draft-ietf-smime-examples-11.txt   draft-ietf-smime-examples-12.txt 
Internet Draft Editor: Paul Hoffman Internet Draft Editor: Paul Hoffman
draft-ietf-smime-examples-11.txt Internet Mail Consortium draft-ietf-smime-examples-12.txt Internet Mail Consortium
June 29, 2003 October 18, 2003
Expires in six months Expires in six months
Examples of S/MIME Messages Examples of S/MIME Messages
Status of this memo Status of this memo
Internet-Drafts are working documents of the Internet Engineering Task Internet-Drafts are working documents of the Internet Engineering Task
Force (IETF), its areas, and its working groups. Note that other Force (IETF), its areas, and its working groups. Note that other
groups may also distribute working documents as Internet-Drafts. groups may also distribute working documents as Internet-Drafts.
skipping to change at line 32 skipping to change at line 32
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This document is an Internet-Draft and is in full conformance with all This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026. provisions of Section 10 of RFC2026.
Abstract Abstract
This document gives examples of message bodies formatted using S/MIME. This document gives examples of message bodies formatted using S/MIME.
Specifically, it has examples of Cryptographic Message Syntax (CMS) Specifically, it has examples of Cryptographic Message Syntax (CMS)
objects, S/MIME messages (including the MIME formatting), and Enhanced objects and S/MIME messages (including the MIME formatting).
Security Services for S/MIME (ESS). It includes examples of most or all It includes examples of many
common CMS and ESS formats; in addition, it gives examples that show common CMS formats. The purpose of this document is to
common pitfalls in implementing CMS. The purpose of this document is to
help increase interoperability for S/MIME and other protocols that rely help increase interoperability for S/MIME and other protocols that rely
on CMS. on CMS.
Table of Contents
1. Introduction
2. Constants Used in the Examples
2.1 Content of documents
2.2 Private Keys
2.3 Certificates
2.4 CRLs
3. Trivial Examples
3.1 ContentInfo with Data type, BER
3.2 ContentInfo with Data type, DER
4. Signed-data
4.1 Basic signed content, DSS
4.2 Basic signed content, RSA
4.3 Basic signed content, detached content
4.4 Fancier signed content
4.5 All RSA signed message
4.6 Multiple signers
4.7 Signing using SKI
4.8 S/MIME multipart/signed message
4.9 S/MIME application/pkcs7-mime signed message
4.10 SignedData With Attributes
4.11 SignedData with Certificates Only
5. Enveloped-data
5.1 Basic encrypted content, TripleDES and RSA
5.2 Basic encrypted content, RC2/128 and RSA
5.3 S/MIME application/pkcs7-mime encrypted message
6. Digested-data
7. Encrypted-data
7.1 Simple EncryptedData
7.2 EncryptedData with unprotected attributes
8. Security Considerations
A. References
A.1 Normative References
A.2 Informative References
B. Binaries of the Examples
B.1 How the binaries and extractor works
B.2 Example extraction program
C. Examples in order of appearance
D. Acknowledgments
E. Differences between -10 and -11
F. Editor's Address
1. Introduction 1. Introduction
The examples in this document show the structure and format of CMS The examples in this document show the structure and format of CMS
message bodies, as described in [CMS]. They are useful to implementors message bodies, as described in [CMS]. They are useful to implementors
who use protocols that rely on CMS, such as the S/MIME message format who use protocols that rely on CMS, such as the S/MIME message format
protocol. There are also examples of simple S/MIME messages [SMIME-MSG] protocol. There are also examples of simple S/MIME messages [SMIME-MSG]
(including the MIME headers), and ESS messages [SMIME-ESS]. (including the MIME headers).
Every example in this document has been checked by two different Every example in this document has been checked by two different
implementors. This strongly indicates (but does not assure) that the implementors. This strongly indicates (but does not assure) that the
examples are correct. All CMS implementors must read the CMS document examples are correct. All CMS implementors must read the CMS document
carefully before implementing from it. No one should use the examples carefully before implementing from it. No one should use the examples
in this document as stand-alone explanations of how to create CMS in this document as stand-alone explanations of how to create CMS
message bodies. message bodies.
This document explicitly does not attempt to cover many PKIX [PKIX] This document explicitly does not attempt to cover many PKIX [PKIX]
examples. Documents with examples of that format may be forthcoming. examples. Documents with examples of that format may be forthcoming.
skipping to change at line 68 skipping to change at line 110
protocol. protocol.
This draft is being discussed on the 'ietf-smime-examples' mailing list. This draft is being discussed on the 'ietf-smime-examples' mailing list.
To join the list, send a message to ietf-smime-examples-request@imc.org To join the list, send a message to ietf-smime-examples-request@imc.org
with the single word "subscribe" in the body of the message. Also, with the single word "subscribe" in the body of the message. Also,
there is a Web site for the mailing list at there is a Web site for the mailing list at
<http://www.imc.org/ietf-smime-examples/>. Note that S/MIME itself is <http://www.imc.org/ietf-smime-examples/>. Note that S/MIME itself is
discussed in the IETF's S/MIME Working Group; see discussed in the IETF's S/MIME Working Group; see
<http://www.imc.org/ietf-smime/> for more information. <http://www.imc.org/ietf-smime/> for more information.
2. Contributions To This Document The examples shown here were created and validated by many different
people over a long period of time.
The examples shown here will be created and validated by many different
people. In the example listings in Appendix B, there is a tag with the
initials of the creator of the example, and one or more tags for the
people who validated the example.
Some of the examples are of mis-implementations of CMS and ESS. That
is, if a developer reading the CMS or ESS specification created a
message body that was illegal, and another developer agreed that the
mis-reading was potentially a pitfall for later developers, that
message body is also included here. To make it clear which examples are
bad, they are all put into a single section of this document with
(hopefully) explicit headings.
To contribute an implementation of an unimplemented example listed in To contribute an implementation of an unimplemented example listed in
this document, to verify that you got the same results as an example this document, to verify that you got the same results as an example
listed here, or to suggest a new example that should be listed, please listed here, or to suggest a new example that should be listed, please
contact the document author at the address listed near the end of the contact the document author at the address listed near the end of the
document. document.
3. Constants Used in the Examples 2. Constants Used in the Examples
This section defines the data used in the rest of the document. The names This section defines the data used in the rest of the document. The names
of the constants indicate their use. For example, AlicePrivDSSSign is the of the constants indicate their use. For example, AlicePrivDSSSign is the
private part of Alice's DSS signing key. private part of Alice's DSS signing key.
- Alice is the creator of the message bodies in this spec. - Alice is the creator of the message bodies in this spec.
- Bob is the recipient of the messages. - Bob is the recipient of the messages.
- Carl is a CA. - Carl is a CA.
- Diane sometimes gets involved with these folks. - Diane sometimes gets involved with these folks.
- Erica also sometimes gets involved. - Erica also sometimes gets involved.
3.1 Content of documents 2.1 Content of documents
ExContent is the following sentence: ExContent is the following sentence:
This is some sample content. This is some sample content.
That is, it is the string of characters starting with "T" up to and That is, it is the string of characters starting with "T" up to and
including the ".". including the ".".
The hex for ExContent is The hex for ExContent is
5468 6973 2069 7320 736f 6d65 2073 616d 706c 6520 636f 6e74 656e 742e 5468 6973 2069 7320 736f 6d65 2073 616d 706c 6520 636f 6e74 656e 742e
The MD5 hash of ExContent is The MD5 hash of ExContent is
9898 cac8 fab7 691f f89d c207 24e7 4a04 9898 cac8 fab7 691f f89d c207 24e7 4a04
The SHA-1 hash of ExContent is The SHA-1 hash of ExContent is
406a ec08 5279 ba6e 1602 2d9e 0629 c022 9687 dd48 406a ec08 5279 ba6e 1602 2d9e 0629 c022 9687 dd48
3.2 Private Keys 2.2 Private Keys
The following private keys are needed to create the samples. The following private keys are needed to create the samples.
To find the public keys, see the certificates in the next section. To find the public keys, see the certificates in the next section.
AlicePrivDSSSign = AlicePrivDSSSign =
0 30 331: SEQUENCE { 0 30 331: SEQUENCE {
4 02 1: INTEGER 0 4 02 1: INTEGER 0
7 30 299: SEQUENCE { 7 30 299: SEQUENCE {
11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) 11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm) : (ANSI X9.57 algorithm)
skipping to change at line 245 skipping to change at line 275
: 58 88 D9 A1 50 38 84 6A AB 03 BC BB : 58 88 D9 A1 50 38 84 6A AB 03 BC BB
: DF 4B F4 9C 6F B8 B4 2A 25 FB F6 E4 : DF 4B F4 9C 6F B8 B4 2A 25 FB F6 E4
: 05 2F 6E E2 88 89 21 6F 4B 25 9E D0 : 05 2F 6E E2 88 89 21 6F 4B 25 9E D0
: AB 50 93 CA BF 40 71 EC 21 25 C5 7F : AB 50 93 CA BF 40 71 EC 21 25 C5 7F
: FB 02 E9 21 96 B8 33 CD E2 C6 95 EE : FB 02 E9 21 96 B8 33 CD E2 C6 95 EE
: 6F 8D 5F 28 : 6F 8D 5F 28
: } : }
: } : }
: } : }
BobPrivDHEncrypt =
0 30 355: SEQUENCE {
4 02 1: INTEGER 0
7 30 312: SEQUENCE {
11 06 7: OBJECT IDENTIFIER dhPublicKey (1 2 840 10046 2 1)
: (ANSI X9.42 number type)
20 30 299: SEQUENCE {
24 02 129: INTEGER
: 00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB
: 23 4D DF 2B 25 C1 68 D2 9E A9 45 5B
: 36 F1 94 89 1A AF 7D 11 24 9D 3D B9
: 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB
: AA CC 9E 28 05 95 A0 B3 17 76 C1 F7
: 25 35 61 02 41 92 27 0C 5E AE 48 E5
: F3 6E 38 EF 91 D1 CF 37 FE 9A 40 97
: C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA
: 74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8
: 7E BC 3A AA 43 0A 81 64 FC 63 F0 7B
: 71 98 FA C0 38 79 10 1A 33
156 02 129: INTEGER
: 00 BA 0B D7 74 3D E7 34 E5 4C 13 A7
: 95 96 BB F1 E4 61 37 08 FB 12 C7 FB
: 9C 91 77 06 99 35 F0 48 24 96 33 12
: 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
: 5E 95 86 A2 73 C5 49 46 37 79 60 FD
: 77 05 09 48 9B 70 8D 3C 05 F6 CE 44
: 2C 7F 7D 1B 2B 15 DD F3 05 2F BE 85
: 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
: 42 62 34 27 27 81 8E 6F 0F 5E 62 85
: 89 CC ED 21 C3 91 70 06 54 EE 70 A8
: 92 55 5B 6E 19 22 4D 62 A7
288 02 33: INTEGER
: 00 C3 AB 4A 30 79 B3 D3 97 4E CA F5
: A2 7D C7 70 A3 45 F3 B3 A2 86 05 D2
: 3E 49 F9 9F D9 0A B3 BE BD
: }
: }
323 04 34: OCTET STRING, encapsulates {
325 02 32: INTEGER
: 20 FC 67 82 EE CF 4A A6 C8 E5 83 D2
: 8C 3B 8A D2 45 32 11 27 32 6C 86 EC
: 66 CA 71 AD F0 19 4D F7
: }
: }
BobPrivRSAEncrypt = BobPrivRSAEncrypt =
0 30 645: SEQUENCE { 0 30 645: SEQUENCE {
4 02 1: INTEGER 0 4 02 1: INTEGER 0
7 30 13: SEQUENCE { 7 30 13: SEQUENCE {
9 06 9: OBJECT IDENTIFIER 9 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1) : rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1) : (PKCS #1)
20 05 0: NULL 20 05 0: NULL
: } : }
22 04 608: OCTET STRING, encapsulates { 22 04 608: OCTET STRING, encapsulates {
skipping to change at line 496 skipping to change at line 481
: 26 1E 1D 1C A1 98 2B E4 DB 38 E8 57 : 26 1E 1D 1C A1 98 2B E4 DB 38 E8 57
: 6E 6B 73 19 88 61 3A FA 74 4A 36 8B : 6E 6B 73 19 88 61 3A FA 74 4A 36 8B
: 47 68 5D 50 EB 26 E3 EA 7D 9B 4E 65 : 47 68 5D 50 EB 26 E3 EA 7D 9B 4E 65
: A9 AF 7B AB 4B 2E 76 51 3D A8 D0 11 : A9 AF 7B AB 4B 2E 76 51 3D A8 D0 11
: AB A3 D6 A8 C0 27 36 1D 54 0B AA A7 : AB A3 D6 A8 C0 27 36 1D 54 0B AA A7
: D1 6D 8D FA : D1 6D 8D FA
: } : }
: } : }
: } : }
DianePrivDHEncrypt =
0 30 354: SEQUENCE {
4 02 1: INTEGER 0
7 30 311: SEQUENCE {
11 06 7: OBJECT IDENTIFIER dhPublicKey (1 2 840 10046 2 1)
: (ANSI X9.42 number type)
20 30 298: SEQUENCE {
24 02 129: INTEGER
: 00 CA 6E 91 C2 B0 BD A8 58 F2 31 21
: 74 BB 1F E4 10 BD D0 93 A2 7E 61 E1
: 3D BA 23 04 16 D0 66 39 BD 3B CD 05
: 74 48 F1 03 70 95 F4 05 63 6D 2E BF
: 9A B7 FF 97 FF 39 BB 63 DB 4D A4 71
: D8 94 9A B4 F2 8A 3D 9F B7 5D 8D CA
: E2 AF B5 0F CF 05 65 82 68 6E 43 D2
: F4 04 5F 03 8B F9 50 F5 C8 6C 05 26
: BC BF 36 0F 5C C3 51 6A 67 E8 75 32
: 66 78 91 63 E8 FE 34 E7 19 B6 70 6C
: 78 38 36 82 D2 34 36 C2 DF
156 02 128: INTEGER
: 6E D6 76 36 4B E4 59 07 57 5F 18 9A
: 10 D2 31 5C A6 10 B0 26 96 42 4D 7C
: A3 A1 D3 9E A5 80 B2 1F 37 11 49 7C
: 8A 99 D8 56 3F 93 51 ED 6E 54 FB 6E
: DB B2 FC 34 C0 E7 CA 1E 58 2B D5 3D
: 3B DC AE 71 21 D9 3B 56 B8 A7 F6 4D
: 22 52 5F 41 BA D5 1E 82 69 6C DD 70
: 71 CC 6C 3B EF 84 A9 71 8B A9 3B 2A
: 09 F8 BD FD CB 51 BC 2E 2E CA 3E 30
: 8C FA 54 9E 7D 0D 03 E2 DF 63 62 6D
: F3 50 82 27 DC D1 99 F7
287 02 33: INTEGER
: 00 AA 05 65 FB DD 4E A8 02 F1 34 39
: E7 A3 FC 7D 46 10 B8 5D F0 2E F2 C5
: D1 5E A2 74 4C DA 0F 4E 1F
: }
: }
322 04 34: OCTET STRING, encapsulates {
324 02 32: INTEGER
: 58 2E 89 AB 57 34 7D 3C F5 9A 75 CB
: 7D 99 8A 19 2F 3C 7A A6 85 C9 2F 1B
: 5A 47 03 E3 82 16 E4 9B
: }
: }
DianePrivDSSSign = DianePrivDSSSign =
0 30 331: SEQUENCE { 0 30 331: SEQUENCE {
4 02 1: INTEGER 0 4 02 1: INTEGER 0
7 30 299: SEQUENCE { 7 30 299: SEQUENCE {
11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) 11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm) : (ANSI X9.57 algorithm)
20 30 286: SEQUENCE { 20 30 286: SEQUENCE {
24 02 129: INTEGER 24 02 129: INTEGER
: 00 B6 49 18 3E 8A 44 C1 29 71 94 4C : 00 B6 49 18 3E 8A 44 C1 29 71 94 4C
: 01 C4 12 C1 7A 79 CB 54 4D AB 1E 81 : 01 C4 12 C1 7A 79 CB 54 4D AB 1E 81
skipping to change at line 660 skipping to change at line 600
: 01 07 21 97 5F 7A 60 A8 FD 5A 5C 07 : 01 07 21 97 5F 7A 60 A8 FD 5A 5C 07
: DF A8 DE F7 E2 B1 34 7D FC EB 91 BD : DF A8 DE F7 E2 B1 34 7D FC EB 91 BD
: B0 73 74 C8 C4 BE 3F 58 45 30 06 90 : B0 73 74 C8 C4 BE 3F 58 45 30 06 90
: B3 AC 69 CC B3 F7 3F 7C AC C7 B8 1B : B3 AC 69 CC B3 F7 3F 7C AC C7 B8 1B
: 65 A1 16 39 39 B0 E3 74 7D CF CD C5 : 65 A1 16 39 39 B0 E3 74 7D CF CD C5
: AC 6C BF E5 : AC 6C BF E5
: } : }
: } : }
: } : }
EricaPrivDHEncryptBobParam = 2.3 Certificates
0 30 355: SEQUENCE {
4 02 1: INTEGER 0
7 30 312: SEQUENCE {
11 06 7: OBJECT IDENTIFIER dhPublicKey (1 2 840 10046 2 1)
: (ANSI X9.42 number type)
20 30 299: SEQUENCE {
24 02 129: INTEGER
: 00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB
: 23 4D DF 2B 25 C1 68 D2 9E A9 45 5B
: 36 F1 94 89 1A AF 7D 11 24 9D 3D B9
: 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB
: AA CC 9E 28 05 95 A0 B3 17 76 C1 F7
: 25 35 61 02 41 92 27 0C 5E AE 48 E5
: F3 6E 38 EF 91 D1 CF 37 FE 9A 40 97
: C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA
: 74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8
: 7E BC 3A AA 43 0A 81 64 FC 63 F0 7B
: 71 98 FA C0 38 79 10 1A 33
156 02 129: INTEGER
: 00 BA 0B D7 74 3D E7 34 E5 4C 13 A7
: 95 96 BB F1 E4 61 37 08 FB 12 C7 FB
: 9C 91 77 06 99 35 F0 48 24 96 33 12
: 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
: 5E 95 86 A2 73 C5 49 46 37 79 60 FD
: 77 05 09 48 9B 70 8D 3C 05 F6 CE 44
: 2C 7F 7D 1B 2B 15 DD F3 05 2F BE 85
: 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
: 42 62 34 27 27 81 8E 6F 0F 5E 62 85
: 89 CC ED 21 C3 91 70 06 54 EE 70 A8
: 92 55 5B 6E 19 22 4D 62 A7
288 02 33: INTEGER
: 00 C3 AB 4A 30 79 B3 D3 97 4E CA F5
: A2 7D C7 70 A3 45 F3 B3 A2 86 05 D2
: 3E 49 F9 9F D9 0A B3 BE BD
: }
: }
323 04 34: OCTET STRING, encapsulates {
325 02 32: INTEGER
: 48 64 11 E4 17 01 12 E6 C1 D3 9C 70
: 7D 7C A6 97 95 BD C8 95 07 F7 CF 41
: 11 A7 13 91 FB 30 3D 8C
: }
: }
MailListTripleDES =
255e 0d1c 07b6 46df b313 4cc8 43ba 8aa7 1f02 5b7c 0838 251f
MailListRC2 =
b70a 25fb c9d8 6a86 050c e0d7 11ea d4d9
3.3 Certificates
Note that Bob's and Diane's Diffie-Hellman encryption keys do *not*
share Diffie-Hellman parameters; however, Bob and Erica share Diffie-
Hellman parameters.
AliceDSSSignByCarlNoInherit = AliceDSSSignByCarlNoInherit =
0 30 732: SEQUENCE { 0 30 732: SEQUENCE {
4 30 667: SEQUENCE { 4 30 667: SEQUENCE {
8 A0 3: [0] { 8 A0 3: [0] {
10 02 1: INTEGER 2 10 02 1: INTEGER 2
: } : }
13 02 2: INTEGER 200 13 02 2: INTEGER 200
17 30 9: SEQUENCE { 17 30 9: SEQUENCE {
19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
skipping to change at line 1005 skipping to change at line 890
: 59 A9 20 AA 05 81 A8 4E 25 AD A7 70 : 59 A9 20 AA 05 81 A8 4E 25 AD A7 70
: 14 75 2F F5 C7 9B D1 0E E9 63 D2 64 : 14 75 2F F5 C7 9B D1 0E E9 63 D2 64
: B7 C6 66 6E 73 21 54 DF F4 BA 25 5D : B7 C6 66 6E 73 21 54 DF F4 BA 25 5D
: 7D 49 D3 94 6B 22 36 74 73 B8 4A EC : 7D 49 D3 94 6B 22 36 74 73 B8 4A EC
: 2F 64 ED D3 3D D2 A7 42 C5 E8 37 8A : 2F 64 ED D3 3D D2 A7 42 C5 E8 37 8A
: B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA : B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA
: F9 EE 63 6A D8 3F 4B 25 09 B5 D8 1A : F9 EE 63 6A D8 3F 4B 25 09 B5 D8 1A
: 76 AE EB 9B DB 49 B0 22 : 76 AE EB 9B DB 49 B0 22
: } : }
BobDHEncryptByCarl =
0 30 866: SEQUENCE {
4 30 800: SEQUENCE {
8 A0 3: [0] {
10 02 1: INTEGER 2
: }
13 02 2: INTEGER 201
17 30 9: SEQUENCE {
19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
28 30 18: SEQUENCE {
30 31 16: SET {
32 30 14: SEQUENCE {
34 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
39 13 7: PrintableString 'CarlDSS'
: }
: }
: }
48 30 30: SEQUENCE {
50 17 13: UTCTime '990817011828Z'
65 17 13: UTCTime '391231235959Z'
: }
80 30 16: SEQUENCE {
82 31 14: SET {
84 30 12: SEQUENCE {
86 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
91 13 5: PrintableString 'bobDH'
: }
: }
: }
98 30 578: SEQUENCE {
102 30 439: SEQUENCE {
106 06 7: OBJECT IDENTIFIER
: dhPublicKey (1 2 840 10046 2 1)
: (ANSI X9.42 number type)
115 30 426: SEQUENCE {
119 02 129: INTEGER
: 00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB
: 23 4D DF 2B 25 C1 68 D2 9E A9 45 5B
: 36 F1 94 89 1A AF 7D 11 24 9D 3D B9
: 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB
: AA CC 9E 28 05 95 A0 B3 17 76 C1 F7
: 25 35 61 02 41 92 27 0C 5E AE 48 E5
: F3 6E 38 EF 91 D1 CF 37 FE 9A 40 97
: C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA
: 74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8
: 7E BC 3A AA 43 0A 81 64 FC 63 F0 7B
: 71 98 FA C0 38 79 10 1A 33
251 02 129: INTEGER
: 00 BA 0B D7 74 3D E7 34 E5 4C 13 A7
: 95 96 BB F1 E4 61 37 08 FB 12 C7 FB
: 9C 91 77 06 99 35 F0 48 24 96 33 12
: 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
: 5E 95 86 A2 73 C5 49 46 37 79 60 FD
: 77 05 09 48 9B 70 8D 3C 05 F6 CE 44
: 2C 7F 7D 1B 2B 15 DD F3 05 2F BE 85
: 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
: 42 62 34 27 27 81 8E 6F 0F 5E 62 85
: 89 CC ED 21 C3 91 70 06 54 EE 70 A8
: 92 55 5B 6E 19 22 4D 62 A7
383 02 33: INTEGER
: 00 C3 AB 4A 30 79 B3 D3 97 4E CA F5
: A2 7D C7 70 A3 45 F3 B3 A2 86 05 D2
: 3E 49 F9 9F D9 0A B3 BE BD
418 02 97: INTEGER
: 01 34 FE C2 33 48 EB F6 3B 97 D9 E4
: 97 A7 60 A5 25 69 34 FB FD 46 2A D6
: C9 C4 C5 F7 D6 F4 04 19 8D 94 D9 8A
: 37 68 69 67 55 FB F2 6B 0E 47 C5 5B
: 0B 4B 0E 1C 1A 8B 7B 75 B7 AA C3 AA
: D7 EB 3B DA 2A 8D 02 87 37 47 83 D7
: 31 B4 25 A8 AC BB 11 88 53 1C 11 92
: B6 69 E7 2E 90 C1 7A FC 87 F4 F6 D7
: 1A
517 30 26: SEQUENCE {
519 03 21: BIT STRING 0 unused bits
: B9 FF 1C 93 44 67 37 D1 B2 F8 57 9A
: 32 4A C9 4A FF 3B EC 1E
542 02 1: INTEGER 29
: }
: }
: }
545 03 132: BIT STRING 0 unused bits, encapsulates {
549 02 128: INTEGER
: 6F D4 F6 CD 94 9A 6E AF 5B 57 17 96
: 75 BB 0F B9 48 E9 90 37 0D 15 20 C2
: 55 1E 13 E2 AE 71 17 84 C3 0E 74 AE
: 8A 55 7F 28 7D 8B D7 28 22 9C 76 46
: D7 3B 4F 9D D1 4D 1B B2 DB 51 94 C5
: 6D 54 96 40 38 8A 38 81 63 4A 8C C3
: 1E 09 89 74 A6 58 D5 C8 5A 3D CF BB
: B8 23 7F 9C 1F 7D 78 FA 9E F9 90 9E
: 91 E7 4B C2 A4 BE 45 06 78 42 58 3D
: 9F 63 2C EF 84 D4 67 E5 FB C6 6D A2
: 36 29 67 90 46 DB 4E 48
: }
: }
680 A3 126: [3] {
682 30 124: SEQUENCE {
684 30 12: SEQUENCE {
686 06 3: OBJECT IDENTIFIER
: basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
691 01 1: BOOLEAN TRUE
694 04 2: OCTET STRING, encapsulates {
696 30 0: SEQUENCE {}
: }
: }
698 30 14: SEQUENCE {
700 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
705 01 1: BOOLEAN TRUE
708 04 4: OCTET STRING, encapsulates {
710 03 2: BIT STRING 3 unused bits
: '10000'B (bit 4)
: }
: }
714 30 31: SEQUENCE {
716 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
721 04 24: OCTET STRING, encapsulates {
723 30 22: SEQUENCE {
725 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
: 3D 20 BC 43 2B 93 F1 1F
: }
: }
: }
747 30 29: SEQUENCE {
749 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
754 04 22: OCTET STRING, encapsulates {
756 04 20: OCTET STRING
: 26 FF 19 48 C3 59 33 68 56 8D 7E C8
: 80 68 5C CF 3C 72 DD 26
: }
: }
778 30 28: SEQUENCE {
780 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
785 04 21: OCTET STRING, encapsulates {
787 30 19: SEQUENCE {
789 81 17: [1] 'BobDH@example.com'
: }
: }
: }
: }
: }
: }
808 30 9: SEQUENCE {
810 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
819 03 49: BIT STRING 0 unused bits, encapsulates {
822 30 46: SEQUENCE {
824 02 21: INTEGER
: 00 B1 F8 A7 78 77 FE 29 90 A0 46 C3
: 09 23 D1 F5 28 BB C7 17 B6
847 02 21: INTEGER
: 00 88 09 1B 8F FD FC EC 09 5B 06 1B
: 97 50 D4 8C D1 63 4D 91 4C
: }
: }
: }
BobRSASignByCarl = BobRSASignByCarl =
0 30 551: SEQUENCE { 0 30 551: SEQUENCE {
4 30 400: SEQUENCE { 4 30 400: SEQUENCE {
8 A0 3: [0] { 8 A0 3: [0] {
10 02 1: INTEGER 2 10 02 1: INTEGER 2
: } : }
13 02 16: INTEGER 13 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E
: CD 5D 71 D0 : CD 5D 71 D0
31 30 13: SEQUENCE { 31 30 13: SEQUENCE {
skipping to change at line 1561 skipping to change at line 1276
: 18 FD E3 56 40 37 A7 07 B5 F0 38 12 : 18 FD E3 56 40 37 A7 07 B5 F0 38 12
: 61 50 ED EF DD 3F E3 0B B8 61 A5 A4 : 61 50 ED EF DD 3F E3 0B B8 61 A5 A4
: 9B 3C E6 9E 9C 54 9A B6 95 D6 DA 6C : 9B 3C E6 9E 9C 54 9A B6 95 D6 DA 6C
: 3B B5 2D 45 35 9D 49 01 76 FA B9 B9 : 3B B5 2D 45 35 9D 49 01 76 FA B9 B9
: 31 F9 F9 6B 12 53 A0 F5 14 60 9B 7D : 31 F9 F9 6B 12 53 A0 F5 14 60 9B 7D
: CA 3E F2 53 6B B0 37 6F AD E6 74 D7 : CA 3E F2 53 6B B0 37 6F AD E6 74 D7
: DB FA 5A EA 14 41 63 5D CD BE C8 0E : DB FA 5A EA 14 41 63 5D CD BE C8 0E
: C1 DA 6A 8D 53 34 18 02 : C1 DA 6A 8D 53 34 18 02
: } : }
DianeDHEncryptByCarl =
0 30 869: SEQUENCE {
4 30 804: SEQUENCE {
8 A0 3: [0] {
10 02 1: INTEGER 2
: }
13 02 2: INTEGER 211
17 30 9: SEQUENCE {
19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
28 30 18: SEQUENCE {
30 31 16: SET {
32 30 14: SEQUENCE {
34 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
39 13 7: PrintableString 'CarlDSS'
: }
: }
: }
48 30 30: SEQUENCE {
50 17 13: UTCTime '990817021657Z'
65 17 13: UTCTime '391231235959Z'
: }
80 30 18: SEQUENCE {
82 31 16: SET {
84 30 14: SEQUENCE {
86 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
91 13 7: PrintableString 'DianeDH'
: }
: }
: }
100 30 577: SEQUENCE {
104 30 438: SEQUENCE {
108 06 7: OBJECT IDENTIFIER
: dhPublicKey (1 2 840 10046 2 1)
: (ANSI X9.42 number type)
117 30 425: SEQUENCE {
121 02 129: INTEGER
: 00 CA 6E 91 C2 B0 BD A8 58 F2 31 21
: 74 BB 1F E4 10 BD D0 93 A2 7E 61 E1
: 3D BA 23 04 16 D0 66 39 BD 3B CD 05
: 74 48 F1 03 70 95 F4 05 63 6D 2E BF
: 9A B7 FF 97 FF 39 BB 63 DB 4D A4 71
: D8 94 9A B4 F2 8A 3D 9F B7 5D 8D CA
: E2 AF B5 0F CF 05 65 82 68 6E 43 D2
: F4 04 5F 03 8B F9 50 F5 C8 6C 05 26
: BC BF 36 0F 5C C3 51 6A 67 E8 75 32
: 66 78 91 63 E8 FE 34 E7 19 B6 70 6C
: 78 38 36 82 D2 34 36 C2 DF
253 02 128: INTEGER
: 6E D6 76 36 4B E4 59 07 57 5F 18 9A
