Internet Draft                              Editor: Paul Hoffman
draft-ietf-smime-examples-11.txt
draft-ietf-smime-examples-12.txt            Internet Mail Consortium
June 29,
October 18, 2003
Expires in six months

                    Examples of S/MIME Messages

Status of this memo

Internet-Drafts are working documents of the Internet Engineering Task
Force (IETF), its areas, and its working groups.  Note that other
groups may also distribute working documents as Internet-Drafts.

Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time.  It is inappropriate to use Internet- Drafts as reference
material or to cite them other than as "work in progress."

       The list of current Internet-Drafts can be accessed at
       http://www.ietf.org/ietf/1id-abstracts.txt

       The list of Internet-Draft Shadow Directories can be accessed at
       http://www.ietf.org/shadow.html.

This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026.

Abstract

This document gives examples of message bodies formatted using S/MIME.
Specifically, it has examples of Cryptographic Message Syntax (CMS)
objects,
objects and S/MIME messages (including the MIME formatting), and Enhanced
Security Services for S/MIME (ESS). formatting).
It includes examples of most or all many
common CMS and ESS formats; in addition, it gives examples that show
common pitfalls in implementing CMS. formats. The purpose of this document is to
help increase interoperability for S/MIME and other protocols that rely
on CMS.

Table of Contents

1. Introduction
2. Constants Used in the Examples
  2.1 Content of documents
  2.2 Private Keys
  2.3 Certificates
  2.4 CRLs
3. Trivial Examples
  3.1 ContentInfo with Data type, BER
  3.2 ContentInfo with Data type, DER
4.  Signed-data
  4.1 Basic signed content, DSS
  4.2 Basic signed content, RSA
  4.3 Basic signed content, detached content
  4.4 Fancier signed content
  4.5 All RSA signed message
  4.6 Multiple signers
  4.7 Signing using SKI
  4.8 S/MIME multipart/signed message
  4.9 S/MIME application/pkcs7-mime signed message
  4.10 SignedData With Attributes
  4.11 SignedData with Certificates Only
5.  Enveloped-data
  5.1 Basic encrypted content, TripleDES and RSA
  5.2 Basic encrypted content, RC2/128 and RSA
  5.3 S/MIME application/pkcs7-mime encrypted message
6. Digested-data
7. Encrypted-data
  7.1 Simple EncryptedData
  7.2 EncryptedData with unprotected attributes
8. Security Considerations
A. References
  A.1 Normative References
  A.2 Informative References
B. Binaries of the Examples
  B.1 How the binaries and extractor works
  B.2 Example extraction program
C. Examples in order of appearance
D. Acknowledgments
E. Differences between -10 and -11
F. Editor's Address

1. Introduction

The examples in this document show the structure and format of CMS
message bodies, as described in [CMS]. They are useful to implementors
who use protocols that rely on CMS, such as the S/MIME message format
protocol. There are also examples of simple S/MIME messages [SMIME-MSG]
(including the MIME headers), and ESS messages [SMIME-ESS]. headers).

Every example in this document has been checked by two different
implementors. This strongly indicates (but does not assure) that the
examples are correct. All CMS implementors must read the CMS document
carefully before implementing from it. No one should use the examples
in this document as stand-alone explanations of how to create CMS
message bodies.

This document explicitly does not attempt to cover many PKIX [PKIX]
examples. Documents with examples of that format may be forthcoming.
Also, note that [DVCS], which covers PKIX Data Validation and
Certification Server Protocols, has examples of formats for its
protocol.

This draft is being discussed on the 'ietf-smime-examples' mailing list.
To join the list, send a message to ietf-smime-examples-request@imc.org
with the single word "subscribe" in the body of the message.  Also,
there is a Web site for the mailing list at
<http://www.imc.org/ietf-smime-examples/>. Note that S/MIME itself is
discussed in the IETF's S/MIME Working Group; see
<http://www.imc.org/ietf-smime/> for more information.

2. Contributions To This Document

The examples shown here will be were created and validated by many different
people. In the example listings in Appendix B, there is a tag with the
initials of the creator of the example, and one or more tags for the
people who validated the example.

Some of the examples are of mis-implementations of CMS and ESS. That
is, if a developer reading the CMS or ESS specification created a
message body that was illegal, and another developer agreed that the
mis-reading was potentially a pitfall for later developers, that
message body is also included here. To make it clear which examples are
bad, they are all put into over a single section long period of this document with
(hopefully) explicit headings. time.

To contribute an implementation of an unimplemented example listed in
this document, to verify that you got the same results as an example
listed here, or to suggest a new example that should be listed, please
contact the document author at the address listed near the end of the
document.

3.

2. Constants Used in the Examples

This section defines the data used in the rest of the document. The names
of the constants indicate their use. For example, AlicePrivDSSSign is the
private part of Alice's DSS signing key.

   - Alice is the creator of the message bodies in this spec.

   - Bob is the recipient of the messages.

   - Carl is a CA.

   - Diane sometimes gets involved with these folks.

   - Erica also sometimes gets involved.

3.1

2.1 Content of documents

ExContent is the following sentence:
       This is some sample content.
That is, it is the string of characters starting with "T" up to and
including the ".".

The hex for ExContent is
5468 6973 2069 7320 736f 6d65 2073 616d 706c 6520 636f 6e74 656e 742e

The MD5 hash of ExContent is
9898 cac8 fab7 691f f89d c207 24e7 4a04

The SHA-1 hash of ExContent is
406a ec08 5279 ba6e 1602 2d9e 0629 c022 9687 dd48

3.2

2.2 Private Keys

The following private keys are needed to create the samples.
To find the public keys, see the certificates in the next section.

AlicePrivDSSSign =
   0 30  331: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30  299:   SEQUENCE {
  11 06    7:     OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
            :       (ANSI X9.57 algorithm)
  20 30  286:     SEQUENCE {
  24 02  129:       INTEGER
            :         00 81 8D CD ED 83 EA 0A 9E 39 3E C2
            :         48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
            :         53 C5 AB 84 08 4F FF 94 E1 73 48 7E
            :         0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :         2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
            :         DC 5F 69 8A E4 75 D0 37 0C 91 08 95
            :         9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
            :         8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :         C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
            :         78 BD FF 9D B0 84 97 37 F2 E4 51 1B
            :         B5 E4 09 96 5C F3 7E 5B DB
 156 02   21:       INTEGER
            :         00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
            :         B8 37 21 2B 62 8B F7 93 CD
 179 02  128:       INTEGER
            :         26 38 D0 14 89 32 AA 39 FB 3E 6D D9
            :         4B 59 6A 4C 76 23 39 04 02 35 5C F2
            :         CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
            :         AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :         7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
            :         3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
            :         E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30
            :         01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :         95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
            :         1F 11 7F C2 BD ED D1 50 FF 98 74 C2
            :         D1 81 4A 60 39 BA 36 39
            :       }
            :     }
 310 04   23:   OCTET STRING, encapsulates {
 312 02   21:       INTEGER
            :         00 BB 44 46 D1 A5 C9 46 07 2E D0 FE
            :         7A D6 92 07 F0 9A 85 89 3F
            :       }
            :   }

AlicePrivRSASign =
   0 30  630: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30   13:   SEQUENCE {
   9 06    9:     OBJECT IDENTIFIER
            :       rsaEncryption (1 2 840 113549 1 1 1)
            :       (PKCS #1)
  20 05    0:     NULL
            :     }
  22 04  608:   OCTET STRING, encapsulates {
  26 30  604:       SEQUENCE {
  30 02    1:         INTEGER 0
  33 02  129:         INTEGER
            :           00 E0 89 73 39 8D D8 F5 F5 E8 87 76
            :           39 7F 4E B0 05 BB 53 83 DE 0F B7 AB
            :           DC 7D C7 75 29 0D 05 2E 6D 12 DF A6
            :           86 26 D4 D2 6F AA 58 29 FC 97 EC FA
            :           82 51 0F 30 80 BE B1 50 9E 46 44 F1
            :           2C BB D8 32 CF C6 68 6F 07 D9 B0 60
            :           AC BE EE 34 09 6A 13 F5 F7 05 05 93
            :           DF 5E BA 35 56 D9 61 FF 19 7F C9 81
            :           E6 F8 6C EA 87 40 70 EF AC 6D 2C 74
            :           9F 2D FA 55 3A B9 99 77 02 A6 48 52
            :           8C 4E F3 57 38 57 74 57 5F
 165 02    3:         INTEGER 65537
 170 02  128:         INTEGER
            :           00 A4 03 C3 27 47 76 34 34 6C A6 86
            :           B5 79 49 01 4B 2E 8A D2 C8 62 B2 C7
            :           D7 48 09 6A 8B 91 F7 36 F2 75 D6 E8
            :           CD 15 90 60 27 31 47 35 64 4D 95 CD
            :           67 63 CE B4 9F 56 AC 2F 37 6E 1C EE
            :           0E BF 28 2D F4 39 90 6F 34 D8 6E 08
            :           5B D5 65 6A D8 41 F3 13 D7 2D 39 5E
            :           FE 33 CB FF 29 E4 03 0B 3D 05 A2 8F
            :           B7 F1 8E A2 76 37 B0 79 57 D3 2F 2B
            :           DE 87 06 22 7D 04 66 5E C9 1B AF 8B
            :           1A C3 EC 91 44 AB 7F 21
 301 02   65:         INTEGER
            :           00 F6 D6 E0 22 21 4C 5F 0A 70 FF 27
            :           FC E5 B3 50 6A 9D E5 0F B5 85 96 C6
            :           40 FA A8 0A B4 9B 9B 0C 55 C2 01 1D
            :           F9 37 82 8A 14 C8 F2 93 0E 92 CD A5
            :           66 21 B9 3C D2 06 BF B4 55 31 C9 DC
            :           AD CA 98 2D D1
 368 02   65:         INTEGER
            :           00 E8 DE B0 11 25 09 D2 02 51 01 DE
            :           8A E8 98 50 F5 77 77 61 A4 45 93 6B
            :           08 55 96 73 5D F4 C8 5B 12 93 22 73
            :           8B 7F D3 70 7F F5 A4 AA BB 74 FD 3C
            :           22 6A DA 38 91 2A 86 5B 6C 14 E8 AE
            :           4C 9E FA 8E 2F
 435 02   65:         INTEGER
            :           00 97 4C F0 87 9B 17 7F EE 1B 83 1B
            :           14 B6 0B 6A 90 5F 86 27 51 E1 B7 A0
            :           7F F5 E4 88 E3 59 B9 F9 1E 9B D3 29
            :           77 38 22 48 D7 22 B1 25 98 BA 3D 59
            :           53 B7 FA 1E 20 B2 C8 51 16 23 75 93
            :           51 E7 AB CD F1
 502 02   64:         INTEGER
            :           2C F0 24 5B FA A0 CD 85 22 EA D0 6E
            :           4F FA 6C CD 21 D3 C8 E4 F1 84 44 48
            :           64 73 D7 29 8F 7E 46 8C EC 15 DE E4
            :           51 B3 94 E7 2C 99 2D 55 65 7B 24 EA
            :           A3 62 1F 3E 6C 4D 67 41 11 3B E1 BE
            :           E9 83 02 83
 568 02   64:         INTEGER
            :           58 88 D9 A1 50 38 84 6A AB 03 BC BB
            :           DF 4B F4 9C 6F B8 B4 2A 25 FB F6 E4
            :           05 2F 6E E2 88 89 21 6F 4B 25 9E D0
            :           AB 50 93 CA BF 40 71 EC 21 25 C5 7F
            :           FB 02 E9 21 96 B8 33 CD E2 C6 95 EE
            :           6F 8D 5F 28
            :         }
            :       }
            :   }

BobPrivDHEncrypt

BobPrivRSAEncrypt =
   0 30  355:  645: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30  312:   13:   SEQUENCE {
  11
   9 06    7:    9:     OBJECT IDENTIFIER dhPublicKey
            :       rsaEncryption (1 2 840 10046 2 113549 1 1 1)
            :       (ANSI X9.42 number type)       (PKCS #1)
  20 05    0:     NULL
            :     }
  22 04  608:   OCTET STRING, encapsulates {
  26 30  299:  604:       SEQUENCE {
  24
  30 02    1:         INTEGER 0
  33 02  129:         INTEGER
            :           00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB
            :         23 4D DF 2B 25 C1 68 D2 9E A9 45 5B
            :         36 F1 94 89 1A AF 7D 11 24 9D 3D B9 E1 67 98 3F 39 D5 5F F2 A0 93
            :         3C 29 E8 D7 23 80 33           41 5E A6 9E 45 02 BB 79 89 85 C8 35 5D 9A 91 5B
            :         AA CC 9E 28 05 95 A0 B3           FB 1D 01 DA 19 70 26 17 76 C1 F7 0F BD A5 22
            :         25           D0 35 61 02 85 6D 7A 98 66 14 41 92 27 0C 5E AE 48 E5 5C CF B7
            :         F3 6E 38 EF           B7 08 3B 09 C9 91 D1 CF B8 19 69 37 FE 9A 40 97 6D F9
            :         C8 2D 35 9E 9D 93 C6 F8 15           65 1E 7B D9 A9 33 24 A3 7F 3B BB AF 3F DA
            :         74 3A B7           46 01 86 36 34 32 CB 07 03 59 52 FC
            :           85 8B 31 04 B8 CC 18 08 14 48 E6 4F
            :           1C FB 5D 60 C4 93 B5 B9 BB 76 6C E0 5C 1F A8 53 D3 7F 53
            :         7E BC 3A AA 43 0A 81 64 FC 63 F0 7B
            :         71 98 FA C0 38 79 10 1A 33
 156 02  129:       INTEGER
            :         00 BA 0B D7 74 3D E7 34 E5 4C 13 A7
            :         95 96 BB F1 E4 61 37 08 FB 12 C7 FB
            :         9C 91 77 06 99 35 F0 48 24 96 33 12
            :         01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
            :         5E 95 86 A2 73 C5 49 46 37 79 60 FD
            :         77 05 09 48 9B 70 8D 3C 05 F6 CE 44
            :         2C 7F 7D 1B 2B 15 DD F3 05 2F BE 85
            :         20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
            :         42 62 34 27 27 81 8E 6F 0F 5E 62 85
            :         89 CC ED 21 C3 91 70 06 54 EE 70 A8
            :         92 55 5B 6E 19 22 4D 62 A7
 288 02   33:       INTEGER
            :         00 C3 AB 4A 30 79 B3 D3 97 4E CA F5
            :         A2 7D C7 70 A3 45 F3 B3 A2 86 05 D2
            :         3E 49 F9 9F D9 0A B3 BE BD
            :       }
            :     }
 323 04   34:   OCTET STRING, encapsulates {
 325 02   32:       INTEGER
            :         20 FC 67 82 EE CF 4A A6 C8 E5 83 D2
            :         8C 3B 8A D2 45 32 11 27 32 6C 86 EC
            :         66 CA 71 AD F0 19 4D F7
            :       }
            :   }

