [JS]
|>MailListRc2.bin
|tw0KJfvJ2GqGBQzg1xHq1Nk=
|<MailListRc2.bin

Examples from section 3.3 (certificates)

|* AliceDSSSignByCarlNoInherit.cer
|* Creator: [JS]
|>AliceDSSSignByCarlNoInherit.cer
|MIIC3jCCAp2gAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1MwggG2
|MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE//lO
|FzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6iL
|VPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6YaRW
|a4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dm1ni
|zaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB80jhbgvMAF8bU
|mJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GEAAKBgFzjuVp1
|FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyohs+JH09B41bY8
|i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTSljf2YUeyxDKE
|8H5BQP1Gp2NOM/Kl4vTyg+W4o4GDMIGAMCAGA1UdEQQZMBeBFWFsaWNlRHNzQGV4YW1wbG
|VzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6C
|Lm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wCQYHKo
|ZIzjgEAwMwADAtAhUAmLDGP89xR1o1qUqPwPgkBehGlI4CFFufSMCMocECnETq6aGHwaV/
|KC27
|<AliceDSSSignByCarlNoInherit.cer

|* AliceRSASignByCarl.cer
|* Creator: [JS]
|>AliceRSASignByCarl.cer
|MIICAjCCAW+gAwIBAgIQRjRrx4AAVrwR024uxBCzsDAJBgUrDgMCHQUAMBIxEDAOBgNVBA
|MTB0NhcmxSU0EwHhcNOTkwOTE5MDEwODQ3WhcNMzkxMjMxMjM1OTU5WjATMREwDwYDVQQD
|EwhBbGljZVJTQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4IlzOY3Y9fXoh3Y5f0
|6wBbtTg94Pt6vcfcd1KQ0FLm0S36aGJtTSb6pYKfyX7PqCUQ8wgL6xUJ5GRPEsu9gyz8Zo
|bwfZsGCsvu40CWoT9fcFBZPfXro1Vtlh/xl/yYHm+Gzqh0Bw76xtLHSfLfpVOrmZdwKmSF
|KMTvNXOFd0V18CAwEAAaNgMF4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwHwYD
|VR0jBBgwFoAU6eCQJ6x4IHqa00zyQjdOIq6eOLswHQYDVR0OBBYEFHfStNG3TIqKo85Fnc
|7sPKA64/9QMAkGBSsOAwIdBQADgYEAvzQy5vxqiEF98FyZoZO3SbcCUh7LhKyT11grAKGc
|xEhImd0Cw8YF+NIl8aOcyTMBinYOb3dDo7/h5rNqBHk57uHp5Z1QB4si3BJQ4/O0PZ7lk5
|6xzTP54KuYcQn467D8nOzxiNiuA9H+YOFiFLGiI9LIjRgfXu6bcgInwoU9BC4=
|<AliceRSASignByCarl.cer

|* BobDHEncryptByCarl.cer
|* Creator: [JS]
|>BobDHEncryptByCarl.cer
|MIIDYjCCAyGgAwIBAgICAMkwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAxMTgyOFoXDTM5MTIzMTIzNTk1OVowEDEOMAwGA1UEAxMFYm9iREgwggJCMIIB
|twYHKoZIzj4CATCCAaoCgYEA7CzNpO+aJi9ip7sjTd8rJcFo0p6pRVs28ZSJGq99ESSdPb
|k8KejXI4Azpp5FAruqzJ4oBZWgsxd2wfclNWECQZInDF6uSOXzbjjvkdHPN/6aQJfILTWe
|nZPG+BWvP9p0OrfEk7W5u3ZsH6h+vDqqQwqBZPxj8HtxmPrAOHkQGjMCgYEAugvXdD3nNO
|VME6eVlrvx5GE3CPsSx/uckXcGmTXwSCSWMxIBfo3sC/aywGOnFcVelYaic8VJRjd5YP13
|BQlIm3CNPAX2zkQsf30bKxXd8wUvvoUgj435tKBFdCv0O51CYjQnJ4GObw9eYoWJzO0hw5
|FwBlTucKiSVVtuGSJNYqcCIQDDq0owebPTl07K9aJ9x3CjRfOzooYF0j5J+Z/ZCrO+vQJh
|ATT+wjNI6/Y7l9nkl6dgpSVpNPv9RirWycTF99b0BBmNlNmKN2hpZ1X78msOR8VbC0sOHB
|qLe3W3qsOq1+s72iqNAoc3R4PXMbQlqKy7EYhTHBGStmnnLpDBevyH9PbXGjAaAxUAuf8c
|k0RnN9Gy+FeaMkrJSv877B4CAR0DgYQAAoGAb9T2zZSabq9bVxeWdbsPuUjpkDcNFSDCVR
|4T4q5xF4TDDnSuilV/KH2L1yginHZG1ztPndFNG7LbUZTFbVSWQDiKOIFjSozDHgmJdKZY
|1chaPc+7uCN/nB99ePqe+ZCekedLwqS+RQZ4Qlg9n2Ms74TUZ+X7xm2iNilnkEbbTkijfz
|B9MB0GA1UdEQQWMBSBEmJvYkRoQGV4YW1wbGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1Ud
|DwEB/wQEAwIDCDAfBgNVHSMEGDAWgBRwRD6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFg
|QUJv8ZSMNZM2hWjX7IgGhczzxy3SYwCQYHKoZIzjgEAwMwADAtAhQV6hVD40kihsG75drk
|DrgJ4NVyNQIVAK5PUSlzcXWpgevtnV4AGX7w3lrW
|<BobDHEncryptByCarl.cer

|* BobRSASignByCarl.cer
|* Creator: [JS]
|>BobRSASignByCarl.cer
|MIICADCCAW2gAwIBAgIQRjRrx4AAVrwR024uzV1x0DAJBgUrDgMCHQUAMBIxEDAOBgNVBA
|MTB0NhcmxSU0EwHhcNOTkwOTE5MDEwOTAyWhcNMzkxMjMxMjM1OTU5WjARMQ8wDQYDVQQD
|EwZCb2JSU0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMpc4S7sz8E7XRAb31Q1cZ
|kKCdg95GG/oL4KvhGkPLU4QUFIBOFbsRccU7X0xRXT/gz7DKzqgBg2A35Bk1PXQHRJ29nG
|r/7Wyg3KAYSPoemjACEnUdVAGarjwDB4W6Cy5sEtJDbLrkQQgrDddNf261Ensqe2rXjKpx
|tZURjvKAxTAgMBAAGjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgUgMB8GA1Ud
|IwQYMBaAFOngkCeseCB6mtNM8kI3TiKunji7MB0GA1UdDgQWBBTo9Lhn2LOWpCrzEaop05
|Vahha0JDAJBgUrDgMCHQUAA4GBAJj6r30hAaqziLzx7xJfTVgw2I5OvOEssn5oV40MQ1zX
|HkXR95Uz4qB1yhPIU7wzJpuzyFDfzYRqG+hIyELQgWNsMxm+Amn2FjF/1JnfgHrzO/gbKX
|0mUTcDIj/2FT0w8zKK8a6X3tf1FqmnrccVr1M+qCWRssRfTmoVV0dQvLL6
|<BobRSASignByCarl.cer

|* CarlDSSSelf.cer
|* Creator: [JS]
|>CarlDSSSelf.cer
|MIICmzCCAlqgAwIBAgIBATAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOT
|kwODE2MjI1MDUwWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQDEwdDYXJsRFNTMIIBtzCC
|ASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8ZMsw6UCQbrAd
|SxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5UAFIk4vrJRVR
|l1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAhUA3cEv31POCz
|Rgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytbDJHOpWJSacrh
|bT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0R5NVpzqn9GUR
|+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgOBhQACgYEAmYd0JwNm
|oLHArdwsdbvhbESc2iFtTUdtsWIJ6diuHvI6tJSxo456m3FOAJTJtCVOuWCWGSQB82IM/n
|XA+87YaADj/dVwT98jlhkGlPSxYY86V7EIEaQLJiXwUnaB6gtiDZUq5oa6crKnUIMLqifN
|G6lNiZrXjRg5hD+LxVZNgHqjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAg
|GGMB0GA1UdDgQWBBRwRD6CLm+H3krTdeM9ILxDK5PxHzAJBgcqhkjOOAQDAzAAMC0CFGup
|8E56Wnnj+b49K8kGN+kRF6ETAhUAjzRpKouxPAN5lDJNEh/OiftGsjs=
|<CarlDSSSelf.cer