: 10 D2 31 5C A6 10 B0 26 96 42 4D 7C
: A3 A1 D3 9E A5 80 B2 1F 37 11 49 7C
: 8A 99 D8 56 3F 93 51 ED 6E 54 FB 6E
: DB B2 FC 34 C0 E7 CA 1E 58 2B D5 3D
: 3B DC AE 71 21 D9 3B 56 B8 A7 F6 4D
: 22 52 5F 41 BA D5 1E 82 69 6C DD 70
: 71 CC 6C 3B EF 84 A9 71 8B A9 3B 2A
: 09 F8 BD FD CB 51 BC 2E 2E CA 3E 30
: 8C FA 54 9E 7D 0D 03 E2 DF 63 62 6D
: F3 50 82 27 DC D1 99 F7
384 02 33: INTEGER
: 00 AA 05 65 FB DD 4E A8 02 F1 34 39
: E7 A3 FC 7D 46 10 B8 5D F0 2E F2 C5
: D1 5E A2 74 4C DA 0F 4E 1F
419 02 97: INTEGER
: 01 30 CD 03 82 CD 3F 32 3A 5F 16 5E
: F2 13 5F 52 1B DF FF AA 3B 06 3C 7F
: 81 26 1C B7 0C A0 14 09 1B 5D 26 FD
: 71 33 8C F2 AC 41 7E 0D AC 35 95 90
: 7E A5 AD AB 55 50 80 F0 D2 B9 2A 11
: 4D 76 45 76 3F 0C 38 AE 72 59 C6 EC
: BD EF E7 6E 60 23 93 B9 27 02 44 7E
: 4A D3 DA 39 3A 9A 63 43 3C 1B 23 C5
: 62
518 30 26: SEQUENCE {
520 03 21: BIT STRING 0 unused bits
: D0 FD D6 E0 46 97 D1 A7 7F BB FF 9A
: 43 F0 62 64 B3 7C 97 AB
543 02 1: INTEGER 122
: }
: }
: }
546 03 132: BIT STRING 0 unused bits, encapsulates {
550 02 128: INTEGER
: 60 5E 6E EF 61 55 77 3F 9D 6A 11 10
: F4 D3 C9 B8 72 A0 1F 89 DF E4 BC 21
: FD E4 9F 50 D6 8F 8E F9 67 97 14 E0
: 34 19 8F 3D 58 52 1E DC 5D 05 4E 4F
: C6 88 85 78 AC 01 6C 35 CE 86 6D 90
: 4B 58 48 2E 0F B2 E3 2A 4E 47 C3 B1
: 4D 2A 7A C9 B7 E5 C6 68 8A 73 AE 53
: 21 B3 CF 09 C4 62 A3 E8 B0 BB DC DE
: 0D 2E 66 48 37 A8 DB A2 4B FB DB FA
: A6 92 4B 41 0A C6 54 0B 8B 1A 9D 2F
: FF 60 0B 0B 08 D9 42 3F
: }
: }
681 A3 128: [3] {
684 30 126: SEQUENCE {
686 30 12: SEQUENCE {
688 06 3: OBJECT IDENTIFIER
: basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
693 01 1: BOOLEAN TRUE
696 04 2: OCTET STRING, encapsulates {
698 30 0: SEQUENCE {}
: }
: }
700 30 14: SEQUENCE {
702 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
707 01 1: BOOLEAN TRUE
710 04 4: OCTET STRING, encapsulates {
712 03 2: BIT STRING 3 unused bits
: '10000'B (bit 4)
: }
: }
716 30 31: SEQUENCE {
718 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
723 04 24: OCTET STRING, encapsulates {
725 30 22: SEQUENCE {
727 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
: 3D 20 BC 43 2B 93 F1 1F
: }
: }
: }
749 30 29: SEQUENCE {
751 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
756 04 22: OCTET STRING, encapsulates {
758 04 20: OCTET STRING
: 47 F3 4F CD 75 7D A8 52 21 A8 61 36
: 57 B5 F8 9A EE DB 30 46
: }
: }
780 30 30: SEQUENCE {
782 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
787 04 23: OCTET STRING, encapsulates {
789 30 21: SEQUENCE {
791 81 19: [1] 'DianeDH@example.com'
: }
: }
: }
: }
: }
: }
812 30 9: SEQUENCE {
814 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
823 03 48: BIT STRING 0 unused bits, encapsulates {
826 30 45: SEQUENCE {
828 02 20: INTEGER
: 23 40 B6 8B 05 29 7E 69 03 F4 B7 DA
: 97 F4 96 8C 15 AA 22 55
850 02 21: INTEGER
: 00 82 D8 24 E5 7F CD 04 54 6E 0C F4
: D5 C9 BD 99 98 0C 60 4B D3
: }
: }
: }
DianeDSSSignByCarlInherit = DianeDSSSignByCarlInherit =
0 30 440: SEQUENCE { 0 30 440: SEQUENCE {
4 30 375: SEQUENCE { 4 30 375: SEQUENCE {
8 A0 3: [0] { 8 A0 3: [0] {
10 02 1: INTEGER 2 10 02 1: INTEGER 2
: } : }
13 02 2: INTEGER 210 13 02 2: INTEGER 210
17 30 9: SEQUENCE { 17 30 9: SEQUENCE {
19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm) : (ANSI X9.57 algorithm)
skipping to change at line 1990 skipping to change at line 1535
: 97 C7 90 6B CB 0A 37 2B 41 6A 03 98 : 97 C7 90 6B CB 0A 37 2B 41 6A 03 98
: C5 1B 3E 32 C8 45 2B 86 01 9C 1C E2 : C5 1B 3E 32 C8 45 2B 86 01 9C 1C E2
: 36 EF 16 C1 1A 92 B8 BE 62 FB 53 3E : 36 EF 16 C1 1A 92 B8 BE 62 FB 53 3E
: 49 47 0B C4 B9 E4 2B 58 A6 06 83 F0 : 49 47 0B C4 B9 E4 2B 58 A6 06 83 F0
: B2 A7 BB 85 7E D5 C6 DA CE 9C 7B 31 : B2 A7 BB 85 7E D5 C6 DA CE 9C 7B 31
: 72 D7 A2 EA 41 AB 6A C0 DD 1F B9 14 : 72 D7 A2 EA 41 AB 6A C0 DD 1F B9 14
: 44 18 CF 84 57 66 E8 C5 E6 B8 DC 2D : 44 18 CF 84 57 66 E8 C5 E6 B8 DC 2D
: B3 1F 1B 28 43 36 75 7A : B3 1F 1B 28 43 36 75 7A
: } : }
EricaDHEncryptByCarl = 2.4 CRLs
0 30 743: SEQUENCE {
4 30 679: SEQUENCE {
8 A0 3: [0] {
10 02 1: INTEGER 2
: }
13 02 2: INTEGER 212
17 30 9: SEQUENCE {
19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
28 30 18: SEQUENCE {
30 31 16: SET {
32 30 14: SEQUENCE {
34 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
39 13 7: PrintableString 'CarlDSS'
: }
: }
: }
48 30 30: SEQUENCE {
50 17 13: UTCTime '990817021716Z'
65 17 13: UTCTime '391231235959Z'
: }
80 30 18: SEQUENCE {
82 31 16: SET {
84 30 14: SEQUENCE {
86 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
91 13 7: PrintableString 'EricaDH'
: }
: }
: }
100 30 452: SEQUENCE {
104 30 312: SEQUENCE {
108 06 7: OBJECT IDENTIFIER
: dhPublicKey (1 2 840 10046 2 1)
: (ANSI X9.42 number type)
117 30 299: SEQUENCE {
121 02 129: INTEGER
: 00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB
: 23 4D DF 2B 25 C1 68 D2 9E A9 45 5B
: 36 F1 94 89 1A AF 7D 11 24 9D 3D B9
: 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB
: AA CC 9E 28 05 95 A0 B3 17 76 C1 F7
: 25 35 61 02 41 92 27 0C 5E AE 48 E5
: F3 6E 38 EF 91 D1 CF 37 FE 9A 40 97
: C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA
: 74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8
: 7E BC 3A AA 43 0A 81 64 FC 63 F0 7B
: 71 98 FA C0 38 79 10 1A 33
253 02 129: INTEGER
: 00 BA 0B D7 74 3D E7 34 E5 4C 13 A7
: 95 96 BB F1 E4 61 37 08 FB 12 C7 FB
: 9C 91 77 06 99 35 F0 48 24 96 33 12
: 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
: 5E 95 86 A2 73 C5 49 46 37 79 60 FD
: 77 05 09 48 9B 70 8D 3C 05 F6 CE 44
: 2C 7F 7D 1B 2B 15 DD F3 05 2F BE 85
: 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
: 42 62 34 27 27 81 8E 6F 0F 5E 62 85
: 89 CC ED 21 C3 91 70 06 54 EE 70 A8
: 92 55 5B 6E 19 22 4D 62 A7
385 02 33: INTEGER
: 00 C3 AB 4A 30 79 B3 D3 97 4E CA F5
: A2 7D C7 70 A3 45 F3 B3 A2 86 05 D2
: 3E 49 F9 9F D9 0A B3 BE BD
: }
: }
420 03 133: BIT STRING 0 unused bits, encapsulates {
424 02 129: INTEGER
: 00 D1 2B E4 1D 3E BA 18 CF 75 20 C6
: C7 5E C3 C4 6C EA F3 23 D9 09 1F 46
: 98 F4 CE 59 B9 B6 CE E8 3A C6 18 F8
: 59 77 1B 99 B0 DA DC C0 9D 09 E4 AF
: F9 61 91 2C 47 CC 47 5E DF 2B 33 76
: F3 67 EC 77 E8 2C 37 30 A1 89 5D F3
: C8 F6 5C 16 4A E4 B7 8C F5 7B D5 38
: FD 14 AC E8 7A C2 7D EE 07 90 27 0A
: 7C 87 A8 A2 E2 70 35 EA 6E DE 9E 50
: 31 6B E9 09 DA 25 1A 01 8E E3 FF 26
: 1C 75 F5 C3 CE 5A F5 9E 85
: }
: }
556 A3 128: [3] {
559 30 126: SEQUENCE {
561 30 12: SEQUENCE {
563 06 3: OBJECT IDENTIFIER
: basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
568 01 1: BOOLEAN TRUE
571 04 2: OCTET STRING, encapsulates {
573 30 0: SEQUENCE {}
: }
: }
575 30 14: SEQUENCE {
577 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
582 01 1: BOOLEAN TRUE
585 04 4: OCTET STRING, encapsulates {
587 03 2: BIT STRING 3 unused bits
: '10000'B (bit 4)
: }
: }
591 30 31: SEQUENCE {
593 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
598 04 24: OCTET STRING, encapsulates {
600 30 22: SEQUENCE {
602 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
: 3D 20 BC 43 2B 93 F1 1F
: }
: }
: }
624 30 29: SEQUENCE {
626 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
631 04 22: OCTET STRING, encapsulates {
633 04 20: OCTET STRING
: 8D 53 1D 61 55 7F 60 35 6D A6 36 A2
: C5 93 F8 9A FD C0 75 74
: }
: }
655 30 30: SEQUENCE {
657 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
662 04 23: OCTET STRING, encapsulates {
664 30 21: SEQUENCE {
666 81 19: [1] 'EricaDH@example.com'
: }
: }
: }
: }
: }
: }
687 30 9: SEQUENCE {
689 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
698 03 47: BIT STRING 0 unused bits, encapsulates {
701 30 44: SEQUENCE {
703 02 20: INTEGER
: 51 1F D4 7A 1D C6 D4 7E E9 AA 8E 73
: B3 2F 9D 65 29 95 B7 49
725 02 20: INTEGER
: 09 CD 58 35 70 4B C3 0F 07 9D 09 19
: 51 89 8F 98 7F D1 88 91
: }
: }
: }
3.4 CRLs
CarlDSSCRLForAll = CarlDSSCRLForAll =
0 30 216: SEQUENCE { 0 30 216: SEQUENCE {
3 30 153: SEQUENCE { 3 30 153: SEQUENCE {
6 30 9: SEQUENCE { 6 30 9: SEQUENCE {
8 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) 8 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm) : (ANSI X9.57 algorithm)
: } : }
17 30 18: SEQUENCE { 17 30 18: SEQUENCE {
19 31 16: SET { 19 31 16: SET {
skipping to change at line 2424 skipping to change at line 1815
: 37 C4 DC 20 98 FA 17 81 0B 37 94 AC : 37 C4 DC 20 98 FA 17 81 0B 37 94 AC
: B4 8F 7B 51 89 14 A4 CB 72 73 14 07 : B4 8F 7B 51 89 14 A4 CB 72 73 14 07
: BC 22 9C 40 A1 07 FC 44 7C 85 0F 0B : BC 22 9C 40 A1 07 FC 44 7C 85 0F 0B
: 88 D1 EE E1 0E AF F6 16 74 AD A1 AF : 88 D1 EE E1 0E AF F6 16 74 AD A1 AF
: C1 00 75 00 64 EA A5 9A F6 0B 08 A2 : C1 00 75 00 64 EA A5 9A F6 0B 08 A2
: DB 95 19 5F A6 A7 B9 39 45 25 0A 0E : DB 95 19 5F A6 A7 B9 39 45 25 0A 0E
: F6 5E 84 E7 F8 B9 5A C9 18 C2 0E B8 : F6 5E 84 E7 F8 B9 5A C9 18 C2 0E B8
: A0 96 BE 81 3A 80 6D C9 : A0 96 BE 81 3A 80 6D C9
: } : }
4. Trivial Examples 3. Trivial Examples
This section covers examples of small CMS types. This section covers examples of small CMS types.
4.1 ContentInfo with Data type, BER 3.1 ContentInfo with Data type, BER
The object is a ContentInfo containing a Data object in BER format that The object is a ContentInfo containing a Data object in BER format that
is ExContent. is ExContent.
0 30 NDEF: SEQUENCE { 0 30 NDEF: SEQUENCE {
2 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 2 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7) : (PKCS #7)
13 A0 NDEF: [0] { 13 A0 NDEF: [0] {
15 24 NDEF: OCTET STRING { 15 24 NDEF: OCTET STRING {
17 04 4: OCTET STRING 'This' 17 04 4: OCTET STRING 'This'
23 04 24: OCTET STRING ' is some sample content.' 23 04 24: OCTET STRING ' is some sample content.'
: } : }
: } : }
: } : }
4.2 ContentInfo with Data type, DER 3.2 ContentInfo with Data type, DER
The object is a ContentInfo containing a Data object in DER format that The object is a ContentInfo containing a Data object in DER format that
is ExContent. is ExContent.
0 30 43: SEQUENCE { 0 30 43: SEQUENCE {
2 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) 2 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7) : (PKCS #7)
13 A0 30: [0] { 13 A0 30: [0] {
15 04 28: OCTET STRING 'This is some sample content.' 15 04 28: OCTET STRING 'This is some sample content.'
: } : }
: } : }
5. Signed-data 4. Signed-data
5.1 Basic signed content, DSS 4.1 Basic signed content, DSS
A SignedData with no attribute certificates, signed by Alice using A SignedData with no attribute certificates, signed by Alice using
DSS, just her certificate (not Carl's root cert), no CRL. The DSS, just her certificate (not Carl's root cert), no CRL. The
message is ExContent, and is included in the eContent. There are no message is ExContent, and is included in the eContent. There are no
signed or unsigned attributes. signed or unsigned attributes.
0 30 919: SEQUENCE { 0 30 919: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7) : (PKCS #7)
15 A0 904: [0] { 15 A0 904: [0] {
skipping to change at line 2685 skipping to change at line 2076
: 3A 07 CC C3 21 BE E1 1A 4B 7F 3E B5 : 3A 07 CC C3 21 BE E1 1A 4B 7F 3E B5
: 0D DB BA 1C EA BC CD 89 : 0D DB BA 1C EA BC CD 89
: } : }
: } : }
: } : }
: } : }
: } : }
: } : }
: } : }
5.2 Basic signed content, RSA 4.2 Basic signed content, RSA
Same as 5.1, except using RSA signatures. A SignedData with no Same as 4.1, except using RSA signatures. A SignedData with no
attribute certificates, signed by Alice using RSA, just her certificate attribute certificates, signed by Alice using RSA, just her certificate
(not Carl's root cert), no CRL. The message is ExContent, and is (not Carl's root cert), no CRL. The message is ExContent, and is
included in the eContent. There are no signed or unsigned attributes. included in the eContent. There are no signed or unsigned attributes.
0 30 850: SEQUENCE { 0 30 850: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7) : (PKCS #7)
15 A0 835: [0] { 15 A0 835: [0] {
19 30 831: SEQUENCE { 19 30 831: SEQUENCE {
23 02 1: INTEGER 1 23 02 1: INTEGER 1
skipping to change at line 2901 skipping to change at line 2292
: 17 13 A7 2A 95 9D 2B E4 03 95 14 0B : 17 13 A7 2A 95 9D 2B E4 03 95 14 0B
: E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6 : E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6
: 55 13 D4 68 6F D0 07 D7 A2 B1 62 4C : 55 13 D4 68 6F D0 07 D7 A2 B1 62 4C
: E3 8F AF FD E0 D5 5D C7 : E3 8F AF FD E0 D5 5D C7
: } : }
: } : }
: } : }
: } : }
: } : }
5.3 Basic signed content, detached content 4.3 Basic signed content, detached content
Same as 5.1, except with no eContent. A SignedData with no attribute Same as 4.1, except with no eContent. A SignedData with no attribute
certificates, signed by Alice using DSS, just her certificate (not certificates, signed by Alice using DSS, just her certificate (not
Carl's root cert), no CRL. The message is ExContent, but the eContent Carl's root cert), no CRL. The message is ExContent, but the eContent
is not included. There are no signed or unsigned attributes. is not included. There are no signed or unsigned attributes.
0 30 887: SEQUENCE { 0 30 887: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7) : (PKCS #7)
15 A0 872: [0] { 15 A0 872: [0] {
19 30 868: SEQUENCE { 19 30 868: SEQUENCE {
23 02 1: INTEGER 1 23 02 1: INTEGER 1
skipping to change at line 3124 skipping to change at line 2515
: 66 69 19 BC 68 58 D1 8D B1 9D 52 3F : 66 69 19 BC 68 58 D1 8D B1 9D 52 3F
: DA 14 88 0D FD C9 A1 B8 : DA 14 88 0D FD C9 A1 B8
: } : }
: } : }
: } : }
: } : }
: } : }
: } : }
: } : }
5.4 Fancier signed content 4.4 Fancier signed content
Same as 5.1, but includes Carl's root cert, Carl's CRL, some signed and Same as 4.1, but includes Carl's root cert, Carl's CRL, some signed and
unsigned attributes (Countersignature by Diane). A SignedData with no unsigned attributes (Countersignature by Diane). A SignedData with no
attribute certificates, signed by Alice using DSS, her certificate attribute certificates, signed by Alice using DSS, her certificate
and Carl's root cert, Carl's DSS CRL. The message is ExContent, and is and Carl's root cert, Carl's DSS CRL. The message is ExContent, and is
included in the eContent. The signed attributes are Content Type, included in the eContent. The signed attributes are Content Type,
Message Digest and Signing Time; the unsigned attributes are content Message Digest and Signing Time; the unsigned attributes are content
hint and counter signature. hint and counter signature.
0 30 2829: SEQUENCE { 0 30 2829: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7) : (PKCS #7)
skipping to change at line 3808 skipping to change at line 3199
: } : }
: } : }
: } : }
: } : }
: } : }
: } : }
: } : }
: } : }
: } : }
5.5 All RSA signed message 4.5 All RSA signed message
Same as 5.2, but includes Carl's RSA root cert (but no CRL). A Same as 4.2, but includes Carl's RSA root cert (but no CRL). A
SignedData with no attribute certificates, signed by Alice using RSA, SignedData with no attribute certificates, signed by Alice using RSA,
her certificate and Carl's root cert, no CRL. The message is ExContent, her certificate and Carl's root cert, no CRL. The message is ExContent,
and is included in the eContent. There are no signed or unsigned and is included in the eContent. There are no signed or unsigned
attributes. attributes.
0 30 NDEF: SEQUENCE { 0 30 NDEF: SEQUENCE {
2 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 2 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7) : (PKCS #7)
13 A0 NDEF: [0] { 13 A0 NDEF: [0] {
15 30 NDEF: SEQUENCE { 15 30 NDEF: SEQUENCE {
skipping to change at line 4148 skipping to change at line 3539
: 17 13 A7 2A 95 9D 2B E4 03 95 14 0B : 17 13 A7 2A 95 9D 2B E4 03 95 14 0B
: E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6 : E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6
: 55 13 D4 68 6F D0 07 D7 A2 B1 62 4C : 55 13 D4 68 6F D0 07 D7 A2 B1 62 4C
: E3 8F AF FD E0 D5 5D C7 : E3 8F AF FD E0 D5 5D C7
: } : }
: } : }
: } : }
: } : }
: } : }
5.6 Multiple signers 4.6 Multiple signers
Similar to 5.1, but the message is also signed by Diane. Two Similar to 4.1, but the message is also signed by Diane. Two
signerInfos (one for Alice, one for Diane) with no attribute signerInfos (one for Alice, one for Diane) with no attribute
certificates, each signed using DSS, Alice's and Diane's certificate certificates, each signed using DSS, Alice's and Diane's certificate
(not Carl's root cert), no CRL. The message is ExContent, and is (not Carl's root cert), no CRL. The message is ExContent, and is
included in the eContent. There are no signed or unsigned attributes. included in the eContent. There are no signed or unsigned attributes.
0 30 1463: SEQUENCE { 0 30 1463: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7) : (PKCS #7)
15 A0 1448: [0] { 15 A0 1448: [0] {
19 30 1444: SEQUENCE { 19 30 1444: SEQUENCE {
skipping to change at line 4538 skipping to change at line 3929
: 06 7E 58 4E 2B 31 84 41 ED 49 79 38 : 06 7E 58 4E 2B 31 84 41 ED 49 79 38
: 3E 77 D2 A6 8C 75 08 21 : 3E 77 D2 A6 8C 75 08 21
: } : }
: } : }
: } : }
: } : }
: } : }
: } : }
: } : }
5.7 Signing using SKI 4.7 Signing using SKI
Same as 5.1, but the signature uses the SKI instead of the Same as 4.1, but the signature uses the SKI instead of the
issuer/serial number in the cert. A SignedData with no attribute issuer/serial number in the cert. A SignedData with no attribute
certificates, signed by Alice using DSS, just her certificate (not certificates, signed by Alice using DSS, just her certificate (not
Carl's root cert), identified by the SKI, no CRL. The message is Carl's root cert), identified by the SKI, no CRL. The message is
ExContent, and is included in the eContent. There are no signed or ExContent, and is included in the eContent. There are no signed or
unsigned attributes. unsigned attributes.
0 30 915: SEQUENCE { 0 30 915: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7) : (PKCS #7)
15 A0 900: [0] { 15 A0 900: [0] {
skipping to change at line 4755 skipping to change at line 4146
: 7C 8A 06 1E FC A4 41 35 7E F7 24 14 : 7C 8A 06 1E FC A4 41 35 7E F7 24 14
: FD 3D C0 56 B7 05 27 D5 : FD 3D C0 56 B7 05 27 D5
: } : }
: } : }
: } : }
: } : }
: } : }
: } : }
: } : }
5.8 S/MIME multipart/signed message 4.8 S/MIME multipart/signed message
A full S/MIME message, including MIME, that includes the body part from A full S/MIME message, including MIME, that includes the body part from
5.3 and the body containing the content of the message. 4.3 and the body containing the content of the message.
MIME-Version: 1.0 MIME-Version: 1.0
To: User2@examples.com To: User2@examples.com
From: aliceDss@examples.com From: aliceDss@examples.com
Subject: Example 5.8 Subject: Example 4.8
Message-Id: <020906002550300.249@examples.com> Message-Id: <020906002550300.249@examples.com>
Date: Fri, 06 Sep 2002 00:25:21 -0300 Date: Fri, 06 Sep 2002 00:25:21 -0300
Content-Type: multipart/signed; Content-Type: multipart/signed;
micalg=SHA1; micalg=SHA1;
boundary="----=_NextBoundry____Fri,_06_Sep_2002_00:25:21"; boundary="----=_NextBoundry____Fri,_06_Sep_2002_00:25:21";
protocol="application/pkcs7-signature" protocol="application/pkcs7-signature"
This is a multi-part message in MIME format. This is a multi-part message in MIME format.
------=_NextBoundry____Fri,_06_Sep_2002_00:25:21 ------=_NextBoundry____Fri,_06_Sep_2002_00:25:21
skipping to change at line 4802 skipping to change at line 4193
KE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GDMIGAMCAGA1UdEQQZMBeBFWFsaWNlRHNzQGV4YW1w KE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GDMIGAMCAGA1UdEQQZMBeBFWFsaWNlRHNzQGV4YW1w
bGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD bGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD
6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wCQYH 6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wCQYH
KoZIzjgEAwMwADAtAhUAmLDGP89xR1o1qUqPwPgkBehGlI4CFFufSMCMocECnETq6aGHwa KoZIzjgEAwMwADAtAhUAmLDGP89xR1o1qUqPwPgkBehGlI4CFFufSMCMocECnETq6aGHwa
V/KC27MWMwYQIBATAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaMAkGByqG V/KC27MWMwYQIBATAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaMAkGByqG
SM44BAEELjAsAhQz+YZ/qCSCn1nRe1F0aKYl4H8HFQIUYUUmrBhG3VZhwg5CgaJqjCobNU SM44BAEELjAsAhQz+YZ/qCSCn1nRe1F0aKYl4H8HFQIUYUUmrBhG3VZhwg5CgaJqjCobNU
g= g=
------=_NextBoundry____Fri,_06_Sep_2002_00:25:21-- ------=_NextBoundry____Fri,_06_Sep_2002_00:25:21--
5.9 S/MIME application/pkcs7-mime signed message 4.9 S/MIME application/pkcs7-mime signed message
A full S/MIME message, including MIME, that includes the body part from A full S/MIME message, including MIME, that includes the body part from
5.1. 4.1.
MIME-Version: 1.0 MIME-Version: 1.0
To: User2@examples.com To: User2@examples.com
From: aliceDss@examples.com From: aliceDss@examples.com
Subject: Example 5.9 Subject: Example 4.9
Message-Id: <021031164540300.304@examples.com> Message-Id: <021031164540300.304@examples.com>
Date: Thu, 31 Oct 2002 16:45:14 -0300 Date: Thu, 31 Oct 2002 16:45:14 -0300
Content-Type: application/pkcs7-mime; smime-type=signed-data; Content-Type: application/pkcs7-mime; smime-type=signed-data;
name=smime.p7m name=smime.p7m
Content-Transfer-Encoding: base64 Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=smime.p7m Content-Disposition: attachment; filename=smime.p7m
MIIDmwYJKoZIhvcNAQcCoIIDjDCCA4gCAQExCTAHBgUrDgMCGjAtBgkqhkiG9w0BBwGgIA MIIDmwYJKoZIhvcNAQcCoIIDjDCCA4gCAQExCTAHBgUrDgMCGjAtBgkqhkiG9w0BBwGgIA
QeDQpUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIIC4jCCAt4wggKdoAMCAQICAgDI QeDQpUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIIC4jCCAt4wggKdoAMCAQICAgDI
MAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUzAeFw05OTA4MTcwMTEwNDlaFw0zOT MAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUzAeFw05OTA4MTcwMTEwNDlaFw0zOT
skipping to change at line 4837 skipping to change at line 4228
waYTYfEX/Cve3RUP+YdMLRgUpgObo2OQOBhAACgYBc47ladRSWC6l63eM/qeysXty9txMR waYTYfEX/Cve3RUP+YdMLRgUpgObo2OQOBhAACgYBc47ladRSWC6l63eM/qeysXty9txMR
NKYWiSgRI9k0hmd1dRMSPUNbb+VRv/qJ8qIbPiR9PQeNW2PIu0WloErjhdbOBoA/6CN+Gv NKYWiSgRI9k0hmd1dRMSPUNbb+VRv/qJ8qIbPiR9PQeNW2PIu0WloErjhdbOBoA/6CN+Gv
Ikq1MauCcNHu8Iv2YUgFxirGX6FYvxuzTU0pY39mFHssQyhPB+QUD9RqdjTjPypeL08oPl Ikq1MauCcNHu8Iv2YUgFxirGX6FYvxuzTU0pY39mFHssQyhPB+QUD9RqdjTjPypeL08oPl
uKOBgzCBgDAgBgNVHREEGTAXgRVhbGljZURzc0BleGFtcGxlcy5jb20wDAYDVR0TAQH/BA uKOBgzCBgDAgBgNVHREEGTAXgRVhbGljZURzc0BleGFtcGxlcy5jb20wDAYDVR0TAQH/BA
IwADAOBgNVHQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8w IwADAOBgNVHQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8w
HQYDVR0OBBYEFL5sobPjwfftQ3CkzhMB4v3jl/7NMAkGByqGSM44BAMDMAAwLQIVAJiwxj HQYDVR0OBBYEFL5sobPjwfftQ3CkzhMB4v3jl/7NMAkGByqGSM44BAMDMAAwLQIVAJiwxj
/PcUdaNalKj8D4JAXoRpSOAhRbn0jAjKHBApxE6umhh8GlfygtuzFjMGECAQEwGDASMRAw /PcUdaNalKj8D4JAXoRpSOAhRbn0jAjKHBApxE6umhh8GlfygtuzFjMGECAQEwGDASMRAw
DgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGjAJBgcqhkjOOAQBBC4wLAIUPVxJboshQX DgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGjAJBgcqhkjOOAQBBC4wLAIUPVxJboshQX
N5eV7dgjlIpIF6v+wCFCYKruz8JMUc4SOABJ5SNsynHmDo N5eV7dgjlIpIF6v+wCFCYKruz8JMUc4SOABJ5SNsynHmDo
5.10 SignedData With Attributes 4.10 SignedData With Attributes
A SignedData message with the following list of signedAttributes: A SignedData message with the following list of signedAttributes:
- contentIdentifier - contentIdentifier
- contentReference - contentReference
- contentHints - contentHints
- smimeCapabilities - smimeCapabilities
- sMIMEEncryptionKeyPreference - sMIMEEncryptionKeyPreference
- unknown OID - unknown OID
0 30 2047: SEQUENCE { 0 30 2047: SEQUENCE {
skipping to change at line 5399 skipping to change at line 4790
: 63 96 A2 14 8B CF 57 DE B0 48 5F 6C : 63 96 A2 14 8B CF 57 DE B0 48 5F 6C
: 64 DD 84 04 49 5F 1C CA : 64 DD 84 04 49 5F 1C CA
: } : }
: } : }
: } : }
: } : }
: } : }
: } : }
: } : }
5.11 SignedData with Certificates Only 4.11 SignedData with Certificates Only
CA SignedData message with no content or signature, containing only CA SignedData message with no content or signature, containing only
Alices's and Carl's certificates. Alices's and Carl's certificates.