BobPrivRSAEncrypt =
   0 30  645: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30   13:   SEQUENCE {
   9 06    9:     OBJECT IDENTIFIER
            :       rsaEncryption (1 2 840 113549 1 1 1)
            :       (PKCS #1)
  20 05    0:     NULL
            :     }
  22 04  608:   OCTET STRING, encapsulates {
  26 30  604:       SEQUENCE {
  30 02    1:         INTEGER 0
  33 02  129:         INTEGER
            :           00 A9 E1 67 98 3F 39 D5 5F F2 A0 93
            :           41 5E A6 79 89 85 C8 35 5D 9A 91 5B
            :           FB 1D 01 DA 19 70 26 17 0F BD A5 22
            :           D0 35 85 6D 7A 98 66 14 41 5C CF B7
            :           B7 08 3B 09 C9 91 B8 19 69 37 6D F9
            :           65 1E 7B D9 A9 33 24 A3 7F 3B BB AF
            :           46 01 86 36 34 32 CB 07 03 59 52 FC
            :           85 8B 31 04 B8 CC 18 08 14 48 E6 4F
            :           1C FB 5D 60 C4 E0 5C 1F 53 D3 7F 53
            :           D8 69 01 F1 05 F8 7A 70 D1 BE 83 C6           D8 69 01 F1 05 F8 7A 70 D1 BE 83 C6
            :           5F 38 CF 1C 2C AA 6A A7 EB
 165 02    3:         INTEGER 65537
 170 02  128:         INTEGER
            :           67 CD 48 4C 9A 0D 8F 98 C2 1B 65 FF
            :           22 83 9C 6D F0 A6 06 1D BC ED A7 03
            :           88 94 F2 1C 6B 0F 8B 35 DE 0E 82 78
            :           30 CB E7 BA 6A 56 AD 77 C6 EB 51 79
            :           70 79 0A A0 F4 FE 45 E0 A9 B2 F4 19
            :           DA 87 98 D6 30 84 74 E4 FC 59 6C C1
            :           C6 77 DC A9 91 D0 7C 30 A0 A2 C5 08
            :           5E 21 71 43 FC 0D 07 3D F0 FA 6D 14
            :           9E 4E 63 F0 17 58 79 1C 4B 98 1C 3D
            :           3D B0 1B DF FA 25 3B A3 C0 2C 98 05
            :           F6 10 09 D8 87 DB 03 19
 301 02   65:         INTEGER
            :           00 D0 C3 22 C6 DE A2 99 18 76 8F 8D
            :           BC A6 75 D6 66 3F D4 8D 45 52 8C 76
            :           F5 72 C4 EB F0 46 9A F1 3E 5C AA 55
            :           0B 9B DA DD 6B 6D F8 FC 3B 3C 08 43
            :           93 B5 5B FE CE EA FD 68 84 23 62 AF
            :           F3 31 C2 B9 E5
 368 02   65:         INTEGER
            :           00 D0 51 FC 1E 22 B7 5B ED B5 8E 01
            :           C8 D7 AB F2 58 D4 F7 82 94 F3 53 A8
            :           19 45 CB 66 CA 28 19 5F E2 10 2B F3
            :           8F EC 6A 30 74 F8 4D 11 F4 A7 C4 20
            :           B5 47 21 DC 49 01 F9 0A 20 29 F0 24
            :           08 84 60 7D 8F
 435 02   64:         INTEGER
            :           34 BA 64 C9 48 28 57 74 D7 55 50 DE
            :           6A 48 EF 1B 2A 5A 1C 48 7B 1E 21 59
            :           C3 60 3B 9B 97 A9 C0 EF 18 66 A9 4E
            :           62 52 38 84 CE E5 09 88 48 94 69 C5
            :           20 14 99 5A 57 FE 23 6C E4 A7 23 7B
            :           D0 80 B7 85
 501 02   65:         INTEGER
            :           00 9E 2F B3 37 9A FB 0B 06 5D 57 E1
            :           09 06 A4 5D D9 90 96 06 05 5F 24 06
            :           40 72 9C 3A 88 85 9C 87 0F 9D 62 12
            :           88 16 68 A8 35 1A 1B 43 E8 38 C0 98
            :           69 AF 03 0A 48 32 04 4E E9 0F 8F 77
            :           7D 34 30 25 07
 568 02   64:         INTEGER
            :           57 18 67 D6 0A D2 B5 AB C2 BA 7A E7
            :           54 DA 9C 05 4F 81 D4 EF 01 89 1E 32
            :           3D 69 CB 31 C4 52 C8 54 55 25 00 3B
            :           1C 2A 7C 26 50 D5 E9 A6 D7 77 CB CF
            :           15 F5 EE 0B D5 8D EE B3 AF 4C A1 7C
            :           63 46 41 F6
            :         }
            :       }
 634 A0   13:   [0] {
 636 30   11:     SEQUENCE {
 638 06    3:       OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :         (X.509 id-ce (2 5 29))
 643 31    4:       SET {
 645 03    2:         BIT STRING 0 unused bits
            :           '00001000'B (bit 3)
            :           Error: Spurious zero bits in bitstring.
            :         }
            :       }
            :     }
            :   }

CarlPrivDSSSign =
   0 30  330: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30  299:   SEQUENCE {
  11 06    7:     OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
            :       (ANSI X9.57 algorithm)
  20 30  286:     SEQUENCE {
  24 02  129:       INTEGER
            :         00 B6 49 18 3E 8A 44 C1 29 71 94 4C
            :         01 C4 12 C1 7A 79 CB 54 4D AB 1E 81
            :         FB C6 4C B3 0E 94 09 06 EB 01 D4 B1
            :         C8 71 4B C7 45 C0 50 25 5D 9C FC DA
            :         E4 6D D3 E2 86 48 84 82 7D BA 15 95
            :         4A 16 F6 46 ED DD F6 98 D2 BB 7E 8A
            :         0A 8A BA 16 7B B9 50 01 48 93 8B EB
            :         25 15 51 97 55 DC 8F 53 0E 10 A9 50
            :         FC 70 B7 CD 30 54 FD DA DE A8 AA 22
            :         B5 A1 AF 8B CC 02 88 E7 8B 70 5F B9
            :         AD E1 08 D4 6D 29 2D D6 E9
 156 02   21:       INTEGER
            :         00 DD C1 2F DF 53 CE 0B 34 60 77 3E
            :         02 A4 BF 8A 5D 98 B9 10 D5
 179 02  128:       INTEGER
            :         0C EE 57 9B 4B BD DA B6 07 6A 74 37
            :         4F 55 7F 9D ED BC 61 0D EB 46 59 3C
            :         56 0B 2B 5B 0C 91 CE A5 62 52 69 CA
            :         E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
            :         AD CB AE 45 E3 06 AC 8C 22 9D 9C 44
            :         87 0B C7 CD F0 1C D9 B5 4E 5D 73 DE
            :         AF 0E C9 1D 5A 51 F5 4F 44 79 35 5A
            :         73 AA 7F 46 51 1F A9 42 16 9C 48 EB
            :         8A 79 61 B4 D5 2F 53 22 44 63 1F 86
            :         B8 A3 58 06 25 F8 29 C0 EF BA E0 75
            :         F0 42 C4 63 65 52 9B 0A
            :       }
            :     }
 310 04   22:   OCTET STRING, encapsulates {
 312 02   20:       INTEGER
            :         19 B3 38 A5 21 62 31 50 E5 7F B9 3E
            :         08 46 78 D1 3E B5 E5 72
            :       }
            :   }

CarlPrivRSASign =
   0 30  630: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30   13:   SEQUENCE {
   9 06    9:     OBJECT IDENTIFIER
            :       rsaEncryption (1 2 840 113549 1 1 1)
            :       (PKCS #1)
  20 05    0:     NULL
            :     }
  22 04  608:   OCTET STRING, encapsulates {
  26 30  604:       SEQUENCE {
  30 02    1:         INTEGER 0
  33 02  129:         INTEGER
            :           00 E4 4B FF 18 B8 24 57 F4 77 FF 6E
            :           73 7B 93 71 5C BC 33 1A 92 92 72 23
            :           D8 41 46 D0 CD 11 3A 04 B3 8E AF 82
            :           9D BD 51 1E 17 7A F2 76 2C 2B 86 39
            :           A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC
            :           A2 36 B1 ED E2 50 E2 32 09 8A 3F 9F
            :           99 25 8F B8 4E AB B9 7D D5 96 65 DA
            :           16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7
            :           29 CB 82 DD AC 44 E9 AA 93 94 29 0E
            :           F8 18 D6 C8 57 5E F2 76 C4 F2 11 60
            :           38 B9 1B 3C 1D 97 C9 6A F1
 165 02    3:         INTEGER 65537
 170 02  129:         INTEGER
            :           00 AE 73 E4 5B 5F 5B 66 5A C9 D7 C6
            :           EF 38 5F 53 21 2A 2F 62 FE DE 29 9A
            :           7A 86 67 36 E7 7D 62 78 75 3D 73 A0
            :           BC 29 0E F3 8F BD C3 C9 C9 B6 F8 BA
            :           D6 13 9B C3 97 7A CA 6A F0 B8 85 65
            :           4E 0F BD A7 A8 F7 54 06 41 BD EB DC
            :           20 77 90 DF 61 9B 9A 6F 74 DE EA 3B
            :           D4 9C 87 60 ED 76 84 F1 6A 30 37 D5
            :           E0 90 16 F8 80 47 C3 19 6B ED 75 77
            :           BA 4A ED 39 B6 5D 02 47 3B 5F 1B C8
            :           1C AB CB E8 F5 26 3F A4 81
 302 02   65:         INTEGER
            :           00 FF DF 09 A0 56 0B 42 52 9E C4 4D
            :           93 B3 B0 49 BB DE E7 81 7D 28 99 D0
            :           B1 48 BA 0B 39 E1 1C 7B 22 18 33 B6
            :           40 F6 BF DC AE 1D D0 A1 AD 04 71 5A
            :           61 0A 6E 3B CE 30 DA 36 9F 65 25 29
            :           BB A7 0E 7F 0B
 369 02   65:         INTEGER
            :           00 E4 69 68 18 5F F9 57 D0 7C 66 89
            :           0F BA 63 1D 72 CB 20 A4 81 76 64 89
            :           CD 7D D1 C2 27 A9 2E AC 7A 56 9A 85
            :           07 D9 30 03 A3 03 AB 7F 88 92 50 24
            :           01 AA 1B 07 1F 20 4C B7 C9 7B 56 F7
            :           B6 C2 7E AB 73
 436 02   64:         INTEGER
            :           57 36 6C 8F 8C 04 76 6C B6 D4 EE 24
            :           44 00 F8 80 E2 AF 42 01 A9 0F 14 84
            :           F8 E7 00 E0 8F 8C 27 A4 2D 5F A2 E5
            :           6D B5 63 C0 AD 44 E9 76 91 A7 19 49
            :           2E 46 F8 77 85 4B 3B 87 04 F0 AF D2
            :           D8 54 26 95
 502 02   64:         INTEGER
            :           64 A1 0F AC 55 74 1B BD 0D 61 7B 17
            :           03 CD B0 E6 A7 19 1D 80 AF F1 41 48
            :           D8 1A B6 88 14 A0 2C 7A C5 76 D4 0F
            :           0E 1F 7A 2A B2 6E 37 04 AB 39 45 73
            :           BA 46 A8 0F 8D 82 5F 22 14 05 CF A2
            :           A3 F3 7C 83
 568 02   64:         INTEGER
            :           26 1E 1D 1C A1 98 2B E4 DB 38 E8 57
            :           6E 6B 73 19 88 61 3A FA 74 4A 36 8B
            :           47 68 5D 50 EB 26 E3 EA 7D 9B 4E 65
            :           A9 AF 7B AB 4B 2E 76 51 3D A8 D0 11
            :           AB A3 D6 A8 C0 27 36 1D 54 0B AA A7
            :           D1 6D 8D FA
            :         }
            :       }
            :   }