|* CarlRSASelf.cer
|>CarlRSASelf.cer
|MIIB4zCCAVCgAwIBAgIQRjRrx4AAVrwR024un/JQIDAJBgUrDgMCHQUAMBIxEDAOBgNVBA
|MTB0NhcmxSU0EwHhcNOTkwOTE5MDEwNzQ2WhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQD
|EwdDYXJsUlNBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkS/8YuCRX9Hf/bnN7k3
|FcvDMakpJyI9hBRtDNEToEs46vgp29UR4XevJ2LCuGOae9140aU+zkANXo7KI2se3iUOIy
|CYo/n5klj7hOq7l91ZZl2hagxb4OrkRb7170pynLgt2sROmqk5QpDvgY1shXXvJ2xPIRYD
|i5Gzwdl8lq8QIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAd
|BgNVHQ4EFgQU6eCQJ6x4IHqa00zyQjdOIq6eOLswCQYFKw4DAh0FAAOBgQArcbS3bE4Iwu
|qpPVLed3adQPcmcF8wrAZ4CpvHIlXDcmqGnsNUQAJThWF12Q81cb7XTku2t4wAzhUyOHCb
|PO5yCiKPsRs80L2XFcfrUjHhUaE9WvLqkKGZ3Yv9GAwsisSJYn9rabPyv97FROPR4YZ0Vz
|Roc5AG+qxrlp5fgJA7vA==
|MIIB6zCCAVSgAwIBAgIQRjRrx4AAVrwR024un/JQIDANBgkqhkiG9w0BAQUFADASMRAwDg
|YDVQQDEwdDYXJsUlNBMB4XDTk5MDgxODA3MDAwMFoXDTM5MTIzMTIzNTk1OVowEjEQMA4G
|A1UEAxMHQ2FybFJTQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Ev/GLgkV/R3/2
|5ze5NxXLwzGpKSciPYQUbQzRE6BLOOr4KdvVEeF3rydiwrhjmnvdeNGlPs5ADV6OyiNrHt
|4lDiMgmKP5+ZJY+4Tqu5fdWWZdoWoMW+Dq5EW+9e9Kcpy4LdrETpqpOUKQ74GNbIV17yds
|TyEWA4uRs8HZfJavECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
|AYYwHQYDVR0OBBYEFOngkCeseCB6mtNM8kI3TiKunji7MA0GCSqGSIb3DQEBBQUAA4GBAL
|ee1ATT7Snk/4mJFS5M2wzwSA8yYe7EBOwSXS3/D2RZfgrD7Rj941ZAN6cHtfA4EmFQ7e/d
|P+MLuGGlpJs85p6cVJq2ldbabDu1LUU1nUkBdvq5uTH5+WsSU6D1FGCbfco+8lNrsDdvre
|Z019v6WuoUQWNdzb7IDsHaao1TNBgC
|<CarlRSASelf.cer

|* DianeDHEncryptByCarl.cer
|* Creator: [JS]
|>DianeDHEncryptByCarl.cer
|MIIDZTCCAyWgAwIBAgICANMwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAyMTY1N1oXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHRGlhbmVESDCCAkEw
|ggG2BgcqhkjOPgIBMIIBqQKBgQDKbpHCsL2oWPIxIXS7H+QQvdCTon5h4T26IwQW0GY5vT
|vNBXRI8QNwlfQFY20uv5q3/5f/Obtj202kcdiUmrTyij2ft12NyuKvtQ/PBWWCaG5D0vQE
|XwOL+VD1yGwFJry/Ng9cw1FqZ+h1MmZ4kWPo/jTnGbZwbHg4NoLSNDbC3wKBgG7WdjZL5F
|kHV18YmhDSMVymELAmlkJNfKOh056lgLIfNxFJfIqZ2FY/k1HtblT7btuy/DTA58oeWCvV
|PTvcrnEh2TtWuKf2TSJSX0G61R6CaWzdcHHMbDvvhKlxi6k7Kgn4vf3LUbwuLso+MIz6VJ
|59DQPi32NibfNQgifc0Zn3AiEAqgVl+91OqALxNDnno/x9RhC4XfAu8sXRXqJ0TNoPTh8C
|YQEwzQOCzT8yOl8WXvITX1Ib3/+qOwY8f4EmHLcMoBQJG10m/XEzjPKsQX4NrDWVkH6lra
|tVUIDw0rkqEU12RXY/DDiuclnG7L3v525gI5O5JwJEfkrT2jk6mmNDPBsjxWIwGgMVAND9
|1uBGl9Gnf7v/mkPwYmSzfJerAgF6A4GEAAKBgGBebu9hVXc/nWoREPTTybhyoB+J3+S8If
|3kn1DWj475Z5cU4DQZjz1YUh7cXQVOT8aIhXisAWw1zoZtkEtYSC4PsuMqTkfDsU0qesm3
|5cZoinOuUyGzzwnEYqPosLvc3g0uZkg3qNuiS/vb+qaSS0EKxlQLixqdL/9gCwsI2UI/o4
|GBMH8wHwYDVR0RBBgwFoEUZGlhbmVEaEBleGFtcGxlcy5jb20wDAYDVR0TAQH/BAIwADAO
|BgNVHQ8BAf8EBAMCAwgwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8wHQYDVR
|0OBBYEFEfzT811fahSIahhNle1+Jru2zBGMAkGByqGSM44BAMDLwAwLAIUfWQeH0vz7G80
|LLLkZHCPPmrAcqICFEvqwQzxzfd6nXbKJ27QvvLYm2pt
|<DianeDHEncryptByCarl.cer

|* DianeDSSSignByCarlInherit.cer
|* Creator: [JS]
|>DianeDSSSignByCarlInherit.cer
|MIIBujCCAXmgAwIBAgICANIwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAyMDgxMFoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIRGlhbmVEU1MwgZMw
|CQYHKoZIzjgEAQOBhQACgYEAoAAXeCzufoFTLi5hCA+hm1FSGtpZqHMvEiW2CMvK7ypEdo
|pSCeq9BSLVD/b9RtevmTgJDhPLTyzdHDT3HL8l/yPTO1nngpc3vjEk2BjI80k5W7fi5Sd+
|/IxFclt+Po9oTd1GeiK+jv/M2jkpoznln0PpVcnXW6aBZ8zAqs0uxSOjgYMwgYAwIAYDVR
|0RBBkwF4EVZGlhbmVEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/
|BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0GA1UdDgQWBBRkMJ
|l9XNxFC5k6Ui8Wv1hQ3c4rGDAJBgcqhkjOOAQDAzAAMC0CFH4MDIEXtJpUssMw64rEPMJS
|Np6VAhUAxp8XwnFLrC45jT0QH5qzTbb5EaM=
|<DianeDSSSignByCarlInherit.cer

|* DianeRSASignEncryptByCarl.cer
|* Creator: [JS]
|>DianeRSASignEncryptByCarl.cer
|MIICAjCCAW+gAwIBAgIQRjRrx4AAVrwR024u1ZowkDAJBgUrDgMCHQUAMBIxEDAOBgNVBA
|MTB0NhcmxSU0EwHhcNOTkwOTE5MDEwOTE2WhcNMzkxMjMxMjM1OTU5WjATMREwDwYDVQQD
|EwhEaWFuZVJTQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1v24wHDGTCXs6s/qfL
|uiYvrw5jI6U/+xkloX9CDhmSSCCtD2fPtEyosnBvF+JgOpdp3P7KAscJbyg0L21LcoCrv4
|v0pMGT8H26DBYB63fmf33rHDYEmsRdf4xu8INyGTR+7wczVysALE8xHDXkflCreD8dt0aW
|SLRB2VXc0owIUCAwEAAaNgMF4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwHwYD
|VR0jBBgwFoAU6eCQJ6x4IHqa00zyQjdOIq6eOLswHQYDVR0OBBYEFIzzy3UOjTH21CnaRJ
|J1uP7tTzkMMAkGBSsOAwIdBQADgYEAyojHN6muJssreYIiT0oNHKcgsuBo9ULeWWuz/SXA
|ObjrwItpohZVzgZ+Jl/GXlECP5XVp/fyfSNvK6x8y2+QD0RdRCJT1UI4GMRS17irgm+str
|yp5xNENnYWIwASa299xsm+eSy5LWnTHbEduloghcpbiEY2teUOFYW34l57yho=
|<DianeRSASignEncryptByCarl.cer
|>DianeRSASignByCarl.cer
|MIICCjCCAXOgAwIBAgIQRjRrx4AAVrwR024u1ZowkDANBgkqhkiG9w0BAQUFADASMRAwDg
|YDVQQDEwdDYXJsUlNBMB4XDTk5MDgxOTA3MDAwMFoXDTM5MTIzMTIzNTk1OVowEzERMA8G
|A1UEAxMIRGlhbmVSU0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANb9uMBwxkwl7O
|rP6ny7omL68OYyOlP/sZJaF/Qg4ZkkggrQ9nz7RMqLJwbxfiYDqXadz+ygLHCW8oNC9tS3
|KAq7+L9KTBk/B9ugwWAet35n996xw2BJrEXX+MbvCDchk0fu8HM1crACxPMRw15H5Qq3g/
|HbdGlki0QdlV3NKMCFAgMBAAGjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXg
|MB8GA1UdIwQYMBaAFOngkCeseCB6mtNM8kI3TiKunji7MB0GA1UdDgQWBBSM88t1Do0x9t
|Qp2kSSdbj+7U85DDANBgkqhkiG9w0BAQUFAAOBgQAds1GxmZbwRKjrFOr8wt+4M0sCPEHf
|41N/6jR//NURDQAEiLjtvCNFA27xU7LAOxli3Nzhiv6n/KXXl9slfPMwxWOnOEqrJSEkgM
|fYeIKMU+o+L2MQZtMnVZrc7zVe9iNx5v94e6lPe38uucRCc1dPqvgEtA3HU4jE8JIoM0RQ
|oQ==
|<DianeRSASignByCarl.cer