0 30 1672: SEQUENCE { 0 30 1672: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7) : (PKCS #7)
15 A0 1657: [0] { 15 A0 1657: [0] {
19 30 1653: SEQUENCE { 19 30 1653: SEQUENCE {
23 02 1: INTEGER 1 23 02 1: INTEGER 1
skipping to change at line 5775 skipping to change at line 5166
: DA 24 F3 2A 83 9C 35 A1 : DA 24 F3 2A 83 9C 35 A1
: } : }
: } : }
: } : }
: } : }
1674 31 0: SET {} 1674 31 0: SET {}
: } : }
: } : }
: } : }
6. Enveloped-data 5. Enveloped-data
6.1 Basic encrypted content, TripleDES and DH 5.1 Basic encrypted content, TripleDES and RSA
An EnvelopedData from Alice to Bob of ExContent using TripleDES for An EnvelopedData from Alice to Bob of ExContent using TripleDES for
encrypting and Diffie-Hellman for key management. Does not have a encrypting and RSA for key management. Does not have a OriginatorInfo.
OriginatorInfo or any attributes.
0 30 426: SEQUENCE {
4 06 9: OBJECT IDENTIFIER
: envelopedData (1 2 840 113549 1 7 3)
: (PKCS #7)
15 A0 411: [0] {
19 30 407: SEQUENCE {
23 02 1: INTEGER 2
26 31 331: SET {
30 A1 327: [1] {
34 02 1: INTEGER 3
37 A0 149: [0] {
40 A1 146: [1] {
43 30 9: SEQUENCE {
45 06 7: OBJECT IDENTIFIER
: dhPublicKey (1 2 840 10046 2 1)
: (ANSI X9.42 number type)
: }
54 03 132: BIT STRING 0 unused bits, encapsulates {
58 02 128: INTEGER
: 44 B9 26 32 13 77 AD 88 CD F5 9F 4B
: 4D A9 6C FF 38 60 EB 84 AB 45 E6 A3
: F4 E2 94 27 97 F0 8D 29 A5 EB 1F 21
: 91 68 58 39 C8 F2 49 D8 99 DB 48 A8
: 9E 47 A5 9E 06 BE B4 F4 A0 86 01 10
: C4 50 FB B1 F5 31 88 12 7B 15 18 70
: F8 72 08 65 4F 51 A7 A3 96 18 E8 79
: B4 A6 6C F1 B7 7A 61 26 F6 AF 4D 34
: 42 22 DD 80 F3 C7 42 CE 6A 1C 8C A6
: 24 E9 54 6A A0 67 B1 80 DE BB B0 C4
: FE BC 45 4C D2 EC 35 74
: }
: }
: }
189 A1 66: [1] {
191 04 64: OCTET STRING
: A9 74 C4 E9 AA 79 D3 CE 5C 74 A4 ED
: A5 DB 65 F5 C0 37 D6 81 F1 0A 93 5F
: 24 A1 DB 97 96 EE 87 8B 79 DB E9 07
: 11 23 CE 70 24 84 30 72 02 83 D5 7D
: 60 D3 D4 F6 A7 4D 4C C2 E0 89 FA CD
: 59 20 A2 93
: }
257 30 30: SEQUENCE {
259 06 11: OBJECT IDENTIFIER
: id-alg-ESDH (1 2 840 113549 1 9 16 3 5)
: (S/MIME Algorithms
: (1 2 840 113549 1 9 16 3))
272 30 15: SEQUENCE {
274 06 11: OBJECT IDENTIFIER
: id-alg-CMS3DESwrap
: (1 2 840 113549 1 9 16 3 6)
: (S/MIME Algorithms
: (1 2 840 113549 1 9 16 3))
287 05 0: NULL
: }
: }
289 30 70: SEQUENCE {
291 30 68: SEQUENCE {
293 30 24: SEQUENCE {
295 30 18: SEQUENCE {
297 31 16: SET {
299 30 14: SEQUENCE {
301 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
306 13 7: PrintableString 'CarlDSS'
: }
: }
: }
315 02 2: INTEGER 201
: }
319 04 40: OCTET STRING
: 97 A2 1C 9B 1D 72 03 4C FA 1F CE DA
: AE 85 49 E1 0D 32 04 97 80 43 CB 00
: 49 60 36 A7 DD 4B 0E E5 D6 A8 7B BA
: 66 94 97 A7
: }
: }
: }
: }
361 30 67: SEQUENCE {
363 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
374 30 20: SEQUENCE {
376 06 8: OBJECT IDENTIFIER
: des-EDE3-CBC (1 2 840 113549 3 7)
: (RSADSI encryptionAlgorithm
: (1 2 840 113549 3))
386 04 8: OCTET STRING
: 37 E7 7E D7 16 17 C8 AC
: }
396 80 32: [0]
: 6A F2 B8 9A 58 65 B2 AD F4 3A A0 31
: B2 BD F7 52 7A EB 2B FB 04 77 0F E2
: 59 C6 33 BB 05 FD 0C EA
: }
: }
: }
: }
Some additional information on this example:
3DES CEK
cd 4f 7c 83 73 c4 26 ce 5d b0 cd ea 7c 16 15 cb
2f 8c a8 20 16 0e c8 2a
Ephemeral X (reverse the bytes)
2e 92 4e b9 2a bd ab 1e cb 5b d8 3b c5 6c b0 ef
2d 89 7b 0e e7 d6 33 8c 1f 33 81 6d 2d d1 61 4f
ZZ
de 42 2f c3 fb 44 ab ce 71 3f f6 3a aa dc 09 d1
ca 30 97 22 73 eb de 6a af 87 e1 74 62 60 73 c7
93 1f 2e 26 b3 09 8f 1c 93 31 33 63 5f 0e ad 89
89 f5 1a cb 8c 3f b7 8f 50 b3 9a fe 06 b0 8a 68
c0 f7 b1 fe 20 af 96 f2 a6 cf de 12 1e 74 f9 38
d1 90 da 4d 10 45 b2 6a be 3f f9 3b 61 c0 6d 8f
bc 2e c8 a3 e6 d8 e2 a8 52 ea 58 65 b3 93 99 b7
77 91 67 e6 04 e5 ca ce 46 86 b0 83 17 d9 de 1d
3DES KEK (no parity check)
02 1f 67 5c 92 58 e5 5a 2a fb 3b ed 94 6b 39 8a
b1 38 a7 8c 63 fc d6 14
wrapped key
51 46 57 41 34 1c d6 c7 cd 36 4b a4 93 b7 16 e6
2e f0 58 24 9c 6d 4b e9 90 8b 0f 46 b8 e5 93 19
ff 7c f0 56 4d 4f fa f5
3DES CEK
1c b6 57 1a 25 bc f8 13 5b 01 1a d5 a2 46 31 7a
85 fe 4f 62 45 4a 2a 43
6.2 Basic encrypted content, TripleDES and RSA
Same as 6.1, except with RSA for key management. An EnvelopedData from
Alice to Bob of ExContent using TripleDES for encrypting and RSA for
key management. Does not have a OriginatorInfo.
0 30 286: SEQUENCE { 0 30 286: SEQUENCE {
4 06 9: OBJECT IDENTIFIER 4 06 9: OBJECT IDENTIFIER
: envelopedData (1 2 840 113549 1 7 3) : envelopedData (1 2 840 113549 1 7 3)
: (PKCS #7) : (PKCS #7)
15 A0 271: [0] { 15 A0 271: [0] {
19 30 267: SEQUENCE { 19 30 267: SEQUENCE {
23 02 1: INTEGER 0 23 02 1: INTEGER 0
26 31 192: SET { 26 31 192: SET {
29 30 189: SEQUENCE { 29 30 189: SEQUENCE {
skipping to change at line 5987 skipping to change at line 5238
: } : }
256 80 32: [0] 256 80 32: [0]
: 0E C8 92 7F C6 7D 3F 8D CB AD 8E 0E : 0E C8 92 7F C6 7D 3F 8D CB AD 8E 0E
: C5 49 3A EB 47 2E D6 55 DE 09 21 4E : C5 49 3A EB 47 2E D6 55 DE 09 21 4E
: 48 EA 4E 27 B1 6E 57 25 : 48 EA 4E 27 B1 6E 57 25
: } : }
: } : }
: } : }
: } : }
6.3 Basic encrypted content, RC2/40 and RSA 5.2 Basic encrypted content, RC2/128 and RSA
Same as 6.1, except using RC2/40 for encryption and RSA for key Same as 5.1, except using RC2/128 for encryption and RSA for key
management. An EnvelopedData from Alice to Bob of ExContent using management. An EnvelopedData from Alice to Bob of ExContent using
RC2/40 for encrypting and RSA for key management. Does not have a RC2/40 for encrypting and RSA for key management. Does not have a
OriginatorInfo or any attributes. OriginatorInfo or any attributes.
0 30 291: SEQUENCE { 0 30 291: SEQUENCE {
4 06 9: OBJECT IDENTIFIER 4 06 9: OBJECT IDENTIFIER
: envelopedData (1 2 840 113549 1 7 3) : envelopedData (1 2 840 113549 1 7 3)
: (PKCS #7) : (PKCS #7)
15 A0 276: [0] { 15 A0 276: [0] {
19 30 272: SEQUENCE { 19 30 272: SEQUENCE {
skipping to change at line 6061 skipping to change at line 5312
: } : }
261 80 32: [0] 261 80 32: [0]
: 06 53 0A 7B 8D 5C 16 0D CC D5 76 D6 : 06 53 0A 7B 8D 5C 16 0D CC D5 76 D6
: 8B 59 D6 45 8C 1A 1A 0C E6 1E F3 DE : 8B 59 D6 45 8C 1A 1A 0C E6 1E F3 DE
: 43 56 00 9B 40 8C 38 5D : 43 56 00 9B 40 8C 38 5D
: } : }
: } : }
: } : }
: } : }
6.4 Encrypted content, two recipients, no shared keying material 5.3 S/MIME application/pkcs7-mime encrypted message
Same as 6.1, except sent to both Bob and Diane. An EnvelopedData from
Alice to Bob and Diane of ExContent using TripleDES for encrypting and
Diffie-Hellman for key management. Does not have a OriginatorInfo or
any attributes.
0 30 759: SEQUENCE {
4 06 9: OBJECT IDENTIFIER
: envelopedData (1 2 840 113549 1 7 3)
: (PKCS #7)
15 A0 744: [0] {
19 30 740: SEQUENCE {
23 02 1: INTEGER 2
26 31 664: SET {
30 A1 328: [1] {
34 02 1: INTEGER 3
37 A0 150: [0] {
40 A1 147: [1] {
43 30 9: SEQUENCE {
45 06 7: OBJECT IDENTIFIER
: dhPublicKey (1 2 840 10046 2 1)
: (ANSI X9.42 number type)
: }
54 03 133: BIT STRING 0 unused bits, encapsulates {
58 02 129: INTEGER
: 00 9D 6E AA 4D 55 35 05 66 65 F7 A0
: 64 75 99 67 FB 4E 4F 53 55 34 7A 85
: 21 95 2B 7E 62 3C DE 0A C9 20 1C 4C
: 80 47 3E A6 5F F5 4B 07 12 26 74 BE
: D8 B8 2E 2C EA 45 21 05 C8 7D FA 68
: 6E 23 46 87 0F D2 D0 A8 8B 0E DE 4D
: 7D 2C F3 51 76 9F 58 F7 F2 7B 23 30
: D7 21 53 90 29 9A 5B 5E 64 1C 0D FF
: 7E EB 9D 35 DF B5 D3 A3 FF 30 22 B8
: AF 31 09 C2 8E BF C8 BD 51 F2 27 A5
: CD 34 11 B5 4C 2B BF 68 18
: }
: }
: }
190 A1 66: [1] {
192 04 64: OCTET STRING
: 83 14 1A D8 46 28 EF 78 3F C8 1E 29
: 3B 14 F8 FE 16 36 2E 6F 35 C8 29 60
: 8A C6 6A BF 48 E6 76 DB 6A 7C 18 36
: 13 47 20 E2 5F 39 08 C2 04 97 F3 FC
: E6 C3 6F 75 4E C9 30 97 B1 41 6B A1
: E8 50 D6 C7
: }
258 30 30: SEQUENCE {
260 06 11: OBJECT IDENTIFIER
: id-alg-ESDH (1 2 840 113549 1 9 16 3 5)
: (S/MIME Algorithms
: (1 2 840 113549 1 9 16 3))
273 30 15: SEQUENCE {
275 06 11: OBJECT IDENTIFIER
: id-alg-CMS3DESwrap
: (1 2 840 113549 1 9 16 3 6)
: (S/MIME Algorithms
: (1 2 840 113549 1 9 16 3))
288 05 0: NULL
: }
: }
290 30 70: SEQUENCE {
292 30 68: SEQUENCE {
294 30 24: SEQUENCE {
296 30 18: SEQUENCE {
298 31 16: SET {
300 30 14: SEQUENCE {
302 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
307 13 7: PrintableString 'CarlDSS'
: }
: }
: }
316 02 2: INTEGER 211
: }
320 04 40: OCTET STRING
: 38 73 93 2D 46 83 C1 7E EA 60 6B 41
: CF 72 6F 35 0D 59 B1 E3 C5 09 59 94
: E2 82 ED 18 FE 26 1B BC 46 81 1B 85
: 9A 56 3F 3C
: }
: }
: }
362 A1 328: [1] {
366 02 1: INTEGER 3
369 A0 150: [0] {
372 A1 147: [1] {
375 30 9: SEQUENCE {
377 06 7: OBJECT IDENTIFIER
: dhPublicKey (1 2 840 10046 2 1)
: (ANSI X9.42 number type)
: }
386 03 133: BIT STRING 0 unused bits, encapsulates {
390 02 129: INTEGER
: 00 BA 58 93 8B BC 31 59 F9 CF F7 23
: 3A 77 75 CB F4 9B 7C 5E 53 EB 73 94
: 4F E5 75 55 48 4D 50 C4 AF 71 69 87
: CA BC B5 5B 63 3B 9A 0E A5 D0 F3 97
: DB 18 51 C0 CB 35 A5 07 20 21 79 02
: 07 AE CA 26 EE 44 AE 9C 37 37 8B C8
: 45 B3 62 4F A4 87 0E 11 7E 48 96 B6
: A3 74 E0 F4 9F 5D 26 C1 E8 7E BC BF
: B3 4C EB 4A 5A 58 CB 12 E8 3E 42 3C
: 99 DC B3 D3 7A 4F D3 08 83 76 6B 73
: E6 B0 08 EB 76 0E B8 40 4C
: }
: }
: }
522 A1 66: [1] {
524 04 64: OCTET STRING
: FF DE 88 7A 3F AA 44 D8 10 14 A6 29
: 72 D0 08 4C 9A AC 7D 34 B5 68 4D 08
: ED CB 48 2A 70 D6 7A C5 41 9B AE C6
: 03 23 F0 87 3F C1 55 4D 6F E0 FF E7
: 6B 1C EF 54 ED C4 52 DD 90 04 25 5E
: F2 43 C1 19
: }
590 30 30: SEQUENCE {
592 06 11: OBJECT IDENTIFIER
: id-alg-ESDH (1 2 840 113549 1 9 16 3 5)
: (S/MIME Algorithms
: (1 2 840 113549 1 9 16 3))
605 30 15: SEQUENCE {
607 06 11: OBJECT IDENTIFIER
: id-alg-CMS3DESwrap
: (1 2 840 113549 1 9 16 3 6)
: (S/MIME Algorithms
: (1 2 840 113549 1 9 16 3))
620 05 0: NULL
: }
: }
622 30 70: SEQUENCE {
624 30 68: SEQUENCE {
626 30 24: SEQUENCE {
628 30 18: SEQUENCE {
630 31 16: SET {
632 30 14: SEQUENCE {
634 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
639 13 7: PrintableString 'CarlDSS'
: }
: }
: }
648 02 2: INTEGER 201
: }
652 04 40: OCTET STRING
: 21 9F 65 F0 97 04 C0 87 7E D9 69 22
: E3 A1 80 B2 89 4E D6 7D B3 55 DE 23
: AA 5B AC 0E 17 2B 45 13 A9 24 BC 09
: 35 00 E6 92
: }
: }
: }
: }
694 30 67: SEQUENCE {
696 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
707 30 20: SEQUENCE {
709 06 8: OBJECT IDENTIFIER
: des-EDE3-CBC (1 2 840 113549 3 7)
: (RSADSI encryptionAlgorithm
: (1 2 840 113549 3))
719 04 8: OCTET STRING
: B8 9A ED 3F 5E 67 11 8A
: }
729 80 32: [0]
: EA AA D8 C4 71 63 E4 31 96 11 12 E4
: 8E 84 60 F0 A0 14 02 F9 23 79 E2 3D
: F3 FC E3 A6 74 FD 25 38
: }
: }
: }
: }
6.5 Encrypted content, two recipients, shared keying material
Same as 6.4, except sent to Bob and Erica using keys that have shared
parameters so the result does not include the UKMs. An EnvelopedData
from Alice to Bob and Erica of ExContent using TripleDES for encrypting
and Diffie-Hellman for key management. Does not have a OriginatorInfo
or any attributes. Uses BobPubDHSharedEncrypt and
DianePubDHSharedEncrypt for keys.
0 30 429: SEQUENCE {
4 06 9: OBJECT IDENTIFIER
: envelopedData (1 2 840 113549 1 7 3)
: (PKCS #7)
15 A0 414: [0] {
19 30 410: SEQUENCE {
23 02 1: INTEGER 2
26 31 334: SET {
30 A1 330: [1] {
34 02 1: INTEGER 3
37 A0 149: [0] {
40 A1 146: [1] {
43 30 9: SEQUENCE {
45 06 7: OBJECT IDENTIFIER
: dhPublicKey (1 2 840 10046 2 1)
: (ANSI X9.42 number type)
: }
54 03 132: BIT STRING 0 unused bits, encapsulates {
58 02 128: INTEGER
: 21 CA 55 A3 10 33 D3 85 A1 A6 4A D8
: 18 85 13 15 D7 45 A5 17 94 DD 67 5B
: ED 43 03 E1 36 E3 2E DD F9 3C 38 65
: B9 34 66 89 29 0D 7E 6F 85 72 F9 DD
: E4 62 7E C3 9E F3 C4 38 39 6A EA 4E
: 07 83 B8 44 23 7F BE FD 02 8F 48 95
: 48 D0 2C BF 02 EE CD A9 AE E3 20 FD
: 20 2B 7A BD AC 59 88 62 F5 48 85 26
: A0 20 2B F5 96 02 4A 1A FC A1 0F 8F
: 90 03 EE 91 41 46 DE A7 E5 79 30 37
: 8A CB 41 3F 66 F3 F7 07
: }
: }
: }
189 30 30: SEQUENCE {
191 06 11: OBJECT IDENTIFIER
: id-alg-ESDH (1 2 840 113549 1 9 16 3 5)
: (S/MIME Algorithms
: (1 2 840 113549 1 9 16 3))
204 30 15: SEQUENCE {
206 06 11: OBJECT IDENTIFIER
: id-alg-CMS3DESwrap
: (1 2 840 113549 1 9 16 3 6)
: (S/MIME Algorithms
: (1 2 840 113549 1 9 16 3))
219 05 0: NULL
: }
: }
221 30 140: SEQUENCE {
224 30 68: SEQUENCE {
226 30 24: SEQUENCE {
228 30 18: SEQUENCE {
230 31 16: SET {
232 30 14: SEQUENCE {
234 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
239 13 7: PrintableString 'CarlDSS'
: }
: }
: }
248 02 2: INTEGER 201
: }
252 04 40: OCTET STRING
: 73 26 3A 6B 97 F9 50 3A B8 6A 8D E7
: 47 58 BA 4C 0B 4D C7 24 A2 13 22 6F
: 3A 93 70 EC 2C 17 D1 6B 80 1A B9 E3
: 79 B8 A6 7B
: }
294 30 68: SEQUENCE {
296 30 24: SEQUENCE {
298 30 18: SEQUENCE {
300 31 16: SET {
302 30 14: SEQUENCE {
304 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
309 13 7: PrintableString 'CarlDSS'
: }
: }
: }
318 02 2: INTEGER 212
: }
322 04 40: OCTET STRING
: AC 84 BF 28 B5 19 56 19 B7 F2 BD 32
: 59 5A 9E C6 7E F5 95 DC F1 20 80 15
: C2 BC 95 47 3E 92 EE CF B6 41 8F 45
: 83 C9 C8 5F
: }
: }
: }
: }
364 30 67: SEQUENCE {
366 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
377 30 20: SEQUENCE {
379 06 8: OBJECT IDENTIFIER
: des-EDE3-CBC (1 2 840 113549 3 7)
: (RSADSI encryptionAlgorithm
: (1 2 840 113549 3))
389 04 8: OCTET STRING
: CA D4 C8 C2 29 B4 FA AC
: }
399 80 32: [0]
: 02 18 E2 7C 19 21 34 CC 43 88 88 45
: F6 7E AD AB 97 2A 43 11 E6 45 01 11
: 3A C2 D8 29 6D 4D 6C 78
: }
: }
: }
: }
6.6 Encrypted content, TripleDES and DH, previously-distributed keys
Same as 6.1, except sent using a previously-distributed key. An
EnvelopedData from Alice to Bob of ExContent using TripleDES for
encrypting and Diffie-Hellman for key management, using the
MailListTripleDES key. Does not have a OriginatorInfo or any
attributes.
Subject: Test subject
MIME-Version: 1.0
Content-Type: application/pkcs7-mime;
name="smime.p7m";
smime-type=enveloped-data
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="smime.p7m"
MIAGCSqGSIb3DQEHA6CAMIACAQIxggFdoYIBBAIBA6CBlaGBkjAJBgcqhkjOPgIBA4
GEAAKBgE348O8WYkb+mh9JywImIJ1j0PIj84SnpKclqO31EcScZzkSiQQP+gqphImf
EwIGh7P7ywuoFuxdot8C2X/nDubhrrKImG3Z96h/FAh6/rgA6P10r2yesV1QvqfGgY
Bh9+o9zq/S1+Q8ssFH9j1nZzTLLL3rrG8W4ztmu4qX+Q89MB8GCyqGSIb3DQEJEAMF
MBAGCyqGSIb3DQEJEAMHAgE6MEYwRDAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDJBC
hTEv/IiYb58fJpBc1MQAJ1FSG33LdFbpRq8QirMU12JiHd9qAJjj9ColMCAQQwEwQR
TWFpbExpc3RUcmlwbGVERVMwDwYLKoZIhvcNAQkQAwYFAAQo/JV25qipslbuubZDLs
lEB93Y4rGtOJHpymNu+u5Fe7bpypVtjw4VWjCABgkqhkiG9w0BBwEwGQYIKoZIhvcN
AwIwDQIBOgQIj3hP9Fg2yEqggAQg4lYLOgn0NuOrSALLvtN4NzeVtYJ07hsW2OZ7Fq
QNmuoAAAAAAAAAAAAA
6.7 Encrypted content, RC2/40 and RSA, previously-distributed keys
Same as 6.1, except sent using a previously-distributed key. An
EnvelopedData from Alice to Bob of ExContent using RC2/40 for
encrypting and RSA for key management, using the MailListRC2 key. Does
not have a OriginatorInfo or any attributes.
0 30 357: SEQUENCE {
4 06 9: OBJECT IDENTIFIER
: envelopedData (1 2 840 113549 1 7 3)
: (PKCS #7)
15 A0 342: [0] {
19 30 338: SEQUENCE {
23 02 1: INTEGER 2
26 31 256: SET {
30 30 189: SEQUENCE {
33 02 1: INTEGER 0
36 30 38: SEQUENCE {
38 30 18: SEQUENCE {
40 31 16: SET {
42 30 14: SEQUENCE {
44 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
49 13 7: PrintableString 'CarlRSA'
: }
: }
: }
58 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E
: CD 5D 71 D0
: }
76 30 13: SEQUENCE {
78 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
89 05 0: NULL
: }
91 04 128: OCTET STRING
: 94 26 42 88 C6 8B B6 78 20 FF 82 57
: 2A 41 98 D1 68 08 3A 04 A7 CE E4 86
: D8 32 7D FD 8D E1 29 AA 0F 74 71 3F
: 1F BC 85 B2 D0 B7 D8 B7 61 C3 30 71
: AA 7E 6A 23 A4 CA A8 CC 6A 54 F4 DD
: 55 02 D1 70 4E 1A FF 87 60 8D C7 05
: 99 BF 68 5C F1 A2 AF 98 39 70 16 B3
: 9C 65 19 EA D9 C1 33 9C F6 3E 80 62
: 52 B8 A9 7B E7 CE D4 79 49 0F 13 06
: 39 73 CA D9 B8 57 BC E0 F9 31 AB 9C
: 65 4D 40 13 70 E3 B1 30
: }
222 A2 62: [2] {
224 02 1: INTEGER 4
227 30 13: SEQUENCE {
229 04 11: OCTET STRING 'MailListRC2'
: }
242 30 16: SEQUENCE {
244 06 11: OBJECT IDENTIFIER
: id-alg-CMSRC2wrap
: (1 2 840 113549 1 9 16 3 7)
: (S/MIME Algorithms
: (1 2 840 113549 1 9 16 3))
257 02 1: INTEGER 58
: }
260 04 24: OCTET STRING
: 77 14 AF 93 12 27 F8 3D 1E 72 55 1E
: C4 3A 5F 9E 95 73 06 1B F8 E7 E8 8D
: }
: }
286 30 73: SEQUENCE {
288 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
299 30 26: SEQUENCE {
301 06 8: OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2)
: (RSADSI encryptionAlgorithm
: (1 2 840 113549 3))
311 30 14: SEQUENCE {
313 02 2: INTEGER 160
317 04 8: OCTET STRING
: 9C 04 D2 19 2E 2A 55 A1
: }
: }
327 80 32: [0]
: 5E 28 D5 E1 A2 3B 9E 8F 7A 2B 83 D2
: ED EE 7F B0 5B 13 A1 9E 4C B9 57 9D
: 2F 4A 9A 18 45 F4 51 CB
: }
: }
: }
: }
6.8 S/MIME application/pkcs7-mime encrypted message
A full S/MIME message, including MIME, that includes the body part from A full S/MIME message, including MIME, that includes the body part from
6.1. 5.1.
MIME-Version: 1.0 MIME-Version: 1.0
Message-Id: <00103112005203.00349@amyemily.ig.com> Message-Id: <00103112005203.00349@amyemily.ig.com>
Date: Tue, 31 Oct 2000 12:00:52 -0600 (Central Standard Time) Date: Tue, 31 Oct 2000 12:00:52 -0600 (Central Standard Time)
From: User1 From: User1
To: User2 To: User2
Subject: Example 6.8 Subject: Example 5.3
Content-Type: Application/pkcs7-mime;name=smime.p7m;filename=smime.p7m Content-Type: Application/pkcs7-mime;name=smime.p7m;filename=smime.p7m
Content-Transfer-Encoding: base64 Content-Transfer-Encoding: base64
Content-Description: attachment;filename=smime.p7m Content-Description: attachment;filename=smime.p7m
MIIEYQYJKoZIhvcNAQcDoIIEUjCCBE4CAQKgggLxoIIC7TCCAukwggKooAMCAQICAgDUMA MIIBHgYJKoZIhvcNAQcDoIIBDzCCAQsCAQAxgcAwgb0CAQAwJjASMRAwDgYDVQQDEwdDYX
kGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUzAeFw05OTA4MTcwMjE3MTZaFw0zOTEy JsUlNBAhBGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUABIGAC3EN5nGIiJi2lsGP
MzEyMzU5NTlaMBIxEDAOBgNVBAMTB0VyaWNhREgwggHEMIIBOAYHKoZIzj4CATCCASsCgY cP2iJ97a4e8kbKQz36zg6Z2i0yx6zYC4mZ7mX7FBs3IWg+f6KgCLx3M1eCbWx8+MDFbbpX
EA7CzNpO+aJi9ip7sjTd8rJcFo0p6pRVs28ZSJGq99ESSdPbk8KejXI4Azpp5FAruqzJ4o adCDgO8/nUkUNYeNxJtuzubGgzoyEd8Ch4H/dd9gdzTd+taTEgS0ipdSJuNnkVY4/M652j
BZWgsxd2wfclNWECQZInDF6uSOXzbjjvkdHPN/6aQJfILTWenZPG+BWvP9p0OrfEk7W5u3 KKHRLFf02hosdR8wQwYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAgtaMXpRwZRNYAgDsiSf8
ZsH6h+vDqqQwqBZPxj8HtxmPrAOHkQGjMCgYEAugvXdD3nNOVME6eVlrvx5GE3CPsSx/uc Z9P43LrY4OxUk660cu1lXeCSFOSOpOJ7FuVyU=
kXcGmTXwSCSWMxIBfo3sC/aywGOnFcVelYaic8VJRjd5YP13BQlIm3CNPAX2zkQsf30bKx
Xd8wUvvoUgj435tKBFdCv0O51CYjQnJ4GObw9eYoWJzO0hw5FwBlTucKiSVVtuGSJNYqcC
IQDDq0owebPTl07K9aJ9x3CjRfOzooYF0j5J+Z/ZCrO+vQOBhQACgYEA0SvkHT66GM91IM
bHXsPEbOrzI9kJH0aY9M5ZubbO6DrGGPhZdxuZsNrcwJ0J5K/5YZEsR8xHXt8rM3bzZ+x3
6Cw3MKGJXfPI9lwWSuS3jPV71Tj9FKzoesJ97geQJwp8h6ii4nA16m7enlAxa+kJ2iUaAY
7j/yYcdfXDzlr1noWjgYEwfzAfBgNVHREEGDAWgRRlcmljYURoQGV4YW1wbGVzLmNvbTAM
BgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIDCDAfBgNVHSMEGDAWgBRwRD6CLm+H3krTde
M9ILxDK5PxHzAdBgNVHQ4EFgQUjVMdYVV/YDVtpjaixZP4mv3AdXQwCQYHKoZIzjgEAwMw
ADAtAhQ+UUII41IuqruPvRg4ccuYg75HngIVALSzFYWZEQZAH0BZjdQbLc2B8ehoMYIBDa
GCAQkCAQOgGjAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDUoYGDBIGAJ9S2hbjOL6X23QgU
dLjyo8uBXzTZNwDsNvWKidLJx6umMnV9PmfRxy1Yb1UDNDP//1Rd+xFYA9EYd8THsNDKdr
YosuLojimdW0xih8BOgn9UXlE/I2msgkJ24mxcUyzvA/u0LTN5aPoRdMYVS61QLPDsvr51
5f5TB2z9KPYVK5MwGgYHKoZIzj4CATAPBgsqhkiG9w0BCRADBgUAMEYwRDAYMBIxEDAOBg
NVBAMTB0NhcmxEU1MCAgDJBCiytQ66TKk5FRNqm13l4cUwtrsv92WphxKHjq0EFCHI35VP
2nLoq2YXMEMGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQI280UIM+ZHBiAIAl3prOldtS3Jw
rzjhCb6aJInx+tKnG5Ec9QDq9XDrm8
6.9 EnvelopedData with All Recipient Types
EnvelopedData message with an example of each recipient type (kari,
ktri, kekri), and has unprotected attributes.