DianePrivDHEncrypt

DianePrivDSSSign =
   0 30  354:  331: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30  311:  299:   SEQUENCE {
  11 06    7:     OBJECT IDENTIFIER dhPublicKey dsa (1 2 840 10046 2 10040 4 1)
            :       (ANSI X9.42 number type) X9.57 algorithm)
  20 30  298:  286:     SEQUENCE {
  24 02  129:       INTEGER
            :         00 CA 6E 91 C2 B0 BD A8 58 F2 31 21
            :         74 BB 1F E4 10 BD D0 93 A2 7E 61 E1 B6 49 18 3E 8A 44 C1 29 71 94 4C
            :         3D BA 23 04 16 D0 66 39 BD 3B CD 05
            :         74 48 F1 03 70 95 F4 05 63 6D 2E BF
            :         9A B7 FF 97 FF 39 BB 63 DB 4D A4 71
            :         D8 94 9A B4 F2 8A 3D 9F B7 5D 8D CA
            :         E2 AF B5 0F CF 05 65 82 68 6E 43 D2
            :         F4 04 5F 03 8B F9 50 F5 C8 6C 05 26
            :         BC BF 36 0F 5C C3 51 6A 67 E8 75 32
            :         66 78 91 63 E8 FE 34 E7 19 B6 70 6C
            :         78 38 36 82 D2 34 36 C2 DF
 156 02  128:       INTEGER
            :         6E D6 76 36 4B E4 59 07 57 5F 18 9A
            :         10 D2 31 5C A6 10 B0 26 96 42 4D 7C
            :         A3 A1 D3 9E A5 80 B2 1F 37 11 49 7C
            :         8A 99 D8 56 3F 93 51 ED 6E 54 FB 6E
            :         DB B2 FC 34 C0 E7 CA 1E 58 2B D5 3D
            :         3B DC AE 71 21 D9 3B 56 B8 A7 F6 4D
            :         22 52 5F 41 BA D5 1E 82 69 6C DD 70
            :         71 CC 6C 3B EF 84 A9 71 8B A9 3B 2A
            :         09 F8 BD FD CB 51 BC 2E 2E CA 3E 30
            :         8C FA 54 9E 7D 0D 03 E2 DF 63 62 6D
            :         F3 50 82 27 DC D1 99 F7
 287 02   33:       INTEGER
            :         00 AA 05 65 FB DD 4E A8 02 F1 34 39
            :         E7 A3 FC 7D 46 10 B8 5D F0 2E F2 C5
            :         D1 5E A2 74 4C DA 0F 4E 1F
            :       }
            :     }
 322 04   34:   OCTET STRING, encapsulates {
 324 02   32:       INTEGER
            :         58 2E 89 AB 57 34 7D 3C F5 9A 75 CB
            :         7D 99 8A 19 2F 3C 7A A6 85 C9 2F 1B
            :         5A 47 03 E3 82 16 E4 9B
            :       }
            :   }

DianePrivDSSSign =
   0 30  331: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30  299:   SEQUENCE {
  11 06    7:     OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
            :       (ANSI X9.57 algorithm)
  20 30  286:     SEQUENCE {
  24 02  129:       INTEGER
            :         00 B6 49 18 3E 8A 44 C1 29 71 94 4C
            :         01 C4 12 C1 7A 79 CB 54 4D AB 1E 81         01 C4 12 C1 7A 79 CB 54 4D AB 1E 81
            :         FB C6 4C B3 0E 94 09 06 EB 01 D4 B1
            :         C8 71 4B C7 45 C0 50 25 5D 9C FC DA
            :         E4 6D D3 E2 86 48 84 82 7D BA 15 95
            :         4A 16 F6 46 ED DD F6 98 D2 BB 7E 8A
            :         0A 8A BA 16 7B B9 50 01 48 93 8B EB
            :         25 15 51 97 55 DC 8F 53 0E 10 A9 50
            :         FC 70 B7 CD 30 54 FD DA DE A8 AA 22
            :         B5 A1 AF 8B CC 02 88 E7 8B 70 5F B9
            :         AD E1 08 D4 6D 29 2D D6 E9
 156 02   21:       INTEGER
            :         00 DD C1 2F DF 53 CE 0B 34 60 77 3E
            :         02 A4 BF 8A 5D 98 B9 10 D5
 179 02  128:       INTEGER
            :         0C EE 57 9B 4B BD DA B6 07 6A 74 37
            :         4F 55 7F 9D ED BC 61 0D EB 46 59 3C
            :         56 0B 2B 5B 0C 91 CE A5 62 52 69 CA
            :         E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
            :         AD CB AE 45 E3 06 AC 8C 22 9D 9C 44
            :         87 0B C7 CD F0 1C D9 B5 4E 5D 73 DE
            :         AF 0E C9 1D 5A 51 F5 4F 44 79 35 5A
            :         73 AA 7F 46 51 1F A9 42 16 9C 48 EB
            :         8A 79 61 B4 D5 2F 53 22 44 63 1F 86
            :         B8 A3 58 06 25 F8 29 C0 EF BA E0 75
            :         F0 42 C4 63 65 52 9B 0A
            :       }
            :     }
 310 04   23:   OCTET STRING, encapsulates {
 312 02   21:       INTEGER
            :         00 96 95 F9 E0 C1 E0 41 2D 32 0F 8B
            :         42 52 93 2A E6 1E 0E 21 29
            :       }
            :   }

DianePrivRSASignEncrypt =
   0 30  631: SEQUENCE {
   4 02    1:   INTEGER 0
   7 30   13:   SEQUENCE {
   9 06    9:     OBJECT IDENTIFIER
            :       rsaEncryption (1 2 840 113549 1 1 1)
            :       (PKCS #1)
  20 05    0:     NULL
            :     }
  22 04  609:   OCTET STRING, encapsulates {
  26 30  605:       SEQUENCE {
  30 02    1:         INTEGER 0
  33 02  129:         INTEGER
            :           00 D6 FD B8 C0 70 C6 4C 25 EC EA CF
            :           EA 7C BB A2 62 FA F0 E6 32 3A 53 FF
            :           B1 92 5A 17 F4 20 E1 99 24 82 0A D0
            :           F6 7C FB 44 CA 8B 27 06 F1 7E 26 03
            :           A9 76 9D CF EC A0 2C 70 96 F2 83 42
            :           F6 D4 B7 28 0A BB F8 BF 4A 4C 19 3F
            :           07 DB A0 C1 60 1E B7 7E 67 F7 DE B1
            :           C3 60 49 AC 45 D7 F8 C6 EF 08 37 21
            :           93 47 EE F0 73 35 72 B0 02 C4 F3 11
            :           C3 5E 47 E5 0A B7 83 F1 DB 74 69 64
            :           8B 44 1D 95 5D CD 28 C0 85
 165 02    3:         INTEGER 65537
 170 02  128:         INTEGER
            :           3D BD CD C2 0E 61 14 5B 4B E7 BF 60
            :           23 04 2B C5 6B 35 A5 96 45 23 FC 69
            :           7D 93 3C 0F D3 25 96 BA 62 52 42 E2
            :           96 CF FE 58 80 8F EB B1 8C BD D4 0D
            :           65 D0 3A 77 45 24 9E 0C EB 86 80 C3
            :           AC 21 11 71 44 E3 B2 A8 A9 2E AC 17
            :           D2 A3 84 25 63 B5 BC 2F 1E DD F6 21
            :           FF 15 20 24 5B F1 80 2F D5 41 0E 32
            :           24 F7 D4 4A 32 9E B9 49 D8 19 8E 3F
            :           39 8D 62 BD 80 FC 0C 24 92 93 E4 C3
            :           D7 05 91 53 BB 96 B6 41
 301 02   65:         INTEGER
            :           00 F3 B8 3F 4A D1 94 B0 91 60 13 41
            :           92 0D 8D 44 3F 77 1D FF 96 23 44 08
            :           D4 0B 70 C9 1A AF E9 90 94 F2 B0 D5
            :           5F 4F 19 85 50 A1 90 91 AE BD 05 76
            :           52 B3 22 D8 A8 7C 8E 54 7F 00 72 4F
            :           36 75 68 73 B5
 368 02   65:         INTEGER
            :           00 E1 D2 E7 11 57 06 AE 72 95 22 16
            :           AA 02 B4 5A ED 4E 9D 82 11 4F 96 3C
            :           86 C9 10 8D 56 7B 31 75 79 69 E7 75
            :           68 38 00 4B 2E D2 26 32 DD B1 E2 E0
            :           2C 54 80 0A 75 BA D1 66 96 1B B0 0E
            :           A0 7E D2 BB 91
 435 02   65:         INTEGER
            :           00 AF B6 BC DB 22 73 43 41 EC B4 B5
            :           67 A9 A1 99 FC EF D2 8E FD 1D FB E5
            :           29 8B FE 0A DF D4 C8 5E 57 25 0A 5D
            :           2B D4 09 A0 56 5B C5 B1 62 FC 20 BE
            :           08 2D E3 07 B5 A1 E7 B3 FF C4 C0 A5
            :           5F AC 12 5C A9
 502 02   65:         INTEGER
            :           00 B9 98 41 FC 08 50 1F 73 60 8A 01
            :           A2 7C 52 8A 20 5A EA 2C 89 D9 A5 19
            :           DD 94 C6 1B C3 25 C0 82 51 E4 EE 2B
            :           9A 19 DC 73 ED E9 1D 27 D4 F8 6C 03
            :           DD AB 1D 08 7B B5 AC 7F E9 82 9B F1
            :           89 8A 71 DB 61
 569 02   64:         INTEGER
            :           01 07 21 97 5F 7A 60 A8 FD 5A 5C 07
            :           DF A8 DE F7 E2 B1 34 7D FC EB 91 BD
            :           B0 73 74 C8 C4 BE 3F 58 45 30 06 90
            :           B3 AC 69 CC B3 F7 3F 7C AC C7 B8 1B
            :           65 A1 16 39 39 B0 E3 74 7D CF CD C5
            :           AC 6C BF E5
            :         }
            :       }
            :   }

EricaPrivDHEncryptBobParam

2.3 Certificates

AliceDSSSignByCarlNoInherit =
   0 30  355:  732: SEQUENCE {
   4 30  667:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 0
   7 2
            :       }
  13 02    2:     INTEGER 200
  17 30  312:    9:     SEQUENCE {
  11
  19 06    7:       OBJECT IDENTIFIER dhPublicKey dsaWithSha1 (1 2 840 10046 2 1) 10040 4 3)
            :         (ANSI X9.42 number type)
  20 X9.57 algorithm)
            :       }
  28 30  299:   18:     SEQUENCE {
  24 02  129:       INTEGER
  30 31   16:       SET {
  32 30   14:         SEQUENCE {
  34 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :         00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB             (X.520 id-at (2 5 4))
  39 13    7:           PrintableString 'CarlDSS'
            :         23 4D DF 2B 25 C1 68 D2 9E A9 45 5B
            :         36 F1 94 89 1A AF 7D 11 24 9D 3D B9
            :         3C 29 E8 D7 23 80 33 A6 9E 45 02 BB
            :         AA CC 9E 28 05 95 A0 B3 17 76 C1 F7
            :         25 35 61 02 41 92 27 0C 5E AE 48 E5
            :         F3 6E 38 EF 91 D1 CF 37 FE 9A 40 97
            :         C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA
            :         74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8
            :         7E BC 3A AA 43 0A 81 64 FC 63 F0 7B
            :         71 98 FA C0 38 79 10 1A 33
 156 02  129:       INTEGER
            :         00 BA 0B D7 74 3D E7 34 E5 4C 13 A7
            :         95 96 BB F1 E4 61 37 08 FB 12 C7 FB
            :         9C 91 77 06 99 35 F0 48 24 96 33 12
            :         01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
            :         5E 95 86 A2 73 C5 49 46 37 79 60 FD
            :         77 05 09 48 9B 70 8D 3C 05 F6 CE 44
            :         2C 7F 7D 1B 2B 15 DD F3 05 2F BE 85
            :         20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
            :         42 62 34 27 27 81 8E 6F 0F 5E 62 85
            :         89 CC ED 21 C3 91 70 06 54 EE 70 A8
            :         92 55 5B 6E 19 22 4D 62 A7
 288 02   33:       INTEGER
            :         00 C3 AB 4A 30 79 B3 D3 97 4E CA F5
            :         A2 7D C7 70 A3 45 F3 B3 A2 86 05 D2
            :         3E 49 F9 9F D9 0A B3 BE BD
            :       }
            :     }
 323 04   34:   OCTET STRING, encapsulates {
 325 02   32:       INTEGER
            :         48 64 11 E4 17 01 12 E6 C1 D3 9C 70
            :         7D 7C A6 97 95 BD C8 95 07 F7 CF 41
            :         11 A7 13 91 FB 30 3D 8C
            :       }
            :   }

MailListTripleDES =
255e 0d1c 07b6 46df b313 4cc8 43ba 8aa7 1f02 5b7c 0838 251f

MailListRC2 =
b70a 25fb c9d8 6a86 050c e0d7 11ea d4d9

3.3 Certificates

Note that Bob's and Diane's Diffie-Hellman encryption keys do *not*
share Diffie-Hellman parameters; however, Bob and Erica share Diffie-
Hellman parameters.