|* EricaDHEncryptByCarl.cer
|* Creator: [JS]
|>EricaDHEncryptByCarl.cer
|MIIC6TCCAqigAwIBAgICANQwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAyMTcxNloXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHRXJpY2FESDCCAcQw
|ggE4BgcqhkjOPgIBMIIBKwKBgQDsLM2k75omL2KnuyNN3yslwWjSnqlFWzbxlIkar30RJJ
|09uTwp6NcjgDOmnkUCu6rMnigFlaCzF3bB9yU1YQJBkicMXq5I5fNuOO+R0c83/ppAl8gt
|NZ6dk8b4Fa8/2nQ6t8STtbm7dmwfqH68OqpDCoFk/GPwe3GY+sA4eRAaMwKBgQC6C9d0Pe
|c05UwTp5WWu/HkYTcI+xLH+5yRdwaZNfBIJJYzEgF+jewL9rLAY6cVxV6VhqJzxUlGN3lg
|/XcFCUibcI08BfbORCx/fRsrFd3zBS++hSCPjfm0oEV0K/Q7nUJiNCcngY5vD15ihYnM7S
|HDkXAGVO5wqJJVW24ZIk1ipwIhAMOrSjB5s9OXTsr1on3HcKNF87OihgXSPkn5n9kKs769
|A4GFAAKBgQDRK+QdProYz3Ugxsdew8Rs6vMj2QkfRpj0zlm5ts7oOsYY+Fl3G5mw2tzAnQ
|nkr/lhkSxHzEde3yszdvNn7HfoLDcwoYld88j2XBZK5LeM9XvVOP0UrOh6wn3uB5AnCnyH
|qKLicDXqbt6eUDFr6QnaJRoBjuP/Jhx19cPOWvWehaOBgTB/MB8GA1UdEQQYMBaBFGVyaW
|NhRGhAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgMIMB8GA1Ud
|IwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0GA1UdDgQWBBSNUx1hVX9gNW2mNqLFk/
|ia/cB1dDAJBgcqhkjOOAQDAzAAMC0CFD5RQgjjUi6qu4+9GDhxy5iDvkeeAhUAtLMVhZkR
|BkAfQFmN1BstzYHx6Gg=
|<EricaDHEncryptByCarl.cer

Examples from seciton 3.4 (CRLs)

|* CarlDSSCRLEmpty.crl
|* Creator: [JS]
|>CarlDSSCRLEmpty.crl
|MG0wLjAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MXDTk5MDgyMDA3MDAwMFowCQ
|YHKoZIzjgEAwMwADAtAhRiPzYXMVguZ1B59QlLjK3Ua/RknwIVALU7TqFMe/0Pw42btv7D
|XW/eZSh9
|<CarlDSSCRLEmpty.crl

|* CarlDSSCRLForAll.crl
|* Creator: [JS]
|>CarlDSSCRLForAll.crl
|MIHYMIGZMAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUxcNOTkwODI3MDcwMDAwWj
|BpMBMCAgDIFw05OTA4MjIwNzAwMDBaMBMCAgDJFw05OTA4MjIwNzAwMDBaMBMCAgDTFw05
|OTA4MjIwNzAwMDBaMBMCAgDSFw05OTA4MjIwNzAwMDBaMBMCAgDUFw05OTA4MjQwNzAwMD
|BaMAkGByqGSM44BAMDLwAwLAIUfmVSdjP+NHMX0feW+aDU2G1cfT0CFAJ6W7fVWxjBz4fv
|ftok8yqDnDWh
|<CarlDSSCRLForAll.crl

|* CarlDSSCRLForCarl.crl
|* Creator: [JS]
|>CarlDSSCRLForCarl.crl
|MIGDMEQwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTFw05OTA4MjUwNzAwMDBaMB
|QwEgIBARcNOTkwODIyMDcwMDAwWjAJBgcqhkjOOAQDAzAAMC0CFQCzH8VPej3sdtVg+d55
|IuxPsJD+lwIUWovDhLxmhxu/eYJbCl0H9rqpBSk=
|<CarlDSSCRLForCarl.crl

|* CarlRSACRLEmpty.crl
|* Creator: [JS]
|>CarlRSACRLEmpty.crl
|MIHHMDIwDQYJKoZIhvcNAQEEBQAwEjEQMA4GA1UEAxMHQ2FybFJTQRcNOTkwODIwMDcwMD
|AwWjANBgkqhkiG9w0BAQQFAAOBgQCpxSG4E3x087UR7ATzIEWGHgtuf4NtX/Q0dgZZJQ4E
|PYgJiIE3xNwgmPoXgQs3lKy0j3tRiRSky3JzFAe8IpxAoQf8RHyFDwuI0e7hDq/2FnStoa
|/BAHUAZOqlmvYLCKLblRlfpqe5OUUlCg72XoTn+LlayRjCDriglr6BOoBtyQ==
|<CarlRSACRLEmpty.crl

|* CarlRSACRLForAll.crl
|* Creator: [JS]
|>CarlRSACRLForAll.crl
|MIIBMzCBnTANBgkqhkiG9w0BAQQFADASMRAwDgYDVQQDEwdDYXJsUlNBFw05OTA4MjcwNz
|AwMDBaMGkwIQIQRjRrx4AAVrwR024uxBCzsBcNOTkwODIyMDcwMDAwWjAhAhBGNGvHgABW
|vBHTbi7VmjCQFw05OTA4MjIwNzAwMDBaMCECEEY0a8eAAFa8EdNuLs1dcdAXDTk5MDgyND
|A3MDAwMFowDQYJKoZIhvcNAQEEBQADgYEAv7OXqlPwMiEWK3eSemu7l8jc6vH6ZhYwDrWe
|XPCB1F6zbsGIa4zUXsVN+0deZvNdq+W0GDZgqE2cPInsbye/NVBxgcK5RFtiiRkSMal7mt
|PMZssR2QsQR3etTyLZ5X8w8lv8lFGlWHY7H6hGph/2od5Voe0xiGmXDwjT1AxgWx4=
|<CarlRSACRLForAll.crl

|* CarlRSACRLForCarl.crl
|* Creator: [JS]
|>CarlRSACRLForCarl.crl
|MIHsMFcwDQYJKoZIhvcNAQEEBQAwEjEQMA4GA1UEAxMHQ2FybFJTQRcNOTkwODI1MDcwMD
|AwWjAjMCECEEY0a8eAAFa8EdNuLp/yUCAXDTk5MDgyMjA3MDAwMFowDQYJKoZIhvcNAQEE
|BQADgYEAIe8h1MEahZVJa8pFYtzXCf+pUS6O2UcY+vjlct1P7XR04/NlMmUoLJodV+XVJg
|bq1eYjlYSNDome7psML84H96PRa4VMD//m3fzczXMsHn3csHHFTPwBblJXaR45Y98SIjDH
|E1WUBW4qAKlbxCpmlGLONjPCK2NHJZ3z3nDuAFY=
|<CarlRSACRLForCarl.crl