0 30 841: SEQUENCE {
4 06 9: OBJECT IDENTIFIER
: envelopedData (1 2 840 113549 1 7 3)
: (PKCS #7)
15 A0 826: [0] {
19 30 822: SEQUENCE {
23 02 1: INTEGER 2
26 31 621: SET {
30 30 189: SEQUENCE {
33 02 1: INTEGER 0
36 30 38: SEQUENCE {
38 30 18: SEQUENCE {
40 31 16: SET {
42 30 14: SEQUENCE {
44 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
49 13 7: PrintableString 'CarlRSA'
: }
: }
: }
58 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E
: CD 5D 71 D0
: }
76 30 13: SEQUENCE {
78 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
89 05 0: NULL
: }
91 04 128: OCTET STRING
: 0C 08 70 9E 65 37 ED BD 39 C0 CF 06
: C9 40 97 DC 5F 03 05 23 08 F9 D7 D2
: 52 5C 86 58 E4 68 27 00 96 DF 89 A8
: 5F AE C0 7E 03 02 71 EC D6 2B 9B A1
: 8E B3 17 12 C5 43 F7 4A 40 88 27 5E
: 45 C1 24 C7 38 C0 5B 20 64 12 02 BE
: 27 63 35 7C 70 A3 35 DB 81 11 6F 93
: 97 1D 4A BA 66 D4 5C D6 76 54 B5 95
: 8E A8 7E B8 66 C7 87 07 01 0D 22 7F
: B3 52 A9 C9 E1 7D F2 37 95 CB CD 29
: 8E F4 6E EF 15 30 21 7B
: }
222 A1 328: [1] {
226 02 1: INTEGER 3
229 A0 149: [0] {
232 A1 146: [1] {
235 30 9: SEQUENCE {
237 06 7: OBJECT IDENTIFIER
: dhPublicKey (1 2 840 10046 2 1)
: (ANSI X9.42 number type)
: }
246 03 132: BIT STRING 0 unused bits, encapsulates {
250 02 128: INTEGER
: 7D 91 66 39 5E 11 FF 09 C3 A0 DA 33
: 96 9F 47 4E 81 71 B2 C2 80 58 95 40
: 4E 22 4A 08 55 28 60 25 17 BC E4 AB
: 17 D7 C3 31 05 6E 68 08 EC 8B E0 21
: 9B 75 DF 60 A5 B2 4A BE 41 F1 31 33
: DB 77 62 DC 3A E4 A0 C8 3F DA BE 4E
: 6A 6B 44 0F F5 09 86 51 17 58 D6 F1
: 46 BA C9 37 AC AD 58 0D DF 6C 32 BF
: AE B5 8F 16 91 A2 0A 93 28 44 E7 55
: 78 28 5A 9A 9D BD DE 8D AF A4 5B 21
: BB 12 02 30 17 97 09 61
: }
: }
: }
381 A1 66: [1] {
383 04 64: OCTET STRING
: 67 65 94 10 B2 F2 7F 1D 31 EF 6A 31
: 76 88 4D E2 46 79 43 4B 83 77 34 BE
: B4 02 E5 F9 CA DE BB CB 5F 85 22 07
: 32 62 E6 8E 51 74 67 C2 D2 FC 2B 73
: 33 2A 9D FF 68 1E 6C 74 8E F4 4D 34
: B2 DA 46 07
: }
449 30 31: SEQUENCE {
451 06 11: OBJECT IDENTIFIER
: id-alg-ESDH (1 2 840 113549 1 9 16 3 5)
: (S/MIME Algorithms
: (1 2 840 113549 1 9 16 3))
464 30 16: SEQUENCE {
466 06 11: OBJECT IDENTIFIER
: id-alg-CMSRC2wrap
: (1 2 840 113549 1 9 16 3 7)
: (S/MIME Algorithms
: (1 2 840 113549 1 9 16 3))
479 02 1: INTEGER 58
: }
: }
482 30 70: SEQUENCE {
484 30 68: SEQUENCE {
486 30 24: SEQUENCE {
488 30 18: SEQUENCE {
490 31 16: SET {
492 30 14: SEQUENCE {
494 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
499 13 7: PrintableString 'CarlDSS'
: }
: }
: }
508 02 2: INTEGER 201
: }
512 04 40: OCTET STRING
: 67 01 E1 31 C6 44 D5 CE 6B 38 70 C8
: 69 96 D8 2C E9 C3 3E 4B 7E D2 95 29
: CB 4A 0E E2 5C B1 2A 47 E4 BF 10 EC
: 6E AC F2 1E
: }
: }
: }
554 A2 95: [2] {
556 02 1: INTEGER 4
559 30 30: SEQUENCE {
561 04 11: OCTET STRING 'MailListRC2'
574 18 15: GeneralizedTime '19951230235959Z'
: }
591 30 16: SEQUENCE {
593 06 11: OBJECT IDENTIFIER
: id-alg-CMSRC2wrap
: (1 2 840 113549 1 9 16 3 7)
: (S/MIME Algorithms
: (1 2 840 113549 1 9 16 3))
606 02 1: INTEGER 58
: }
609 04 40: OCTET STRING
: 66 F3 29 29 43 EE 9C A3 96 50 BF 54
: AD 4E 5C 28 22 1A 9B 13 A1 B4 99 9F
: E0 7B AD 07 F0 1B 52 34 E7 BC 00 07
: 71 6B F9 C1
: }
: }
651 30 72: SEQUENCE {
653 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
664 30 25: SEQUENCE {
666 06 8: OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2)
: (RSADSI encryptionAlgorithm
: (1 2 840 113549 3))
676 30 13: SEQUENCE {
678 02 1: INTEGER 58
681 04 8: OCTET STRING
: 23 7E 97 B8 3F C1 8E 75
: }
: }
691 80 32: [0]
: 12 E4 41 F6 AA 41 A2 36 81 62 F1 47
: 3B 68 C7 65 12 A7 A6 54 8E D2 0F 4F
: 98 DE 79 8B A5 9A 8C 55
: }
725 A1 118: [1] {
727 30 56: SEQUENCE {
729 06 3: OBJECT IDENTIFIER '1 2 5555'
734 31 49: SET {
736 04 47: OCTET STRING
: 'This is a test General ASN Attribut'
: 'e, number 1.'
: }
: }
785 30 58: SEQUENCE {
787 06 11: OBJECT IDENTIFIER
: id-aa-contentHint
: (1 2 840 113549 1 9 16 2 4)
: (S/MIME Authenticated Attributes
: (1 2 840 113549 1 9 16 2))
800 31 43: SET {
802 30 41: SEQUENCE {
804 0C 32: UTF8String
: 'Content Hints Description Buffer'
838 06 5: OBJECT IDENTIFIER '1 2 3 6 5 4'
: }
: }
: }
: }
: }
: }
: }
6.10 EnvelopedData with KARI RC2 Encryption
EnvelopedData message like 6.1 except using the RC2 content encryption
algorithm for both the content and key.
0 30 433: SEQUENCE {
4 06 9: OBJECT IDENTIFIER
: envelopedData (1 2 840 113549 1 7 3)
: (PKCS #7)
15 A0 418: [0] {
19 30 414: SEQUENCE {
23 02 1: INTEGER 2
26 31 333: SET {
30 A1 329: [1] {
34 02 1: INTEGER 3
37 A0 150: [0] {
40 A1 147: [1] {
43 30 9: SEQUENCE {
45 06 7: OBJECT IDENTIFIER
: dhPublicKey (1 2 840 10046 2 1)
: (ANSI X9.42 number type)
: }
54 03 133: BIT STRING 0 unused bits, encapsulates {
58 02 129: INTEGER
: 00 B1 54 32 12 FB 62 53 7D AD 6A E2
: C0 52 BB B1 E7 9E 62 93 4B E0 BF DF
: D2 7F 25 92 23 69 D7 16 80 B4 0C 83
: 93 A1 63 6E 2F 61 93 6E 0C 78 E2 DC
: C6 C8 50 5F D9 0D 77 6A D5 8F 38 45
: C6 22 2B 94 DC C5 7A 8B E3 48 BC 44
: E5 9B 45 6C 17 17 E7 5F 81 E5 03 42
: 16 43 82 1B 96 A4 DC 75 98 B4 5A 0E
: 60 DF 0A EB 0B C7 1D AC 74 19 2F 2E
: E6 98 A9 38 9F D5 AB 23 9F 4A 8C A4
: D3 AF 72 2D 6D E6 CC 5A 10
: }
: }
: }
190 A1 66: [1] {
192 04 64: OCTET STRING
: 5D BC 4E 4E 3C 48 09 83 DF 6C 0A 45
: E8 EC 6E 73 3A 7B 2A 93 AB 2E 75 36
: 48 F4 37 02 7E 2E 07 54 CB 81 6D 9D
: AF DB 0B 64 85 AE 45 69 30 8A C7 12
: F1 68 37 1C A1 44 F8 8D 46 81 D3 1F
: 7A 0F 96 4D
: }
258 30 31: SEQUENCE {
260 06 11: OBJECT IDENTIFIER
: id-alg-ESDH (1 2 840 113549 1 9 16 3 5)
: (S/MIME Algorithms
: (1 2 840 113549 1 9 16 3))
273 30 16: SEQUENCE {
275 06 11: OBJECT IDENTIFIER
: id-alg-CMSRC2wrap
: (1 2 840 113549 1 9 16 3 7)
: (S/MIME Algorithms
: (1 2 840 113549 1 9 16 3))
288 02 1: INTEGER 58
: }
: }
291 30 70: SEQUENCE {
293 30 68: SEQUENCE {
295 30 24: SEQUENCE {
297 30 18: SEQUENCE {
299 31 16: SET {
301 30 14: SEQUENCE {
303 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
308 13 7: PrintableString 'CarlDSS'
: }
: }
: }
317 02 2: INTEGER 201
: }
321 04 40: OCTET STRING
: 32 63 D0 F6 96 76 4D BF 96 25 B4 7F
: 31 C2 A2 A2 F5 57 1C D6 4C BF 61 9E
: 63 9F 65 2B 98 93 2A 74 46 AD 35 A3
: 8E CB 84 F8
: }
: }
: }
: }
363 30 72: SEQUENCE {
365 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
376 30 25: SEQUENCE {
378 06 8: OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2)
: (RSADSI encryptionAlgorithm
: (1 2 840 113549 3))
388 30 13: SEQUENCE {
390 02 1: INTEGER 58
393 04 8: OCTET STRING
: BE C3 7C 81 57 B1 04 F3
: }
: }
403 80 32: [0]
: 1E 1C EB 3D CC 03 FF 59 BB F7 37 D6
: 7E F8 EA 27 75 91 04 FD B1 8A 82 A0
: 78 F1 29 E8 29 64 BF E5
: }
: }
: }
: }
6.11 EnvelopedData with KEK 3DES Encryption
EnvelopedData message like 6.7 except using the 3DES content encryption
algorithm for both the content and key.
0 30 193: SEQUENCE {
3 06 9: OBJECT IDENTIFIER
: envelopedData (1 2 840 113549 1 7 3)
: (PKCS #7)
14 A0 179: [0] {
17 30 176: SEQUENCE {
20 02 1: INTEGER 2
23 31 102: SET {
25 A2 100: [2] {
27 02 1: INTEGER 4
30 30 36: SEQUENCE {
32 04 17: OCTET STRING 'MailListTripleDES'
51 18 15: GeneralizedTime '19951230235959Z'
: }
68 30 15: SEQUENCE {
70 06 11: OBJECT IDENTIFIER
: id-alg-CMS3DESwrap
: (1 2 840 113549 1 9 16 3 6)
: (S/MIME Algorithms
: (1 2 840 113549 1 9 16 3))
83 05 0: NULL
: }
85 04 40: OCTET STRING
: 74 31 C0 45 51 4C 3C 2D 2E DA 63 50
: 8B AE D4 AC 64 CC 95 AE AF CD 0F 8C
: B6 48 1F 0B 45 12 4D FB A4 AB C7 83
: 30 4B 69 AD
: }
: }
127 30 67: SEQUENCE {
129 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
140 30 20: SEQUENCE {
142 06 8: OBJECT IDENTIFIER
: des-EDE3-CBC (1 2 840 113549 3 7)
: (RSADSI encryptionAlgorithm
: (1 2 840 113549 3))
152 04 8: OCTET STRING
: 41 1E 70 EC 7D 56 80 D9
: }
162 80 32: [0]
: C0 4C 7E 6E 31 E9 60 44 49 B9 E3 3E
: 24 A6 D4 58 4D 5E 65 07 69 A5 69 A9
: 38 F3 7D 50 C9 09 B3 C0
: }
: }
: }
: }
7. Digested-data 6. Digested-data
A DigestedData from Alice to Bob of ExContent using SHA-1. A DigestedData from Alice to Bob of ExContent using SHA-1.
0 30 94: SEQUENCE { 0 30 94: SEQUENCE {
2 06 9: OBJECT IDENTIFIER digestedData (1 2 840 113549 1 7 5) 2 06 9: OBJECT IDENTIFIER digestedData (1 2 840 113549 1 7 5)
: (PKCS #7) : (PKCS #7)
13 A0 81: [0] { 13 A0 81: [0] {
15 30 79: SEQUENCE { 15 30 79: SEQUENCE {
17 02 1: INTEGER 0 17 02 1: INTEGER 0
20 30 7: SEQUENCE { 20 30 7: SEQUENCE {
skipping to change at line 6892 skipping to change at line 5362
44 04 28: OCTET STRING 'This is some sample content.' 44 04 28: OCTET STRING 'This is some sample content.'
: } : }
: } : }
74 04 20: OCTET STRING 74 04 20: OCTET STRING
: 40 6A EC 08 52 79 BA 6E 16 02 2D 9E : 40 6A EC 08 52 79 BA 6E 16 02 2D 9E
: 06 29 C0 22 96 87 DD 48 : 06 29 C0 22 96 87 DD 48
: } : }
: } : }
: } : }
8. Encrypted-data 7. Encrypted-data
8.1 Simple EncryptedData 7.1 Simple EncryptedData
An EncryptedData from Alice to Bob of ExContent with no attributes. An EncryptedData from Alice to Bob of ExContent with no attributes.
0 30 87: SEQUENCE { 0 30 87: SEQUENCE {
2 06 9: OBJECT IDENTIFIER 2 06 9: OBJECT IDENTIFIER
: encryptedData (1 2 840 113549 1 7 6) : encryptedData (1 2 840 113549 1 7 6)
: (PKCS #7) : (PKCS #7)
13 A0 74: [0] { 13 A0 74: [0] {
15 30 72: SEQUENCE { 15 30 72: SEQUENCE {
17 02 1: INTEGER 0 17 02 1: INTEGER 0
skipping to change at line 6929 skipping to change at line 5399
: 9A F5 D7 04 F6 B5 70 E2 : 9A F5 D7 04 F6 B5 70 E2
: } : }
: } : }
: } : }
: } : }
The TripleDES key is: The TripleDES key is:
73 7c 79 1f 25 ea d0 e0 46 29 25 43 52 f7 dc 62 73 7c 79 1f 25 ea d0 e0 46 29 25 43 52 f7 dc 62
91 e5 cb 26 91 7a da 32 91 e5 cb 26 91 7a da 32
8.2 EncryptedData with unprotected attributes 7.2 EncryptedData with unprotected attributes
An EncryptedData from Alice to Bob of ExContent with unprotected An EncryptedData from Alice to Bob of ExContent with unprotected
attributes. attributes.
0 30 149: SEQUENCE { 0 30 149: SEQUENCE {
3 06 9: OBJECT IDENTIFIER 3 06 9: OBJECT IDENTIFIER
: encryptedData (1 2 840 113549 1 7 6) : encryptedData (1 2 840 113549 1 7 6)
: (PKCS #7) : (PKCS #7)
14 A0 135: [0] { 14 A0 135: [0] {
17 30 132: SEQUENCE { 17 30 132: SEQUENCE {
skipping to change at line 6971 skipping to change at line 5441
103 04 47: OCTET STRING 103 04 47: OCTET STRING
: 'This is a test General ASN Attribut' : 'This is a test General ASN Attribut'
: 'e, number 1.' : 'e, number 1.'
: } : }
: } : }
: } : }
: } : }
: } : }
: } : }
9. Authenticated-data 8. Security Considerations
No examples are given in this section because no one has created them.
10. Key Wrapping
This section shows the steps needed to wrap keys, as described in
section 12.6 of [CMS].
10.1 Wrapping RC2
This example shows how to wrap an RC2 key.
The CEK to be wrapped is
b70a 25fb c9d8 6a86 050c e0d7 11ea d4d9
The random value used is
4845 cce7 fd12 50
The hash of the CEK is
0a6f f19f db40 4988
The CEK initialization vector is
c7d9 0059 b29e 97f7
The KEK is
fd04 fd08 0607 07fb 0003 feff fd02 fe05
The "Pre Encrypt #1" is
10b7 0a25 fbc9 d86a 8605 0ce0 d711 ead4
d9 4845 cce7 fd12 500a 6ff1 9fdb 4049 88
The "Pre Encrypt #2" is
a7 f7 1f a3 07 8a a9 9f 32 99 8e ff 9e d7 8c ac
b8 70 ce 04 f5 55 8c e4 60 12 93 37 59 a2 1d a0
f7 97 9e b2 59 00 d9 c7
The wrapped CEK is
70e6 99fb 5701 f783 3330 fb71 e87c 85a4
20bd c99a f05d 22af 5a0e 48d3 5f31 3898
6cba afb4 b28d 4f35
10.2 Wrapping TripleDES
This example shows how to wrap an TripleDES key.
The CEK to be wrapped is
2923 bf85 e06d d6ae 5291 49f1 f1ba e9ea b3a7 da3d 860d 3e98
The hash of the CEK is
181b 7e96 86e04a4e
The CEK initialization vector is
5dd4 cbfc 96f5 453b
The KEK is
255e 0d1c 07b6 46df b313 4cc8 43ba 8aa7 1f02 5b7c 0838 251f
The "Pre Encrypt #1" is
29 23 bf 85 e0 6d d6 ae 52 91 49 f1 f1 ba e9 ea
b3 a7 da 3d 86 0d 3e 98 18 1b 7e 96 86 e0 4a 4e
The "Pre Encrypt #2" is
49 84 9d 72 5f cc 4d a4 f6 60 79 7a 3b 97 1f 5c
03 cc 92 ef 04 32 9a b4 2a dd 75 c6 89 a7 c1 cf
3b 45 f5 96 fc cb d4 5d
The wrapped CEK is
69 01 07 61 8e f0 92 b3 b4 8c a1 79 6b 23 4a e9
fa 33 eb b4 15 96 04 03 7d b5 d6 a8 4e b3 aa c2
76 8c 63 27 75 a4 67 d4
11. ESS Examples
11.1 ReceiptRequest
Alice asks Bob for a reciept on the message in 5.1 using RSA.
0 30 1152: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 1137: [0] {
19 30 1133: SEQUENCE {
23 02 1: INTEGER 1
26 31 9: SET {
28 30 7: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
: }
37 30 43: SEQUENCE {
39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
50 A0 30: [0] {
52 04 28: OCTET STRING 'This is some sample content.'
: }
: }
82 A0 736: [0] {
86 30 732: SEQUENCE {
90 30 667: SEQUENCE {
94 A0 3: [0] {
96 02 1: INTEGER 2
: }
99 02 2: INTEGER 200
103 30 9: SEQUENCE {
105 06 7: OBJECT IDENTIFIER
: dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
114 30 18: SEQUENCE {
116 31 16: SET {
118 30 14: SEQUENCE {
120 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
125 13 7: PrintableString 'CarlDSS'
: }
: }
: }
134 30 30: SEQUENCE {
136 17 13: UTCTime '990817011049Z'
151 17 13: UTCTime '391231235959Z'
: }
166 30 19: SEQUENCE {
168 31 17: SET {
170 30 15: SEQUENCE {
172 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
177 13 8: PrintableString 'AliceDSS'
: }
: }
: }
187 30 438: SEQUENCE {
191 30 299: SEQUENCE {
195 06 7: OBJECT IDENTIFIER
: dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
204 30 286: SEQUENCE {
208 02 129: INTEGER
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2
: 48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
: 53 C5 AB 84 08 4F FF 94 E1 73 48 7E
: 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
: 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
: DC 5F 69 8A E4 75 D0 37 0C 91 08 95
: 9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
: 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
: C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
: 78 BD FF 9D B0 84 97 37 F2 E4 51 1B
: B5 E4 09 96 5C F3 7E 5B DB
340 02 21: INTEGER
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
: B8 37 21 2B 62 8B F7 93 CD
363 02 128: INTEGER
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9
: 4B 59 6A 4C 76 23 39 04 02 35 5C F2
: CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
: AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
: 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
: 3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
: E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30
: 01 7C 6D 49 89 11 89 36 44 BD F8 C8
: 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
: 1F 11 7F C2 BD ED D1 50 FF 98 74 C2
: D1 81 4A 60 39 BA 36 39
: }
: }
494 03 132: BIT STRING 0 unused bits, encapsulates {
498 02 128: INTEGER
: 5C E3 B9 5A 75 14 96 0B A9 7A DD E3
: 3F A9 EC AC 5E DC BD B7 13 11 34 A6
: 16 89 28 11 23 D9 34 86 67 75 75 13
: 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
: 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
: A5 A0 4A E3 85 D6 CE 06 80 3F E8 23
: 7E 1A F2 24 AB 53 1A B8 27 0D 1E EF
: 08 BF 66 14 80 5C 62 AC 65 FA 15 8B
: F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
: 32 84 F0 7E 41 40 FD 46 A7 63 4E 33
: F2 A5 E2 F4 F2 83 E5 B8
: }
: }
629 A3 129: [3] {
632 30 127: SEQUENCE {
634 30 12: SEQUENCE {
636 06 3: OBJECT IDENTIFIER
: basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
641 01 1: BOOLEAN TRUE
644 04 2: OCTET STRING, encapsulates {
646 30 0: SEQUENCE {}
: }
: }
648 30 14: SEQUENCE {
650 06 3: OBJECT IDENTIFIER
: keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
655 01 1: BOOLEAN TRUE
658 04 4: OCTET STRING, encapsulates {
660 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
664 30 31: SEQUENCE {
666 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
671 04 24: OCTET STRING, encapsulates {
673 30 22: SEQUENCE {
675 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
: 3D 20 BC 43 2B 93 F1 1F
: }
: }
: }
697 30 29: SEQUENCE {
699 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
704 04 22: OCTET STRING, encapsulates {
706 04 20: OCTET STRING
: BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
: 13 01 E2 FD E3 97 FE CD
: }
: }
728 30 31: SEQUENCE {
730 06 3: OBJECT IDENTIFIER
: subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
735 04 24: OCTET STRING, encapsulates {
737 30 22: SEQUENCE {
739 81 20: [1] 'AliceDSS@example.com'
: }
: }
: }
: }
: }
: }
761 30 9: SEQUENCE {
763 06 7: OBJECT IDENTIFIER
: dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
772 03 48: BIT STRING 0 unused bits, encapsulates {
775 30 45: SEQUENCE {
777 02 20: INTEGER
: 55 0C A4 19 1F 42 2B 89 71 22 33 8D
: 83 6A B5 3D 67 6B BF 45
799 02 21: INTEGER
: 00 9F 61 53 52 54 0B 5C B2 DD DA E7
: 76 1D E2 10 52 5B 43 5E BD
: }
: }
: }
: }
822 31 330: SET {
826 30 326: SEQUENCE {
830 02 1: INTEGER 1
833 30 24: SEQUENCE {
835 30 18: SEQUENCE {
837 31 16: SET {
839 30 14: SEQUENCE {
841 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
846 13 7: PrintableString 'CarlDSS'
: }
: }
: }
855 02 2: INTEGER 200
: }
859 30 7: SEQUENCE {
861 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
868 A0 224: [0] {
871 30 24: SEQUENCE {
873 06 9: OBJECT IDENTIFIER
: contentType (1 2 840 113549 1 9 3)
: (PKCS #9 (1 2 840 113549 1 9))
884 31 11: SET {
886 06 9: OBJECT IDENTIFIER
: data (1 2 840 113549 1 7 1)
: (PKCS #7)
: }
: }
897 30 30: SEQUENCE {
899 06 9: OBJECT IDENTIFIER
: sMIMECapabilities
: (1 2 840 113549 1 9 15)
: (PKCS #9
: (1 2 840 113549 1 9))
910 31 17: SET {
912 30 15: SEQUENCE {
914 30 13: SEQUENCE {
916 06 11: OBJECT IDENTIFIER
: id-alg-zlib
: (1 2 840 113549 1 9 16 3 8)
: (S/MIME Algorithms
: (1 2 840 113549 1 9 16 3))
: }
: }
: }
: }
929 30 35: SEQUENCE {
931 06 9: OBJECT IDENTIFIER
: messageDigest (1 2 840 113549 1 9 4)
: (PKCS #9 (1 2 840 113549 1 9))
942 31 22: SET {
944 04 20: OCTET STRING
: 40 6A EC 08 52 79 BA 6E 16 02 2D 9E
: 06 29 C0 22 96 87 DD 48
: }
: }
966 30 127: SEQUENCE {
968 06 11: OBJECT IDENTIFIER
: id-aa-receiptRequest
: (1 2 840 113549 1 9 16 2 1)
: (S/MIME Authenticated Attributes
: (1 2 840 113549 1 9 16 2))
981 31 112: SET {
983 30 110: SEQUENCE {
985 04 50: OCTET STRING
: 'Example 11.1 (Alice asks for a rece'
: 'ipt from Diane)'
1037 A1 25: [1] {
1039 30 23: SEQUENCE {
1041 A4 21: [4] {
1043 30 19: SEQUENCE {
1045 31 17: SET {
1047 30 15: SEQUENCE {
1049 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
1054 13 8: PrintableString
: 'AliceRSA'
: }
: }
: }
: }
: }
: }
1064 30 29: SEQUENCE {
1066 30 27: SEQUENCE {
1068 81 25: [1] 'robert.colestock@wang.com'
: }
: }
: }
: }
: }
: }
1095 30 9: SEQUENCE {
1097 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
: }
1106 04 48: OCTET STRING, encapsulates {
1108 30 46: SEQUENCE {
1110 02 21: INTEGER
: 00 D3 1C 25 34 3D DB 96 88 D6 7B 99
: 4A C2 30 5B E3 C6 42 33 DC
1133 02 21: INTEGER
: 00 CE 3D 70 65 34 A5 2F BC 75 84 77
: EC CE EB 6B 15 F8 9D B1 FA
: }
: }
: }
: }
: }
: }
: }
11.2 Receipt
Bob gives Alice a receipt for the message in 11.1 using RSA.