AliceDSSSignByCarlNoInherit =
   0 30  732: SEQUENCE {
   4 30  667:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02    2:     INTEGER 200
  17 30    9:     SEQUENCE {
  19 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :         (ANSI X9.57 algorithm)
            :       }
  28 30   18:     SEQUENCE {
  30 31   16:       SET {
  32 30   14:         SEQUENCE {
  34 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  39 13    7:           PrintableString 'CarlDSS'
            :           }           }
            :         }
            :       }
  48 30   30:     SEQUENCE {
  50 17   13:       UTCTime '990817011049Z'
  65 17   13:       UTCTime '391231235959Z'
            :       }
  80 30   19:     SEQUENCE {
  82 31   17:       SET {
  84 30   15:         SEQUENCE {
  86 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  91 13    8:           PrintableString 'AliceDSS'
            :           }
            :         }
            :       }
 101 30  438:     SEQUENCE {
 105 30  299:       SEQUENCE {
 109 06    7:         OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
            :           (ANSI X9.57 algorithm)
 118 30  286:         SEQUENCE {
 122 02  129:           INTEGER
            :             00 81 8D CD ED 83 EA 0A 9E 39 3E C2
            :             48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
            :             53 C5 AB 84 08 4F FF 94 E1 73 48 7E
            :             0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :             2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
            :             DC 5F 69 8A E4 75 D0 37 0C 91 08 95
            :             9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
            :             8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :             C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
            :             78 BD FF 9D B0 84 97 37 F2 E4 51 1B
            :             B5 E4 09 96 5C F3 7E 5B DB
 254 02   21:           INTEGER
            :             00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
            :             B8 37 21 2B 62 8B F7 93 CD
 277 02  128:           INTEGER
            :             26 38 D0 14 89 32 AA 39 FB 3E 6D D9
            :             4B 59 6A 4C 76 23 39 04 02 35 5C F2
            :             CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
            :             AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :             7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
            :             3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
            :             E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30
            :             01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :             95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
            :             1F 11 7F C2 BD ED D1 50 FF 98 74 C2
            :             D1 81 4A 60 39 BA 36 39
            :           }
            :         }
 408 03  132:       BIT STRING 0 unused bits, encapsulates {
 412 02  128:           INTEGER
            :             5C E3 B9 5A 75 14 96 0B A9 7A DD E3
            :             3F A9 EC AC 5E DC BD B7 13 11 34 A6
            :             16 89 28 11 23 D9 34 86 67 75 75 13
            :             12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
            :             1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
            :             A5 A0 4A E3 85 D6 CE 06 80 3F E8 23
            :             7E 1A F2 24 AB 53 1A B8 27 0D 1E EF
            :             08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :             F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
            :             32 84 F0 7E 41 40 FD 46 A7 63 4E 33
            :             F2 A5 E2 F4 F2 83 E5 B8
            :           }
            :       }
 543 A3  129:     [3] {
 546 30  127:       SEQUENCE {
 548 30   12:         SEQUENCE {
 550 06    3:           OBJECT IDENTIFIER
            :             basicConstraints (2 5 29 19)
            :             (X.509 id-ce (2 5 29))
 555 01    1:           BOOLEAN TRUE
 558 04    2:           OCTET STRING, encapsulates {
 560 30    0:               SEQUENCE {}
            :               }
            :           }
 562 30   14:         SEQUENCE {
 564 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 569 01    1:           BOOLEAN TRUE
 572 04    4:           OCTET STRING, encapsulates {
 574 03    2:               BIT STRING 6 unused bits
            :                 '11'B
            :               }
            :           }
 578 30   31:         SEQUENCE {
 580 06    3:           OBJECT IDENTIFIER
            :             authorityKeyIdentifier (2 5 29 35)
            :             (X.509 id-ce (2 5 29))
 585 04   24:           OCTET STRING, encapsulates {
 587 30   22:               SEQUENCE {
 589 80   20:                 [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                   3D 20 BC 43 2B 93 F1 1F
            :                 }
            :               }
            :           }
 611 30   29:         SEQUENCE {
 613 06    3:           OBJECT IDENTIFIER
            :             subjectKeyIdentifier (2 5 29 14)
            :             (X.509 id-ce (2 5 29))
 618 04   22:           OCTET STRING, encapsulates {
 620 04   20:               OCTET STRING
            :                 BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
            :                 13 01 E2 FD E3 97 FE CD
            :               }
            :           }
 642 30   31:         SEQUENCE {
 644 06    3:           OBJECT IDENTIFIER subjectAltName (2 5 29 17)
            :             (X.509 id-ce (2 5 29))
 649 04   24:           OCTET STRING, encapsulates {
 651 30   22:               SEQUENCE {
 653 81   20:                 [1] 'AliceDSS@example.com'
            :                 }
            :               }
            :           }
            :         }
            :       }
            :     }
 675 30    9:   SEQUENCE {
 677 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :       (ANSI X9.57 algorithm)
            :     }
 686 03   48:   BIT STRING 0 unused bits, encapsulates {
 689 30   45:       SEQUENCE {
 691 02   20:         INTEGER
            :           55 0C A4 19 1F 42 2B 89 71 22 33 8D
            :           83 6A B5 3D 67 6B BF 45
 713 02   21:         INTEGER
            :           00 9F 61 53 52 54 0B 5C B2 DD DA E7
            :           76 1D E2 10 52 5B 43 5E BD
            :         }
            :       }
            :   }

AliceRSASignByCarl =
   0 30  556: SEQUENCE {
   4 30  405:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02   16:     INTEGER
            :       46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :       C4 10 B3 B0
  31 30   13:     SEQUENCE {
  33 06    9:       OBJECT IDENTIFIER
            :         sha1withRSAEncryption (1 2 840 113549 1 1 5)
            :         (PKCS #1)
  44 05    0:       NULL
            :       }
  46 30   18:     SEQUENCE {
  48 31   16:       SET {
  50 30   14:         SEQUENCE {
  52 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  57 13    7:           PrintableString 'CarlRSA'
            :           }
            :         }
            :       }
  66 30   30:     SEQUENCE {
  68 17   13:       UTCTime '990919010847Z'
  83 17   13:       UTCTime '391231235959Z'
            :       }
  98 30   19:     SEQUENCE {
 100 31   17:       SET {
 102 30   15:         SEQUENCE {
 104 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
 109 13    8:           PrintableString 'AliceRSA'
            :           }
            :         }
            :       }
 119 30  159:     SEQUENCE {
 122 30   13:       SEQUENCE {
 124 06    9:         OBJECT IDENTIFIER
            :           rsaEncryption (1 2 840 113549 1 1 1)
            :           (PKCS #1)
 135 05    0:         NULL
            :         }
 137 03  141:       BIT STRING 0 unused bits, encapsulates {
 141 30  137:           SEQUENCE {
 144 02  129:             INTEGER
            :               00 E0 89 73 39 8D D8 F5 F5 E8 87 76
            :               39 7F 4E B0 05 BB 53 83 DE 0F B7 AB
            :               DC 7D C7 75 29 0D 05 2E 6D 12 DF A6
            :               86 26 D4 D2 6F AA 58 29 FC 97 EC FA
            :               82 51 0F 30 80 BE B1 50 9E 46 44 F1
            :               2C BB D8 32 CF C6 68 6F 07 D9 B0 60
            :               AC BE EE 34 09 6A 13 F5 F7 05 05 93
            :               DF 5E BA 35 56 D9 61 FF 19 7F C9 81
            :               E6 F8 6C EA 87 40 70 EF AC 6D 2C 74
            :               9F 2D FA 55 3A B9 99 77 02 A6 48 52
            :               8C 4E F3 57 38 57 74 57 5F
 276 02    3:             INTEGER 65537
            :             }
            :           }
            :       }
 281 A3  129:     [3] {
 284 30  127:       SEQUENCE {
 286 30   12:         SEQUENCE {
 288 06    3:           OBJECT IDENTIFIER
            :             basicConstraints (2 5 29 19)
            :             (X.509 id-ce (2 5 29))
 293 01    1:           BOOLEAN TRUE
 296 04    2:           OCTET STRING, encapsulates {
 298 30    0:               SEQUENCE {}
            :               }
            :           }
 300 30   14:         SEQUENCE {
 302 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 307 01    1:           BOOLEAN TRUE
 310 04    4:           OCTET STRING, encapsulates {
 312 03    2:               BIT STRING 6 unused bits
            :                 '11'B
            :               }
            :           }
 316 30   31:         SEQUENCE {
 318 06    3:           OBJECT IDENTIFIER
            :             authorityKeyIdentifier (2 5 29 35)
            :             (X.509 id-ce (2 5 29))
 323 04   24:           OCTET STRING, encapsulates {
 325 30   22:               SEQUENCE {
 327 80   20:                 [0]
            :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
            :                   42 37 4E 22 AE 9E 38 BB
            :                 }
            :               }
            :           }
 349 30   29:         SEQUENCE {
 351 06    3:           OBJECT IDENTIFIER
            :             subjectKeyIdentifier (2 5 29 14)
            :             (X.509 id-ce (2 5 29))
 356 04   22:           OCTET STRING, encapsulates {
 358 04   20:               OCTET STRING
            :                 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D
            :                 CE EC 3C A0 3A E3 FF 50
            :               }
            :           }
 380 30   31:         SEQUENCE {
 382 06    3:           OBJECT IDENTIFIER subjectAltName (2 5 29 17)
            :             (X.509 id-ce (2 5 29))
 387 04   24:           OCTET STRING, encapsulates {
 389 30   22:               SEQUENCE {
 391 81   20:                 [1] 'AliceRSA@example.com'
            :                 }
            :               }
            :           }
            :         }
            :       }
            :     }
 413 30   13:   SEQUENCE {
 415 06    9:     OBJECT IDENTIFIER
            :       sha1withRSAEncryption (1 2 840 113549 1 1 5)
            :       (PKCS #1)
 426 05    0:     NULL
            :     }
 428 03  129:   BIT STRING 0 unused bits
            :     3E 70 47 A8 48 CC 13 58 8F CA 51 71
            :     6B 4E 36 18 5D 04 7E 80 B1 8D 4D CC
            :     CA A3 8F CC 7D 56 C8 BC CF 6E B3 1C
            :     59 A9 20 AA 05 81 A8 4E 25 AD A7 70
            :     14 75 2F F5 C7 9B D1 0E E9 63 D2 64
            :     B7 C6 66 6E 73 21 54 DF F4 BA 25 5D
            :     7D 49 D3 94 6B 22 36 74 73 B8 4A EC
            :     2F 64 ED D3 3D D2 A7 42 C5 E8 37 8A
            :     B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA
            :     F9 EE 63 6A D8 3F 4B 25 09 B5 D8 1A
            :     76 AE EB 9B DB 49 B0 22
            :   }

BobDHEncryptByCarl

BobRSASignByCarl =
   0 30  866:  551: SEQUENCE {
   4 30  800:  400:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02    2:   16:     INTEGER 201
  17
            :       46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :       CD 5D 71 D0
  31 30    9:   13:     SEQUENCE {
  19
  33 06    7:    9:       OBJECT IDENTIFIER dsaWithSha1
            :         sha1withRSAEncryption (1 2 840 10040 4 3) 113549 1 1 5)
            :         (ANSI X9.57 algorithm)         (PKCS #1)
  44 05    0:       NULL
            :       }
  28
  46 30   18:     SEQUENCE {
  30
  48 31   16:       SET {
  32
  50 30   14:         SEQUENCE {
  34
  52 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  39
  57 13    7:           PrintableString 'CarlDSS' 'CarlRSA'
            :           }
            :         }
            :       }
  48
  66 30   30:     SEQUENCE {
  50
  68 17   13:       UTCTime '990817011828Z'
  65 17 '990919010902Z'
  83 17   13:       UTCTime '391231235959Z'
            :       }
  80
  98 30   16:   17:     SEQUENCE {
  82
 100 31   14:   15:       SET {
  84
 102 30   12:   13:         SEQUENCE {
  86
 104 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  91
 109 13    5:    6:           PrintableString 'bobDH' 'BobRSA'
            :           }
            :         }
            :       }
  98
 117 30  578:  159:     SEQUENCE {
 102
 120 30  439:   13:       SEQUENCE {
 106
 122 06    7:    9:         OBJECT IDENTIFIER
            :           dhPublicKey           rsaEncryption (1 2 840 10046 2 113549 1 1 1)
            :           (ANSI X9.42 number type)
 115           (PKCS #1)
 133 05    0:         NULL
            :         }
 135 03  141:       BIT STRING 0 unused bits, encapsulates {
 139 30  426:  137:           SEQUENCE {
 119
 142 02  129:             INTEGER
            :               00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB
            :             23 4D DF 2B 25 C1 68 D2 9E A9 45 5B
            :             36 F1 94 89 1A AF 7D 11 24 9D 3D B9 E1 67 98 3F 39 D5 5F F2 A0 93
            :             3C 29 E8 D7 23 80 33               41 5E A6 9E 45 02 BB 79 89 85 C8 35 5D 9A 91 5B
            :             AA CC 9E 28 05 95 A0 B3               FB 1D 01 DA 19 70 26 17 76 C1 F7 0F BD A5 22
            :             25               D0 35 61 02 85 6D 7A 98 66 14 41 92 27 0C 5E AE 48 E5
            :             F3 6E 38 EF 91 D1 5C CF 37 FE 9A 40 97
            :             C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA B7
            :             74 3A               B7 C4 93 B5 B9 BB 76 6C 1F A8 08 3B 09 C9 91 B8 19 69 37 6D F9
            :             7E BC 3A AA 43 0A 81 64 FC 63 F0               65 1E 7B
            :             71 98 FA C0 38 79 10 1A D9 A9 33
 251 02  129:           INTEGER 24 A3 7F 3B BB AF
            :             00 BA 0B D7 74 3D E7               46 01 86 36 34 E5 4C 13 A7 32 CB 07 03 59 52 FC
            :             95 96 BB F1 E4 61 37               85 8B 31 04 B8 CC 18 08 FB 12 C7 FB
            :             9C 91 77 06 99 35 F0 14 48 24 96 33 12
            :             01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5 E6 4F
            :             5E 95 86 A2 73 C5 49 46 37 79               1C FB 5D 60 FD C4 E0 5C 1F 53 D3 7F 53
            :             77               D8 69 01 F1 05 09 48 9B F8 7A 70 8D 3C 05 F6 CE 44
            :             2C 7F 7D 1B 2B 15 DD F3 05 2F D1 BE 85
            :             20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
            :             42 62 34 27 27 81 8E 6F 0F 5E 62 85
            :             89 CC ED 21 C3 91 70 06 54 EE 70 A8 83 C6
            :             92 55 5B 6E 19 22 4D 62               5F 38 CF 1C 2C AA 6A A7
 383 EB
 274 02   33:    3:             INTEGER 65537
            :             00 C3 AB 4A 30 79 B3 D3 97 4E CA F5             }
            :             A2 7D C7 70           }
            :       }
 279 A3 45 F3 B3 A2 86 05 D2  127:     [3] {
 281 30  125:       SEQUENCE {
 283 30   12:         SEQUENCE {
 285 06    3:           OBJECT IDENTIFIER
            :             3E 49 F9 9F D9 0A B3 BE BD
 418 02   97:           INTEGER             basicConstraints (2 5 29 19)
            :             01 34 FE C2 33 48 EB F6 3B 97 D9 E4
            :             97 A7 60 A5 25 69 34 FB FD 46 2A D6
            :             C9 C4 C5 F7 D6 F4 04 19 8D 94 D9 8A
            :             37 68 69 67 55 FB F2 6B 0E 47 C5 5B
            :             0B 4B 0E 1C 1A 8B 7B 75 B7 AA C3 AA
            :             D7 EB 3B DA 2A 8D 02 87 37 47 83 D7
            :             31 B4 25 A8 AC BB 11 88 53 1C 11 92
            :             B6 69 E7 2E 90 C1 7A FC 87 F4 F6 D7
            :             1A
 517 30   26:           SEQUENCE {
 519 03   21:             BIT STRING 0 unused bits
            :               B9 FF 1C 93 44 67 37 D1 B2 F8 57 9A
            :               32 4A C9 4A FF 3B EC 1E
 542 02    1:             INTEGER 29
            :             }
            :           }
            :         }
 545 03  132:       BIT STRING 0 unused bits, encapsulates {
 549 02  128:           INTEGER
            :             6F D4 F6 CD 94 9A 6E AF 5B 57 17 96
            :             75 BB 0F B9 48 E9 90 37 0D 15 20 C2
            :             55 1E 13 E2 AE 71 17 84 C3 0E 74 AE
            :             8A 55 7F 28 7D 8B D7 28 22 9C 76 46
            :             D7 3B 4F 9D D1 4D 1B B2 DB 51 94 C5
            :             6D 54 96 40 38 8A 38 81 63 4A 8C C3
            :             1E 09 89 74 A6 58 D5 C8 5A 3D CF BB
            :             B8 23 7F 9C 1F 7D 78 FA 9E F9 90 9E
            :             91 E7 4B C2 A4 BE 45 06 78 42 58 3D
            :             9F 63 2C EF 84 D4 67 E5 FB C6 6D A2
            :             36 29 67 90 46 DB 4E 48
            :           }
            :       }
 680 A3  126:     [3] {
 682 30  124:       SEQUENCE {
 684 30   12:         SEQUENCE {
 686 06    3:           OBJECT IDENTIFIER
            :             basicConstraints (2 5 29 19)
            :             (X.509 id-ce (2 5 29))
 691             (X.509 id-ce (2 5 29))
 290 01    1:           BOOLEAN TRUE
 694
 293 04    2:           OCTET STRING, encapsulates {
 696
 295 30    0:               SEQUENCE {}
            :               }
            :           }
 698
 297 30   14:         SEQUENCE {
 700
 299 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 705
 304 01    1:           BOOLEAN TRUE
 708
 307 04    4:           OCTET STRING, encapsulates {
 710
 309 03    2:               BIT STRING 3 5 unused bits
            :                 '10000'B                 '100'B (bit 4) 2)
            :               }
            :           }
 714
 313 30   31:         SEQUENCE {
 716
 315 06    3:           OBJECT IDENTIFIER
            :             authorityKeyIdentifier (2 5 29 35)
            :             (X.509 id-ce (2 5 29))
 721
 320 04   24:           OCTET STRING, encapsulates {
 723
 322 30   22:               SEQUENCE {
 725
 324 80   20:                 [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A                   E9 E0 90 27 AC 78 20 7A 9A D3 75 E3 4C F2
            :                   3D 20 BC 43 2B 93 F1 1F                   42 37 4E 22 AE 9E 38 BB
            :                 }
            :               }
            :           }
 747
 346 30   29:         SEQUENCE {
 749
 348 06    3:           OBJECT IDENTIFIER
            :             subjectKeyIdentifier (2 5 29 14)
            :             (X.509 id-ce (2 5 29))
 754
 353 04   22:           OCTET STRING, encapsulates {
 756
 355 04   20:               OCTET STRING
            :                 26 FF 19 48 C3 59 33 68 56 8D 7E C8                 E8 F4 B8 67 D8 B3 96 A4 2A F3 11 AA
            :                 80 68 5C CF 3C 72 DD 26                 29 D3 95 5A 86 16 B4 24
            :               }
            :           }
 778
 377 30   28:   29:         SEQUENCE {
 780
 379 06    3:           OBJECT IDENTIFIER subjectAltName (2 5 29 17)
            :             (X.509 id-ce (2 5 29))
 785
 384 04   21:   22:           OCTET STRING, encapsulates {
 787
 386 30   19:   20:               SEQUENCE {
 789
 388 81   17:   18:                 [1] 'BobDH@example.com' 'BobRSA@example.com'
            :                 }
            :               }
            :           }
            :         }
            :       }
            :     }
 808
 408 30    9:   13:   SEQUENCE {
 810
 410 06    7:    9:     OBJECT IDENTIFIER dsaWithSha1
            :       sha1withRSAEncryption (1 2 840 10040 4 3) 113549 1 1 5)
            :       (ANSI X9.57 algorithm)       (PKCS #1)
 421 05    0:     NULL
            :     }
 819
 423 03   49:  129:   BIT STRING 0 unused bits, encapsulates {
 822 30   46:       SEQUENCE {
 824 02   21:         INTEGER
            :           00 B1 F8 A7 78 77 FE 29 90 A0 46 C3 bits
            :           09 23 D1 F5 28 BB C7 17 B6
 847 02   21:         INTEGER
            :           00     7B 8E 66 C5 F1 10 3F 10 20 4C 88 09 1B 8F FD FC EC 09 71
            :     AB 7B 40 6B 21 33 FA 4A 95 DE 9D 0E
            :     5B 06 1B 6B 94 21 05 C0 F2 E1 7E 2A CD 9C
            :     93 88 87 FB 8B B7 7E 7D 41 61 E1 E4
            :     D6 6D F9 E2 04 55 61 45 BC 64 27 44
            :     C0 A1 BD 59 79 D9 1D 64 3C 21 D6 45
            :     B0 5D 68 33 92 EA AC F1 57 E5 81 7D
            :     98 E6 35 91 A3 39 DE 77 F4 E8 1C 3B
            :     29 DC 7F 51 07 97 F3 36 F0 50 D4 8C D1 63 4D 91 4C 0A DD
            :         }     9B DE B6 5E 38 11 2B FB 57 EA 89 6D
            :       }     AD C9 88 D8 8F CF 2B D3
            :   }