Examples from the rest of the document, by section

|* Example from section 4.1
|* Creator: [JS]
|>4.1.bin
|MIAGCSqGSIb3DQEHAaCAJIAEBFRoaXMEGCBpcyBzb21lIHNhbXBsZSBjb250ZW50LgAAAA
|AAAA==
|<4.1.bin

|* Example from section 4.2
|* Creator: [JS]
|>4.2.bin
|MCsGCSqGSIb3DQEHAaAeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQu
|<4.2.bin

|* Example from section 5.1
|* Creator: [JS]
|>5.1.bin
|MIG3BgkqhkiG9w0BBwKggakwgaYCAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAaAeBB
|xUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuMWcwZQIBATAYMBIxEDAOBgNVBAMTB0Nh
|cmxEU1MCAgDIMAkGBSsOAwIaBQAwCQYHKoZIzjgEAQQwMC0CFHCbJ32Z59IMxsUhC0viIb
|e9jUgpAhUAiywMBstKtQZLqEwOeNE7kOnRn6QA
|MIIDnwYJKoZIhvcNAQcCoIIDkDCCA4wCAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa
|AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIIC4jCCAt4wggKdoAMCAQICAgDI
|MAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUzAeFw05OTA4MTcwMTEwNDlaFw0zOT
|EyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlRFNTMIIBtjCCASsGByqGSM44BAEwggEe
|AoGBAIGNze2D6gqeOT7CSCij5EeT3Q7XqA7sU8WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+
|HZMMg23j+bv7dM3F9piuR10DcMkQiVm96nXvn89J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UI
|ddU5dhDEeL3/nbCElzfy5FEbteQJllzzflvbAhUA4kemGkVmuBPG2o+4NyErYov3k80CgY
|AmONAUiTKqOfs+bdlLWWpMdiM5BAI1XPLLGjDDHlBd3ZtZ4s2qBT1YwHuiNrhuB699ikIl
|p/R1z0oIXks+kPht6pzJIYo7dhTpzi5dowfNI4W4LzABfG1JiRGJNkS9+MiVSlNWteL5c+
|waYTYfEX/Cve3RUP+YdMLRgUpgObo2OQOBhAACgYBc47ladRSWC6l63eM/qeysXty9txMR
|NKYWiSgRI9k0hmd1dRMSPUNbb+VRv/qJ8qIbPiR9PQeNW2PIu0WloErjhdbOBoA/6CN+Gv
|Ikq1MauCcNHu8Iv2YUgFxirGX6FYvxuzTU0pY39mFHssQyhPB+QUD9RqdjTjPypeL08oPl
|uKOBgzCBgDAgBgNVHREEGTAXgRVhbGljZURzc0BleGFtcGxlcy5jb20wDAYDVR0TAQH/BA
|IwADAOBgNVHQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8w
|HQYDVR0OBBYEFL5sobPjwfftQ3CkzhMB4v3jl/7NMAkGByqGSM44BAMDMAAwLQIVAJiwxj
|/PcUdaNalKj8D4JAXoRpSOAhRbn0jAjKHBApxE6umhh8GlfygtuzFnMGUCAQEwGDASMRAw
|DgYDVQQDEwdDYXJsRFNTAgIAyDAJBgUrDgMCGgUAMAkGByqGSM44BAMEMDAtAhQI0EV9Y+
|E57GKwMMIprULqlk+RhgIVAKaG7op6BafgB+b5iL+T+5ZNdtOSAA==
|<5.1.bin

|* Example from section 5.2
|* Creator: [JS]
|>5.2.bin
|MIIBHgYJKoZIhvcNAQcCoIIBDzCCAQsCAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa
|AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuMYHLMIHIAgEBMCYwEjEQMA4GA1UE
|AxMHQ2FybFJTQQIQRjRrx4AAVrwR024uxBCzsDAJBgUrDgMCGgUAMA0GCSqGSIb3DQEBAQ
|UABIGALyOC0vMJX7gMWOtOnb+JmoHldcSRPdPQ1Xu21f6UoYqs48SE9c1gTieV9s8AhnZ1
|Pyvw59QCZ6f1x40WBKWztefZMvAk7+cgRNWfB8VTJPrOAR0PFxOnKpWdK+QDlRQL6TkNus
|5unJ4M6JjmVRPUaG/QB9eisWJM44+v/eDVXcc=
|MIIDMAYJKoZIhvcNAQcCoIIDITCCAx0CAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa
|AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIICDjCCAgowggFzoAMCAQICEEY0
|a8eAAFa8EdNuLsQQs7AwDQYJKoZIhvcNAQEFBQAwEjEQMA4GA1UEAxMHQ2FybFJTQTAeFw
|05OTA4MTkwNzAwMDBaFw0zOTEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlUlNBMIGf
|MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgiXM5jdj19eiHdjl/TrAFu1OD3g+3q9x9x3
|UpDQUubRLfpoYm1NJvqlgp/Jfs+oJRDzCAvrFQnkZE8Sy72DLPxmhvB9mwYKy+7jQJahP1
|9wUFk99eujVW2WH/GX/Jgeb4bOqHQHDvrG0sdJ8t+lU6uZl3AqZIUoxO81c4V3RXXwIDAQ
|ABo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBTp4JAn
|rHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQUd9K00bdMioqjzkWdzuw8oDrj/1AwDQYJKo
|ZIhvcNAQEFBQADgYEAUv+zi1QeCL/zbQwSCH2Oy25Z7FaTpkoiQF+LFHl+g0/1P94hlxZY
|cHYysiBRoxofl0iAXIOwuJMLA0Suv76kjAbGReKBCNWJWAwoGy2lixxK49dENNTLU/y6qY
|uqtumww6t08SrxsMY46ocCHhC7mcS+NsAIuhNlNz428zFCcxgxgcswgcgCAQEwJjASMRAw
|DgYDVQQDEwdDYXJsUlNBAhBGNGvHgABWvBHTbi7EELOwMAkGBSsOAwIaBQAwDQYJKoZIhv
|cNAQEBBQAEgYAvI4LS8wlfuAxY606dv4mageV1xJE909DVe7bV/pShiqzjxIT1zWBOJ5X2
|zwCGdnU/K/Dn1AJnp/XHjRYEpbO159ky8CTv5yBE1Z8HxVMk+s4BHQ8XE6cqlZ0r5AOVFA
|vpOQ26zm6cngzomOZVE9Rob9AH16KxYkzjj6/94NVdxw==
|<5.2.bin

|* Example from section 5.3
|* Creator: [JS]
|>5.3.bin
|MIGXBgkqhkiG9w0BBwKggYkwgYYCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHATFnMG
|UCAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyDAJBgUrDgMCGgUAMAkGByqGSM44BAEE
|MDAtAhReXmtpBKJiXYtFslX5dRwSToiIIQIVAKPBSCPgCDVvJSJ6HrYUvOR1kdslAA==
|MIIDfwYJKoZIhvcNAQcCoIIDcDCCA2wCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAa
|CCAuIwggLeMIICnaADAgECAgIAyDAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1Mw
|HhcNOTkwODE3MDExMDQ5WhcNMzkxMjMxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUz
|CCAbYwggErBgcqhkjOOAQBMIIBHgKBgQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QI
|T/+U4XNIfgzW80RI0f6fr6ShiS/h2TDINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL9
|1DqItU8T+wBwhHTV2Iw8O1s+NVCHXVOXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJH
|phpFZrgTxtqPuDchK2KL95PNAoGAJjjQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd
|2bWeLNqgU9WMB7oja4bgevfYpCJaf0dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8w
|AXxtSYkRiTZEvfjIlUpTVrXi+XPsGmE2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXO
|O5WnUUlgupet3jP6nsrF7cvbcTETSmFokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0H
|jVtjyLtFpaBK44XWzgaAP+gjfhryJKtTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7
|LEMoTwfkFA/UanY04z8qXi9PKD5bijgYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhh
|bXBsZXMuY29tMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFH
|BEPoIub4feStN14z0gvEMrk/EfMB0GA1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJ
|BgcqhkjOOAQDAzAAMC0CFQCYsMY/z3FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoY
|fBpX8oLbsxZzBlAgEBMBgwEjEQMA4GA1UEAxMHQ2FybERTUwICAMgwCQYFKw4DAhoFADAJ
|BgcqhkjOOAQDBDAwLAIUFdDc7v/UNluTDc9pPTdFoDSaYzUCFEl1dkwzAAqrkP3vnEeAIf
|FJ6gIVAAA=
|<5.3.bin