0 30 1068: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 1053: [0] {
19 30 1049: SEQUENCE {
23 02 1: INTEGER 3
26 31 9: SET {
28 30 7: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
: }
37 30 135: SEQUENCE {
40 06 11: OBJECT IDENTIFIER
: id-ct-receipt (1 2 840 113549 1 9 16 1 1)
: (S/MIME Content Types
: (1 2 840 113549 1 9 16 1))
53 A0 120: [0] {
55 04 118: OCTET STRING, encapsulates {
57 30 116: SEQUENCE {
59 02 1: INTEGER 1
62 06 9: OBJECT IDENTIFIER
: data (1 2 840 113549 1 7 1)
: (PKCS #7)
73 04 50: OCTET STRING
: 'Example 11.1 (Alice asks for a rece'
: 'ipt from Diane)'
125 04 48: OCTET STRING, encapsulates {
127 30 46: SEQUENCE {
129 02 21: INTEGER
: 00 D3 1C 25 34 3D DB 96 88 D6 7B 99
: 4A C2 30 5B E3 C6 42 33 DC
152 02 21: INTEGER
: 00 CE 3D 70 65 34 A5 2F BC 75 84 77
: EC CE EB 6B 15 F8 9D B1 FA
: }
: }
: }
: }
: }
: }
175 A0 518: [0] {
179 30 514: SEQUENCE {
183 30 367: SEQUENCE {
187 A0 3: [0] {
189 02 1: INTEGER 2
: }
192 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E
: C4 10 B3 B0
210 30 9: SEQUENCE {
212 06 5: OBJECT IDENTIFIER
: sha-1WithRSAEncryption (1 3 14 3 2 29)
: (Oddball OIW OID)
219 05 0: NULL
: }
221 30 18: SEQUENCE {
223 31 16: SET {
225 30 14: SEQUENCE {
227 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
232 13 7: PrintableString 'CarlRSA'
: }
: }
: }
241 30 30: SEQUENCE {
243 17 13: UTCTime '990919010847Z'
258 17 13: UTCTime '391231235959Z'
: }
273 30 19: SEQUENCE {
275 31 17: SET {
277 30 15: SEQUENCE {
279 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
284 13 8: PrintableString 'AliceRSA'
: }
: }
: }
294 30 159: SEQUENCE {
297 30 13: SEQUENCE {
299 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
310 05 0: NULL
: }
312 03 141: BIT STRING 0 unused bits, encapsulates {
316 30 137: SEQUENCE {
319 02 129: INTEGER
: 00 E0 89 73 39 8D D8 F5 F5 E8 87 76
: 39 7F 4E B0 05 BB 53 83 DE 0F B7 AB
: DC 7D C7 75 29 0D 05 2E 6D 12 DF A6
: 86 26 D4 D2 6F AA 58 29 FC 97 EC FA
: 82 51 0F 30 80 BE B1 50 9E 46 44 F1
: 2C BB D8 32 CF C6 68 6F 07 D9 B0 60
: AC BE EE 34 09 6A 13 F5 F7 05 05 93
: DF 5E BA 35 56 D9 61 FF 19 7F C9 81
: E6 F8 6C EA 87 40 70 EF AC 6D 2C 74
: 9F 2D FA 55 3A B9 99 77 02 A6 48 52
: 8C 4E F3 57 38 57 74 57 5F
451 02 3: INTEGER 65537
: }
: }
: }
456 A3 96: [3] {
458 30 94: SEQUENCE {
460 30 12: SEQUENCE {
462 06 3: OBJECT IDENTIFIER
: basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
467 01 1: BOOLEAN TRUE
470 04 2: OCTET STRING, encapsulates {
472 30 0: SEQUENCE {}
: }
: }
474 30 14: SEQUENCE {
476 06 3: OBJECT IDENTIFIER
: keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
481 01 1: BOOLEAN TRUE
484 04 4: OCTET STRING, encapsulates {
486 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
490 30 31: SEQUENCE {
492 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
497 04 24: OCTET STRING, encapsulates {
499 30 22: SEQUENCE {
501 80 20: [0]
: E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
: 42 37 4E 22 AE 9E 38 BB
: }
: }
: }
523 30 29: SEQUENCE {
525 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
530 04 22: OCTET STRING, encapsulates {
532 04 20: OCTET STRING
: 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D
: CE EC 3C A0 3A E3 FF 50
: }
: }
: }
: }
: }
554 30 9: SEQUENCE {
556 06 5: OBJECT IDENTIFIER
: sha-1WithRSAEncryption (1 3 14 3 2 29)
: (Oddball OIW OID)
563 05 0: NULL
: }
565 03 129: BIT STRING 0 unused bits
: BF 34 32 E6 FC 6A 88 41 7D F0 5C 99
: A1 93 B7 49 B7 02 52 1E CB 84 AC 93
: D7 58 2B 00 A1 9C C4 48 48 99 DD 02
: C3 C6 05 F8 D2 25 F1 A3 9C C9 33 01
: 8A 76 0E 6F 77 43 A3 BF E1 E6 B3 6A
: 04 79 39 EE E1 E9 E5 9D 50 07 8B 22
: DC 12 50 E3 F3 B4 3D 9E E5 93 9E B1
: CD 33 F9 E0 AB 98 71 09 F8 EB B0 FC
: 9C EC F1 88 D8 AE 03 D1 FE 60 E1 62
: 14 B1 A2 23 D2 C8 8D 18 1F 5E EE 9B
: 72 02 27 C2 85 3D 04 2E
: }
: }
697 31 371: SET {
701 30 367: SEQUENCE {
705 02 1: INTEGER 1
708 30 38: SEQUENCE {
710 30 18: SEQUENCE {
712 31 16: SET {
714 30 14: SEQUENCE {
716 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
721 13 7: PrintableString 'CarlRSA'
: }
: }
: }
730 02 16: INTEGER
: 46 34 6B C7 80 00 56 BC 11 D3 6E 2E
: C4 10 B3 B0
: }
748 30 7: SEQUENCE {
750 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
757 A0 166: [0] {
760 30 26: SEQUENCE {
762 06 9: OBJECT IDENTIFIER
: contentType (1 2 840 113549 1 9 3)
: (PKCS #9 (1 2 840 113549 1 9))
773 31 13: SET {
775 06 11: OBJECT IDENTIFIER
: id-ct-receipt
: (1 2 840 113549 1 9 16 1 1)
: (S/MIME Content Types
: (1 2 840 113549 1 9 16 1))
: }
: }
788 30 28: SEQUENCE {
790 06 9: OBJECT IDENTIFIER
: signingTime (1 2 840 113549 1 9 5)
: (PKCS #9 (1 2 840 113549 1 9))
801 31 15: SET {
803 17 13: UTCTime '030506171300Z'
: }
: }
818 30 30: SEQUENCE {
820 06 9: OBJECT IDENTIFIER
: sMIMECapabilities
: (1 2 840 113549 1 9 15)
: (PKCS #9
: (1 2 840 113549 1 9))
831 31 17: SET {
833 30 15: SEQUENCE {
835 30 13: SEQUENCE {
837 06 11: OBJECT IDENTIFIER
: id-alg-zlib
: (1 2 840 113549 1 9 16 3 8)
: (S/MIME Algorithms
: (1 2 840 113549 1 9 16 3))
: }
: }
: }
: }
850 30 35: SEQUENCE {
852 06 9: OBJECT IDENTIFIER
: messageDigest (1 2 840 113549 1 9 4)
: (PKCS #9 (1 2 840 113549 1 9))
863 31 22: SET {
865 04 20: OCTET STRING
: 31 35 03 EC DF FE 05 84 AA 54 1B 38
: 57 C7 D0 90 70 9B 2B 8C
: }
: }
887 30 37: SEQUENCE {
889 06 11: OBJECT IDENTIFIER
: id-aa-msgSigDigest
: (1 2 840 113549 1 9 16 2 5)
: (S/MIME Authenticated Attributes
: (1 2 840 113549 1 9 16 2))
902 31 22: SET {
904 04 20: OCTET STRING
: 92 98 46 1D 67 6E BB 2B 04 89 3C E0
: BB 3F F4 E4 2C F7 B5 0A
: }
: }
: }
926 30 13: SEQUENCE {
928 06 9: OBJECT IDENTIFIER
: rsaEncryption (1 2 840 113549 1 1 1)
: (PKCS #1)
939 05 0: NULL
: }
941 04 128: OCTET STRING
: 55 2E 3A 6A A1 CF CE 42 65 05 1B 3C
: 2B 42 E7 23 7A 16 51 56 4F 95 72 F1
: 37 83 3C F9 BA F3 65 BE A6 DA C1 8F
: 74 3C AA 27 EE 04 7F 51 17 42 99 85
: 3B 25 4E E4 5C E9 69 03 D9 86 40 D2
: 80 33 0A FC DF 2D CE FC 9A 30 5C 95
: 0C C1 3F 53 93 99 10 D8 B1 97 0C F7
: 16 83 93 5E 82 74 A8 D5 03 00 44 7E
: 37 74 1F DE EE 08 FC 54 45 6D C3 D0
: CA F3 5A F9 F5 1F B4 79 A1 7E CC AF
: 1B 11 B9 64 C0 25 78 E2
: }
: }
: }
: }
: }
11.3 eSSSecurityLabel
Alice includes a security label in the message in 5.1.
0 30 1103: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 1088: [0] {
19 30 1084: SEQUENCE {
23 02 1: INTEGER 1
26 31 9: SET {
28 30 7: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
: }
37 30 43: SEQUENCE {
39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
50 A0 30: [0] {
52 04 28: OCTET STRING 'This is some sample content.'
: }
: }
82 A0 738: [0] {
86 30 734: SEQUENCE {
90 30 669: SEQUENCE {
94 A0 3: [0] {
96 02 1: INTEGER 2
: }
99 02 2: INTEGER 200
103 30 9: SEQUENCE {
105 06 7: OBJECT IDENTIFIER
: dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
114 30 18: SEQUENCE {
116 31 16: SET {
118 30 14: SEQUENCE {
120 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
125 13 7: PrintableString 'CarlDSS'
: }
: }
: }
134 30 30: SEQUENCE {
136 17 13: UTCTime '990817011049Z'
151 17 13: UTCTime '391231235959Z'
: }
166 30 19: SEQUENCE {
168 31 17: SET {
170 30 15: SEQUENCE {
172 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
177 13 8: PrintableString 'AliceDSS'
: }
: }
: }
187 30 438: SEQUENCE {
191 30 299: SEQUENCE {
195 06 7: OBJECT IDENTIFIER
: dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
204 30 286: SEQUENCE {
208 02 129: INTEGER
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2
: 48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
: 53 C5 AB 84 08 4F FF 94 E1 73 48 7E
: 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
: 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
: DC 5F 69 8A E4 75 D0 37 0C 91 08 95
: 9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
: 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
: C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
: 78 BD FF 9D B0 84 97 37 F2 E4 51 1B
: B5 E4 09 96 5C F3 7E 5B DB
340 02 21: INTEGER
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
: B8 37 21 2B 62 8B F7 93 CD
363 02 128: INTEGER
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9
: 4B 59 6A 4C 76 23 39 04 02 35 5C F2
: CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
: AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
: 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
: 3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
: E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30
: 01 7C 6D 49 89 11 89 36 44 BD F8 C8
: 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
: 1F 11 7F C2 BD ED D1 50 FF 98 74 C2
: D1 81 4A 60 39 BA 36 39
: }
: }
494 03 132: BIT STRING 0 unused bits, encapsulates {
498 02 128: INTEGER
: 5C E3 B9 5A 75 14 96 0B A9 7A DD E3
: 3F A9 EC AC 5E DC BD B7 13 11 34 A6
: 16 89 28 11 23 D9 34 86 67 75 75 13
: 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
: 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
: A5 A0 4A E3 85 D6 CE 06 80 3F E8 23
: 7E 1A F2 24 AB 53 1A B8 27 0D 1E EF
: 08 BF 66 14 80 5C 62 AC 65 FA 15 8B
: F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
: 32 84 F0 7E 41 40 FD 46 A7 63 4E 33
: F2 A5 E2 F4 F2 83 E5 B8
: }
: }
629 A3 131: [3] {
632 30 128: SEQUENCE {
635 30 32: SEQUENCE {
637 06 3: OBJECT IDENTIFIER
: subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
642 04 25: OCTET STRING, encapsulates {
644 30 23: SEQUENCE {
646 81 21: [1] 'aliceDss@examples.com'
: }
: }
: }
669 30 12: SEQUENCE {
671 06 3: OBJECT IDENTIFIER
: basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
676 01 1: BOOLEAN TRUE
679 04 2: OCTET STRING, encapsulates {
681 30 0: SEQUENCE {}
: }
: }
683 30 14: SEQUENCE {
685 06 3: OBJECT IDENTIFIER
: keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
690 01 1: BOOLEAN TRUE
693 04 4: OCTET STRING, encapsulates {
695 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
699 30 31: SEQUENCE {
701 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
706 04 24: OCTET STRING, encapsulates {
708 30 22: SEQUENCE {
710 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
: 3D 20 BC 43 2B 93 F1 1F
: }
: }
: }
732 30 29: SEQUENCE {
734 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
739 04 22: OCTET STRING, encapsulates {
741 04 20: OCTET STRING
: BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
: 13 01 E2 FD E3 97 FE CD
: }
: }
: }
: }
: }
763 30 9: SEQUENCE {
765 06 7: OBJECT IDENTIFIER
: dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
774 03 48: BIT STRING 0 unused bits, encapsulates {
777 30 45: SEQUENCE {
779 02 21: INTEGER
: 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A
: 8F C0 F8 24 05 E8 46 94 8E
802 02 20: INTEGER
: 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9
: A1 87 C1 A5 7F 28 2D BB
: }
: }
: }
: }
824 31 279: SET {
828 30 275: SEQUENCE {
832 02 1: INTEGER 1
835 30 24: SEQUENCE {
837 30 18: SEQUENCE {
839 31 16: SET {
841 30 14: SEQUENCE {
843 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
848 13 7: PrintableString 'CarlDSS'
: }
: }
: }
857 02 2: INTEGER 200
: }
861 30 7: SEQUENCE {
863 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
870 A0 174: [0] {
873 30 24: SEQUENCE {
875 06 9: OBJECT IDENTIFIER
: contentType (1 2 840 113549 1 9 3)
: (PKCS #9 (1 2 840 113549 1 9))
886 31 11: SET {
888 06 9: OBJECT IDENTIFIER
: data (1 2 840 113549 1 7 1)
: (PKCS #7)
: }
: }
899 30 35: SEQUENCE {
901 06 9: OBJECT IDENTIFIER
: messageDigest (1 2 840 113549 1 9 4)
: (PKCS #9 (1 2 840 113549 1 9))
912 31 22: SET {
914 04 20: OCTET STRING
: 40 6A EC 08 52 79 BA 6E 16 02 2D 9E
: 06 29 C0 22 96 87 DD 48
: }
: }
936 30 109: SEQUENCE {
938 06 11: OBJECT IDENTIFIER
: id-aa-securityLabel
: (1 2 840 113549 1 9 16 2 2)
: (S/MIME Authenticated Attributes
: (1 2 840 113549 1 9 16 2))
951 31 94: SET {
953 31 92: SET {
955 02 1: INTEGER 1
958 06 7: OBJECT IDENTIFIER '1 2 3 4 5 6 7 8'
967 31 49: SET {
969 30 47: SEQUENCE {
971 80 8: [0]
: 2A 03 04 05 06 07 86 78
981 A1 35: [1] {
983 13 33: PrintableString
: 'THIS IS A TEST SECURITY-CATEGORY.'
: }
: }
: }
1018 13 27: PrintableString
: 'THIS IS A PRIVACY MARK TEST'
: }
: }
: }
: }
1047 30 9: SEQUENCE {
1049 06 7: OBJECT IDENTIFIER
: dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
1058 04 47: OCTET STRING, encapsulates {
1060 30 45: SEQUENCE {
1062 02 20: INTEGER
: 28 15 7C BF 62 B1 1E 09 97 BC 49 81
: 90 CF 8A 46 7E 94 F5 5D
1084 02 21: INTEGER
: 00 88 06 C2 4E DF 4D FD 60 49 C1 21
: 29 0C 04 4D 08 B7 DB 5A 92
: }
: }
: }
: }
: }
: }
: }
11.4 EquivalentLabels
Alice uses an EquivalentLabels in the message in 11.3.
0 30 1340: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 1325: [0] {
19 30 1321: SEQUENCE {
23 02 1: INTEGER 1
26 31 9: SET {
28 30 7: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
: }
37 30 43: SEQUENCE {
39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
50 A0 30: [0] {
52 04 28: OCTET STRING 'This is some sample content.'
: }
: }
82 A0 738: [0] {
86 30 734: SEQUENCE {
90 30 669: SEQUENCE {
94 A0 3: [0] {
96 02 1: INTEGER 2
: }
99 02 2: INTEGER 200
103 30 9: SEQUENCE {
105 06 7: OBJECT IDENTIFIER
: dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
114 30 18: SEQUENCE {
116 31 16: SET {
118 30 14: SEQUENCE {
120 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
125 13 7: PrintableString 'CarlDSS'
: }
: }
: }
134 30 30: SEQUENCE {
136 17 13: UTCTime '990817011049Z'
151 17 13: UTCTime '391231235959Z'
: }
166 30 19: SEQUENCE {
168 31 17: SET {
170 30 15: SEQUENCE {
172 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
177 13 8: PrintableString 'AliceDSS'
: }
: }
: }
187 30 438: SEQUENCE {
191 30 299: SEQUENCE {
195 06 7: OBJECT IDENTIFIER
: dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
204 30 286: SEQUENCE {
208 02 129: INTEGER
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2
: 48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
: 53 C5 AB 84 08 4F FF 94 E1 73 48 7E
: 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
: 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
: DC 5F 69 8A E4 75 D0 37 0C 91 08 95
: 9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
: 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
: C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
: 78 BD FF 9D B0 84 97 37 F2 E4 51 1B
: B5 E4 09 96 5C F3 7E 5B DB
340 02 21: INTEGER
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
: B8 37 21 2B 62 8B F7 93 CD
363 02 128: INTEGER
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9
: 4B 59 6A 4C 76 23 39 04 02 35 5C F2
: CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
: AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
: 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
: 3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
: E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30
: 01 7C 6D 49 89 11 89 36 44 BD F8 C8
: 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
: 1F 11 7F C2 BD ED D1 50 FF 98 74 C2
: D1 81 4A 60 39 BA 36 39
: }
: }
494 03 132: BIT STRING 0 unused bits, encapsulates {
498 02 128: INTEGER
: 5C E3 B9 5A 75 14 96 0B A9 7A DD E3
: 3F A9 EC AC 5E DC BD B7 13 11 34 A6
: 16 89 28 11 23 D9 34 86 67 75 75 13
: 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
: 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
: A5 A0 4A E3 85 D6 CE 06 80 3F E8 23
: 7E 1A F2 24 AB 53 1A B8 27 0D 1E EF
: 08 BF 66 14 80 5C 62 AC 65 FA 15 8B
: F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
: 32 84 F0 7E 41 40 FD 46 A7 63 4E 33
: F2 A5 E2 F4 F2 83 E5 B8
: }
: }
629 A3 131: [3] {
632 30 128: SEQUENCE {
635 30 32: SEQUENCE {
637 06 3: OBJECT IDENTIFIER
: subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
642 04 25: OCTET STRING, encapsulates {
644 30 23: SEQUENCE {
646 81 21: [1] 'aliceDss@examples.com'
: }
: }
: }
669 30 12: SEQUENCE {
671 06 3: OBJECT IDENTIFIER
: basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
676 01 1: BOOLEAN TRUE
679 04 2: OCTET STRING, encapsulates {
681 30 0: SEQUENCE {}
: }
: }
683 30 14: SEQUENCE {
685 06 3: OBJECT IDENTIFIER
: keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
690 01 1: BOOLEAN TRUE
693 04 4: OCTET STRING, encapsulates {
695 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
699 30 31: SEQUENCE {
701 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
706 04 24: OCTET STRING, encapsulates {
708 30 22: SEQUENCE {
710 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
: 3D 20 BC 43 2B 93 F1 1F
: }
: }
: }
732 30 29: SEQUENCE {
734 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
739 04 22: OCTET STRING, encapsulates {
741 04 20: OCTET STRING
: BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
: 13 01 E2 FD E3 97 FE CD
: }
: }
: }
: }
: }
763 30 9: SEQUENCE {
765 06 7: OBJECT IDENTIFIER
: dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
774 03 48: BIT STRING 0 unused bits, encapsulates {
777 30 45: SEQUENCE {
779 02 21: INTEGER
: 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A
: 8F C0 F8 24 05 E8 46 94 8E
802 02 20: INTEGER
: 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9
: A1 87 C1 A5 7F 28 2D BB
: }
: }
: }
: }
824 31 516: SET {
828 30 512: SEQUENCE {
832 02 1: INTEGER 1
835 30 24: SEQUENCE {
837 30 18: SEQUENCE {
839 31 16: SET {
841 30 14: SEQUENCE {
843 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
848 13 7: PrintableString 'CarlDSS'
: }
: }
: }
857 02 2: INTEGER 200
: }
861 30 7: SEQUENCE {
863 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
870 A0 411: [0] {
874 30 24: SEQUENCE {
876 06 9: OBJECT IDENTIFIER
: contentType (1 2 840 113549 1 9 3)
: (PKCS #9 (1 2 840 113549 1 9))
887 31 11: SET {
889 06 9: OBJECT IDENTIFIER
: data (1 2 840 113549 1 7 1)
: (PKCS #7)
: }
: }
900 30 35: SEQUENCE {
902 06 9: OBJECT IDENTIFIER
: messageDigest (1 2 840 113549 1 9 4)
: (PKCS #9 (1 2 840 113549 1 9))
913 31 22: SET {
915 04 20: OCTET STRING
: 40 6A EC 08 52 79 BA 6E 16 02 2D 9E
: 06 29 C0 22 96 87 DD 48
: }
: }
937 30 113: SEQUENCE {
939 06 11: OBJECT IDENTIFIER
: id-aa-securityLabel
: (1 2 840 113549 1 9 16 2 2)
: (S/MIME Authenticated Attributes
: (1 2 840 113549 1 9 16 2))
952 31 98: SET {
954 31 96: SET {
956 02 1: INTEGER 1
959 06 7: OBJECT IDENTIFIER '1 2 3 4 5 6 7 8'
968 31 53: SET {
970 30 51: SEQUENCE {
972 80 8: [0]
: 2A 03 04 05 06 07 86 78
982 A1 39: [1] {
984 13 37: PrintableString
: 'BOB THIS IS A TEST SECURITY-CATEGOR'
: 'Y.'
: }
: }
: }
1023 13 27: PrintableString
: 'THIS IS A PRIVACY MARK TEST'
: }
: }
: }
1052 30 230: SEQUENCE {
1055 06 11: OBJECT IDENTIFIER
: id-aa-equivalentLabels
: (1 2 840 113549 1 9 16 2 9)
: (S/MIME Authenticated Attributes
: (1 2 840 113549 1 9 16 2))
1068 31 214: SET {
1071 30 211: SEQUENCE {
1074 31 100: SET {
1076 02 1: INTEGER 1
1079 06 7: OBJECT IDENTIFIER '1 2 3 4 5 6 7 8'
1088 31 53: SET {
1090 30 51: SEQUENCE {
1092 80 8: [0]
: 2A 03 04 05 06 07 86 78
1102 A1 39: [1] {
1104 13 37: PrintableString
: 'BOB THIS IS A TEST SECURITY-CATEGOR'
: 'Y.'
: }
: }
: }
1143 13 31: PrintableString
: 'BOB THIS IS A PRIVACY MARK TEST'
: }
1176 31 107: SET {
1178 02 1: INTEGER 1
1181 06 7: OBJECT IDENTIFIER '1 2 3 4 5 6 7 9'
1190 31 53: SET {
1192 30 51: SEQUENCE {
1194 80 8: [0]
: 2A 03 04 05 06 07 86 78
1204 A1 39: [1] {
1206 13 37: PrintableString
: 'BOB THIS IS A TEST SECURITY-CATEGOR'
: 'Y.'
: }
: }
: }
1245 13 38: PrintableString
: 'BOB THIS IS A SECOND PRIVACY MARK T'
: 'EST'
: }
: }
: }
: }
: }
1285 30 9: SEQUENCE {
1287 06 7: OBJECT IDENTIFIER
: dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
1296 04 46: OCTET STRING, encapsulates {
1298 30 44: SEQUENCE {
1300 02 20: INTEGER
: 16 6C 58 D2 77 50 79 70 9D 52 99 C2
: 39 6E 9C 49 FB 2E CC EC
1322 02 20: INTEGER
: 42 55 41 4F 66 F0 15 DD 46 86 16 3E
: A3 BB 4B 7C 54 C9 7B 00
: }
: }
: }
: }
: }
: }
: }
11.5 mlExpansionHistory
The mailing list sends a message with a mlExpansionHistory attribute.
0 30 505: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 490: [0] {
19 30 486: SEQUENCE {
23 02 1: INTEGER 1
26 31 9: SET {
28 30 7: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
: }
37 30 43: SEQUENCE {
39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
50 A0 30: [0] {
52 04 28: OCTET STRING 'This is some sample content.'
: }
: }
82 31 423: SET {
86 30 419: SEQUENCE {
90 02 1: INTEGER 1
93 30 24: SEQUENCE {
95 30 18: SEQUENCE {
97 31 16: SET {
99 30 14: SEQUENCE {
101 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
106 13 7: PrintableString 'CarlDSS'
: }
: }
: }
115 02 2: INTEGER 200
: }
119 30 7: SEQUENCE {
121 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
128 A0 318: [0] {
132 30 24: SEQUENCE {
134 06 9: OBJECT IDENTIFIER
: contentType (1 2 840 113549 1 9 3)
: (PKCS #9 (1 2 840 113549 1 9))
145 31 11: SET {
147 06 9: OBJECT IDENTIFIER
: data (1 2 840 113549 1 7 1)
: (PKCS #7)
: }
: }
158 30 35: SEQUENCE {
160 06 9: OBJECT IDENTIFIER
: messageDigest (1 2 840 113549 1 9 4)
: (PKCS #9 (1 2 840 113549 1 9))
171 31 22: SET {
173 04 20: OCTET STRING
: 40 6A EC 08 52 79 BA 6E 16 02 2D 9E
: 06 29 C0 22 96 87 DD 48
: }
: }
195 30 252: SEQUENCE {
198 06 11: OBJECT IDENTIFIER
: id-aa-mlExpandHistory
: (1 2 840 113549 1 9 16 2 3)
: (S/MIME Authenticated Attributes
: (1 2 840 113549 1 9 16 2))
211 31 236: SET {
214 30 233: SEQUENCE {
217 30 230: SEQUENCE {
220 04 7: OCTET STRING '5738299'
229 18 15: GeneralizedTime '19990311104433Z'
246 A1 201: [1] {
249 30 198: SEQUENCE {
252 A4 97: [4] {
254 30 95: SEQUENCE {
256 31 11: SET {
258 30 9: SEQUENCE {
260 06 3: OBJECT IDENTIFIER
: countryName (2 5 4 6)
: (X.520 id-at (2 5 4))
265 13 2: PrintableString 'US'
: }
: }
269 31 22: SET {
271 30 20: SEQUENCE {
273 06 3: OBJECT IDENTIFIER
: organizationName
: (2 5 4 10)
: (X.520 id-at (2 5 4))
278 13 13: PrintableString
: 'US Government'
: }
: }
293 31 17: SET {
295 30 15: SEQUENCE {
297 06 3: OBJECT IDENTIFIER
: organizationalUnitName
: (2 5 4 11)
: (X.520 id-at (2 5 4))
302 13 8: PrintableString
: 'VDA Site'
: }
: }
312 31 12: SET {
314 30 10: SEQUENCE {
316 06 3: OBJECT IDENTIFIER
: organizationalUnitName
: (2 5 4 11)
: (X.520 id-at (2 5 4))
321 13 3: PrintableString 'VDA'
: }
: }
326 31 23: SET {
328 30 21: SEQUENCE {
330 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
335 13 14: PrintableString
: 'Bugs Bunny DSA'
: }
: }
: }
: }
351 A4 97: [4] {
353 30 95: SEQUENCE {
355 31 11: SET {
357 30 9: SEQUENCE {
359 06 3: OBJECT IDENTIFIER
: countryName (2 5 4 6)
: (X.520 id-at (2 5 4))
364 13 2: PrintableString 'US'
: }
: }
368 31 22: SET {
370 30 20: SEQUENCE {
372 06 3: OBJECT IDENTIFIER
: organizationName
: (2 5 4 10)
: (X.520 id-at (2 5 4))
377 13 13: PrintableString
: 'US Government'
: }
: }
392 31 17: SET {
394 30 15: SEQUENCE {
396 06 3: OBJECT IDENTIFIER
: organizationalUnitName
: (2 5 4 11)
: (X.520 id-at (2 5 4))
401 13 8: PrintableString
: 'VDA Site'
: }
: }
411 31 12: SET {
413 30 10: SEQUENCE {
415 06 3: OBJECT IDENTIFIER
: organizationalUnitName
: (2 5 4 11)
: (X.520 id-at (2 5 4))
420 13 3: PrintableString 'VDA'
: }
: }
425 31 23: SET {
427 30 21: SEQUENCE {
429 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
434 13 14: PrintableString
: 'Elmer Fudd DSA'
: }
: }
: }
: }
: }
: }
: }
: }
: }
: }
: }
450 30 9: SEQUENCE {
452 06 7: OBJECT IDENTIFIER
: dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
461 04 46: OCTET STRING, encapsulates {
463 30 44: SEQUENCE {
465 02 20: INTEGER
: 18 69 FB 62 55 FA 6D 50 B2 4F 64 F1
: 23 72 78 85 14 73 C9 B7
487 02 20: INTEGER
: 7B 15 C6 32 62 F7 92 77 A5 1B 58 8F
: B6 AB 8C 49 D8 BA 59 DA
: }
: }
: }
: }
: }
: }
: }
11.6 SigningCertificate
Alice uses a SigningCertificate attribute in the message in 5.1.
0 30 1110: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
: (PKCS #7)
15 A0 1095: [0] {
19 30 1091: SEQUENCE {
23 02 1: INTEGER 1
26 31 9: SET {
28 30 7: SEQUENCE {
30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
: }
37 30 43: SEQUENCE {
39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
: (PKCS #7)
50 A0 30: [0] {
52 04 28: OCTET STRING 'This is some sample content.'