BobRSASignByCarl

CarlDSSSelf =
   0 30  551:  667: SEQUENCE {
   4 30  400:  602:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02   16:    1:     INTEGER
            :       46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :       CD 5D 71 D0
  31 1
  16 30   13:    9:     SEQUENCE {
  33
  18 06    9:    7:       OBJECT IDENTIFIER
            :         sha1withRSAEncryption dsaWithSha1 (1 2 840 113549 1 1 5) 10040 4 3)
            :         (PKCS #1)
  44 05    0:       NULL         (ANSI X9.57 algorithm)
            :       }
  46
  27 30   18:     SEQUENCE {
  48
  29 31   16:       SET {
  50
  31 30   14:         SEQUENCE {
  52
  33 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  57
  38 13    7:           PrintableString 'CarlRSA' 'CarlDSS'
            :           }
            :         }
            :       }
  66
  47 30   30:     SEQUENCE {
  68
  49 17   13:       UTCTime '990919010902Z'
  83 '990816225050Z'
  64 17   13:       UTCTime '391231235959Z'
            :       }
  98
  79 30   17:   18:     SEQUENCE {
 100
  81 31   15:   16:       SET {
 102
  83 30   13:   14:         SEQUENCE {
 104
  85 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
 109
  90 13    6:    7:           PrintableString 'BobRSA' 'CarlDSS'
            :           }
            :         }
            :       }
 117
  99 30  159:  439:     SEQUENCE {
 120
 103 30   13:  299:       SEQUENCE {
 122
 107 06    9:    7:         OBJECT IDENTIFIER
            :           rsaEncryption dsa (1 2 840 113549 1 1 10040 4 1)
            :           (PKCS #1)
 133 05    0:         NULL
            :         }
 135 03  141:       BIT STRING 0 unused bits, encapsulates {
 139           (ANSI X9.57 algorithm)
 116 30  137:  286:         SEQUENCE {
 142
 120 02  129:           INTEGER
            :             00 A9 E1 67 98 3F 39 D5 5F F2 A0 93 B6 49 18 3E 8A 44 C1 29 71 94 4C
            :               41 5E A6             01 C4 12 C1 7A 79 89 85 C8 35 5D 9A 91 5B CB 54 4D AB 1E 81
            :             FB 1D C6 4C B3 0E 94 09 06 EB 01 D4 B1
            :             C8 71 4B C7 45 C0 50 25 5D 9C FC DA 19 70 26 17 0F BD A5 22
            :               D0 35 85             E4 6D 7A 98 66 14 41 5C CF B7 D3 E2 86 48 84 82 7D BA 15 95
            :               B7 08 3B 09 C9 91 B8 19 69 37 6D F9             4A 16 F6 46 ED DD F6 98 D2 BB 7E 8A
            :               65 1E             0A 8A BA 16 7B D9 B9 50 01 48 93 8B EB
            :             25 15 51 97 55 DC 8F 53 0E 10 A9 33 24 A3 7F 3B BB AF 50
            :               46 01 86 36 34 32 CB 07 03 59 52             FC 70 B7 CD 30 54 FD DA DE A8 AA 22
            :               85             B5 A1 AF 8B 31 04 B8 CC 18 02 88 E7 8B 70 5F B9
            :             AD E1 08 14 48 E6 4F D4 6D 29 2D D6 E9
 252 02   21:           INTEGER
            :               1C FB 5D 60 C4 E0 5C 1F             00 DD C1 2F DF 53 D3 CE 0B 34 60 77 3E
            :             02 A4 BF 8A 5D 98 B9 10 D5
 275 02  128:           INTEGER
            :             0C EE 57 9B 4B BD DA B6 07 6A 74 37
            :             4F 55 7F 53 9D ED BC 61 0D EB 46 59 3C
            :               D8             56 0B 2B 5B 0C 91 CE A5 62 52 69 01 F1 05 F8 7A 70 D1 BE 83 C6 CA
            :               5F 38 CF             E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
            :             AD CB AE 45 E3 06 AC 8C 22 9D 9C 44
            :             87 0B C7 CD F0 1C 2C D9 B5 4E 5D 73 DE
            :             AF 0E C9 1D 5A 51 F5 4F 44 79 35 5A
            :             73 AA 6A A7 7F 46 51 1F A9 42 16 9C 48 EB
 274
            :             8A 79 61 B4 D5 2F 53 22 44 63 1F 86
            :             B8 A3 58 06 25 F8 29 C0 EF BA E0 75
            :             F0 42 C4 63 65 52 9B 0A
            :           }
            :         }
 406 03  133:       BIT STRING 0 unused bits, encapsulates {
 410 02    3:  129:           INTEGER 65537
            :             }             00 99 87 74 27 03 66 A0 B1 C0 AD DC
            :             2C 75 BB E1 6C 44 9C DA 21 6D 4D 47
            :             6D B1 62 09 E9 D8 AE 1E F2 3A B4 94
            :             B1 A3 8E 7A 9B 71 4E 00 94 C9 B4 25
            :             4E B9 60 96 19 24 01 F3 62 0C FE 75
            :             C0 FB CE D8 68 00 E3 FD D5 70 4F DF
            :             23 96 19 06 94 F4 B1 61 8F 3A 57 B1
            :             08 11 A4 0B 26 25 F0 52 76 81 EA 0B
            :             62 0D 95 2A E6 86 BA 72 B2 A7 50 83
            :             0B AA 27 CD 1B A9 4D 89 9A D7 8D 18
            :             39 84 3F 8B C5 56 4D 80 7A
            :           }
            :       }
 279
 542 A3  127:   66:     [3] {
 281
 544 30  125:   64:       SEQUENCE {
 283
 546 30   12:   15:         SEQUENCE {
 285
 548 06    3:           OBJECT IDENTIFIER
            :             basicConstraints (2 5 29 19)
            :             (X.509 id-ce (2 5 29))
 290
 553 01    1:           BOOLEAN TRUE
 293
 556 04    2:    5:           OCTET STRING, encapsulates {
 295
 558 30    0:    3:               SEQUENCE {} {
 560 01    1:                 BOOLEAN TRUE
            :                 }
            :               }
 297
            :           }
 563 30   14:         SEQUENCE {
 299
 565 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 304
 570 01    1:           BOOLEAN TRUE
 307
 573 04    4:           OCTET STRING, encapsulates {
 309
 575 03    2:               BIT STRING 5 1 unused bits
            :                 '100'B (bit 2)                 '1100001'B
            :               }
            :           }
 313
 579 30   31:   29:         SEQUENCE {
 315
 581 06    3:           OBJECT IDENTIFIER
            :             authorityKeyIdentifier             subjectKeyIdentifier (2 5 29 35) 14)
            :             (X.509 id-ce (2 5 29))
 320
 586 04   24:   22:           OCTET STRING, encapsulates {
 322 30   22:               SEQUENCE {
 324 80
 588 04   20:                 [0]               OCTET STRING
            :                   E9 E0 90 27 AC 78 20 7A 9A                 70 44 3E 82 2E 6F 87 DE 4A D3 4C F2 75 E3
            :                   42 37 4E 22 AE 9E 38 BB                 3D 20 BC 43 2B 93 F1 1F
            :               }
            :           }
            :         }
 346
            :       }
            :     }
 610 30   29:    9:   SEQUENCE {
 348
 612 06    3:    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :             subjectKeyIdentifier (2 5 29 14)       (ANSI X9.57 algorithm)
            :             (X.509 id-ce (2 5 29))
 353 04   22:           OCTET STRING,     }
 621 03   48:   BIT STRING 0 unused bits, encapsulates {
 355 04
 624 30   45:       SEQUENCE {
 626 02   20:               OCTET STRING         INTEGER
            :                 E8 F4 B8 67 D8 B3 96 A4 2A F3 11 AA
            :                 29 D3 95           6B A9 F0 4E 7A 5A 86 16 B4 24
            :               }
            :           }
 377 30   29:         SEQUENCE {
 379 06    3:           OBJECT IDENTIFIER subjectAltName (2 5 29 17)
            :             (X.509 id-ce (2 5 29))
 384 04   22:           OCTET STRING, encapsulates {
 386 30   20:               SEQUENCE {
 388 81   18:                 [1] 'BobRSA@example.com'
            :                 }
            :               }
            :           }
            :         }
            :       } 79 E3 F9 BE 3D 2B
            :     }
 408 30   13:   SEQUENCE {
 410           C9 06    9:     OBJECT IDENTIFIER
            :       sha1withRSAEncryption (1 2 840 113549 1 1 5)
            :       (PKCS #1)
 421 05    0:     NULL
            :     }
 423 03  129:   BIT STRING 0 unused bits
            :     7B 8E 66 C5 F1 10 3F 10 20 4C 88 71
            :     AB 7B 40 6B 21 33 FA 4A 95 DE 9D 0E 37 E9 11 17 A1 13
 648 02   21:         INTEGER
            :     5B 6B 94 21 05 C0 F2 E1 7E           00 8F 34 69 2A CD 9C
            :     93 88 87 FB 8B B7 7E 7D 41 61 E1 E4
            :     D6 6D F9 E2 04 55 61 45 BC 64 27 44
            :     C0 A1 BD 59 79 D9 1D 64 B1 3C 21 D6 45
            :     B0 5D 68 33 92 EA AC F1 57 E5 81 7D 03 79 94 32
            :     98 E6 35 91 A3 39 DE 77 F4 E8 1C           4D 12 1F CE 89 FB 46 B2 3B
            :     29 DC 7F 51 07 97 F3 36 F0 50 0A DD
            :     9B DE B6 5E 38 11 2B FB 57 EA 89 6D         }
            :     AD C9 88 D8 8F CF 2B D3       }
            :   }