|* Example from section 5.4
|* Creator: [JS]
|>5.4.bin
|MIIIaAYJKoZIhvcNAQcCoIIIWTCCCFUCAQMxCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa
|MIIHsAYJKoZIhvcNAQcCoIIHoTCCB50CAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa
|AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIIFgTCCApswggJaoAMCAQICAQEw
|CQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDTk5MDgxNjIyNTA1MFoXDTM5MT
|IzMTIzNTk1OVowEjEQMA4GA1UEAxMHQ2FybERTUzCCAbcwggErBgcqhkjOOAQBMIIBHgKB
|gQC2SRg+ikTBKXGUTAHEEsF6ectUTasegfvGTLMOlAkG6wHUschxS8dFwFAlXZz82uRt0+
|KGSISCfboVlUoW9kbt3faY0rt+igqKuhZ7uVABSJOL6yUVUZdV3I9TDhCpUPxwt80wVP3a
|3qiqIrWhr4vMAojni3Bfua3hCNRtKS3W6QIVAN3BL99Tzgs0YHc+AqS/il2YuRDVAoGADO
|5Xm0u92rYHanQ3T1V/ne28YQ3rRlk8VgsrWwyRzqViUmnK4W0+vb/+4be5K2E8rcuuReMG
|rIwinZxEhwvHzfAc2bVOXXPerw7JHVpR9U9EeTVac6p/RlEfqUIWnEjrinlhtNUvUyJEYx
|+GuKNYBiX4KcDvuuB18ELEY2VSmwoDgYUAAoGBAJmHdCcDZqCxwK3cLHW74WxEnNohbU1H
|bbFiCenYrh7yOrSUsaOOeptxTgCUybQlTrlglhkkAfNiDP51wPvO2GgA4/3VcE/fI5YZBp
|T0sWGPOlexCBGkCyYl8FJ2geoLYg2VKuaGunKyp1CDC6onzRupTYma140YOYQ/i8VWTYB6
|o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUcEQ+gi
|5vh95K03XjPSC8QyuT8R8wCQYHKoZIzjgEAwMwADAtAhRrqfBOelp54/m+PSvJBjfpEReh
|EwIVAI80aSqLsTwDeZQyTRIfzon7RrI7MIIC3jCCAp2gAwIBAgICAMgwCQYHKoZIzjgEAz
|ASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDTk5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVow
|EzERMA8GA1UEAxMIQWxpY2VEU1MwggG2MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp
|45PsJIKKPkR5PdDteoDuxTxauECE//lOFzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zc
|X2mK5HXQNwyRCJWb3qde+fz0ny/dQ6iLVPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsI
|SXN/LkURu15AmWXPN+W9sCFQDiR6YaRWa4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t
|2UtZakx2IzkEAjVc8ssaMMMeUF3dm1nizaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G
|3qnMkhijt2FOnOLl2jB80jhbgvMAF8bUmJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ
|/5h0wtGBSmA5ujY5A4GEAAKBgFzjuVp1FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3
|V1ExI9Q1tv5VG/+onyohs+JH09B41bY8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/
|ZhSAXGKsZfoVi/G7NNTSljf2YUeyxDKE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GDMIGAMCAGA1
|UdEQQZMBeBFWFsaWNlRHNzQGV4YW1wbGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB
|/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvm
|yhs+PB9+1DcKTOEwHi/eOX/s0wCQYHKoZIzjgEAwMwADAtAhUAmLDGP89xR1o1qUqPwPgk
|BehGlI4CFFufSMCMocECnETq6aGHwaV/KC27oYHbMIHYMIGZMAkGByqGSM44BAMwEjEQMA
|4GA1UEAxMHQ2FybERTUxcNOTkwODI3MDcwMDAwWjBpMBMCAgDIFw05OTA4MjIwNzAwMDBa
|MBMCAgDJFw05OTA4MjIwNzAwMDBaMBMCAgDTFw05OTA4MjIwNzAwMDBaMBMCAgDSFw05OT
|A4MjIwNzAwMDBaMBMCAgDUFw05OTA4MjQwNzAwMDBaMAkGByqGSM44BAMDLwAwLAIUfmVS
|djP+NHMX0feW+aDU2G1cfT0CFAJ6W7fVWxjBz4fvftok8yqDnDWhMYIBsTCCAa0CAQOAFL
|5sobPjwfftQ3CkzhMB4v3jl/7NMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZI
|hvcNAQcBMBwGCSqGSIb3DQEJBTEPFw05OTA5MTIwMjUxNTNaMCMGCSqGSIb3DQEJBDEWBB
|RAauwIUnm6bhYCLZ4GKcAilofdSDAJBgcqhkjOOAQBBDAwLQIVALyvBHm3v0Ks67t7wtCM
|s1Mgg/G8AhRpllVd+3geledbuAVdIRII9V80KQChgeowLwYLKoZIhvcNAQkQAgQxIDAeDB
|FTTWltZSBFeGFtcGxlIDUuNAYJKoZIhvcNAQcBMIG2BgkqhkiG9w0BCQYxgagwgaUCAQEw
|GDASMRAwDgYDVQQDEwdDYXJsRFNTAgIA0jAJBgUrDgMCGgUAoD8wGAYJKoZIhvcNAQkDMQ
|sGCSqGSIb3DQEHATAjBgkqhkiG9w0BCQQxFgQUc1eRpj6IM25RMYHgEQhGjO5Q41swCQYH
|KoZIzjgEAQQvMC0CFErIQVDpInDG+/kjJaE3tj1eXmc+AhUArLqcuVaOhq4ZKdKN82tItd
|1it8c=
|djP+NHMX0feW+aDU2G1cfT0CFAJ6W7fVWxjBz4fvftok8yqDnDWhMYH6MIH3AgEBMBgwEj
|EQMA4GA1UEAxMHQ2FybERTUwICAMgwCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJAzELBgkq
|hkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTk5MTAxNTIyMjYxMFowIwYJKoZIhvcNAQkEMR
|YEFEBq7AhSebpuFgItngYpwCKWh91IMAkGByqGSM44BAMEMDAuAhUAlwKrgdhJ/cptibRq
|xQmW7uN2Ni8CFQDHPn57Pdbk0x1vh4sYA/LfGCt3daExMC8GCyqGSIb3DQEJEAIEMSAwHg
|wRU01pbWUgRXhhbXBsZSA1LjQGCSqGSIb3DQEHAQ==
|<5.4.bin