: }
: }
82 A0 738: [0] {
86 30 734: SEQUENCE {
90 30 669: SEQUENCE {
94 A0 3: [0] {
96 02 1: INTEGER 2
: }
99 02 2: INTEGER 200
103 30 9: SEQUENCE {
105 06 7: OBJECT IDENTIFIER
: dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
114 30 18: SEQUENCE {
116 31 16: SET {
118 30 14: SEQUENCE {
120 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
125 13 7: PrintableString 'CarlDSS'
: }
: }
: }
134 30 30: SEQUENCE {
136 17 13: UTCTime '990817011049Z'
151 17 13: UTCTime '391231235959Z'
: }
166 30 19: SEQUENCE {
168 31 17: SET {
170 30 15: SEQUENCE {
172 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
177 13 8: PrintableString 'AliceDSS'
: }
: }
: }
187 30 438: SEQUENCE {
191 30 299: SEQUENCE {
195 06 7: OBJECT IDENTIFIER
: dsa (1 2 840 10040 4 1)
: (ANSI X9.57 algorithm)
204 30 286: SEQUENCE {
208 02 129: INTEGER
: 00 81 8D CD ED 83 EA 0A 9E 39 3E C2
: 48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
: 53 C5 AB 84 08 4F FF 94 E1 73 48 7E
: 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
: 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
: DC 5F 69 8A E4 75 D0 37 0C 91 08 95
: 9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
: 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
: C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
: 78 BD FF 9D B0 84 97 37 F2 E4 51 1B
: B5 E4 09 96 5C F3 7E 5B DB
340 02 21: INTEGER
: 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
: B8 37 21 2B 62 8B F7 93 CD
363 02 128: INTEGER
: 26 38 D0 14 89 32 AA 39 FB 3E 6D D9
: 4B 59 6A 4C 76 23 39 04 02 35 5C F2
: CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
: AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
: 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
: 3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
: E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30
: 01 7C 6D 49 89 11 89 36 44 BD F8 C8
: 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
: 1F 11 7F C2 BD ED D1 50 FF 98 74 C2
: D1 81 4A 60 39 BA 36 39
: }
: }
494 03 132: BIT STRING 0 unused bits, encapsulates {
498 02 128: INTEGER
: 5C E3 B9 5A 75 14 96 0B A9 7A DD E3
: 3F A9 EC AC 5E DC BD B7 13 11 34 A6
: 16 89 28 11 23 D9 34 86 67 75 75 13
: 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
: 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
: A5 A0 4A E3 85 D6 CE 06 80 3F E8 23
: 7E 1A F2 24 AB 53 1A B8 27 0D 1E EF
: 08 BF 66 14 80 5C 62 AC 65 FA 15 8B
: F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
: 32 84 F0 7E 41 40 FD 46 A7 63 4E 33
: F2 A5 E2 F4 F2 83 E5 B8
: }
: }
629 A3 131: [3] {
632 30 128: SEQUENCE {
635 30 32: SEQUENCE {
637 06 3: OBJECT IDENTIFIER
: subjectAltName (2 5 29 17)
: (X.509 id-ce (2 5 29))
642 04 25: OCTET STRING, encapsulates {
644 30 23: SEQUENCE {
646 81 21: [1] 'aliceDss@examples.com'
: }
: }
: }
669 30 12: SEQUENCE {
671 06 3: OBJECT IDENTIFIER
: basicConstraints (2 5 29 19)
: (X.509 id-ce (2 5 29))
676 01 1: BOOLEAN TRUE
679 04 2: OCTET STRING, encapsulates {
681 30 0: SEQUENCE {}
: }
: }
683 30 14: SEQUENCE {
685 06 3: OBJECT IDENTIFIER
: keyUsage (2 5 29 15)
: (X.509 id-ce (2 5 29))
690 01 1: BOOLEAN TRUE
693 04 4: OCTET STRING, encapsulates {
695 03 2: BIT STRING 6 unused bits
: '11'B
: }
: }
699 30 31: SEQUENCE {
701 06 3: OBJECT IDENTIFIER
: authorityKeyIdentifier (2 5 29 35)
: (X.509 id-ce (2 5 29))
706 04 24: OCTET STRING, encapsulates {
708 30 22: SEQUENCE {
710 80 20: [0]
: 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
: 3D 20 BC 43 2B 93 F1 1F
: }
: }
: }
732 30 29: SEQUENCE {
734 06 3: OBJECT IDENTIFIER
: subjectKeyIdentifier (2 5 29 14)
: (X.509 id-ce (2 5 29))
739 04 22: OCTET STRING, encapsulates {
741 04 20: OCTET STRING
: BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
: 13 01 E2 FD E3 97 FE CD
: }
: }
: }
: }
: }
763 30 9: SEQUENCE {
765 06 7: OBJECT IDENTIFIER
: dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
774 03 48: BIT STRING 0 unused bits, encapsulates {
777 30 45: SEQUENCE {
779 02 21: INTEGER
: 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A
: 8F C0 F8 24 05 E8 46 94 8E
802 02 20: INTEGER
: 5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9
: A1 87 C1 A5 7F 28 2D BB
: }
: }
: }
: }
824 31 286: SET {
828 30 282: SEQUENCE {
832 02 1: INTEGER 1
835 30 24: SEQUENCE {
837 30 18: SEQUENCE {
839 31 16: SET {
841 30 14: SEQUENCE {
843 06 3: OBJECT IDENTIFIER
: commonName (2 5 4 3)
: (X.520 id-at (2 5 4))
848 13 7: PrintableString 'CarlDSS'
: }
: }
: }
857 02 2: INTEGER 200
: }
861 30 7: SEQUENCE {
863 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: (OIW)
: }
870 A0 182: [0] {
873 30 24: SEQUENCE {
875 06 9: OBJECT IDENTIFIER
: contentType (1 2 840 113549 1 9 3)
: (PKCS #9 (1 2 840 113549 1 9))
886 31 11: SET {
888 06 9: OBJECT IDENTIFIER
: data (1 2 840 113549 1 7 1)
: (PKCS #7)
: }
: }
899 30 35: SEQUENCE {
901 06 9: OBJECT IDENTIFIER
: messageDigest (1 2 840 113549 1 9 4)
: (PKCS #9 (1 2 840 113549 1 9))
912 31 22: SET {
914 04 20: OCTET STRING
: 40 6A EC 08 52 79 BA 6E 16 02 2D 9E
: 06 29 C0 22 96 87 DD 48
: }
: }
936 30 117: SEQUENCE {
938 06 11: OBJECT IDENTIFIER
: id-aa-signingCertificate
: (1 2 840 113549 1 9 16 2 12)
: (S/MIME Authenticated Attributes
: (1 2 840 113549 1 9 16 2))
951 31 102: SET {
953 30 100: SEQUENCE {
955 30 48: SEQUENCE {
957 30 46: SEQUENCE {
959 04 44: OCTET STRING
: 'THIS IS A SIGNING CERTIFICATE ATTRI'
: 'BUTE TEST'
: }
: }
1005 30 48: SEQUENCE {
1007 30 46: SEQUENCE {
1009 06 6: OBJECT IDENTIFIER '1 2 3 4 5 6 7'
1017 30 36: SEQUENCE {
1019 30 34: SEQUENCE {
1021 06 6: OBJECT IDENTIFIER
: '1 2 3 4 5 6 7'
1029 04 24: OCTET STRING
: 'THIS IS A QUALIFIER TEST'
: }
: }
: }
: }
: }
: }
: }
: }
1055 30 9: SEQUENCE {
1057 06 7: OBJECT IDENTIFIER
: dsaWithSha1 (1 2 840 10040 4 3)
: (ANSI X9.57 algorithm)
: }
1066 04 46: OCTET STRING, encapsulates {
1068 30 44: SEQUENCE {
1070 02 20: INTEGER
: 6F 06 E3 81 05 BD 30 24 2F 09 C8 EB
: 61 57 DA 29 79 09 79 AF
1092 02 20: INTEGER
: 0B 7A CD 31 AC 6A 87 76 6B 3D 17 04
: 53 2D F9 AA 8E A6 9C C4
: }
: }
: }
: }
: }
: }
: }
12. Security Considerations
Because this document shows examples of S/MIME, CMS, and ESS messages, Because this document shows examples of S/MIME and CMS messages,
this document also inherits all of the security considerations from this document also inherits all of the security considerations from
[SMIME-MSG], [CMS], and [SMIME-ESS]. [SMIME-MSG] and [CMS].
The Perl script in Appendix B writes to the user's local hard drive. A The Perl script in Appendix B writes to the user's local hard drive. A
malicious attacker could modify the Perl script in this document. Be malicious attacker could modify the Perl script in this document. Be
sure to read the Perl code carefully before executing it. sure to read the Perl code carefully before executing it.
A. Normative References A. References
[CMS] Cryptographic Message Syntax, RFC 2630. A.1 Normative References
[DVCS] PKIX Data Validation and Certification Server Protocols, [CMS] Cryptographic Message Syntax, RFC 2630.
RFC 3029.
[PKIX] PKIX Certificate and CRL Profile, RFC 2459. [PKIX] PKIX Certificate and CRL Profile, RFC 2459.
[SMIME-MSG] S/MIME Version 3 Message Specification. RFC 2633. [SMIME-MSG] S/MIME Version 3 Message Specification. RFC 2633.
[SMIME-ESS] Enhanced Security Services for S/MIME, RFC 2634. A.2 Informative References
[DVCS] PKIX Data Validation and Certification Server Protocols,
RFC 3029.
B. Binaries of the Examples B. Binaries of the Examples
This section contains the binaries of the examples shown in the rest of This section contains the binaries of the examples shown in the rest of
the document. The binaries are stored in a modified Base64 format. the document. The binaries are stored in a modified Base64 format.
There is a Perl program that, when run over the contents of this There is a Perl program that, when run over the contents of this
document, will extract the following binaries and write them out to document, will extract the following binaries and write them out to
disk. The program requires Perl. disk. The program requires Perl.
B.1 How the binaries and extractor works B.1 How the binaries and extractor works
skipping to change at line 8837 skipping to change at line 5586
$Upper2 = ($ThisVal & 48); $Upper2 = ($ThisVal & 48);
$OutString .= chr($LeftOver + ($Upper2/16)); $OutString .= chr($LeftOver + ($Upper2/16));
$LeftOver = (($ThisVal - $Upper2) * 16); $LeftOver = (($ThisVal - $Upper2) * 16);
$NextPos = 4; $NextPos = 4;
} else { die "\$NextPos has an illegal value: $NextPos." } } else { die "\$NextPos has an illegal value: $NextPos." }
} }
} }
C. Examples in order of appearance C. Examples in order of appearance
From Section 3.1 From Section 2.1
***ExContent.bin*** ***ExContent.bin***
|* Section 3.1 |* Section 2.1
|>ExContent.bin |>ExContent.bin
|VGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50Lg== |VGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50Lg==
|<ExContent.bin |<ExContent.bin
From Section 3.2 From Section 2.2
***AlicePrivDSSSign.pri*** ***AlicePrivDSSSign.pri***
|* Example AlicePrivDSSSign.pri |* Example AlicePrivDSSSign.pri
|>AlicePrivDSSSign.pri |>AlicePrivDSSSign.pri
|MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBAIGNze2D6gqeOT7CSCij5EeT3Q7XqA7sU8 |MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBAIGNze2D6gqeOT7CSCij5EeT3Q7XqA7sU8
|WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+HZMMg23j+bv7dM3F9piuR10DcMkQiVm96nXvn8 |WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+HZMMg23j+bv7dM3F9piuR10DcMkQiVm96nXvn8
|9J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UIddU5dhDEeL3/nbCElzfy5FEbteQJllzzflvbAh |9J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UIddU5dhDEeL3/nbCElzfy5FEbteQJllzzflvbAh
|UA4kemGkVmuBPG2o+4NyErYov3k80CgYAmONAUiTKqOfs+bdlLWWpMdiM5BAI1XPLLGjDD |UA4kemGkVmuBPG2o+4NyErYov3k80CgYAmONAUiTKqOfs+bdlLWWpMdiM5BAI1XPLLGjDD
|HlBd3ZtZ4s2qBT1YwHuiNrhuB699ikIlp/R1z0oIXks+kPht6pzJIYo7dhTpzi5dowfNI4 |HlBd3ZtZ4s2qBT1YwHuiNrhuB699ikIlp/R1z0oIXks+kPht6pzJIYo7dhTpzi5dowfNI4
skipping to change at line 8880 skipping to change at line 5629
|QDCz0Foo+38Y6idjeweVfTLyvehwYifQRmXskbr4saw+yRRKt/IQJBAPbW4CIhTF8KcP8n |QDCz0Foo+38Y6idjeweVfTLyvehwYifQRmXskbr4saw+yRRKt/IQJBAPbW4CIhTF8KcP8n
|/OWzUGqd5Q+1hZbGQPqoCrSbmwxVwgEd+TeCihTI8pMOks2lZiG5PNIGv7RVMcncrcqYLd |/OWzUGqd5Q+1hZbGQPqoCrSbmwxVwgEd+TeCihTI8pMOks2lZiG5PNIGv7RVMcncrcqYLd
|ECQQDo3rARJQnSAlEB3oromFD1d3dhpEWTawhVlnNd9MhbEpMic4t/03B/9aSqu3T9PCJq |ECQQDo3rARJQnSAlEB3oromFD1d3dhpEWTawhVlnNd9MhbEpMic4t/03B/9aSqu3T9PCJq
|2jiRKoZbbBTorkye+o4vAkEAl0zwh5sXf+4bgxsUtgtqkF+GJ1Hht6B/9eSI41m5+R6b0y |2jiRKoZbbBTorkye+o4vAkEAl0zwh5sXf+4bgxsUtgtqkF+GJ1Hht6B/9eSI41m5+R6b0y
|l3OCJI1yKxJZi6PVlTt/oeILLIURYjdZNR56vN8QJALPAkW/qgzYUi6tBuT/pszSHTyOTx |l3OCJI1yKxJZi6PVlTt/oeILLIURYjdZNR56vN8QJALPAkW/qgzYUi6tBuT/pszSHTyOTx
|hERIZHPXKY9+RozsFd7kUbOU5yyZLVVleyTqo2IfPmxNZ0ERO+G+6YMCgwJAWIjZoVA4hG |hERIZHPXKY9+RozsFd7kUbOU5yyZLVVleyTqo2IfPmxNZ0ERO+G+6YMCgwJAWIjZoVA4hG
|qrA7y730v0nG+4tCol+/bkBS9u4oiJIW9LJZ7Qq1CTyr9AcewhJcV/+wLpIZa4M83ixpXu |qrA7y730v0nG+4tCol+/bkBS9u4oiJIW9LJZ7Qq1CTyr9AcewhJcV/+wLpIZa4M83ixpXu
|b41fKA== |b41fKA==
|<AlicePrivRSASign.pri |<AlicePrivRSASign.pri
***BobPrivDHEncrypt.pri***
|* Example BobPrivDHEncrypt.pri
|>BobPrivDHEncrypt.pri
|MIIBYwIBADCCATgGByqGSM4+AgEwggErAoGBAOwszaTvmiYvYqe7I03fKyXBaNKeqUVbNv
|GUiRqvfREknT25PCno1yOAM6aeRQK7qsyeKAWVoLMXdsH3JTVhAkGSJwxerkjl824475HR
|zzf+mkCXyC01np2TxvgVrz/adDq3xJO1ubt2bB+ofrw6qkMKgWT8Y/B7cZj6wDh5EBozAo
|GBALoL13Q95zTlTBOnlZa78eRhNwj7Esf7nJF3Bpk18EgkljMSAX6N7Av2ssBjpxXFXpWG
|onPFSUY3eWD9dwUJSJtwjTwF9s5ELH99GysV3fMFL76FII+N+bSgRXQr9DudQmI0JyeBjm
|8PXmKFicztIcORcAZU7nCoklVbbhkiTWKnAiEAw6tKMHmz05dOyvWifcdwo0Xzs6KGBdI+
|Sfmf2Qqzvr0EIgIgIPxngu7PSqbI5YPSjDuK0kUyEScybIbsZspxrfAZTfc=
|<BobPrivDHEncrypt.pri
***BobPrivRSAEncrypt.pri*** ***BobPrivRSAEncrypt.pri***
|* Example BobPrivRSAEncrypt.pri |* Example BobPrivRSAEncrypt.pri
|>BobPrivRSAEncrypt.pri |>BobPrivRSAEncrypt.pri
|MIIChQIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKnhZ5g/OdVf8qCTQV6meY |MIIChQIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKnhZ5g/OdVf8qCTQV6meY
|mFyDVdmpFb+x0B2hlwJhcPvaUi0DWFbXqYZhRBXM+3twg7CcmRuBlpN235ZR572akzJKN/ |mFyDVdmpFb+x0B2hlwJhcPvaUi0DWFbXqYZhRBXM+3twg7CcmRuBlpN235ZR572akzJKN/
|O7uvRgGGNjQyywcDWVL8hYsxBLjMGAgUSOZPHPtdYMTgXB9T039T2GkB8QX4enDRvoPGXz |O7uvRgGGNjQyywcDWVL8hYsxBLjMGAgUSOZPHPtdYMTgXB9T039T2GkB8QX4enDRvoPGXz
|jPHCyqaqfrAgMBAAECgYBnzUhMmg2PmMIbZf8ig5xt8KYGHbztpwOIlPIcaw+LNd4Ogngw |jPHCyqaqfrAgMBAAECgYBnzUhMmg2PmMIbZf8ig5xt8KYGHbztpwOIlPIcaw+LNd4Ogngw
|y+e6alatd8brUXlweQqg9P5F4Kmy9Bnah5jWMIR05PxZbMHGd9ypkdB8MKCixQheIXFD/A |y+e6alatd8brUXlweQqg9P5F4Kmy9Bnah5jWMIR05PxZbMHGd9ypkdB8MKCixQheIXFD/A
|0HPfD6bRSeTmPwF1h5HEuYHD09sBvf+iU7o8AsmAX2EAnYh9sDGQJBANDDIsbeopkYdo+N |0HPfD6bRSeTmPwF1h5HEuYHD09sBvf+iU7o8AsmAX2EAnYh9sDGQJBANDDIsbeopkYdo+N
skipping to change at line 8944 skipping to change at line 5680
|aE8WowN9XgkBb4gEfDGWvtdXe6Su05tl0CRztfG8gcq8vo9SY/pIECQQD/3wmgVgtCUp7E |aE8WowN9XgkBb4gEfDGWvtdXe6Su05tl0CRztfG8gcq8vo9SY/pIECQQD/3wmgVgtCUp7E
|TZOzsEm73ueBfSiZ0LFIugs54Rx7IhgztkD2v9yuHdChrQRxWmEKbjvOMNo2n2UlKbunDn |TZOzsEm73ueBfSiZ0LFIugs54Rx7IhgztkD2v9yuHdChrQRxWmEKbjvOMNo2n2UlKbunDn
|8LAkEA5GloGF/5V9B8ZokPumMdcssgpIF2ZInNfdHCJ6kurHpWmoUH2TADowOrf4iSUCQB |8LAkEA5GloGF/5V9B8ZokPumMdcssgpIF2ZInNfdHCJ6kurHpWmoUH2TADowOrf4iSUCQB
|qhsHHyBMt8l7Vve2wn6rcwJAVzZsj4wEdmy21O4kRAD4gOKvQgGpDxSE+OcA4I+MJ6QtX6 |qhsHHyBMt8l7Vve2wn6rcwJAVzZsj4wEdmy21O4kRAD4gOKvQgGpDxSE+OcA4I+MJ6QtX6
|LlbbVjwK1E6XaRpxlJLkb4d4VLO4cE8K/S2FQmlQJAZKEPrFV0G70NYXsXA82w5qcZHYCv |LlbbVjwK1E6XaRpxlJLkb4d4VLO4cE8K/S2FQmlQJAZKEPrFV0G70NYXsXA82w5qcZHYCv
|8UFI2Bq2iBSgLHrFdtQPDh96KrJuNwSrOUVzukaoD42CXyIUBc+io/N8gwJAJh4dHKGYK+ |8UFI2Bq2iBSgLHrFdtQPDh96KrJuNwSrOUVzukaoD42CXyIUBc+io/N8gwJAJh4dHKGYK+
|TbOOhXbmtzGYhhOvp0SjaLR2hdUOsm4+p9m05lqa97q0sudlE9qNARq6PWqMAnNh1UC6qn |TbOOhXbmtzGYhhOvp0SjaLR2hdUOsm4+p9m05lqa97q0sudlE9qNARq6PWqMAnNh1UC6qn
|0W2N+g== |0W2N+g==
|<CarlPrivRSASign.pri |<CarlPrivRSASign.pri
***DianePrivDHEncrypt.pri***
|* Example DianePrivDHEncrypt.pri
|>DianePrivDHEncrypt.pri
|MIIBYgIBADCCATcGByqGSM4+AgEwggEqAoGBAMpukcKwvahY8jEhdLsf5BC90JOifmHhPb
|ojBBbQZjm9O80FdEjxA3CV9AVjbS6/mrf/l/85u2PbTaRx2JSatPKKPZ+3XY3K4q+1D88F
|ZYJobkPS9ARfA4v5UPXIbAUmvL82D1zDUWpn6HUyZniRY+j+NOcZtnBseDg2gtI0NsLfAo
|GAbtZ2NkvkWQdXXxiaENIxXKYQsCaWQk18o6HTnqWAsh83EUl8ipnYVj+TUe1uVPtu27L8
|NMDnyh5YK9U9O9yucSHZO1a4p/ZNIlJfQbrVHoJpbN1wccxsO++EqXGLqTsqCfi9/ctRvC
|4uyj4wjPpUnn0NA+LfY2Jt81CCJ9zRmfcCIQCqBWX73U6oAvE0Oeej/H1GELhd8C7yxdFe
|onRM2g9OHwQiAiBYLomrVzR9PPWadct9mYoZLzx6poXJLxtaRwPjghbkmw==
|<DianePrivDHEncrypt.pri
***DianePrivDSSSign.pri*** ***DianePrivDSSSign.pri***
|* Example DianePrivDSSSign.pri |* Example DianePrivDSSSign.pri
|>DianePrivDSSSign.pri |>DianePrivDSSSign.pri
|MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8 |MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8
|ZMsw6UCQbrAdSxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5 |ZMsw6UCQbrAdSxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5
|UAFIk4vrJRVRl1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAh |UAFIk4vrJRVRl1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAh
|UA3cEv31POCzRgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytb |UA3cEv31POCzRgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytb
|DJHOpWJSacrhbT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0 |DJHOpWJSacrhbT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0
|R5NVpzqn9GUR+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgQXAhUA |R5NVpzqn9GUR+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgQXAhUA
skipping to change at line 8989 skipping to change at line 5712
|GAL9VBDjIk99RKMp65SdgZjj85jWK9gPwMJJKT5MPXBZFTu5a2QQJBAPO4P0rRlLCRYBNB |GAL9VBDjIk99RKMp65SdgZjj85jWK9gPwMJJKT5MPXBZFTu5a2QQJBAPO4P0rRlLCRYBNB
|kg2NRD93Hf+WI0QI1AtwyRqv6ZCU8rDVX08ZhVChkJGuvQV2UrMi2Kh8jlR/AHJPNnVoc7 |kg2NRD93Hf+WI0QI1AtwyRqv6ZCU8rDVX08ZhVChkJGuvQV2UrMi2Kh8jlR/AHJPNnVoc7
|UCQQDh0ucRVwaucpUiFqoCtFrtTp2CEU+WPIbJEI1WezF1eWnndWg4AEsu0iYy3bHi4CxU |UCQQDh0ucRVwaucpUiFqoCtFrtTp2CEU+WPIbJEI1WezF1eWnndWg4AEsu0iYy3bHi4CxU
|gAp1utFmlhuwDqB+0ruRAkEAr7a82yJzQ0HstLVnqaGZ/O/Sjv0d++Upi/4K39TIXlclCl |gAp1utFmlhuwDqB+0ruRAkEAr7a82yJzQ0HstLVnqaGZ/O/Sjv0d++Upi/4K39TIXlclCl
|0r1AmgVlvFsWL8IL4ILeMHtaHns//EwKVfrBJcqQJBALmYQfwIUB9zYIoBonxSiiBa6iyJ |0r1AmgVlvFsWL8IL4ILeMHtaHns//EwKVfrBJcqQJBALmYQfwIUB9zYIoBonxSiiBa6iyJ
|2aUZ3ZTGG8MlwIJR5O4rmhncc+3pHSfU+GwD3asdCHu1rH/pgpvxiYpx22ECQAEHIZdfem |2aUZ3ZTGG8MlwIJR5O4rmhncc+3pHSfU+GwD3asdCHu1rH/pgpvxiYpx22ECQAEHIZdfem
|Co/VpcB9+o3vfisTR9/OuRvbBzdMjEvj9YRTAGkLOsacyz9z98rMe4G2WhFjk5sON0fc/N |Co/VpcB9+o3vfisTR9/OuRvbBzdMjEvj9YRTAGkLOsacyz9z98rMe4G2WhFjk5sON0fc/N
|xaxsv+U= |xaxsv+U=
|<DianePrivRSASignEncrypt.pri |<DianePrivRSASignEncrypt.pri
***EricaPrivDHEncryptBobParam.pri*** From Section 2.3
|* Example EricaPrivDHEncryptBobParam.pri
|>EricaPrivDHEncryptBobParam.pri
|MIIBYwIBADCCATgGByqGSM4+AgEwggErAoGBAOwszaTvmiYvYqe7I03fKyXBaNKeqUVbNv
|GUiRqvfREknT25PCno1yOAM6aeRQK7qsyeKAWVoLMXdsH3JTVhAkGSJwxerkjl824475HR
|zzf+mkCXyC01np2TxvgVrz/adDq3xJO1ubt2bB+ofrw6qkMKgWT8Y/B7cZj6wDh5EBozAo
|GBALoL13Q95zTlTBOnlZa78eRhNwj7Esf7nJF3Bpk18EgkljMSAX6N7Av2ssBjpxXFXpWG
|onPFSUY3eWD9dwUJSJtwjTwF9s5ELH99GysV3fMFL76FII+N+bSgRXQr9DudQmI0JyeBjm
|8PXmKFicztIcORcAZU7nCoklVbbhkiTWKnAiEAw6tKMHmz05dOyvWifcdwo0Xzs6KGBdI+
|Sfmf2Qqzvr0EIgIgSGQR5BcBEubB05xwfXyml5W9yJUH989BEacTkfswPYw=
|<EricaPrivDHEncryptBobParam.pri
***MailListRc2.bin***
|* Example MailListRc2.bin
|>MailListRc2.bin
|tw0KJfvJ2GqGBQzg1xHq1Nk=
|<MailListRc2.bin
***MailListTripleDES.bin***
|* Example MailListTripleDES.bin
|>MailListTripleDES.bin
|JV4NHAe2Rt+zE0zIQ7qKpx8CW3wIOCUf
|<MailListTripleDES.bin
From Section 3.3
***AliceDSSSignByCarlNoInherit.cer*** ***AliceDSSSignByCarlNoInherit.cer***
|* Example AliceDSSSignByCarlNoInherit.cer |* Example AliceDSSSignByCarlNoInherit.cer
|>AliceDSSSignByCarlNoInherit.cer |>AliceDSSSignByCarlNoInherit.cer
|MIIC3DCCApugAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT |MIIC3DCCApugAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1MwggG2 |k5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1MwggG2
|MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE//lO |MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE//lO
|FzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6iL |FzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6iL
|VPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6YaRW |VPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6YaRW
skipping to change at line 9056 skipping to change at line 5752
|d2OX9OsAW7U4PeD7er3H3HdSkNBS5tEt+mhibU0m+qWCn8l+z6glEPMIC+sVCeRkTxLLvY |d2OX9OsAW7U4PeD7er3H3HdSkNBS5tEt+mhibU0m+qWCn8l+z6glEPMIC+sVCeRkTxLLvY
|Ms/GaG8H2bBgrL7uNAlqE/X3BQWT3166NVbZYf8Zf8mB5vhs6odAcO+sbSx0ny36VTq5mX |Ms/GaG8H2bBgrL7uNAlqE/X3BQWT3166NVbZYf8Zf8mB5vhs6odAcO+sbSx0ny36VTq5mX
|cCpkhSjE7zVzhXdFdfAgMBAAGjgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIG |cCpkhSjE7zVzhXdFdfAgMBAAGjgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIG
|wDAfBgNVHSMEGDAWgBTp4JAnrHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQUd9K00bdMio |wDAfBgNVHSMEGDAWgBTp4JAnrHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQUd9K00bdMio
|qjzkWdzuw8oDrj/1AwHwYDVR0RBBgwFoEUQWxpY2VSU0FAZXhhbXBsZS5jb20wDQYJKoZI |qjzkWdzuw8oDrj/1AwHwYDVR0RBBgwFoEUQWxpY2VSU0FAZXhhbXBsZS5jb20wDQYJKoZI
|hvcNAQEFBQADgYEAPnBHqEjME1iPylFxa042GF0EfoCxjU3MyqOPzH1WyLzPbrMcWakgqg |hvcNAQEFBQADgYEAPnBHqEjME1iPylFxa042GF0EfoCxjU3MyqOPzH1WyLzPbrMcWakgqg
|WBqE4lradwFHUv9ceb0Q7pY9Jkt8ZmbnMhVN/0uiVdfUnTlGsiNnRzuErsL2Tt0z3Sp0LF |WBqE4lradwFHUv9ceb0Q7pY9Jkt8ZmbnMhVN/0uiVdfUnTlGsiNnRzuErsL2Tt0z3Sp0LF
|6DeKtNufZ+S9n/n+dO/q+e5jatg/SyUJtdgadq7rm9tJsCI= |6DeKtNufZ+S9n/n+dO/q+e5jatg/SyUJtdgadq7rm9tJsCI=
|<AliceRSASignByCarl.cer |<AliceRSASignByCarl.cer
***BobDHEncryptByCarl.cer***
|* Example BobDHEncryptByCarl.cer
|>BobDHEncryptByCarl.cer
|MIIDYjCCAyCgAwIBAgICAMkwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAxMTgyOFoXDTM5MTIzMTIzNTk1OVowEDEOMAwGA1UEAxMFYm9iREgwggJCMIIB
|twYHKoZIzj4CATCCAaoCgYEA7CzNpO+aJi9ip7sjTd8rJcFo0p6pRVs28ZSJGq99ESSdPb