CarlDSSSelf

CarlRSASelf =
   0 30  667:  491: SEQUENCE {
   4 30  602:  340:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02    1:   16:     INTEGER 1
  16
            :       46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :       9F F2 50 20
  31 30    9:   13:     SEQUENCE {
  18
  33 06    7:    9:       OBJECT IDENTIFIER dsaWithSha1
            :         sha1withRSAEncryption (1 2 840 10040 4 3) 113549 1 1 5)
            :         (ANSI X9.57 algorithm)         (PKCS #1)
  44 05    0:       NULL
            :       }
  27
  46 30   18:     SEQUENCE {
  29
  48 31   16:       SET {
  31
  50 30   14:         SEQUENCE {
  33
  52 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  38
  57 13    7:           PrintableString 'CarlDSS' 'CarlRSA'
            :           }
            :         }
            :       }
  47
  66 30   30:     SEQUENCE {
  49
  68 17   13:       UTCTime '990816225050Z'
  64 '990818070000Z'
  83 17   13:       UTCTime '391231235959Z'
            :       }
  79
  98 30   18:     SEQUENCE {
  81
 100 31   16:       SET {
  83
 102 30   14:         SEQUENCE {
  85
 104 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  90
 109 13    7:           PrintableString 'CarlDSS' 'CarlRSA'
            :           }
            :         }
            :       }
  99
 118 30  439:  159:     SEQUENCE {
 103
 121 30  299:   13:       SEQUENCE {
 107
 123 06    7:    9:         OBJECT IDENTIFIER dsa
            :           rsaEncryption (1 2 840 10040 4 113549 1 1 1)
            :           (ANSI X9.57 algorithm)
 116           (PKCS #1)
 134 05    0:         NULL
            :         }
 136 03  141:       BIT STRING 0 unused bits, encapsulates {
 140 30  286:  137:           SEQUENCE {
 120
 143 02  129:             INTEGER
            :               00 B6 49 E4 4B FF 18 3E 8A 44 C1 29 71 94 4C B8 24 57 F4 77 FF 6E
            :             01 C4 12 C1 7A 79 CB 54 4D AB 1E 81               73 7B 93 71 5C BC 33 1A 92 92 72 23
            :             FB C6 4C               D8 41 46 D0 CD 11 3A 04 B3 0E 94 09 06 EB 01 D4 B1
            :             C8 71 4B C7 45 C0 50 25 5D 9C FC DA 8E AF 82
            :             E4 6D D3 E2               9D BD 51 1E 17 7A F2 76 2C 2B 86 48 84 82 7D BA 15 95 39
            :             4A 16 F6 46 ED DD F6 98 D2 BB 7E 8A               A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC
            :             0A 8A BA 16 7B B9               A2 36 B1 ED E2 50 01 48 93 8B EB E2 32 09 8A 3F 9F
            :               99 25 15 51 97 55 DC 8F 53 0E 10 A9 50
            :             FC 70 B7 CD 30 54 FD DA DE A8 AA 22
            :             B5 A1 AF 8B CC 02 88 E7 8B 70 5F B9
            :             AD E1 08 D4 6D 29 2D D6 E9
 252 02   21:           INTEGER
            :             00 DD C1 2F DF 53 CE 0B 34 60 77 3E
            :             02 A4 BF 8A 5D 98 B8 4E AB B9 10 7D D5
 275 02  128:           INTEGER
            :             0C EE 57 9B 4B BD 96 65 DA B6 07 6A 74 37
            :             4F 55 7F 9D ED BC 61 0D EB 46 59 3C
            :             56 0B 2B               16 A0 C5 BE 0E AE 44 5B 0C 91 CE A5 62 52 69 CA
            :             E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C EF 5E F4 A7
            :             AD               29 CB AE 45 E3 06 82 DD AC 8C 22 9D 9C 44
            :             87 0B C7 CD F0 1C D9 B5 4E 5D 73 DE
            :             AF 0E C9 1D 5A 51 F5 4F 44 79 35 5A
            :             73 E9 AA 7F 46 51 1F A9 42 16 9C 48 EB
            :             8A 79 61 B4 D5 2F 53 22 44 63 1F 86
            :             B8 A3 58 06 25 F8 93 94 29 C0 EF BA E0 75 0E
            :             F0 42               F8 18 D6 C8 57 5E F2 76 C4 63 65 52 9B 0A
            :           }
            :         }
 406 03  133:       BIT STRING 0 unused bits, encapsulates {
 410 02  129:           INTEGER
            :             00 99 87 74 27 03 66 A0 B1 C0 AD DC
            :             2C 75 BB E1 6C 44 9C DA 21 6D 4D 47
            :             6D B1 62 09 E9 D8 AE 1E F2 3A B4 94
            :             B1 A3 8E 7A 9B 71 4E 00 94 C9 B4 25
            :             4E B9 60 96 19 24 01 F3 62 0C FE 75
            :             C0 FB CE D8 68 00 E3 FD D5 70 4F DF
            :             23 96 19 06 94 F4 B1 61 8F 3A 57 B1
            :             08 11 A4 0B 26 25 F0 52 76 81 EA 0B
            :             62 0D 95 2A E6 86 BA 72 B2 A7 50 83 60
            :             0B AA 27 CD               38 B9 1B A9 4D 89 9A D7 8D 18 3C 1D 97 C9 6A F1
 275 02    3:             INTEGER 65537
            :             39 84 3F 8B C5 56 4D 80 7A             }
            :           }
            :       }
 542
 280 A3   66:     [3] {
 544
 282 30   64:       SEQUENCE {
 546
 284 30   15:         SEQUENCE {
 548
 286 06    3:           OBJECT IDENTIFIER
            :             basicConstraints (2 5 29 19)
            :             (X.509 id-ce (2 5 29))
 553
 291 01    1:           BOOLEAN TRUE
 556
 294 04    5:           OCTET STRING, encapsulates {
 558
 296 30    3:               SEQUENCE {
 560
 298 01    1:                 BOOLEAN TRUE
            :                 }
            :               }
            :           }
 563
 301 30   14:         SEQUENCE {
 565
 303 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 570
 308 01    1:           BOOLEAN TRUE
 573
 311 04    4:           OCTET STRING, encapsulates {
 575
 313 03    2:               BIT STRING 1 unused bits
            :                 '1100001'B
            :               }
            :           }
 579
 317 30   29:         SEQUENCE {
 581
 319 06    3:           OBJECT IDENTIFIER
            :             subjectKeyIdentifier (2 5 29 14)
            :             (X.509 id-ce (2 5 29))
 586
 324 04   22:           OCTET STRING, encapsulates {
 588
 326 04   20:               OCTET STRING
            :                 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                 3D                 E9 E0 90 27 AC 78 20 BC 43 2B 93 F1 1F 7A 9A D3 4C F2
            :                 42 37 4E 22 AE 9E 38 BB
            :               }
            :           }
            :         }
            :       }
            :     }
 610
 348 30    9:   13:   SEQUENCE {
 612
 350 06    7:    9:     OBJECT IDENTIFIER dsaWithSha1
            :       sha1withRSAEncryption (1 2 840 10040 4 3) 113549 1 1 5)
            :       (ANSI X9.57 algorithm)       (PKCS #1)
 361 05    0:     NULL
            :     }
 621
 363 03   48:  129:   BIT STRING 0 unused bits, encapsulates {
 624 30   45:       SEQUENCE {
 626 02   20:         INTEGER bits
            :           6B A9     B7 9E D4 04 D3 ED 29 E4 FF 89 89 15
            :     2E 4C DB 0C F0 4E 7A 5A 79 E3 F9 BE 3D 2B 48 0F 32 61 EE C4 04
            :           C9 06     EC 12 5D 2D FF 0F 64 59 7E 0A C3 ED
            :     18 FD E3 56 40 37 E9 11 17 A1 13
 648 02   21:         INTEGER A7 07 B5 F0 38 12
            :           00 8F 34 69 2A 8B B1     61 50 ED EF DD 3F E3 0B B8 61 A5 A4
            :     9B 3C 03 79 94 32 E6 9E 9C 54 9A B6 95 D6 DA 6C
            :           4D 12 1F CE 89 FB 46 B2     3B B5 2D 45 35 9D 49 01 76 FA B9 B9
            :         }     31 F9 F9 6B 12 53 A0 F5 14 60 9B 7D
            :       }     CA 3E F2 53 6B B0 37 6F AD E6 74 D7
            :     DB FA 5A EA 14 41 63 5D CD BE C8 0E
            :     C1 DA 6A 8D 53 34 18 02
            :   }

CarlRSASelf

DianeDSSSignByCarlInherit =
   0 30  491:  440: SEQUENCE {
   4 30  340:  375:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02   16:    2:     INTEGER
            :       46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :       9F F2 50 20
  31 210
  17 30   13:    9:     SEQUENCE {
  33
  19 06    9:    7:       OBJECT IDENTIFIER
            :         sha1withRSAEncryption dsaWithSha1 (1 2 840 113549 1 1 5) 10040 4 3)
            :         (PKCS #1)
  44 05    0:       NULL         (ANSI X9.57 algorithm)
            :       }
  46
  28 30   18:     SEQUENCE {
  48
  30 31   16:       SET {
  50
  32 30   14:         SEQUENCE {
  52
  34 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  57
  39 13    7:           PrintableString 'CarlRSA' 'CarlDSS'
            :           }
            :         }
            :       }
  66
  48 30   30:     SEQUENCE {
  68
  50 17   13:       UTCTime '990818070000Z'
  83 '990817020810Z'
  65 17   13:       UTCTime '391231235959Z'
            :       }
  98
  80 30   18:   19:     SEQUENCE {
 100
  82 31   16:   17:       SET {
 102
  84 30   14:   15:         SEQUENCE {
 104
  86 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
 109
  91 13    7:    8:           PrintableString 'CarlRSA' 'DianeDSS'
            :           }
            :         }
            :       }
 118
 101 30  159:  147:     SEQUENCE {
 121
 104 30   13:    9:       SEQUENCE {
 123
 106 06    9:    7:         OBJECT IDENTIFIER
            :           rsaEncryption dsa (1 2 840 113549 1 1 10040 4 1)
            :           (PKCS #1)
 134 05    0:         NULL           (ANSI X9.57 algorithm)
            :         }
 136
 115 03  141:  133:       BIT STRING 0 unused bits, encapsulates {
 140 30  137:           SEQUENCE {
 143
 119 02  129:           INTEGER
            :             00 E4 4B FF 18 B8 24 57 F4 77 FF 6E A0 00 17 78 2C EE 7E 81 53 2E 2E
            :               73 7B 93 71 5C BC 33             61 08 0F A1 9B 51 52 1A 92 92 72 23
            :               D8 41 46 D0 CD 11 3A 04 B3 8E AF 82 DA 59 A8 73
            :               9D BD 51 1E 17 7A F2             2F 12 25 B6 08 CB CA EF 2A 44 76 2C 2B 86 39 8A
            :               A7             52 09 EA BD D7 8D 1A 53 EC E4 00 05 22 D5 E8 EC 0F F6 FD 46 D7
            :               A2 36 B1 ED E2 50 E2 32             AF 99 38 09 8A 3F 9F 0E 13 CB 4F 2C DD 1C 34
            :               99             F7 1C BF 25 8F B8 4E AB B9 7D D5 96 65 DA FF 23 D3 3B 59 E7 82 97
            :               16 A0 C5             37 BE 0E AE 44 5B EF 5E F4 A7
            :               29 CB 82 DD AC 44 E9 AA 93 94 29 0E
            :               F8 31 24 D8 18 D6 C8 57 5E F2 76 C4 F2 11 60 F3 49 39 5B B7
            :               38 B9 1B 3C 1D 97             E2 E5 27 7E FC 8C 45 72 5B 7E 3E 8F
            :             68 4D DD 46 7A 22 BE 8E FF CC DA 39
            :             29 A3 39 E5 9F 43 E9 55 C9 6A F1
 275 02    3:             INTEGER 65537 D7 5B A6
            :             }             81 67 CC C0 AA CD 2E C5 23
            :           }
            :       }
 280
 251 A3   66:  129:     [3] {
 282
 254 30   64:  127:       SEQUENCE {
 284
 256 30   15:   12:         SEQUENCE {
 286
 258 06    3:           OBJECT IDENTIFIER
            :             basicConstraints (2 5 29 19)
            :             (X.509 id-ce (2 5 29))
 291
 263 01    1:           BOOLEAN TRUE
 294
 266 04    5:    2:           OCTET STRING, encapsulates {
 296
 268 30    3:    0:               SEQUENCE {
 298 01    1:                 BOOLEAN TRUE
            :                 } {}
            :               }
            :           }
 301
 270 30   14:         SEQUENCE {
 303
 272 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 308
 277 01    1:           BOOLEAN TRUE
 311
 280 04    4:           OCTET STRING, encapsulates {
 313
 282 03    2:               BIT STRING 1 6 unused bits
            :                 '1100001'B                 '11'B
            :               }
            :           }
 317
 286 30   29:   31:         SEQUENCE {
 319
 288 06    3:           OBJECT IDENTIFIER
            :             subjectKeyIdentifier             authorityKeyIdentifier (2 5 29 14) 35)
            :             (X.509 id-ce (2 5 29))
 324
 293 04   22:   24:           OCTET STRING, encapsulates {
 326 04
 295 30   22:               SEQUENCE {
 297 80   20:               OCTET STRING                 [0]
            :                 E9 E0 90 27 AC 78 20 7A 9A                   70 44 3E 82 2E 6F 87 DE 4A D3 4C F2
            :                 42 37 4E 22 AE 9E 38 BB
            :               } 75 E3
            :           }                   3D 20 BC 43 2B 93 F1 1F
            :                 }
            :               }
            :           }
 348
 319 30   13:   29:         SEQUENCE {
 350
 321 06    9:    3:           OBJECT IDENTIFIER
            :       sha1withRSAEncryption (1 2 840 113549 1 1 5)
            :       (PKCS #1)
 361 05    0:     NULL
            :     }
 363 03  129:   BIT STRING 0 unused bits
            :     B7 9E D4 04 D3 ED             subjectKeyIdentifier (2 5 29 E4 FF 89 89 15 14)
            :     2E 4C DB 0C F0 48 0F 32 61 EE C4             (X.509 id-ce (2 5 29))
 326 04   22:           OCTET STRING, encapsulates {
 328 04   20:               OCTET STRING
            :     EC 12 5D 2D FF 0F                 64 59 7E 0A C3 ED
            :     18 FD E3 56 40 37 A7 07 B5 F0 38 12 30 99 7D 5C DC 45 0B 99 3A 52 2F
            :     61                 16 BF 58 50 ED EF DD 3F E3 0B B8 61 A5 A4
            :     9B 3C E6 9E 9C 54 9A B6 95 D6 DA 6C
            :     3B B5 2D 45 35 9D 49 01 76 FA B9 B9
            :     31 F9 F9 6B 12 53 A0 F5 14 60 9B 7D
            :     CA 3E F2 53 6B B0 37 6F AD E6 74 D7
            :     DB FA 5A EA 14 41 63 5D CD BE C8 0E
            :     C1 DA 6A 8D 53 34 CE 2B 18 02
            :               }