|* Example from section 5.5
|* Creator: [JS]
|>5.5.bin
|MIIFDwYJKoZIhvcNAQcCoIIFADCCBPwCAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa
|AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIID7TCCAeMwggFQoAMCAQICEEY0
|a8eAAFa8EdNuLp/yUCAwCQYFKw4DAh0FADASMRAwDgYDVQQDEwdDYXJsUlNBMB4XDTk5MD
|kxOTAxMDc0NloXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHQ2FybFJTQTCBnzANBgkq
|hkiG9w0BAQEFAAOBjQAwgYkCgYEA5Ev/GLgkV/R3/25ze5NxXLwzGpKSciPYQUbQzRE6BL
|OOr4KdvVEeF3rydiwrhjmnvdeNGlPs5ADV6OyiNrHt4lDiMgmKP5+ZJY+4Tqu5fdWWZdoW
|oMW+Dq5EW+9e9Kcpy4LdrETpqpOUKQ74GNbIV17ydsTyEWA4uRs8HZfJavECAwEAAaNCME
|AwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFOngkCeseCB6
|mtNM8kI3TiKunji7MAkGBSsOAwIdBQADgYEAK3G0t2xOCMLqqT1S3nd2nUD3JnBfMKwGeA
|qbxyJVw3Jqhp7DVEACU4VhddkPNXG+105LtreMAM4VMjhwmzzucgoij7EbPNC9lxXH61Ix
|4VGhPVry6pChmd2L/RgMLIrEiWJ/a2mz8r/exUTj0eGGdFc0aHOQBvqsa5aeX4CQO7wwgg
|ICMIIBb6ADAgECAhBGNGvHgABWvBHTbi7EELOwMAkGBSsOAwIdBQAwEjEQMA4GA1UEAxMH
|Q2FybFJTQTAeFw05OTA5MTkwMTA4NDdaFw0zOTEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCE
|FsaWNlUlNBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgiXM5jdj19eiHdjl/TrAF
|u1OD3g+3q9x9x3UpDQUubRLfpoYm1NJvqlgp/Jfs+oJRDzCAvrFQnkZE8Sy72DLPxmhvB9
|mwYKy+7jQJahP19wUFk99eujVW2WH/GX/Jgeb4bOqHQHDvrG0sdJ8t+lU6uZl3AqZIUoxO
|81c4V3RXXwIDAQABo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHS
|MEGDAWgBTp4JAnrHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQUd9K00bdMioqjzkWdzuw8
|oDrj/1AwCQYFKw4DAh0FAAOBgQC/NDLm/GqIQX3wXJmhk7dJtwJSHsuErJPXWCsAoZzESE
|iZ3QLDxgX40iXxo5zJMwGKdg5vd0Ojv+Hms2oEeTnu4enlnVAHiyLcElDj87Q9nuWTnrHN
|M/ngq5hxCfjrsPyc7PGI2K4D0f5g4WIUsaIj0siNGB9e7ptyAifChT0ELjGByzCByAIBAT
|AmMBIxEDAOBgNVBAMTB0NhcmxSU0ECEEY0a8eAAFa8EdNuLsQQs7AwCQYFKw4DAhoFADAN
|BgkqhkiG9w0BAQEFAASBgC8jgtLzCV+4DFjrTp2/iZqB5XXEkT3T0NV7ttX+lKGKrOPEhP
|XNYE4nlfbPAIZ2dT8r8OfUAmen9ceNFgSls7Xn2TLwJO/nIETVnwfFUyT6zgEdDxcTpyqV
|nSvkA5UUC+k5DbrObpyeDOiY5lUT1Ghv0AfXorFiTOOPr/3g1V3H
|MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAaCAJIAEBF
|RoaXMEGCBpcyBzb21lIHNhbXBsZSBjb250ZW50LgAAAAAAAKCCA/0wggHrMIIBVKADAgEC
|AhBGNGvHgABWvBHTbi6f8lAgMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNVBAMTB0NhcmxSU0
|EwHhcNOTkwODE4MDcwMDAwWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQDEwdDYXJsUlNB
|MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkS/8YuCRX9Hf/bnN7k3FcvDMakpJyI9
|hBRtDNEToEs46vgp29UR4XevJ2LCuGOae9140aU+zkANXo7KI2se3iUOIyCYo/n5klj7hO
|q7l91ZZl2hagxb4OrkRb7170pynLgt2sROmqk5QpDvgY1shXXvJ2xPIRYDi5Gzwdl8lq8Q
|IDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
|6eCQJ6x4IHqa00zyQjdOIq6eOLswDQYJKoZIhvcNAQEFBQADgYEAt57UBNPtKeT/iYkVLk
|zbDPBIDzJh7sQE7BJdLf8PZFl+CsPtGP3jVkA3pwe18DgSYVDt790/4wu4YaWkmzzmnpxU
|mraV1tpsO7UtRTWdSQF2+rm5Mfn5axJToPUUYJt9yj7yU2uwN2+t5nTX2/pa6hRBY13Nvs
|gOwdpqjVM0GAIwggIKMIIBc6ADAgECAhBGNGvHgABWvBHTbi7EELOwMA0GCSqGSIb3DQEB
|BQUAMBIxEDAOBgNVBAMTB0NhcmxSU0EwHhcNOTkwODE5MDcwMDAwWhcNMzkxMjMxMjM1OT
|U5WjATMREwDwYDVQQDEwhBbGljZVJTQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
|4IlzOY3Y9fXoh3Y5f06wBbtTg94Pt6vcfcd1KQ0FLm0S36aGJtTSb6pYKfyX7PqCUQ8wgL
|6xUJ5GRPEsu9gyz8ZobwfZsGCsvu40CWoT9fcFBZPfXro1Vtlh/xl/yYHm+Gzqh0Bw76xt
|LHSfLfpVOrmZdwKmSFKMTvNXOFd0V18CAwEAAaNgMF4wDAYDVR0TAQH/BAIwADAOBgNVHQ
|8BAf8EBAMCBsAwHwYDVR0jBBgwFoAU6eCQJ6x4IHqa00zyQjdOIq6eOLswHQYDVR0OBBYE
|FHfStNG3TIqKo85Fnc7sPKA64/9QMA0GCSqGSIb3DQEBBQUAA4GBAFL/s4tUHgi/820MEg
|h9jstuWexWk6ZKIkBfixR5foNP9T/eIZcWWHB2MrIgUaMaH5dIgFyDsLiTCwNErr++pIwG
|xkXigQjViVgMKBstpYscSuPXRDTUy1P8uqmLqrbpsMOrdPEq8bDGOOqHAh4Qu5nEvjbACL
|oTZTc+NvMxQnMYMYHLMIHIAgEBMCYwEjEQMA4GA1UEAxMHQ2FybFJTQQIQRjRrx4AAVrwR
|024uxBCzsDAJBgUrDgMCGgUAMA0GCSqGSIb3DQEBAQUABIGALyOC0vMJX7gMWOtOnb+Jmo
|HldcSRPdPQ1Xu21f6UoYqs48SE9c1gTieV9s8AhnZ1Pyvw59QCZ6f1x40WBKWztefZMvAk
|7+cgRNWfB8VTJPrOAR0PFxOnKpWdK+QDlRQL6TkNus5unJ4M6JjmVRPUaG/QB9eisWJM44
|+v/eDVXccAAAAAAAA=
|<5.5.bin

|* Example from section 5.6
|* Creator: [JS]
|>5.6.bin
|MIIBIQYJKoZIhvcNAQcCoIIBEjCCAQ4CAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa
|AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuMYHOMGUCAQEwGDASMRAwDgYDVQQD
|EwdDYXJsRFNTAgIAyDAJBgUrDgMCGgUAMAkGByqGSM44BAEEMDAsAhQBGkm6dbCnYjb86X
|2u98VXAoaYjgIUbRuovVEQUSbziZbmuPGvXlXdPSEAADBlAgEBMBgwEjEQMA4GA1UEAxMH
|Q2FybERTUwICANIwCQYFKw4DAhoFADAJBgcqhkjOOAQBBDAwLQIVAM+G8VRw461aVOz+88
|/1DI6eomR/AhRhGp0ZMUegMqegJ9ORA8QH4HKNjgA=
|MIIFxQYJKoZIhvcNAQcCoIIFtjCCBbICAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa
|AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIIEoDCCAbowggF5oAMCAQICAgDS
|MAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUzAeFw05OTA4MTcwMjA4MTBaFw0zOT
|EyMzEyMzU5NTlaMBMxETAPBgNVBAMTCERpYW5lRFNTMIGTMAkGByqGSM44BAEDgYUAAoGB
|AKAAF3gs7n6BUy4uYQgPoZtRUhraWahzLxIltgjLyu8qRHaKUgnqvQUi1Q/2/UbXr5k4CQ
|4Ty08s3Rw09xy/Jf8j0ztZ54KXN74xJNgYyPNJOVu34uUnfvyMRXJbfj6PaE3dRnoivo7/
|zNo5KaM55Z9D6VXJ11umgWfMwKrNLsUjo4GDMIGAMCAGA1UdEQQZMBeBFWRpYW5lRHNzQG
|V4YW1wbGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAW
|gBRwRD6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUZDCZfVzcRQuZOlIvFr9YUN3OKx
|gwCQYHKoZIzjgEAwMwADAtAhR+DAyBF7SaVLLDMOuKxDzCUjaelQIVAMafF8JxS6wuOY09
|EB+as022+RGjMIIC3jCCAp2gAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYX
|JsRFNTMB4XDTk5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxp
|Y2VEU1MwggG2MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDu
|xTxauECE//lOFzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde
|+fz0ny/dQ6iLVPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9
|sCFQDiR6YaRWa4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssa
|MMMeUF3dm1nizaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB8
|0jhbgvMAF8bUmJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GE
|AAKBgFzjuVp1FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyoh
|s+JH09B41bY8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTS
|ljf2YUeyxDKE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GDMIGAMCAGA1UdEQQZMBeBFWFsaWNlRH
|NzQGV4YW1wbGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSME
|GDAWgBRwRD6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/e
|OX/s0wCQYHKoZIzjgEAwMwADAtAhUAmLDGP89xR1o1qUqPwPgkBehGlI4CFFufSMCMocEC
|nETq6aGHwaV/KC27MYHOMGUCAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyDAJBgUrDg
|MCGgUAMAkGByqGSM44BAMEMDAtAhUAyy2Bew0/TYoNtgo8hkiyIltPtBwCFHUAIGeWncXd
|t15HlLIBpVIVDCaiADBlAgEBMBgwEjEQMA4GA1UEAxMHQ2FybERTUwICANIwCQYFKw4DAh
|oFADAJBgcqhkjOOAQDBDAwLQIUH0ucgGL/GXdumvxmRcj9bUl6uoQCFQCE0uTmjLzEEnJ0
|T9lQpKhm+yrpzwA=
|<5.6.bin

|* Example from section 5.7
|* Creator: [JS]
|>5.7.bin
|MIGzBgkqhkiG9w0BBwKggaUwgaICAQMxCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAaAeBB
|xUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuMWMwYQIBA4AUvmyhs+PB9+1DcKTOEwHi
|/eOX/s0wCQYFKw4DAhoFADAJBgcqhkjOOAQBBDAwLQIUT/ZitsqN1syoqMqaycuWliwd2o
|8CFQC34p0GHvgiXpP+C6a/8Dwp7RWFgwA=
|MIICxwYJKoZIhvcNAQcCoIICuDCCArQCAQMxCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa
|AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIICDjCCAgowggFzoAMCAQICEEY0
|a8eAAFa8EdNuLsQQs7AwDQYJKoZIhvcNAQEFBQAwEjEQMA4GA1UEAxMHQ2FybFJTQTAeFw
|05OTA4MTkwNzAwMDBaFw0zOTEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlUlNBMIGf
|MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgiXM5jdj19eiHdjl/TrAFu1OD3g+3q9x9x3
|UpDQUubRLfpoYm1NJvqlgp/Jfs+oJRDzCAvrFQnkZE8Sy72DLPxmhvB9mwYKy+7jQJahP1
|9wUFk99eujVW2WH/GX/Jgeb4bOqHQHDvrG0sdJ8t+lU6uZl3AqZIUoxO81c4V3RXXwIDAQ
|ABo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBTp4JAn
|rHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQUd9K00bdMioqjzkWdzuw8oDrj/1AwDQYJKo
|ZIhvcNAQEFBQADgYEAUv+zi1QeCL/zbQwSCH2Oy25Z7FaTpkoiQF+LFHl+g0/1P94hlxZY
|cHYysiBRoxofl0iAXIOwuJMLA0Suv76kjAbGReKBCNWJWAwoGy2lixxK49dENNTLU/y6qY
|uqtumww6t08SrxsMY46ocCHhC7mcS+NsAIuhNlNz428zFCcxgxYzBhAgEDgBS+bKGz48H3
|7UNwpM4TAeL945f+zTAJBgUrDgMCGgUAMAkGByqGSM44BAMEMDAtAhUAuDiXKFri4/5Obi
|QApjfyDYwfHO4CFGa17jvYK0YL4GTQ9bmtXOwP7XsSAA==
|<5.7.bin