|k8KejXI4Azpp5FAruqzJ4oBZWgsxd2wfclNWECQZInDF6uSOXzbjjvkdHPN/6aQJfILTWe
|nZPG+BWvP9p0OrfEk7W5u3ZsH6h+vDqqQwqBZPxj8HtxmPrAOHkQGjMCgYEAugvXdD3nNO
|VME6eVlrvx5GE3CPsSx/uckXcGmTXwSCSWMxIBfo3sC/aywGOnFcVelYaic8VJRjd5YP13
|BQlIm3CNPAX2zkQsf30bKxXd8wUvvoUgj435tKBFdCv0O51CYjQnJ4GObw9eYoWJzO0hw5
|FwBlTucKiSVVtuGSJNYqcCIQDDq0owebPTl07K9aJ9x3CjRfOzooYF0j5J+Z/ZCrO+vQJh
|ATT+wjNI6/Y7l9nkl6dgpSVpNPv9RirWycTF99b0BBmNlNmKN2hpZ1X78msOR8VbC0sOHB
|qLe3W3qsOq1+s72iqNAoc3R4PXMbQlqKy7EYhTHBGStmnnLpDBevyH9PbXGjAaAxUAuf8c
|k0RnN9Gy+FeaMkrJSv877B4CAR0DgYQAAoGAb9T2zZSabq9bVxeWdbsPuUjpkDcNFSDCVR
|4T4q5xF4TDDnSuilV/KH2L1yginHZG1ztPndFNG7LbUZTFbVSWQDiKOIFjSozDHgmJdKZY
|1chaPc+7uCN/nB99ePqe+ZCekedLwqS+RQZ4Qlg9n2Ms74TUZ+X7xm2iNilnkEbbTkijfj
|B8MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgMIMB8GA1UdIwQYMBaAFHBEPoIub4fe
|StN14z0gvEMrk/EfMB0GA1UdDgQWBBQm/xlIw1kzaFaNfsiAaFzPPHLdJjAcBgNVHREEFT
|ATgRFCb2JESEBleGFtcGxlLmNvbTAJBgcqhkjOOAQDAzEAMC4CFQCx+Kd4d/4pkKBGwwkj
|0fUou8cXtgIVAIgJG4/9/OwJWwYbl1DUjNFjTZFM
|<BobDHEncryptByCarl.cer
***BobRSASignByCarl.cer*** ***BobRSASignByCarl.cer***
|* Example BobRSASignByCarl.cer |* Example BobRSASignByCarl.cer
|>BobRSASignByCarl.cer |>BobRSASignByCarl.cer
|MIICJzCCAZCgAwIBAgIQRjRrx4AAVrwR024uzV1x0DANBgkqhkiG9w0BAQUFADASMRAwDg |MIICJzCCAZCgAwIBAgIQRjRrx4AAVrwR024uzV1x0DANBgkqhkiG9w0BAQUFADASMRAwDg
|YDVQQDEwdDYXJsUlNBMB4XDTk5MDkxOTAxMDkwMloXDTM5MTIzMTIzNTk1OVowETEPMA0G |YDVQQDEwdDYXJsUlNBMB4XDTk5MDkxOTAxMDkwMloXDTM5MTIzMTIzNTk1OVowETEPMA0G
|A1UEAxMGQm9iUlNBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCp4WeYPznVX/Kgk0 |A1UEAxMGQm9iUlNBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCp4WeYPznVX/Kgk0
|FepnmJhcg1XZqRW/sdAdoZcCYXD72lItA1hW16mGYUQVzPt7cIOwnJkbgZaTdt+WUee9mp |FepnmJhcg1XZqRW/sdAdoZcCYXD72lItA1hW16mGYUQVzPt7cIOwnJkbgZaTdt+WUee9mp
|MySjfzu7r0YBhjY0MssHA1lS/IWLMQS4zBgIFEjmTxz7XWDE4FwfU9N/U9hpAfEF+Hpw0b |MySjfzu7r0YBhjY0MssHA1lS/IWLMQS4zBgIFEjmTxz7XWDE4FwfU9N/U9hpAfEF+Hpw0b
|6Dxl84zxwsqmqn6wIDAQABo38wfTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIFIDAf |6Dxl84zxwsqmqn6wIDAQABo38wfTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIFIDAf
skipping to change at line 9131 skipping to change at line 5804
|A1UEAxMHQ2FybFJTQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Ev/GLgkV/R3/2 |A1UEAxMHQ2FybFJTQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Ev/GLgkV/R3/2
|5ze5NxXLwzGpKSciPYQUbQzRE6BLOOr4KdvVEeF3rydiwrhjmnvdeNGlPs5ADV6OyiNrHt |5ze5NxXLwzGpKSciPYQUbQzRE6BLOOr4KdvVEeF3rydiwrhjmnvdeNGlPs5ADV6OyiNrHt
|4lDiMgmKP5+ZJY+4Tqu5fdWWZdoWoMW+Dq5EW+9e9Kcpy4LdrETpqpOUKQ74GNbIV17yds |4lDiMgmKP5+ZJY+4Tqu5fdWWZdoWoMW+Dq5EW+9e9Kcpy4LdrETpqpOUKQ74GNbIV17yds
|TyEWA4uRs8HZfJavECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC |TyEWA4uRs8HZfJavECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
|AYYwHQYDVR0OBBYEFOngkCeseCB6mtNM8kI3TiKunji7MA0GCSqGSIb3DQEBBQUAA4GBAL |AYYwHQYDVR0OBBYEFOngkCeseCB6mtNM8kI3TiKunji7MA0GCSqGSIb3DQEBBQUAA4GBAL
|ee1ATT7Snk/4mJFS5M2wzwSA8yYe7EBOwSXS3/D2RZfgrD7Rj941ZAN6cHtfA4EmFQ7e/d |ee1ATT7Snk/4mJFS5M2wzwSA8yYe7EBOwSXS3/D2RZfgrD7Rj941ZAN6cHtfA4EmFQ7e/d
|P+MLuGGlpJs85p6cVJq2ldbabDu1LUU1nUkBdvq5uTH5+WsSU6D1FGCbfco+8lNrsDdvre |P+MLuGGlpJs85p6cVJq2ldbabDu1LUU1nUkBdvq5uTH5+WsSU6D1FGCbfco+8lNrsDdvre
|Z019v6WuoUQWNdzb7IDsHaao1TNBgC |Z019v6WuoUQWNdzb7IDsHaao1TNBgC
|<CarlRSASelf.cer |<CarlRSASelf.cer
***DianeDHEncryptByCarl.cer***
|* Example DianeDHEncryptByCarl.cer
|>DianeDHEncryptByCarl.cer
|MIIDZTCCAySgAwIBAgICANMwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAyMTY1N1oXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHRGlhbmVESDCCAkEw
|ggG2BgcqhkjOPgIBMIIBqQKBgQDKbpHCsL2oWPIxIXS7H+QQvdCTon5h4T26IwQW0GY5vT
|vNBXRI8QNwlfQFY20uv5q3/5f/Obtj202kcdiUmrTyij2ft12NyuKvtQ/PBWWCaG5D0vQE
|XwOL+VD1yGwFJry/Ng9cw1FqZ+h1MmZ4kWPo/jTnGbZwbHg4NoLSNDbC3wKBgG7WdjZL5F
|kHV18YmhDSMVymELAmlkJNfKOh056lgLIfNxFJfIqZ2FY/k1HtblT7btuy/DTA58oeWCvV
|PTvcrnEh2TtWuKf2TSJSX0G61R6CaWzdcHHMbDvvhKlxi6k7Kgn4vf3LUbwuLso+MIz6VJ
|59DQPi32NibfNQgifc0Zn3AiEAqgVl+91OqALxNDnno/x9RhC4XfAu8sXRXqJ0TNoPTh8C
|YQEwzQOCzT8yOl8WXvITX1Ib3/+qOwY8f4EmHLcMoBQJG10m/XEzjPKsQX4NrDWVkH6lra
|tVUIDw0rkqEU12RXY/DDiuclnG7L3v525gI5O5JwJEfkrT2jk6mmNDPBsjxWIwGgMVAND9
|1uBGl9Gnf7v/mkPwYmSzfJerAgF6A4GEAAKBgGBebu9hVXc/nWoREPTTybhyoB+J3+S8If
|3kn1DWj475Z5cU4DQZjz1YUh7cXQVOT8aIhXisAWw1zoZtkEtYSC4PsuMqTkfDsU0qesm3
|5cZoinOuUyGzzwnEYqPosLvc3g0uZkg3qNuiS/vb+qaSS0EKxlQLixqdL/9gCwsI2UI/o4
|GAMH4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCAwgwHwYDVR0jBBgwFoAUcEQ+gi5v
|h95K03XjPSC8QyuT8R8wHQYDVR0OBBYEFEfzT811fahSIahhNle1+Jru2zBGMB4GA1UdEQ
|QXMBWBE0RpYW5lREhAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhQjQLaLBSl+aQP0
|t9qX9JaMFaoiVQIVAILYJOV/zQRUbgz01cm9mZgMYEvT
|<DianeDHEncryptByCarl.cer
***DianeDSSSignByCarlInherit.cer*** ***DianeDSSSignByCarlInherit.cer***
|* Example DianeDSSSignByCarlInherit.cer |* Example DianeDSSSignByCarlInherit.cer
|>DianeDSSSignByCarlInherit.cer |>DianeDSSSignByCarlInherit.cer
|MIIBuDCCAXegAwIBAgICANIwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT |MIIBuDCCAXegAwIBAgICANIwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAyMDgxMFoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIRGlhbmVEU1MwgZMw |k5MDgxNzAyMDgxMFoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIRGlhbmVEU1MwgZMw
|CQYHKoZIzjgEAQOBhQACgYEAoAAXeCzufoFTLi5hCA+hm1FSGtpZqHMvEiW2CMvK7ypEdo |CQYHKoZIzjgEAQOBhQACgYEAoAAXeCzufoFTLi5hCA+hm1FSGtpZqHMvEiW2CMvK7ypEdo
|pSCeq9BSLVD/b9RtevmTgJDhPLTyzdHDT3HL8l/yPTO1nngpc3vjEk2BjI80k5W7fi5Sd+ |pSCeq9BSLVD/b9RtevmTgJDhPLTyzdHDT3HL8l/yPTO1nngpc3vjEk2BjI80k5W7fi5Sd+
|/IxFclt+Po9oTd1GeiK+jv/M2jkpoznln0PpVcnXW6aBZ8zAqs0uxSOjgYEwfzAMBgNVHR |/IxFclt+Po9oTd1GeiK+jv/M2jkpoznln0PpVcnXW6aBZ8zAqs0uxSOjgYEwfzAMBgNVHR
|MBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm+H3krTdeM9ILxD |MBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm+H3krTdeM9ILxD
skipping to change at line 9186 skipping to change at line 5836
|rP6ny7omL68OYyOlP/sZJaF/Qg4ZkkggrQ9nz7RMqLJwbxfiYDqXadz+ygLHCW8oNC9tS3 |rP6ny7omL68OYyOlP/sZJaF/Qg4ZkkggrQ9nz7RMqLJwbxfiYDqXadz+ygLHCW8oNC9tS3
|KAq7+L9KTBk/B9ugwWAet35n996xw2BJrEXX+MbvCDchk0fu8HM1crACxPMRw15H5Qq3g/ |KAq7+L9KTBk/B9ugwWAet35n996xw2BJrEXX+MbvCDchk0fu8HM1crACxPMRw15H5Qq3g/
|HbdGlki0QdlV3NKMCFAgMBAAGjgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF |HbdGlki0QdlV3NKMCFAgMBAAGjgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF
|4DAfBgNVHSMEGDAWgBTp4JAnrHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQUjPPLdQ6NMf |4DAfBgNVHSMEGDAWgBTp4JAnrHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQUjPPLdQ6NMf
|bUKdpEknW4/u1POQwwHwYDVR0RBBgwFoEURGlhbmVSU0FAZXhhbXBsZS5jb20wDQYJKoZI |bUKdpEknW4/u1POQwwHwYDVR0RBBgwFoEURGlhbmVSU0FAZXhhbXBsZS5jb20wDQYJKoZI
|hvcNAQEFBQADgYEAfaYstXhC1nnzMf72QsoPEweSCRvgb7CRGPa/SvvMY3n7gb/dl8eQa8 |hvcNAQEFBQADgYEAfaYstXhC1nnzMf72QsoPEweSCRvgb7CRGPa/SvvMY3n7gb/dl8eQa8
|sKNytBagOYxRs+MshFK4YBnBziNu8WwRqSuL5i+1M+SUcLxLnkK1imBoPwsqe7hX7VxtrO |sKNytBagOYxRs+MshFK4YBnBziNu8WwRqSuL5i+1M+SUcLxLnkK1imBoPwsqe7hX7VxtrO
|nHsxctei6kGrasDdH7kURBjPhFdm6MXmuNwtsx8bKEM2dXo= |nHsxctei6kGrasDdH7kURBjPhFdm6MXmuNwtsx8bKEM2dXo=
|<DianeRSASignByCarl.cer |<DianeRSASignByCarl.cer
***EricaDHEncryptByCarl.cer*** From Section 2.4
|* Example EricaDHEncryptByCarl.cer
|>EricaDHEncryptByCarl.cer
|MIIC5zCCAqegAwIBAgICANQwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAyMTcxNloXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHRXJpY2FESDCCAcQw
|ggE4BgcqhkjOPgIBMIIBKwKBgQDsLM2k75omL2KnuyNN3yslwWjSnqlFWzbxlIkar30RJJ
|09uTwp6NcjgDOmnkUCu6rMnigFlaCzF3bB9yU1YQJBkicMXq5I5fNuOO+R0c83/ppAl8gt
|NZ6dk8b4Fa8/2nQ6t8STtbm7dmwfqH68OqpDCoFk/GPwe3GY+sA4eRAaMwKBgQC6C9d0Pe
|c05UwTp5WWu/HkYTcI+xLH+5yRdwaZNfBIJJYzEgF+jewL9rLAY6cVxV6VhqJzxUlGN3lg
|/XcFCUibcI08BfbORCx/fRsrFd3zBS++hSCPjfm0oEV0K/Q7nUJiNCcngY5vD15ihYnM7S
|HDkXAGVO5wqJJVW24ZIk1ipwIhAMOrSjB5s9OXTsr1on3HcKNF87OihgXSPkn5n9kKs769
|A4GFAAKBgQDRK+QdProYz3Ugxsdew8Rs6vMj2QkfRpj0zlm5ts7oOsYY+Fl3G5mw2tzAnQ
|nkr/lhkSxHzEde3yszdvNn7HfoLDcwoYld88j2XBZK5LeM9XvVOP0UrOh6wn3uB5AnCnyH
|qKLicDXqbt6eUDFr6QnaJRoBjuP/Jhx19cPOWvWehaOBgDB+MAwGA1UdEwEB/wQCMAAwDg
|YDVR0PAQH/BAQDAgMIMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0GA1Ud
|DgQWBBSNUx1hVX9gNW2mNqLFk/ia/cB1dDAeBgNVHREEFzAVgRNFcmljYURIQGV4YW1wbG
|UuY29tMAkGByqGSM44BAMDLwAwLAIUUR/Ueh3G1H7pqo5zsy+dZSmVt0kCFAnNWDVwS8MP
|B50JGVGJj5h/0YiR
|<EricaDHEncryptByCarl.cer
From Section 3.4
***CarlDSSCRLForAll.crl*** ***CarlDSSCRLForAll.crl***
|* Example CarlDSSCRLForAll.crl |* Example CarlDSSCRLForAll.crl
|>CarlDSSCRLForAll.crl |>CarlDSSCRLForAll.crl
|MIHYMIGZMAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUxcNOTkwODI3MDcwMDAwWj |MIHYMIGZMAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUxcNOTkwODI3MDcwMDAwWj
|BpMBMCAgDIFw05OTA4MjIwNzAwMDBaMBMCAgDJFw05OTA4MjIwNzAwMDBaMBMCAgDTFw05 |BpMBMCAgDIFw05OTA4MjIwNzAwMDBaMBMCAgDJFw05OTA4MjIwNzAwMDBaMBMCAgDTFw05
|OTA4MjIwNzAwMDBaMBMCAgDSFw05OTA4MjIwNzAwMDBaMBMCAgDUFw05OTA4MjQwNzAwMD |OTA4MjIwNzAwMDBaMBMCAgDSFw05OTA4MjIwNzAwMDBaMBMCAgDUFw05OTA4MjQwNzAwMD
|BaMAkGByqGSM44BAMDLwAwLAIUfmVSdjP+NHMX0feW+aDU2G1cfT0CFAJ6W7fVWxjBz4fv |BaMAkGByqGSM44BAMDLwAwLAIUfmVSdjP+NHMX0feW+aDU2G1cfT0CFAJ6W7fVWxjBz4fv
|ftok8yqDnDWh |ftok8yqDnDWh
skipping to change at line 9273 skipping to change at line 5902
|* Example CarlRSACRLEmpty.crl |* Example CarlRSACRLEmpty.crl
|>CarlRSACRLEmpty.crl |>CarlRSACRLEmpty.crl
|MIHHMDIwDQYJKoZIhvcNAQEEBQAwEjEQMA4GA1UEAxMHQ2FybFJTQRcNOTkwODIwMDcwMD |MIHHMDIwDQYJKoZIhvcNAQEEBQAwEjEQMA4GA1UEAxMHQ2FybFJTQRcNOTkwODIwMDcwMD
|AwWjANBgkqhkiG9w0BAQQFAAOBgQCpxSG4E3x087UR7ATzIEWGHgtuf4NtX/Q0dgZZJQ4E |AwWjANBgkqhkiG9w0BAQQFAAOBgQCpxSG4E3x087UR7ATzIEWGHgtuf4NtX/Q0dgZZJQ4E
|PYgJiIE3xNwgmPoXgQs3lKy0j3tRiRSky3JzFAe8IpxAoQf8RHyFDwuI0e7hDq/2FnStoa |PYgJiIE3xNwgmPoXgQs3lKy0j3tRiRSky3JzFAe8IpxAoQf8RHyFDwuI0e7hDq/2FnStoa
|/BAHUAZOqlmvYLCKLblRlfpqe5OUUlCg72XoTn+LlayRjCDriglr6BOoBtyQ== |/BAHUAZOqlmvYLCKLblRlfpqe5OUUlCg72XoTn+LlayRjCDriglr6BOoBtyQ==
|<CarlRSACRLEmpty.crl |<CarlRSACRLEmpty.crl
Rest of the sections Rest of the sections
***4.1.bin*** ***3.1.bin***
|* Example 4.1.bin |* Example 3.1.bin
|>4.1.bin |>4.1.bin
|MIAGCSqGSIb3DQEHAaCAJIAEBFRoaXMEGCBpcyBzb21lIHNhbXBsZSBjb250ZW50LgAAAA |MIAGCSqGSIb3DQEHAaCAJIAEBFRoaXMEGCBpcyBzb21lIHNhbXBsZSBjb250ZW50LgAAAA
|AAAA== |AAAA==
|<4.1.bin |<3.1.bin
***4.2.bin*** ***3.2.bin***
|* Example 4.2.bin |* Example 3.2.bin
|>4.2.bin |>4.2.bin
|MCsGCSqGSIb3DQEHAaAeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQu |MCsGCSqGSIb3DQEHAaAeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQu
|<4.2.bin |<3.2.bin
***5.1.bin*** ***4.1.bin***
|* Example 5.1.bin |* Example 4.1.bin
|>5.1.bin |>4.1.bin
|MIIDlwYJKoZIhvcNAQcCoIIDiDCCA4QCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg |MIIDlwYJKoZIhvcNAQcCoIIDiDCCA4QCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuAwggLcMIICm6ADAgECAgIAyDAJ |QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuAwggLcMIICm6ADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj |BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB |MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T |gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV |DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj |OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0 |jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm |dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm |E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK |FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij |tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm |gYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm
|+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0R |+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0R
|BBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhRVDKQZH0IriX |BBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhRVDKQZH0IriX
|EiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3iEFJbQ169MWMwYQIBATAYMBIxEDAOBgNV |EiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3iEFJbQ169MWMwYQIBATAYMBIxEDAOBgNV
|BAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaMAkGByqGSM44BAMELjAsAhQJkf7r0mn1GLfXzV |BAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaMAkGByqGSM44BAMELjAsAhQJkf7r0mn1GLfXzV
|X0geoqQmqtAwIUOgfMwyG+4RpLfz61Ddu6HOq8zYk= |X0geoqQmqtAwIUOgfMwyG+4RpLfz61Ddu6HOq8zYk=
|<5.1.bin |<4.1.bin
***5.2.bin*** ***4.2.bin***
|* Example 5.2.bin |* Example 4.2.bin
|>5.2.bin |>4.2.bin
|MIIDUgYJKoZIhvcNAQcCoIIDQzCCAz8CAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa |MIIDUgYJKoZIhvcNAQcCoIIDQzCCAz8CAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa
|AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIICMDCCAiwwggGVoAMCAQICEEY0 |AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIICMDCCAiwwggGVoAMCAQICEEY0
|a8eAAFa8EdNuLsQQs7AwDQYJKoZIhvcNAQEFBQAwEjEQMA4GA1UEAxMHQ2FybFJTQTAeFw |a8eAAFa8EdNuLsQQs7AwDQYJKoZIhvcNAQEFBQAwEjEQMA4GA1UEAxMHQ2FybFJTQTAeFw
|05OTA5MTkwMTA4NDdaFw0zOTEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlUlNBMIGf |05OTA5MTkwMTA4NDdaFw0zOTEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlUlNBMIGf
|MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgiXM5jdj19eiHdjl/TrAFu1OD3g+3q9x9x3 |MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgiXM5jdj19eiHdjl/TrAFu1OD3g+3q9x9x3
|UpDQUubRLfpoYm1NJvqlgp/Jfs+oJRDzCAvrFQnkZE8Sy72DLPxmhvB9mwYKy+7jQJahP1 |UpDQUubRLfpoYm1NJvqlgp/Jfs+oJRDzCAvrFQnkZE8Sy72DLPxmhvB9mwYKy+7jQJahP1
|9wUFk99eujVW2WH/GX/Jgeb4bOqHQHDvrG0sdJ8t+lU6uZl3AqZIUoxO81c4V3RXXwIDAQ |9wUFk99eujVW2WH/GX/Jgeb4bOqHQHDvrG0sdJ8t+lU6uZl3AqZIUoxO81c4V3RXXwIDAQ
|ABo4GBMH8wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAU6eCQ |ABo4GBMH8wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAU6eCQ
|J6x4IHqa00zyQjdOIq6eOLswHQYDVR0OBBYEFHfStNG3TIqKo85Fnc7sPKA64/9QMB8GA1 |J6x4IHqa00zyQjdOIq6eOLswHQYDVR0OBBYEFHfStNG3TIqKo85Fnc7sPKA64/9QMB8GA1
|UdEQQYMBaBFEFsaWNlUlNBQGV4YW1wbGUuY29tMA0GCSqGSIb3DQEBBQUAA4GBAD5wR6hI |UdEQQYMBaBFEFsaWNlUlNBQGV4YW1wbGUuY29tMA0GCSqGSIb3DQEBBQUAA4GBAD5wR6hI
|zBNYj8pRcWtONhhdBH6AsY1NzMqjj8x9Vsi8z26zHFmpIKoFgahOJa2ncBR1L/XHm9EO6W |zBNYj8pRcWtONhhdBH6AsY1NzMqjj8x9Vsi8z26zHFmpIKoFgahOJa2ncBR1L/XHm9EO6W
|PSZLfGZm5zIVTf9LolXX1J05RrIjZ0c7hK7C9k7dM90qdCxeg3irTbn2fkvZ/5/nTv6vnu |PSZLfGZm5zIVTf9LolXX1J05RrIjZ0c7hK7C9k7dM90qdCxeg3irTbn2fkvZ/5/nTv6vnu
|Y2rYP0slCbXYGnau65vbSbAiMYHLMIHIAgEBMCYwEjEQMA4GA1UEAxMHQ2FybFJTQQIQRj |Y2rYP0slCbXYGnau65vbSbAiMYHLMIHIAgEBMCYwEjEQMA4GA1UEAxMHQ2FybFJTQQIQRj
|Rrx4AAVrwR024uxBCzsDAJBgUrDgMCGgUAMA0GCSqGSIb3DQEBAQUABIGALyOC0vMJX7gM |Rrx4AAVrwR024uxBCzsDAJBgUrDgMCGgUAMA0GCSqGSIb3DQEBAQUABIGALyOC0vMJX7gM
|WOtOnb+JmoHldcSRPdPQ1Xu21f6UoYqs48SE9c1gTieV9s8AhnZ1Pyvw59QCZ6f1x40WBK |WOtOnb+JmoHldcSRPdPQ1Xu21f6UoYqs48SE9c1gTieV9s8AhnZ1Pyvw59QCZ6f1x40WBK
|WztefZMvAk7+cgRNWfB8VTJPrOAR0PFxOnKpWdK+QDlRQL6TkNus5unJ4M6JjmVRPUaG/Q |WztefZMvAk7+cgRNWfB8VTJPrOAR0PFxOnKpWdK+QDlRQL6TkNus5unJ4M6JjmVRPUaG/Q
|B9eisWJM44+v/eDVXcc= |B9eisWJM44+v/eDVXcc=
|<5.2.bin |<4.2.bin
***5.3.bin*** ***4.3.bin***
|* Example 5.3.bin |* Example 4.3.bin
|>5.3.bin |>4.3.bin
|MIIDdwYJKoZIhvcNAQcCoIIDaDCCA2QCAQExCTAHBgUrDgMCGjALBgkqhkiG9w0BBwGggg |MIIDdwYJKoZIhvcNAQcCoIIDaDCCA2QCAQExCTAHBgUrDgMCGjALBgkqhkiG9w0BBwGggg
|LgMIIC3DCCApugAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4X |LgMIIC3DCCApugAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4X
|DTk5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1Mwgg |DTk5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1Mwgg
|G2MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE// |G2MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE//
|lOFzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6 |lOFzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6
|iLVPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6Ya |iLVPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6Ya
|RWa4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dm1 |RWa4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dm1
|nizaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB80jhbgvMAF8 |nizaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB80jhbgvMAF8
|bUmJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GEAAKBgFzjuV |bUmJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GEAAKBgFzjuV
|p1FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyohs+JH09B41b |p1FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyohs+JH09B41b
|Y8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTSljf2YUeyxD |Y8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTSljf2YUeyxD
|KE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GBMH8wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMC |KE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GBMH8wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMC
|BsAwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8wHQYDVR0OBBYEFL5sobPjwf |BsAwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8wHQYDVR0OBBYEFL5sobPjwf
|ftQ3CkzhMB4v3jl/7NMB8GA1UdEQQYMBaBFEFsaWNlRFNTQGV4YW1wbGUuY29tMAkGByqG |ftQ3CkzhMB4v3jl/7NMB8GA1UdEQQYMBaBFEFsaWNlRFNTQGV4YW1wbGUuY29tMAkGByqG
|SM44BAMDMAAwLQIUVQykGR9CK4lxIjONg2q1PWdrv0UCFQCfYVNSVAtcst3a53Yd4hBSW0 |SM44BAMDMAAwLQIUVQykGR9CK4lxIjONg2q1PWdrv0UCFQCfYVNSVAtcst3a53Yd4hBSW0
|NevTFjMGECAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGjAJBgcqhkjO |NevTFjMGECAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGjAJBgcqhkjO
|OAQDBC4wLAIUBvvHKiTVNIn3i7X9cySlhsgPWmwCFGZpGbxoWNGNsZ1SP9oUiA39yaG4 |OAQDBC4wLAIUBvvHKiTVNIn3i7X9cySlhsgPWmwCFGZpGbxoWNGNsZ1SP9oUiA39yaG4
|<5.3.bin |<4.3.bin
***5.4.bin*** ***4.4.bin***
|* Example 5.4.bin |* Example 4.4.bin
|>5.4.bin |>4.4.bin
|MIILDQYJKoZIhvcNAQcCoIIK/jCCCvoCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg |MIILDQYJKoZIhvcNAQcCoIIK/jCCCvoCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCB68wggIsMIIBlaADAgECAhBGNGvH |QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCB68wggIsMIIBlaADAgECAhBGNGvH
|gABWvBHTbi7EELOwMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNVBAMTB0NhcmxSU0EwHhcNOT |gABWvBHTbi7EELOwMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNVBAMTB0NhcmxSU0EwHhcNOT
|kwOTE5MDEwODQ3WhcNMzkxMjMxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZVJTQTCBnzAN |kwOTE5MDEwODQ3WhcNMzkxMjMxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZVJTQTCBnzAN
|BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4IlzOY3Y9fXoh3Y5f06wBbtTg94Pt6vcfcd1KQ |BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4IlzOY3Y9fXoh3Y5f06wBbtTg94Pt6vcfcd1KQ
|0FLm0S36aGJtTSb6pYKfyX7PqCUQ8wgL6xUJ5GRPEsu9gyz8ZobwfZsGCsvu40CWoT9fcF |0FLm0S36aGJtTSb6pYKfyX7PqCUQ8wgL6xUJ5GRPEsu9gyz8ZobwfZsGCsvu40CWoT9fcF
|BZPfXro1Vtlh/xl/yYHm+Gzqh0Bw76xtLHSfLfpVOrmZdwKmSFKMTvNXOFd0V18CAwEAAa |BZPfXro1Vtlh/xl/yYHm+Gzqh0Bw76xtLHSfLfpVOrmZdwKmSFKMTvNXOFd0V18CAwEAAa
|OBgTB/MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFOngkCes |OBgTB/MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFOngkCes
|eCB6mtNM8kI3TiKunji7MB0GA1UdDgQWBBR30rTRt0yKiqPORZ3O7DygOuP/UDAfBgNVHR |eCB6mtNM8kI3TiKunji7MB0GA1UdDgQWBBR30rTRt0yKiqPORZ3O7DygOuP/UDAfBgNVHR
|EEGDAWgRRBbGljZVJTQUBleGFtcGxlLmNvbTANBgkqhkiG9w0BAQUFAAOBgQA+cEeoSMwT |EEGDAWgRRBbGljZVJTQUBleGFtcGxlLmNvbTANBgkqhkiG9w0BAQUFAAOBgQA+cEeoSMwT
skipping to change at line 9416 skipping to change at line 6045
|AMgwBwYFKw4DAhqgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBT |AMgwBwYFKw4DAhqgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBT
|EPFw0wMzA1MTQxNTM5MDBaMCMGCSqGSIb3DQEJBDEWBBRAauwIUnm6bhYCLZ4GKcAilofd |EPFw0wMzA1MTQxNTM5MDBaMCMGCSqGSIb3DQEJBDEWBBRAauwIUnm6bhYCLZ4GKcAilofd
|SDAJBgcqhkjOOAQDBC4wLAIUO6XgStttWOAZ0QAcT0SaV3pxZmgCFBoRmNYfH680gQHevo |SDAJBgcqhkjOOAQDBC4wLAIUO6XgStttWOAZ0QAcT0SaV3pxZmgCFBoRmNYfH680gQHevo
|vctqhqkWkToYIBYjA+BgsqhkiG9w0BCRACBDEvMC0MIENvbnRlbnQgSGludHMgRGVzY3Jp |vctqhqkWkToYIBYjA+BgsqhkiG9w0BCRACBDEvMC0MIENvbnRlbnQgSGludHMgRGVzY3Jp
|cHRpb24gQnVmZmVyBgkqhkiG9w0BBwEwggEeBgkqhkiG9w0BCQYxggEPMIIBCwIBATAmMB |cHRpb24gQnVmZmVyBgkqhkiG9w0BBwEwggEeBgkqhkiG9w0BCQYxggEPMIIBCwIBATAmMB
|IxEDAOBgNVBAMTB0NhcmxSU0ECEEY0a8eAAFa8EdNuLsQQs7AwBwYFKw4DAhqgQzAcBgkq |IxEDAOBgNVBAMTB0NhcmxSU0ECEEY0a8eAAFa8EdNuLsQQs7AwBwYFKw4DAhqgQzAcBgkq