DianeDHEncryptByCarl =
   0
            :           }
 350 30  869:   31:         SEQUENCE {
   4
 352 06    3:           OBJECT IDENTIFIER subjectAltName (2 5 29 17)
            :             (X.509 id-ce (2 5 29))
 357 04   24:           OCTET STRING, encapsulates {
 359 30  804:   22:               SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
 361 81   20:                 [1] 'DianeDSS@example.com'
            :                 }
  13 02    2:     INTEGER 211
  17
            :               }
            :           }
            :         }
            :       }
            :     }
 383 30    9:   SEQUENCE {
  19
 385 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :       (ANSI X9.57 algorithm)
            :     }
  28 30   18:     SEQUENCE {
  30 31   16:       SET
 394 03   48:   BIT STRING 0 unused bits, encapsulates {
  32
 397 30   14:   45:       SEQUENCE {
  34 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
 399 02   21:         INTEGER
            :             (X.520 id-at           00 A1 1A F8 17 0E 3E 5D A8 8C F4 B6
            :           55 33 1E 4B E3 2C AC B9 5F
 422 02   20:         INTEGER
            :           28 4B 10 45 58 D2 1C 9D 55 35 14 18
            :           91 B2 3F 39 DF B5 6E D3
            :         }
            :       }
            :   }

DianeRSASignByCarl =
   0 30  556: SEQUENCE {
   4 30  405:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02   16:     INTEGER
            :       46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :       D5 9A 30 90
  31 30   13:     SEQUENCE {
  33 06    9:       OBJECT IDENTIFIER
            :         sha1withRSAEncryption (1 2 840 113549 1 1 5)
            :         (PKCS #1)
  44 05    0:       NULL
            :       }
  46 30   18:     SEQUENCE {
  48 31   16:       SET {
  50 30   14:         SEQUENCE {
  52 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  39
  57 13    7:           PrintableString 'CarlDSS' 'CarlRSA'
            :           }
            :         }
            :       }
  48
  66 30   30:     SEQUENCE {
  50
  68 17   13:       UTCTime '990817021657Z'
  65 '990819070000Z'
  83 17   13:       UTCTime '391231235959Z'
            :       }
  80
  98 30   18:   19:     SEQUENCE {
  82
 100 31   16:   17:       SET {
  84
 102 30   14:   15:         SEQUENCE {
  86
 104 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  91
 109 13    7:    8:           PrintableString 'DianeDH' 'DianeRSA'
            :           }
            :         }
            :       }
 100
 119 30  577:  159:     SEQUENCE {
 104
 122 30  438:   13:       SEQUENCE {
 108
 124 06    7:    9:         OBJECT IDENTIFIER
            :           dhPublicKey           rsaEncryption (1 2 840 10046 2 113549 1 1 1)
            :           (ANSI X9.42 number type)
 117           (PKCS #1)
 135 05    0:         NULL
            :         }
 137 03  141:       BIT STRING 0 unused bits, encapsulates {
 141 30  425:  137:           SEQUENCE {
 121
 144 02  129:             INTEGER
            :               00 CA 6E 91 C2 B0 BD A8 58 F2 31 21 D6 FD B8 C0 70 C6 4C 25 EC EA CF
            :             74               EA 7C BB 1F E4 10 BD D0 93 A2 7E 61 E1 62 FA F0 E6 32 3A 53 FF
            :             3D BA 23 04 16               B1 92 5A 17 F4 20 E1 99 24 82 0A D0 66 39 BD 3B CD 05
            :             74 48               F6 7C FB 44 CA 8B 27 06 F1 7E 26 03
            :               A9 76 9D CF EC A0 2C 70 95 F4 05 63 6D 2E BF 96 F2 83 42
            :             9A               F6 D4 B7 FF 97 FF 39 28 0A BB 63 DB 4D A4 71 F8 BF 4A 4C 19 3F
            :             D8 94 9A B4 F2 8A 3D 9F               07 DB A0 C1 60 1E B7 5D 8D CA 7E 67 F7 DE B1
            :             E2 AF B5 0F CF 05 65 82 68 6E 43 D2               C3 60 49 AC 45 D7 F8 C6 EF 08 37 21
            :             F4 04 5F 03 8B F9 50 F5 C8 6C 05 26               93 47 EE F0 73 35 72 B0 02 C4 F3 11
            :             BC BF 36 0F 5C               C3 51 6A 67 E8 75 32
            :             66 78 91 63 E8 FE 34 E7 19 B6 70 6C 5E 47 E5 0A B7 83 F1 DB 74 69 64
            :             78 38 36 82 D2 34 36 C2 DF
 253               8B 44 1D 95 5D CD 28 C0 85
 276 02  128:    3:             INTEGER 65537
            :             6E D6 76 36 4B E4 59 07 57 5F 18 9A             }
            :             10 D2 31 5C A6 10 B0 26 96 42 4D 7C           }
            :       }
 281 A3 A1 D3 9E A5 80 B2 1F 37 11 49 7C
            :             8A 99 D8 56 3F 93 51 ED 6E 54 FB 6E
            :             DB B2 FC 34 C0 E7 CA 1E 58 2B D5 3D
            :             3B DC AE 71 21 D9 3B 56 B8 A7 F6 4D
            :             22 52 5F 41 BA D5 1E 82 69 6C DD 70
            :             71 CC 6C 3B EF 84 A9 71 8B A9 3B 2A
            :             09 F8 BD FD CB 51 BC 2E 2E CA 3E 30
            :             8C FA 54 9E 7D 0D 03 E2 DF 63 62 6D
            :             F3 50 82 27 DC D1 99 F7
 384 02   33:           INTEGER
            :             00 AA 05 65 FB DD 4E A8 02 F1 34 39
            :             E7 A3 FC 7D 46 10 B8 5D F0 2E F2 C5
            :             D1 5E A2 74 4C DA 0F 4E 1F
 419 02   97:           INTEGER
            :             01 30 CD 03 82 CD 3F 32 3A 5F 16 5E
            :             F2 13 5F 52 1B DF FF AA 3B 06 3C 7F
            :             81 26 1C B7 0C A0 14 09 1B 5D 26 FD
            :             71 33 8C F2 AC 41 7E 0D AC 35 95 90
            :             7E A5 AD AB 55 50 80 F0 D2 B9 2A 11
            :             4D 76 45 76 3F 0C 38 AE 72 59 C6 EC
            :             BD EF E7 6E 60 23 93 B9 27 02 44 7E
            :             4A D3 DA 39 3A 9A 63 43 3C 1B 23 C5
            :             62
 518 30   26:           SEQUENCE {
 520 03   21:             BIT STRING 0 unused bits
            :               D0 FD D6 E0 46 97 D1 A7 7F BB FF 9A
            :               43 F0 62 64 B3 7C 97 AB
 543 02    1:             INTEGER 122
            :             }
            :           }
            :         }
 546 03  132:       BIT STRING 0 unused bits, encapsulates {
 550 02  128:           INTEGER
            :             60 5E 6E EF 61 55 77 3F 9D 6A 11 10
            :             F4 D3 C9 B8 72 A0 1F 89 DF E4 BC 21
            :             FD E4 9F 50 D6 8F 8E F9 67 97 14 E0
            :             34 19 8F 3D 58 52 1E DC 5D 05 4E 4F
            :             C6 88 85 78 AC 01 6C 35 CE 86 6D 90
            :             4B 58 48 2E 0F B2 E3 2A 4E 47 C3 B1
            :             4D 2A 7A C9 B7 E5 C6 68 8A 73 AE 53
            :             21 B3 CF 09 C4 62 A3 E8 B0 BB DC DE
            :             0D 2E 66 48 37 A8 DB A2 4B FB DB FA
            :             A6 92 4B 41 0A C6 54 0B 8B 1A 9D 2F
            :             FF 60 0B 0B 08 D9 42 3F
            :           }
            :       }
 681 A3  128:  129:     [3] {
 684
 284 30  126:  127:       SEQUENCE {
 686
 286 30   12:         SEQUENCE {
 688
 288 06    3:           OBJECT IDENTIFIER
            :             basicConstraints (2 5 29 19)
            :             (X.509 id-ce (2 5 29))
 693
 293 01    1:           BOOLEAN TRUE
 696
 296 04    2:           OCTET STRING, encapsulates {
 698
 298 30    0:               SEQUENCE {}
            :               }
            :           }
 700
 300 30   14:         SEQUENCE {
 702
 302 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 707
 307 01    1:           BOOLEAN TRUE
 710
 310 04    4:           OCTET STRING, encapsulates {
 712
 312 03    2:               BIT STRING 3 5 unused bits
            :                 '10000'B (bit 4)                 '111'B
            :               }
            :           }
 716
 316 30   31:         SEQUENCE {
 718
 318 06    3:           OBJECT IDENTIFIER
            :             authorityKeyIdentifier (2 5 29 35)
            :             (X.509 id-ce (2 5 29))
 723
 323 04   24:           OCTET STRING, encapsulates {
 725
 325 30   22:               SEQUENCE {
 727
 327 80   20:                 [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                   3D                   E9 E0 90 27 AC 78 20 BC 43 2B 93 F1 1F 7A 9A D3 4C F2
            :                 }                   42 37 4E 22 AE 9E 38 BB
            :                 }
            :               }
 749
            :           }
 349 30   29:         SEQUENCE {
 751
 351 06    3:           OBJECT IDENTIFIER
            :             subjectKeyIdentifier (2 5 29 14)
            :             (X.509 id-ce (2 5 29))
 756
 356 04   22:           OCTET STRING, encapsulates {
 758
 358 04   20:               OCTET STRING
            :                 47                 8C F3 4F CD CB 75 7D A8 52 21 A8 61 36 0E 8D 31 F6 D4 29 DA 44
            :                 57 B5 F8 9A EE DB 30 46                 92 75 B8 FE ED 4F 39 0C
            :               }
            :           }
 780
 380 30   30:   31:         SEQUENCE {
 782
 382 06    3:           OBJECT IDENTIFIER subjectAltName (2 5 29 17)
            :             (X.509 id-ce (2 5 29))
 787
 387 04   23:   24:           OCTET STRING, encapsulates {
 789
 389 30   21:   22:               SEQUENCE {
 791
 391 81   19:   20:                 [1] 'DianeDH@example.com' 'DianeRSA@example.com'
            :                 }
            :               }
            :           }
            :         }
            :       }
            :     }
 812
 413 30    9:   13:   SEQUENCE {
 814
 415 06    7:    9:     OBJECT IDENTIFIER dsaWithSha1
            :       sha1withRSAEncryption (1 2 840 10040 4 3) 113549 1 1 5)
            :       (ANSI X9.57 algorithm)       (PKCS #1)
 426 05    0:     NULL
            :     }
 823
 428 03   48:  129:   BIT STRING 0 unused bits, encapsulates {
 826 30   45:       SEQUENCE {
 828 02   20:         INTEGER bits
            :           23 40 B6 8B 05 29 7E 69 03 F4 B7 DA     7D A6 2C B5 78 42 D6 79 F3 31 FE F6
            :     42 CA 0F 13 07 92 09 1B E0 6F B0 91
            :     18 F6 BF 4A FB CC 63 79 FB 81 BF DD
            :     97 F4 96 8C 15 AA 22 55
 850 02   21:         INTEGER C7 90 6B CB 0A 37 2B 41 6A 03 98
            :           00 82 D8 24 E5 7F CD 04 54 6E 0C F4     C5 1B 3E 32 C8 45 2B 86 01 9C 1C E2
            :     36 EF 16 C1 1A 92 B8 BE 62 FB 53 3E
            :     49 47 0B C4 B9 E4 2B 58 A6 06 83 F0
            :     B2 A7 BB 85 7E D5 C9 BD 99 98 0C 60 4B D3 C6 DA CE 9C 7B 31
            :         }     72 D7 A2 EA 41 AB 6A C0 DD 1F B9 14
            :       }     44 18 CF 84 57 66 E8 C5 E6 B8 DC 2D
            :     B3 1F 1B 28 43 36 75 7A
            :   }