|* Example from section 5.8
|* Creator: [JS]
|>5.8.eml
|TUlNRS1WZXJzaW9uOiAxLjANCkNvbnRlbnQtVHlwZTogbXVsdGlwYXJ0L3NpZ25lZDsNCg
|lwcm90b2NvbD0iYXBwbGljYXRpb24veC1wa2NzNy1zaWduYXR1cmUiOw0KCW1pY2FsZz1T
|SEExOw0KCWJvdW5kYXJ5PSItLS0tPV9OZXh0UGFydF8wMDBfMDAwMF8wMUJFRjhCOC40Rj
|dENUY4MCINCg0KLS0tLS0tPV9OZXh0UGFydF8wMDBfMDAwMF8wMUJFRjhCOC40RjdENUY4
|MA0KDQpUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuDQotLS0tLS09X05leHRQYXJ0Xz
|AwMF8wMDAwXzAxQkVGOEI4LjRGN0Q1RjgwDQpDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9u
|L3gtcGtjczctc2lnbmF0dXJlOw0KCW5hbWU9InNtaW1lLnA3cyINCkNvbnRlbnQtVHJhbn
|NmZXItRW5jb2Rpbmc6IGJhc2U2NA0KQ29udGVudC1EaXNwb3NpdGlvbjogYXR0YWNobWVu
|dDsNCglmaWxlbmFtZT0ic21pbWUucDdzIg0KDQpNSUdYQmdrcWhraUc5dzBCQndLZ2dZa3
|dnWVlDQVFFeEN6QUpCZ1VyRGdNQ0dnVUFNQXNHQ1NxR1NJYjNEUUVIQVRGbk1HVUNBUUV3
|R0RBUw0KTVJBd0RnWURWUVFERXdkRFlYSnNSRk5UQWdJQXlEQUpCZ1VyRGdNQ0dnVUFNQW
|tHQnlxR1NNNDRCQUVFTURBdEFoUmVYbXRwQktKaVhZdEYNCnNsWDVkUndTVG9pSUlRSVZB
|S1BCU0NQZ0NEVnZKU0o2SHJZVXZPUjFrZHNsQUE9PQ0KDQotLS0tLS09X05leHRQYXJ0Xz
|AwMF8wMDAwXzAxQkVGOEI4LjRGN0Q1RjgwLS0NCg==
|<5.8.eml

|* Example from section 5.9
|* Creator: [JS]
|>5.9.eml
|U3ViamVjdDogRXhhbXBsZSA1LjkNCk1JTUUtVmVyc2lvbjogMS4wDQpDb250ZW50LVR5cG
|U6IGFwcGxpY2F0aW9uL3BrY3M3LW1pbWU7IG5hbWU9InNtaW1lLnA3bSI7IHNtaW1lLXR5
|cGU9c2lnbmVkLWRhdGENCkNvbnRlbnQtVHJhbnNmZXItRW5jb2Rpbmc6IGJhc2U2NA0KQ2
|9udGVudC1EaXNwb3NpdGlvbjogYXR0YWNobWVudDsgZmlsZW5hbWU9InNtaW1lLnA3bSIN
|Cg0KTUlHM0Jna3Foa2lHOXcwQkJ3S2dnYWt3Z2FZQ0FRRXhDekFKQmdVckRnTUNHZ1VBTU
|NzR0NTcUdTSWIzRFFFSEFhQWVCQnhVYUdseklHbHoNCklITnZiV1VnYzJGdGNHeGxJR052
|Ym5SbGJuUXVNV2N3WlFJQkFUQVlNQkl4RURBT0JnTlZCQU1UQjBOaGNteEVVMU1DQWdESU
|1Ba0dCU3NPDQpBd0lhQlFBd0NRWUhLb1pJempnRUFRUXdNQzBDRkhDYkozMlo1OUlNeHNV
|aEMwdmlJYmU5alVncEFoVUFpeXdNQnN0S3RRWkxxRXdPZU5FNw0Ka09uUm42UUENCg==
|<5.9.eml

|* Example from section 6.1
|* Creator: [JS]
|>6.1.bin
|MIIBYwYJKoZIhvcNAQcDoIIBVDCCAVACAQIxggEEoYIBAAIBA6CBlqGBkzAJBgcqhkjOPg
|IBA4GFAAKBgQDCpFbngGwR7EgB9w76sCDSnG8xLIX4SpyyuLoXtvUoMbyyXlPTjMm143kg
|jwPlZ39OAmouwmd/cZpEC+zAfRlv7l8u1TIA1HzCFlZ+7a9o3QxzaJU2zlxRrS4gZNAeO8
|hXPWVAuBrNbafLHJ7Fg3Nm3dKG7uGc7bGdMDJBTFI9GDAaBgcqhkjOPgIBMA8GCyqGSIb3
|DQEJEAMGBQAwRjBEMBgwEjEQMA4GA1UEAxMHQ2FybERTUwICAMkEKFFGV0E0HNbHzTZLpJ
|O3FuYu8FgknG1L6ZCLD0a45ZMZ/3zwVk1P+vUwQwYJKoZIhvcNAQcBMBQGCCqGSIb3DQMH
|BAju8h/ugAjOaoAgnrtsnrgUQyzLspCOpH2K2K6WiHMIgJU+0d/oL0/cc5g=
|<6.1.bin

|* Example from section 6.2
|* Creator: [JS]
|>6.2.bin
|MIAGCSqGSIb3DQEHA6CAMIACAQAxgcAwgb0CAQAwJjASMRAwDgYDVQQDEwdDYXJsUlNBAh
|BGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUABIGAxcCPZxKcEElJFF2A1iRQWThB
|XLdbsAsSFc1UgI5io6/RFSmmbLXAMvc5XwwvMpBlXOPVK1X2ITcJWpq0ltSWIEkGk2fqC8
|EgPV2yY36M+Ynzn78eGe02BIMFihVakqSKtD6JwWk1DXS3gX8Cy3rXZVEFFbZ4D/K0gPdg
|eit1iOkwgAYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAj0z/pDdDkS9KCABIGwG86612X7vG
|AFlWVCP2DbLXjF8n+TNJXiYvOZPtiiy8jlUBDYRc0n74M7O7BB5tcq3ldTrxCXH4k9ape4
|v+FyK/DWm+UJ1GvW9Lr/UGo88BaM3fQ05YXMqQMe3uNxGX+JnSctcZNTqMwVeVgVNsNTey
|JRrY8xq2A6HLdlWl+QFnsrXR4KtNWhZJPdT00xgYSAYMNWmcyhwMiuEJ5MyF7wGKkyMACT
|Env8FL981HS0sGwAAAAAAAAAAAAA
|<6.2.bin

|* Example from section 6.3
|* Creator: [JS]
|>6.3.bin
|MIAGCSqGSIb3DQEHA6CAMIACAQAxgcAwgb0CAQAwJjASMRAwDgYDVQQDEwdDYXJsUlNBAh
|BGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUABIGAhAB4rKlq+e2+J3+hRf5zSwVU
|FNffmycRaJfmMnaj1ki0TeQVsL+oWB9d8lwwqOnHY+SVtKsqNj5pnFkNZ1/yghUhexo7WW
|iq8bDGjNsOslTcM9Fk0UypdAgUEYoWdGo68DM1HDRwM78KxkSRyLEhvLGjZd0UvAXX4ufc
|fzpZfh8wgAYJKoZIhvcNAQcBMBoGCCqGSIb3DQMCMA4CAgCgBAicBNIZLipVoaCABIGwjo
|cuIuQwYZuWzOqtDNbXAxsUYDeLGoAsEk92t3Z34geEMwvMZetbMpto84ZtfbGiRBAdwBTh
|8sbxKBe6htUvbTffguvRLSSAcWJNDahpEKnhRXWGTauDYVtwfW3CXfOAMdNw/XMtdU2TVJ
|86qKjcMDT9STaIlzdPJA/7AyJMZOoz68XGI4cBchNv52I9EmIN+0SIMiSRBUaNDgA5ihSK
|yhlYS4+9uzWJr/mZFpHw570AAAAAAAAAAAAA
|<6.3.bin