|hkiG9w0BCQUxDxcNMDMwNTE0MTUzOTAwWjAjBgkqhkiG9w0BCQQxFgQUAl9JTjmYUIWzZt |hkiG9w0BCQUxDxcNMDMwNTE0MTUzOTAwWjAjBgkqhkiG9w0BCQQxFgQUAl9JTjmYUIWzZt
|OKH3ueaar72DMwDQYJKoZIhvcNAQEBBQAEgYBtqiAk7XrupV6H3XUfK1QQZfTOm7EseHS8 |OKH3ueaar72DMwDQYJKoZIhvcNAQEBBQAEgYBtqiAk7XrupV6H3XUfK1QQZfTOm7EseHS8
|ixxgtduLA55J8it/k249iRTJ42v09n12rj5YH5u7vHwwGU4Q9wLxi1u025q7k7QY0MwryZ |ixxgtduLA55J8it/k249iRTJ42v09n12rj5YH5u7vHwwGU4Q9wLxi1u025q7k7QY0MwryZ
|GprdlG+GWp4nGV0NROH810b4LoN29aPcvH1F/CgBva04RAaF9WmmL1Ow1sM8PtZz9Dvw== |GprdlG+GWp4nGV0NROH810b4LoN29aPcvH1F/CgBva04RAaF9WmmL1Ow1sM8PtZz9Dvw==
|<5.4.bin |<4.4.bin
***5.5.bin*** ***4.4.bin***
|* Example 5.5.bin |* Example 4.4.bin
|>5.5.bin |>4.4.bin
|MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAaCAJIAEBF |MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAaCAJIAEBF
|RoaXMEGCBpcyBzb21lIHNhbXBsZSBjb250ZW50LgAAAAAAAKCAMIIB6zCCAVSgAwIBAgIQ |RoaXMEGCBpcyBzb21lIHNhbXBsZSBjb250ZW50LgAAAAAAAKCAMIIB6zCCAVSgAwIBAgIQ
|RjRrx4AAVrwR024un/JQIDANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdDYXJsUlNBMB |RjRrx4AAVrwR024un/JQIDANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdDYXJsUlNBMB
|4XDTk5MDgxODA3MDAwMFoXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHQ2FybFJTQTCB |4XDTk5MDgxODA3MDAwMFoXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHQ2FybFJTQTCB
|nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Ev/GLgkV/R3/25ze5NxXLwzGpKSciPYQU |nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Ev/GLgkV/R3/25ze5NxXLwzGpKSciPYQU
|bQzRE6BLOOr4KdvVEeF3rydiwrhjmnvdeNGlPs5ADV6OyiNrHt4lDiMgmKP5+ZJY+4Tqu5 |bQzRE6BLOOr4KdvVEeF3rydiwrhjmnvdeNGlPs5ADV6OyiNrHt4lDiMgmKP5+ZJY+4Tqu5
|fdWWZdoWoMW+Dq5EW+9e9Kcpy4LdrETpqpOUKQ74GNbIV17ydsTyEWA4uRs8HZfJavECAw |fdWWZdoWoMW+Dq5EW+9e9Kcpy4LdrETpqpOUKQ74GNbIV17ydsTyEWA4uRs8HZfJavECAw
|EAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFOng |EAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFOng
|kCeseCB6mtNM8kI3TiKunji7MA0GCSqGSIb3DQEBBQUAA4GBALee1ATT7Snk/4mJFS5M2w |kCeseCB6mtNM8kI3TiKunji7MA0GCSqGSIb3DQEBBQUAA4GBALee1ATT7Snk/4mJFS5M2w
|zwSA8yYe7EBOwSXS3/D2RZfgrD7Rj941ZAN6cHtfA4EmFQ7e/dP+MLuGGlpJs85p6cVJq2 |zwSA8yYe7EBOwSXS3/D2RZfgrD7Rj941ZAN6cHtfA4EmFQ7e/dP+MLuGGlpJs85p6cVJq2
skipping to change at line 9448 skipping to change at line 6077
|ny36VTq5mXcCpkhSjE7zVzhXdFdfAgMBAAGjgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDw |ny36VTq5mXcCpkhSjE7zVzhXdFdfAgMBAAGjgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDw
|EB/wQEAwIGwDAfBgNVHSMEGDAWgBTp4JAnrHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQU |EB/wQEAwIGwDAfBgNVHSMEGDAWgBTp4JAnrHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQU
|d9K00bdMioqjzkWdzuw8oDrj/1AwHwYDVR0RBBgwFoEUQWxpY2VSU0FAZXhhbXBsZS5jb2 |d9K00bdMioqjzkWdzuw8oDrj/1AwHwYDVR0RBBgwFoEUQWxpY2VSU0FAZXhhbXBsZS5jb2
|0wDQYJKoZIhvcNAQEFBQADgYEAPnBHqEjME1iPylFxa042GF0EfoCxjU3MyqOPzH1WyLzP |0wDQYJKoZIhvcNAQEFBQADgYEAPnBHqEjME1iPylFxa042GF0EfoCxjU3MyqOPzH1WyLzP
|brMcWakgqgWBqE4lradwFHUv9ceb0Q7pY9Jkt8ZmbnMhVN/0uiVdfUnTlGsiNnRzuErsL2 |brMcWakgqgWBqE4lradwFHUv9ceb0Q7pY9Jkt8ZmbnMhVN/0uiVdfUnTlGsiNnRzuErsL2
|Tt0z3Sp0LF6DeKtNufZ+S9n/n+dO/q+e5jatg/SyUJtdgadq7rm9tJsCIAADGByzCByAIB |Tt0z3Sp0LF6DeKtNufZ+S9n/n+dO/q+e5jatg/SyUJtdgadq7rm9tJsCIAADGByzCByAIB
|ATAmMBIxEDAOBgNVBAMTB0NhcmxSU0ECEEY0a8eAAFa8EdNuLsQQs7AwCQYFKw4DAhoFAD |ATAmMBIxEDAOBgNVBAMTB0NhcmxSU0ECEEY0a8eAAFa8EdNuLsQQs7AwCQYFKw4DAhoFAD
|ANBgkqhkiG9w0BAQEFAASBgC8jgtLzCV+4DFjrTp2/iZqB5XXEkT3T0NV7ttX+lKGKrOPE |ANBgkqhkiG9w0BAQEFAASBgC8jgtLzCV+4DFjrTp2/iZqB5XXEkT3T0NV7ttX+lKGKrOPE
|hPXNYE4nlfbPAIZ2dT8r8OfUAmen9ceNFgSls7Xn2TLwJO/nIETVnwfFUyT6zgEdDxcTpy |hPXNYE4nlfbPAIZ2dT8r8OfUAmen9ceNFgSls7Xn2TLwJO/nIETVnwfFUyT6zgEdDxcTpy
|qVnSvkA5UUC+k5DbrObpyeDOiY5lUT1Ghv0AfXorFiTOOPr/3g1V3HAAAAAAAA |qVnSvkA5UUC+k5DbrObpyeDOiY5lUT1Ghv0AfXorFiTOOPr/3g1V3HAAAAAAAA
|<5.5.bin |<4.4.bin
***5.6.bin*** ***4.6.bin***
|* Example 5.6.bin |* Example 4.6.bin
|>5.6.bin |>4.6.bin
|MIIFtwYJKoZIhvcNAQcCoIIFqDCCBaQCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg |MIIFtwYJKoZIhvcNAQcCoIIFqDCCBaQCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCBJwwggG4MIIBd6ADAgECAgIA0jAJ |QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCBJwwggG4MIIBd6ADAgECAgIA0jAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDIwODEwWhcNMzkxMj |BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDIwODEwWhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhEaWFuZURTUzCBkzAJBgcqhkjOOAQBA4GFAAKBgQCg |MxMjM1OTU5WjATMREwDwYDVQQDEwhEaWFuZURTUzCBkzAJBgcqhkjOOAQBA4GFAAKBgQCg
|ABd4LO5+gVMuLmEID6GbUVIa2lmocy8SJbYIy8rvKkR2ilIJ6r0FItUP9v1G16+ZOAkOE8 |ABd4LO5+gVMuLmEID6GbUVIa2lmocy8SJbYIy8rvKkR2ilIJ6r0FItUP9v1G16+ZOAkOE8
|tPLN0cNPccvyX/I9M7WeeClze+MSTYGMjzSTlbt+LlJ378jEVyW34+j2hN3UZ6Ir6O/8za |tPLN0cNPccvyX/I9M7WeeClze+MSTYGMjzSTlbt+LlJ378jEVyW34+j2hN3UZ6Ir6O/8za
|OSmjOeWfQ+lVyddbpoFnzMCqzS7FI6OBgTB/MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BA |OSmjOeWfQ+lVyddbpoFnzMCqzS7FI6OBgTB/MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BA
|QDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0GA1UdDgQWBBRkMJl9 |QDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0GA1UdDgQWBBRkMJl9
|XNxFC5k6Ui8Wv1hQ3c4rGDAfBgNVHREEGDAWgRREaWFuZURTU0BleGFtcGxlLmNvbTAJBg |XNxFC5k6Ui8Wv1hQ3c4rGDAfBgNVHREEGDAWgRREaWFuZURTU0BleGFtcGxlLmNvbTAJBg
|cqhkjOOAQDAzAAMC0CFQChGvgXDj5dqIz0tlUzHkvjLKy5XwIUKEsQRVjSHJ1VNRQYkbI/ |cqhkjOOAQDAzAAMC0CFQChGvgXDj5dqIz0tlUzHkvjLKy5XwIUKEsQRVjSHJ1VNRQYkbI/
skipping to change at line 9482 skipping to change at line 6111
|XOO5WnUUlgupet3jP6nsrF7cvbcTETSmFokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT |XOO5WnUUlgupet3jP6nsrF7cvbcTETSmFokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT
|0HjVtjyLtFpaBK44XWzgaAP+gjfhryJKtTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/Zh |0HjVtjyLtFpaBK44XWzgaAP+gjfhryJKtTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/Zh
|R7LEMoTwfkFA/UanY04z8qXi9PKD5bijgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/w |R7LEMoTwfkFA/UanY04z8qXi9PKD5bijgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/w
|QEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyh |QEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyh
|s+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0RBBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQ |s+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0RBBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQ
|YHKoZIzjgEAwMwADAtAhRVDKQZH0IriXEiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3i |YHKoZIzjgEAwMwADAtAhRVDKQZH0IriXEiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3i
|EFJbQ169MYHGMGECAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGjAJBg |EFJbQ169MYHGMGECAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGjAJBg
|cqhkjOOAQDBC4wLAIUSCTei4XyFq/sgmGpVNAtBKHMWk8CFBft1XcC7nUT2BC9PZcXIIi7 |cqhkjOOAQDBC4wLAIUSCTei4XyFq/sgmGpVNAtBKHMWk8CFBft1XcC7nUT2BC9PZcXIIi7
|/XuBMGECAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIA0jAHBgUrDgMCGjAJBgcqhkjOOA |/XuBMGECAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIA0jAHBgUrDgMCGjAJBgcqhkjOOA
|QDBC4wLAIUFf+BTYytgE6bNVgEN25jbulbg/oCFAZ+WE4rMYRB7Ul5OD530qaMdQgh |QDBC4wLAIUFf+BTYytgE6bNVgEN25jbulbg/oCFAZ+WE4rMYRB7Ul5OD530qaMdQgh
|<5.6.bin |<4.6.bin
***5.7.bin*** ***4.7.bin***
|* Example 5.7.bin |* Example 4.7.bin
|>5.7.bin |>4.7.bin
|MIIDlAYJKoZIhvcNAQcCoIIDhTCCA4ECAQMxCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg |MIIDlAYJKoZIhvcNAQcCoIIDhTCCA4ECAQMxCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuAwggLcMIICm6ADAgECAgIAyDAJ |QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuAwggLcMIICm6ADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj |BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB |MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T |gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV |DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj |OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0 |jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm |dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm |E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK |FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij |tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm |gYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm
|+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0R |+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0R
|BBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhRVDKQZH0IriX |BBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhRVDKQZH0IriX
|EiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3iEFJbQ169MWAwXgIBA4AUvmyhs+PB9+1D |EiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3iEFJbQ169MWAwXgIBA4AUvmyhs+PB9+1D
|cKTOEwHi/eOX/s0wBwYFKw4DAhowCQYHKoZIzjgEAwQvMC0CFQCJw2t7VvfDEgBl8Tf1xF |cKTOEwHi/eOX/s0wBwYFKw4DAhowCQYHKoZIzjgEAwQvMC0CFQCJw2t7VvfDEgBl8Tf1xF
|gXjRFXgwIUCw9DOqrs3nphLIyc9UGZpzwgw7c= |gXjRFXgwIUCw9DOqrs3nphLIyc9UGZpzwgw7c=
|<5.7.bin |<4.7.bin
***5.8.eml*** ***4.8.eml***
|* Example 5.8.eml |* Example 4.8.eml
|>5.8.eml |>4.8.eml
|TUlNRS1WZXJzaW9uOiAxLjANClRvOiBVc2VyMkBleGFtcGxlcy5jb20NCkZyb206IGFsaW |TUlNRS1WZXJzaW9uOiAxLjANClRvOiBVc2VyMkBleGFtcGxlcy5jb20NCkZyb206IGFsaW
|NlRHNzQGV4YW1wbGVzLmNvbQ0KU3ViamVjdDogRXhhbXBsZSA1LjgNCk1lc3NhZ2UtSWQ6 |NlRHNzQGV4YW1wbGVzLmNvbQ0KU3ViamVjdDogRXhhbXBsZSA1LjgNCk1lc3NhZ2UtSWQ6
|IDwwMjA5MDYwMDI1NTAzMDAuMjQ5QGV4YW1wbGVzLmNvbT4NCkRhdGU6IEZyaSwgMDYgU2 |IDwwMjA5MDYwMDI1NTAzMDAuMjQ5QGV4YW1wbGVzLmNvbT4NCkRhdGU6IEZyaSwgMDYgU2
|VwIDIwMDIgMDA6MjU6MjEgLTAzMDAgDQpDb250ZW50LVR5cGU6IG11bHRpcGFydC9zaWdu |VwIDIwMDIgMDA6MjU6MjEgLTAzMDAgDQpDb250ZW50LVR5cGU6IG11bHRpcGFydC9zaWdu
|ZWQ7DQoJbWljYWxnPVNIQTE7DQoJYm91bmRhcnk9Ii0tLS09X05leHRCb3VuZHJ5X19fX0 |ZWQ7DQoJbWljYWxnPVNIQTE7DQoJYm91bmRhcnk9Ii0tLS09X05leHRCb3VuZHJ5X19fX0
|ZyaSxfMDZfU2VwXzIwMDJfMDA6MjU6MjEiOw0KCXByb3RvY29sPSJhcHBsaWNhdGlvbi9w |ZyaSxfMDZfU2VwXzIwMDJfMDA6MjU6MjEiOw0KCXByb3RvY29sPSJhcHBsaWNhdGlvbi9w
|a2NzNy1zaWduYXR1cmUiDQoNClRoaXMgaXMgYSBtdWx0aS1wYXJ0IG1lc3NhZ2UgaW4gTU |a2NzNy1zaWduYXR1cmUiDQoNClRoaXMgaXMgYSBtdWx0aS1wYXJ0IG1lc3NhZ2UgaW4gTU
|lNRSBmb3JtYXQuDQoNCi0tLS0tLT1fTmV4dEJvdW5kcnlfX19fRnJpLF8wNl9TZXBfMjAw |lNRSBmb3JtYXQuDQoNCi0tLS0tLT1fTmV4dEJvdW5kcnlfX19fRnJpLF8wNl9TZXBfMjAw
|Ml8wMDoyNToyMQ0KDQpUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuDQotLS0tLS09X0 |Ml8wMDoyNToyMQ0KDQpUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuDQotLS0tLS09X0
|5leHRCb3VuZHJ5X19fX0ZyaSxfMDZfU2VwXzIwMDJfMDA6MjU6MjENCkNvbnRlbnQtVHlw |5leHRCb3VuZHJ5X19fX0ZyaSxfMDZfU2VwXzIwMDJfMDA6MjU6MjENCkNvbnRlbnQtVHlw
skipping to change at line 9549 skipping to change at line 6178
|d3aS9aaFNBWEdLc1pmb1ZpL0c3Tk5UUw0KbGpmMllVZXl4REtFOEg1QlFQMUdwMk5PTS9L |d3aS9aaFNBWEdLc1pmb1ZpL0c3Tk5UUw0KbGpmMllVZXl4REtFOEg1QlFQMUdwMk5PTS9L
|bDR2VHlnK1c0bzRHQk1IOHdEQVlEVlIwVEFRSC9CQUl3QURBT0JnTlZIUThCQWY4RQ0KQk |bDR2VHlnK1c0bzRHQk1IOHdEQVlEVlIwVEFRSC9CQUl3QURBT0JnTlZIUThCQWY4RQ0KQk
|FNQ0JzQXdId1lEVlIwakJCZ3dGb0FVY0VRK2dpNXZoOTVLMDNYalBTQzhReXVUOFI4d0hR |FNQ0JzQXdId1lEVlIwakJCZ3dGb0FVY0VRK2dpNXZoOTVLMDNYalBTQzhReXVUOFI4d0hR
|WURWUjBPQkJZRUZMNXNvYlBqd2ZmdA0KUTNDa3poTUI0djNqbC83Tk1COEdBMVVkRVFRWU |WURWUjBPQkJZRUZMNXNvYlBqd2ZmdA0KUTNDa3poTUI0djNqbC83Tk1COEdBMVVkRVFRWU
|1CYUJGRUZzYVdObFJGTlRRR1Y0WVcxd2JHVXVZMjl0TUFrR0J5cUdTTTQ0QkFNRA0KTUFB |1CYUJGRUZzYVdObFJGTlRRR1Y0WVcxd2JHVXVZMjl0TUFrR0J5cUdTTTQ0QkFNRA0KTUFB
|d0xRSVVWUXlrR1I5Q0s0bHhJak9OZzJxMVBXZHJ2MFVDRlFDZllWTlNWQXRjc3QzYTUzWW |d0xRSVVWUXlrR1I5Q0s0bHhJak9OZzJxMVBXZHJ2MFVDRlFDZllWTlNWQXRjc3QzYTUzWW
|Q0aEJTVzBOZXZURmpNR0VDQVFFdw0KR0RBU01SQXdEZ1lEVlFRREV3ZERZWEpzUkZOVEFn |Q0aEJTVzBOZXZURmpNR0VDQVFFdw0KR0RBU01SQXdEZ1lEVlFRREV3ZERZWEpzUkZOVEFn
|SUF5REFIQmdVckRnTUNHakFKQmdjcWhrak9PQVFCQkM0d0xBSVVNL21HZjZnaw0KZ3A5Wj |SUF5REFIQmdVckRnTUNHakFKQmdjcWhrak9PQVFCQkM0d0xBSVVNL21HZjZnaw0KZ3A5Wj
|BYdFJkR2ltSmVCL0J4VUNGR0ZGSnF3WVJ0MVdZY0lPUW9HaWFvd3FHelZJDQoNCi0tLS0t |BYdFJkR2ltSmVCL0J4VUNGR0ZGSnF3WVJ0MVdZY0lPUW9HaWFvd3FHelZJDQoNCi0tLS0t
|LT1fTmV4dEJvdW5kcnlfX19fRnJpLF8wNl9TZXBfMjAwMl8wMDoyNToyMS0tDQo= |LT1fTmV4dEJvdW5kcnlfX19fRnJpLF8wNl9TZXBfMjAwMl8wMDoyNToyMS0tDQo=
|<5.8.eml |<4.8.eml
***5.9.eml*** ***4.9.eml***
|* Example 5.9.eml |* Example 4.9.eml
|>5.9.eml |>4.9.eml
|TUlNRS1WZXJzaW9uOiAxLjANClRvOiBVc2VyMkBleGFtcGxlcy5jb20NCkZyb206IGFsaW |TUlNRS1WZXJzaW9uOiAxLjANClRvOiBVc2VyMkBleGFtcGxlcy5jb20NCkZyb206IGFsaW
|NlRHNzQGV4YW1wbGVzLmNvbQ0KU3ViamVjdDogRXhhbXBsZSA1LjkNCk1lc3NhZ2UtSWQ6 |NlRHNzQGV4YW1wbGVzLmNvbQ0KU3ViamVjdDogRXhhbXBsZSA1LjkNCk1lc3NhZ2UtSWQ6
|IDwwMjEwMzExNjQ1NDAzMDAuMzA0QGV4YW1wbGVzLmNvbT4NCkRhdGU6IFRodSwgMzEgT2 |IDwwMjEwMzExNjQ1NDAzMDAuMzA0QGV4YW1wbGVzLmNvbT4NCkRhdGU6IFRodSwgMzEgT2
|N0IDIwMDIgMTY6NDU6MTQgLTAzMDAgDQpDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL3Br |N0IDIwMDIgMTY6NDU6MTQgLTAzMDAgDQpDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL3Br
|Y3M3LW1pbWU7IHNtaW1lLXR5cGU9c2lnbmVkLWRhdGE7DQoJbmFtZT1zbWltZS5wN20NCk |Y3M3LW1pbWU7IHNtaW1lLXR5cGU9c2lnbmVkLWRhdGE7DQoJbmFtZT1zbWltZS5wN20NCk
|NvbnRlbnQtVHJhbnNmZXItRW5jb2Rpbmc6IGJhc2U2NA0KQ29udGVudC1EaXNwb3NpdGlv |NvbnRlbnQtVHJhbnNmZXItRW5jb2Rpbmc6IGJhc2U2NA0KQ29udGVudC1EaXNwb3NpdGlv
|bjogYXR0YWNobWVudDsgZmlsZW5hbWU9c21pbWUucDdtDQoNCg0KTUlJRG1RWUpLb1pJaH |bjogYXR0YWNobWVudDsgZmlsZW5hbWU9c21pbWUucDdtDQoNCg0KTUlJRG1RWUpLb1pJaH
|ZjTkFRY0NvSUlEaWpDQ0E0WUNBUUV4Q1RBSEJnVXJEZ01DR2pBdEJna3Foa2lHOXcwQkJ3 |ZjTkFRY0NvSUlEaWpDQ0E0WUNBUUV4Q1RBSEJnVXJEZ01DR2pBdEJna3Foa2lHOXcwQkJ3
|R2dJQVFlRFFwVQ0KYUdseklHbHpJSE52YldVZ2MyRnRjR3hsSUdOdmJuUmxiblF1b0lJQz |R2dJQVFlRFFwVQ0KYUdseklHbHpJSE52YldVZ2MyRnRjR3hsSUdOdmJuUmxiblF1b0lJQz
|REQ0NBdHd3Z2dLYm9BTUNBUUlDQWdESU1Ba0dCeXFHU000NA0KQkFNd0VqRVFNQTRHQTFV |REQ0NBdHd3Z2dLYm9BTUNBUUlDQWdESU1Ba0dCeXFHU000NA0KQkFNd0VqRVFNQTRHQTFV
skipping to change at line 9586 skipping to change at line 6215
|FKOHFJYlBpUjlQUWVOVzJQSXUwV2xvRXJqaGRiTw0KQm9BLzZDTitHdklrcTFNYXVDY05I |FKOHFJYlBpUjlQUWVOVzJQSXUwV2xvRXJqaGRiTw0KQm9BLzZDTitHdklrcTFNYXVDY05I
|dThJdjJZVWdGeGlyR1g2Rll2eHV6VFUwcFkzOW1GSHNzUXloUEIrUVVEOVJxZGpUalB5cG |dThJdjJZVWdGeGlyR1g2Rll2eHV6VFUwcFkzOW1GSHNzUXloUEIrUVVEOVJxZGpUalB5cG
|VMMA0KOG9QbHVLT0JnVEIvTUF3R0ExVWRFd0VCL3dRQ01BQXdEZ1lEVlIwUEFRSC9CQVFE |VMMA0KOG9QbHVLT0JnVEIvTUF3R0ExVWRFd0VCL3dRQ01BQXdEZ1lEVlIwUEFRSC9CQVFE
|QWdiQU1COEdBMVVkSXdRWU1CYUFGSEJFUG9JdQ0KYjRmZVN0TjE0ejBndkVNcmsvRWZNQj |QWdiQU1COEdBMVVkSXdRWU1CYUFGSEJFUG9JdQ0KYjRmZVN0TjE0ejBndkVNcmsvRWZNQj
|BHQTFVZERnUVdCQlMrYktHejQ4SDM3VU53cE00VEFlTDk0NWYrelRBZkJnTlZIUkVFR0RB |BHQTFVZERnUVdCQlMrYktHejQ4SDM3VU53cE00VEFlTDk0NWYrelRBZkJnTlZIUkVFR0RB
|Vw0KZ1JSQmJHbGpaVVJUVTBCbGVHRnRjR3hsTG1OdmJUQUpCZ2NxaGtqT09BUURBekFBTU |Vw0KZ1JSQmJHbGpaVVJUVTBCbGVHRnRjR3hsTG1OdmJUQUpCZ2NxaGtqT09BUURBekFBTU
|MwQ0ZGVU1wQmtmUWl1SmNTSXpqWU5xdFQxbg0KYTc5RkFoVUFuMkZUVWxRTFhMTGQydWQy |MwQ0ZGVU1wQmtmUWl1SmNTSXpqWU5xdFQxbg0KYTc5RkFoVUFuMkZUVWxRTFhMTGQydWQy
|SGVJUVVsdERYcjB4WXpCaEFnRUJNQmd3RWpFUU1BNEdBMVVFQXhNSFEyRnliRVJUVXdJQw |SGVJUVVsdERYcjB4WXpCaEFnRUJNQmd3RWpFUU1BNEdBMVVFQXhNSFEyRnliRVJUVXdJQw
|0KQU1nd0J3WUZLdzREQWhvd0NRWUhLb1pJempnRUFRUXVNQ3dDRkQxY1NXNkxJVUZ6ZVhs |0KQU1nd0J3WUZLdzREQWhvd0NRWUhLb1pJempnRUFRUXVNQ3dDRkQxY1NXNkxJVUZ6ZVhs
|ZTNZSTVTS1NCZXIvc0FoUW1DcTdzL0NURg0KSE9FamdBU2VVamJNcHg1ZzZBPT0= |ZTNZSTVTS1NCZXIvc0FoUW1DcTdzL0NURg0KSE9FamdBU2VVamJNcHg1ZzZBPT0=
|<5.9.eml |<4.9.eml
|* Example 5.10.bin |* Example 4.10.bin
|>5.10.bin |>4.10.bin
|MIIH/wYJKoZIhvcNAQcCoIIH8DCCB+wCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg |MIIH/wYJKoZIhvcNAQcCoIIH8DCCB+wCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuAwggLcMIICm6ADAgECAgIAyDAJ |QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuAwggLcMIICm6ADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj |BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB |MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T |gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV |DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj |OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0 |jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm |dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm |E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
skipping to change at line 9630 skipping to change at line 6259
|DwYDVQQLEwhWREEgU2l0ZTEMMAoGA1UECxMDVkRBMRcwFQYDVQQDEw5CdWdzIEJ1bm55IE |DwYDVQQLEwhWREEgU2l0ZTEMMAoGA1UECxMDVkRBMRcwFQYDVQQDEw5CdWdzIEJ1bm55IE
|RTQaRhMF8xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1VUyBHb3Zlcm5tZW50MREwDwYDVQQL |RTQaRhMF8xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1VUyBHb3Zlcm5tZW50MREwDwYDVQQL
|EwhWREEgU2l0ZTEMMAoGA1UECxMDVkRBMRcwFQYDVQQDEw5FbG1lciBGdWRkIERTQTCCAQ |EwhWREEgU2l0ZTEMMAoGA1UECxMDVkRBMRcwFQYDVQQDEw5FbG1lciBGdWRkIERTQTCCAQ
|IGCyqGSIb3DQEJEAIJMYHyMIHvMXICAQEGByoDBAUGBwkTJkVRVUlWQUxFTlQgVEhJUyBJ |IGCyqGSIb3DQEJEAIJMYHyMIHvMXICAQEGByoDBAUGBwkTJkVRVUlWQUxFTlQgVEhJUyBJ
|UyBBIFBSSVZBQ1kgTUFSSyBURVNUMTwwOoAIKgMEBQYHhnihLhMsRVFVSVZBTEVOVCBUSE |UyBBIFBSSVZBQ1kgTUFSSyBURVNUMTwwOoAIKgMEBQYHhnihLhMsRVFVSVZBTEVOVCBUSE
|lTIElTIEEgVEVTVCBTRUNVUklUWS1DQVRFR09SWS4xeQIBAQYHKgMEBQYHChMtRVFVSVZB |lTIElTIEEgVEVTVCBTRUNVUklUWS1DQVRFR09SWS4xeQIBAQYHKgMEBQYHChMtRVFVSVZB
|TEVOVCBUSElTIElTIEEgU0VDT05EIFBSSVZBQ1kgTUFSSyBURVNUMTwwOoAIKgMEBQYHhn |TEVOVCBUSElTIElTIEEgU0VDT05EIFBSSVZBQ1kgTUFSSyBURVNUMTwwOoAIKgMEBQYHhn
|ihLhMsRVFVSVZBTEVOVCBUSElTIElTIEEgVEVTVCBTRUNVUklUWS1DQVRFR09SWS4wCQYH |ihLhMsRVFVSVZBTEVOVCBUSElTIElTIEEgVEVTVCBTRUNVUklUWS1DQVRFR09SWS4wCQYH
|KoZIzjgEAwQvMC0CFQC8MzdlxPdwXBdJE6pMhcq7UpFIWQIUY5aiFIvPV96wSF9sZN2EBE |KoZIzjgEAwQvMC0CFQC8MzdlxPdwXBdJE6pMhcq7UpFIWQIUY5aiFIvPV96wSF9sZN2EBE
|lfHMo= |lfHMo=
|<5.10.bin |<4.10.bin
***5.11.bin*** ***4.11.bin***
|* Example 5.11.bin |* Example 4.11.bin
|>5.11.bin |>4.11.bin
|MIIGiAYJKoZIhvcNAQcCoIIGeTCCBnUCAQExADALBgkqhkiG9w0BBwGgggV/MIICmzCCAl |MIIGiAYJKoZIhvcNAQcCoIIGeTCCBnUCAQExADALBgkqhkiG9w0BBwGgggV/MIICmzCCAl
|qgAwIBAgIBATAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE2MjI1 |qgAwIBAgIBATAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE2MjI1
|MDUwWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQDEwdDYXJsRFNTMIIBtzCCASsGByqGSM |MDUwWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQDEwdDYXJsRFNTMIIBtzCCASsGByqGSM
|44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8ZMsw6UCQbrAdSxyHFLx0XA |44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8ZMsw6UCQbrAdSxyHFLx0XA
|UCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5UAFIk4vrJRVRl1Xcj1MOEK |UCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5UAFIk4vrJRVRl1Xcj1MOEK
|lQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAhUA3cEv31POCzRgdz4CpL+K |lQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAhUA3cEv31POCzRgdz4CpL+K
|XZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytbDJHOpWJSacrhbT69v/7ht7 |XZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytbDJHOpWJSacrhbT69v/7ht7
|krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0R5NVpzqn9GUR+pQhacSOuK |krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0R5NVpzqn9GUR+pQhacSOuK
|eWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgOBhQACgYEAmYd0JwNmoLHArdwsdb |eWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgOBhQACgYEAmYd0JwNmoLHArdwsdb
|vhbESc2iFtTUdtsWIJ6diuHvI6tJSxo456m3FOAJTJtCVOuWCWGSQB82IM/nXA+87YaADj |vhbESc2iFtTUdtsWIJ6diuHvI6tJSxo456m3FOAJTJtCVOuWCWGSQB82IM/nXA+87YaADj
skipping to change at line 9668 skipping to change at line 6297
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK |FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij |tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm |gYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm
|+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0R |+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0R
|BBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhRVDKQZH0IriX |BBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhRVDKQZH0IriX
|EiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3iEFJbQ169oYHbMIHYMIGZMAkGByqGSM44 |EiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3iEFJbQ169oYHbMIHYMIGZMAkGByqGSM44
|BAMwEjEQMA4GA1UEAxMHQ2FybERTUxcNOTkwODI3MDcwMDAwWjBpMBMCAgDIFw05OTA4Mj |BAMwEjEQMA4GA1UEAxMHQ2FybERTUxcNOTkwODI3MDcwMDAwWjBpMBMCAgDIFw05OTA4Mj
|IwNzAwMDBaMBMCAgDJFw05OTA4MjIwNzAwMDBaMBMCAgDTFw05OTA4MjIwNzAwMDBaMBMC |IwNzAwMDBaMBMCAgDJFw05OTA4MjIwNzAwMDBaMBMCAgDTFw05OTA4MjIwNzAwMDBaMBMC
|AgDSFw05OTA4