|* Example from section 6.4
|* Creator: [JS]
|>6.4.bin
|MIICZwYJKoZIhvcNAQcDoIICWDCCAlQCAQIxggIIoYIBAAIBA6CBlqGBkzAJBgcqhkjOPg
|IBA4GFAAKBgAPKBS54Y4aVfcbjOAgz014G+8WY+t5mQi5vuzVHc+5/Q4KDDI3vH2GPUsZc
|u4VGCc0KHnVEUay4q4WIxrMGl8lHsopWVYu+0zzJOvCo1Uw6VhmbZXXpKxRm2LtmcC5kRk
|G9M+FQ+NXKpXRqCQHTbXSFITNTq8I9KghAz/msLffQADAaBgcqhkjOPgIBMA8GCyqGSIb3
|DQEJEAMGBQAwRjBEMBgwEjEQMA4GA1UEAxMHQ2FybERTUwICANMEKIgkfFJzwwL/24lJCA
|697g5JGEcZtJVfFhK57TRPmWsvyo6Uh1ZmCFGhggEAAgEDoIGWoYGTMAkGByqGSM4+AgED
|gYUAAoGAXFhyPsZokQ/46wfrwUZgE0t61OWsYQxn0Q0Kq+iBMSVqtebz71Od51G1HaTjOM
|frldmA2IVldhL7ep7ysT84H+ryfGEmY3OqIuL9FZqcFzFYDE6g3oSJt4FwYj6bRUetufyU
|laWZ9IaNC8507HHcyqZxNzEBTIwBWYxJrvz7ZOoAMBoGByqGSM4+AgEwDwYLKoZIhvcNAQ
|kQAwYFADBGMEQwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyQQoOSoW0SErcjgMQAFVoRcZ
|BL79JJsz5Ry8xdh7p0UV0lvlWgmlIhh73zBDBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECB
|PjQZyFMBUfgCC6j3HZyJLO1Ain9XORKW3hMwjexFjConvwmksGRO/W5Q==
|<6.4.bin

|* Example from section 6.5
|* Creator: [JS]
|>6.5.bin
|MIIBqgYJKoZIhvcNAQcDoIIBmzCCAZcCAQIxggFLoYIBRwIBA6CBlqGBkzAJBgcqhkjOPg
|IBA4GFAAKBgB5vuElZhqnuNBcpvKBahFGrzppBOLYpp3xJJI2DpqD4LJobHamGZGKJS/lb
|NZMMNtP3BlHVSl6t3HbS7VNGGtQKhFsmp9BMmtYkoZ660iEwe0XFNswrSk8Zdw1IInlm2e
|tRSlo7XSXl+lh5D1NJGx/p+XlzDbxJYe3bTYFnnmioADAaBgcqhkjOPgIBMA8GCyqGSIb3
|DQEJEAMGBQAwgYwwRDAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDJBCj/IIORXxDPOIDfUC
|BGwzA7fSvj28EYB+MHhStsqyYHuSzl3YlAfenVMEQwGDASMRAwDgYDVQQDEwdDYXJsRFNT
|AgIA1AQovxPCSqLUCGorYEq4oW0xQ/drrjVkI9DmgHm+XyUsUeO5DkTzg3m0DjBDBgkqhk
|iG9w0BBwEwFAYIKoZIhvcNAwcECCPff9s9mAD4gCB0KQIzTVEuxMWuMth/mwHr0s3CMgqq
|kI2pkfMhMo5Odg==
|<6.5.bin

|* Example from section 6.6
|* Creator: [JS]
|>6.6.eml
|U3ViamVjdDogVGVzdCBzdWJqZWN0DQpNSU1FLVZlcnNpb246IDEuMA0KQ29udGVudC1UeX
|BlOiBhcHBsaWNhdGlvbi94LXBrY3M3LW1pbWU7DQoJbmFtZT0ic21pbWUucDdtIjsNCglz
|bWltZS10eXBlPWVudmVsb3BlZC1kYXRhDQpDb250ZW50LVRyYW5zZmVyLUVuY29kaW5nOi
|BiYXNlNjQNCkNvbnRlbnQtRGlzcG9zaXRpb246IGF0dGFjaG1lbnQ7DQoJZmlsZW5hbWU9
|InNtaW1lLnA3bSINClgtTWltZU9MRTogUHJvZHVjZWQgQnkgTWljcm9zb2Z0IE1pbWVPTE
|UgVjUuMDAuMjExNS4zMDANCg0KTUlBR0NTcUdTSWIzRFFFSEE2Q0FNSUFDQVFJeGdnRmRv
|WUlCQkFJQkE2Q0JsYUdCa2pBSkJnY3Foa2pPUGdJQkE0R0VBQUtCZ0UzNA0KOE84V1lrYi
|ttaDlKeXdJbUlKMWowUElqODRTbnBLY2xxTzMxRWNTY1p6a1NpUVFQK2dxcGhJbWZFd0lH
|aDdQN3l3dW9GdXhkb3Q4Qw0KMlgvbkR1YmhycktJbUczWjk2aC9GQWg2L3JnQTZQMTByMn
|llc1YxUXZxZkdnWUJoOStvOXpxL1MxK1E4c3NGSDlqMW5aelRMTEwzcg0Kckc4VzR6dG11
|NHFYK1E4OU1COEdDeXFHU0liM0RRRUpFQU1GTUJBR0N5cUdTSWIzRFFFSkVBTUhBZ0U2TU
|VZd1JEQVlNQkl4RURBTw0KQmdOVkJBTVRCME5oY214RVUxTUNBZ0RKQkNoVEV2L0lpWWI1
|OGZKcEJjMU1RQUoxRlNHMzNMZEZicFJxOFFpck1VMTJKaUhkOXFBSg0Kamo5Q29sTUNBUV
|F3RXdRUlRXRnBiRXhwYzNSVWNtbHdiR1ZFUlZNd0R3WUxLb1pJaHZjTkFRa1FBd1lGQUFR
|by9KVjI1cWlwc2xidQ0KdWJaRExzbEVCOTNZNHJHdE9KSHB5bU51K3U1RmU3YnB5cFZ0an
|c0VldqQ0FCZ2txaGtpRzl3MEJCd0V3R1FZSUtvWklodmNOQXdJdw0KRFFJQk9nUUlqM2hQ
|OUZnMnlFcWdnQVFnNGxZTE9nbjBOdU9yU0FMTHZ0TjROemVWdFlKMDdoc1cyT1o3RnFRTm
|11b0FBQUFBQUFBQQ0KQUFBQQ0K
|<6.6.eml

|* Example from section 7.0
|* Creator: [JS]
|>7.0.bin
|MFoGCSqGSIb3DQEHBaBNMEsCAQAwBwYFKw4DAhowJwYJKoZIhvcNAQcBoBoEGFRoaXMgc2
|9tZSBzYW1wZSBjb250ZW50LgQUQGrsCFJ5um4WAi2eBinAIpaH3Ug=
|<7.0.bin

|* Example from section 8.0
|* Creator: [JS]
|>8.0.bin
|MFcGCSqGSIb3DQEHBqBKMEgCAQAwQwYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAiza2v7Yj
|EIToAg12/RF4+9AvhCMfXB0qL3SkFZSClk9nUkglQiPa+a+OQ=
|<8.0.bin

D. Acknowledgments

The following people contributed ideas and/or examples to this
document. They are listed by their real names, with the initials used
in the examples after their names.

Blake Ramsdell [BR]
Paul Hoffman [PH]
Jim Schaad [JS]
. . .

The examples are displayed with a modified version of Peter Gutmann's
"dumpasn1" program. Peter and Jim Schaad and Blake Ramsdell have been
updating the program based on input from the process of writing this
draft.

E. Differences between -01 and -02

Added a whole bunch of examples, all from Jim Schaad. Andrew
Farrell and Blake Ramsdell had contributed some earlier examples
of keys and certs.

3. Added Erica.

3.2: Added DianePrivDHEncrypt and DianePrivDSSSign.

11.2 and 11.3: Made -03

Changed 5.1 through 5.7 to use the receipts come from Diane.

B.2: Added binmode because Windows is stupid about I/O.

Renumbered right OID.

Changed all the appendixes. RSA certs and CRLs.

F. Editor's Address

Paul Hoffman
Internet Mail Consortium
127 Segre Place
Santa Cruz, CA  95060 USA
phoffman@imc.org