DianeDSSSignByCarlInherit

2.4 CRLs

CarlDSSCRLForAll =
   0 30  440:  216: SEQUENCE {
   4
   3 30  375:  153:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02    2:     INTEGER 210
  17
   6 30    9:     SEQUENCE {
  19
   8 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :         (ANSI X9.57 algorithm)
            :       }
  28
  17 30   18:     SEQUENCE {
  30
  19 31   16:       SET {
  32
  21 30   14:         SEQUENCE {
  34
  23 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  39
  28 13    7:           PrintableString 'CarlDSS'
            :           }
            :         }
            :       }
  48
  37 17   13:     UTCTime '990827070000Z'
  52 30   30:  105:     SEQUENCE {
  50
  54 30   19:       SEQUENCE {
  56 02    2:         INTEGER 200
  60 17   13:         UTCTime '990817020810Z'
  65 '990822070000Z'
            :         }
  75 30   19:       SEQUENCE {
  77 02    2:         INTEGER 201
  81 17   13:         UTCTime '391231235959Z' '990822070000Z'
            :         }
  80
  96 30   19:       SEQUENCE {
  82 31   17:       SET {
  84
  98 02    2:         INTEGER 211
 102 17   13:         UTCTime '990822070000Z'
            :         }
 117 30   15:   19:       SEQUENCE {
  86 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
 119 02    2:         INTEGER 210
 123 17   13:         UTCTime '990822070000Z'
            :             (X.520 id-at (2 5 4))
  91 13    8:           PrintableString 'DianeDSS'         }
 138 30   19:       SEQUENCE {
 140 02    2:         INTEGER 212
 144 17   13:         UTCTime '990824070000Z'
            :         }
            :       }
            :     }
 101 30  147:     SEQUENCE {
 104
 159 30    9:   SEQUENCE {
 106
 161 06    7:     OBJECT IDENTIFIER dsa dsaWithSha1 (1 2 840 10040 4 1) 3)
            :       (ANSI X9.57 algorithm)
            :     }
 115
 170 03  133:   47:   BIT STRING 0 unused bits, encapsulates {
 119
 173 30   44:       SEQUENCE {
 175 02  129:   20:         INTEGER
            :             00 A0 00 17 78 2C EE           7E 81 53 2E 2E
            :             61 08 0F A1 9B 51 65 52 1A DA 59 A8 76 33 FE 34 73 17 D1 F7 96
            :             2F 12 25 B6 08 CB CA EF 2A 44 76 8A           F9 A0 D4 D8 6D 5C 7D 3D
 197 02   20:         INTEGER
            :             52 09 EA BD 05 22 D5 0F F6 FD 46 D7
            :             AF 99 38 09 0E 13 CB 4F 2C DD 1C 34
            :             F7 1C BF 25 FF 23 D3 3B 59 E7 82 97
            :             37 BE 31 24 D8 18 C8 F3 49 39           02 7A 5B B7
            :             E2 E5 27 7E FC 8C 45 72 D5 5B 18 C1 CF 87 EF 7E 3E 8F
            :             68 4D DD 46 7A 22 BE 8E FF CC           DA 39
            :             29 A3 39 E5 9F 43 E9 55 C9 D7 5B A6 24 F3 2A 83 9C 35 A1
            :             81 67 CC C0 AA CD 2E C5 23         }
            :       }
            :   }
 251 A3  129:     [3]

CarlDSSCRLForCarl =
   0 30  131: SEQUENCE {
 254
   3 30  127:   68:   SEQUENCE {
 256
   5 30   12:    9:     SEQUENCE {
 258
   7 06    3:    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :             basicConstraints (2 5 29 19)         (ANSI X9.57 algorithm)
            :             (X.509 id-ce (2 5 29))
 263 01    1:           BOOLEAN TRUE
 266 04    2:           OCTET STRING, encapsulates {
 268       }
  16 30    0:   18:     SEQUENCE {}
            :               }
            :           }
 270 {
  18 31   16:       SET {
  20 30   14:         SEQUENCE {
 272
  22 06    3:           OBJECT IDENTIFIER keyUsage commonName (2 5 29 15) 4 3)
            :             (X.509 id-ce             (X.520 id-at (2 5 29))
 277 01    1:           BOOLEAN TRUE
 280 04    4:           OCTET STRING, encapsulates 4))
  27 13    7:           PrintableString 'CarlDSS'
            :           }
            :         }
            :       }
  36 17   13:     UTCTime '990825070000Z'
  51 30   20:     SEQUENCE {
 282 03    2:               BIT STRING 6 unused bits
  53 30   18:       SEQUENCE {
  55 02    1:         INTEGER 1
  58 17   13:         UTCTime '990822070000Z'
            :                 '11'B         }
            :       }
            :     }
 286
  73 30   31:    9:   SEQUENCE {
 288
  75 06    3:    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :             authorityKeyIdentifier (2 5 29 35)       (ANSI X9.57 algorithm)
            :             (X.509 id-ce (2 5 29))
 293 04   24:           OCTET STRING,     }
  84 03   48:   BIT STRING 0 unused bits, encapsulates {
 295
  87 30   22:   45:       SEQUENCE {
 297 80   20:                 [0]
  89 02   21:         INTEGER
            :           00 B3 1F C5 4F 7A 3D EC 76 D5 60 F9
            :                   70 44 3E 82 2E 6F 87           DE 4A D3 75 E3 79 22 EC 4F B0 90 FE 97
 112 02   20:         INTEGER
            :                   3D 20           5A 8B C3 84 BC 43 2B 93 F1 1F 66 87 1B BF 79 82 5B
            :           0A 5D 07 F6 BA A9 05 29
            :         }
            :       }
            :   }
 319

CarlDSSCRLEmpty =
   0 30   29:  109: SEQUENCE {
 321
   2 30   46:   SEQUENCE {
   4 30    9:     SEQUENCE {
   6 06    3:    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :             subjectKeyIdentifier (2 5 29 14)
            :             (X.509 id-ce (2 5 29))
 326 04   22:           OCTET STRING, encapsulates {
 328 04   20:               OCTET STRING
            :                 64 30 99 7D 5C DC 45 0B 99 3A 52 2F
            :                 16 BF 58 50 DD CE 2B 18
            :               }         (ANSI X9.57 algorithm)
            :       }
 350
  15 30   31:   18:     SEQUENCE {
 352
  17 31   16:       SET {
  19 30   14:         SEQUENCE {
  21 06    3:           OBJECT IDENTIFIER subjectAltName commonName (2 5 29 17) 4 3)
            :             (X.509 id-ce             (X.520 id-at (2 5 29))
 357 04   24:           OCTET STRING, encapsulates {
 359 30   22:               SEQUENCE {
 361 81   20:                 [1] 'DianeDSS@example.com'
            :                 }
            :               } 4))
  26 13    7:           PrintableString 'CarlDSS'
            :           }
            :         }
            :       }
  35 17   13:     UTCTime '990820070000Z'
            :     }
 383
  50 30    9:   SEQUENCE {
 385
  52 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :       (ANSI X9.57 algorithm)
            :     }
 394
  61 03   48:   BIT STRING 0 unused bits, encapsulates {
 397
  64 30   45:       SEQUENCE {
 399
  66 02   21:   20:         INTEGER
            :           00 A1 1A F8           62 3F 36 17 0E 3E 5D A8 8C F4 B6 31 58 2E 67 50 79 F5 09
            :           55 33 1E           4B E3 2C AC B9 5F
 422 8C AD D4 6B F4 64 9F
  88 02   20:   21:         INTEGER
            :           28 4B 10 45 58 D2 1C 9D 55 35 14 18
            :           91 B2 3F 39 DF           00 B5 6E D3 3B 4E A1 4C 7B FD 0F C3 8D 9B
            :           B6 FE C3 5D 6F DE 65 28 7D
            :         }
            :       }
            :   }

DianeRSASignByCarl

CarlRSACRLForAll =
   0 30  556:  307: SEQUENCE {
   4 30  405:  157:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02   16:     INTEGER
            :       46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :       D5 9A 30 90
  31
   7 30   13:     SEQUENCE {
  33
   9 06    9:       OBJECT IDENTIFIER
            :         sha1withRSAEncryption         md5withRSAEncryption (1 2 840 113549 1 1 5) 4)
            :         (PKCS #1)
  44
  20 05    0:       NULL
            :       }
  46
  22 30   18:     SEQUENCE {
  48
  24 31   16:       SET {
  50
  26 30   14:         SEQUENCE {
  52
  28 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  57
  33 13    7:           PrintableString 'CarlRSA'
            :           }
            :         }
            :       }
  66 30   30:     SEQUENCE {
  68
  42 17   13:     UTCTime '990819070000Z'
  83 '990827070000Z'
  57 30  105:     SEQUENCE {
  59 30   33:       SEQUENCE {
  61 02   16:         INTEGER
            :           46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :           C4 10 B3 B0
  79 17   13:         UTCTime '391231235959Z' '990822070000Z'
            :         }
  98
  94 30   19:   33:       SEQUENCE {
 100 31   17:       SET {
 102
  96 02   16:         INTEGER
            :           46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :           D5 9A 30   15: 90
 114 17   13:         UTCTime '990822070000Z'
            :         }
 129 30   33:       SEQUENCE {
 104 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
 131 02   16:         INTEGER
            :             (X.520 id-at (2 5 4))
 109 13    8:           PrintableString 'DianeRSA'           46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :           CD 5D 71 D0
 149 17   13:         UTCTime '990824070000Z'
            :         }
            :       }
            :     }
 119 30  159:     SEQUENCE {
 122
 164 30   13:   SEQUENCE {
 124
 166 06    9:     OBJECT IDENTIFIER
            :           rsaEncryption       md5withRSAEncryption (1 2 840 113549 1 1 1) 4)
            :       (PKCS #1)
 135
 177 05    0:     NULL
            :     }
 137
 179 03  141:  129:   BIT STRING 0 unused bits, encapsulates {
 141 30  137:           SEQUENCE {
 144 02  129:             INTEGER
            :               00 D6 FD B8 C0 70 C6 4C 25 EC EA CF bits
            :               EA 7C BB A2 62 FA     BF B3 97 AA 53 F0 E6 32 3A 53 FF
            :               B1 21 16 2B 77 92 5A 17 F4 20 E1 99 24 82 0A D0
            :               F6 7C FB 44 CA 8B 27 06     7A 6B BB 97 C8 DC EA F1 7E 26 03
            :               A9 76 9D CF EC A0 2C 70 96 F2 83 42 FA 66 16 30
            :               F6     0E B5 9E 5C F0 81 D4 B7 28 0A BB F8 BF 4A 4C 19 3F
            :               07 DB A0 5E B3 6E C1 60 1E B7 7E 67 F7 DE B1 88
            :               C3     6B 8C D4 5E C5 4D FB 47 5E 66 F3 5D
            :     AB E5 B4 18 36 60 49 AC 45 D7 F8 C6 EF 08 37 21 A8 4D 9C 3C 89 EC
            :               93 47 EE F0 73     6F 27 BF 35 72 B0 02 C4 F3 50 71 81 C2 B9 44 5B 62
            :     89 19 12 31 A9 7B 9A D3 CC 66 CB 11
            :               C3 5E     D9 0B 10 47 77 AD 4F 22 D9 E5 0A B7 83 F1 DB 74 69 64 7F 30
            :               8B 44 1D 95 5D CD 28 C0 85
 276 02    3:             INTEGER 65537     F2 5B FC 94 51 A5 58 76 3B 1F A8 46
            :             }     A6 1F F6 A1 DE 55 A1 ED 31 88 69 97
            :           }     0F 08 D3 D4 0C 60 5B 1E
            :   }
 281 A3  129:     [3] {
 284

CarlRSACRLForCarl =
   0 30  127:  236: SEQUENCE {
 286
   3 30   12:   87:   SEQUENCE {
 288 06    3:           OBJECT IDENTIFIER
            :             basicConstraints (2 5 29 19)
            :             (X.509 id-ce (2
   5 29))
 293 01    1:           BOOLEAN TRUE
 296 04    2:           OCTET STRING, encapsulates {
 298 30    0:               SEQUENCE {}
            :               }
            :           }
 300 30   14:   13:     SEQUENCE {
 302
   7 06    3:    9:       OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 307 01    1:           BOOLEAN TRUE
 310 04    4:           OCTET STRING, encapsulates {
 312 03    2:               BIT STRING 5 unused bits
            :                 '111'B         md5withRSAEncryption (1 2 840 113549 1 1 4)
            :               }         (PKCS #1)
  18 05    0:       NULL
            :       }
 316 30   31:         SEQUENCE {
 318 06    3:           OBJECT IDENTIFIER
            :             authorityKeyIdentifier (2 5 29 35)
            :             (X.509 id-ce (2 5 29))
 323 04   24:           OCTET STRING, encapsulates {
 325
  20 30   22:   18:     SEQUENCE {
 327 80   20:                 [0]
            :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
            :                   42 37 4E
  22 AE 9E 38 BB
            :                 }
            :               }
            :           }
 349 31   16:       SET {
  24 30   29:   14:         SEQUENCE {
 351
  26 06    3:           OBJECT IDENTIFIER
            :             subjectKeyIdentifier commonName (2 5 29 14) 4 3)
            :             (X.509 id-ce             (X.520 id-at (2 5 29))
 356 04   22:           OCTET STRING, encapsulates {
 358 04   20:               OCTET STRING
            :                 8C F3 CB 75 0E 8D 4))
  31 F6 D4 29 DA 44 13    7:           PrintableString 'CarlRSA'
            :                 92 75 B8 FE ED 4F 39 0C           }
            :         }
            :       }
 380
  40 17   13:     UTCTime '990825070000Z'
  55 30   31:   35:     SEQUENCE {
 382 06    3:           OBJECT IDENTIFIER subjectAltName (2 5 29 17)
            :             (X.509 id-ce (2 5 29))
 387 04   24:           OCTET STRING, encapsulates {
 389
  57 30   22:   33:       SEQUENCE {
 391 81   20:                 [1] 'DianeRSA@example.com'
            :                 }
  59 02   16:         INTEGER
            :               }           46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :           }           9F F2 50 20
  77 17   13:         UTCTime '990822070000Z'
            :         }
            :       }
            :     }
 413
  92 30   13:   SEQUENCE {
 415
  94 06    9:     OBJECT IDENTIFIER
            :       sha1withRSAEncryption       md5withRSAEncryption (1 2 840 113549 1 1 5) 4)
            :       (PKCS #1)
 426
 105 05    0:     NULL
            :     }
 428
 107 03  129:   BIT STRING 0 unused bits
            :     7D A6 2C B5 78 42 D6 79 F3 31 FE F6
            :     42 CA 0F 13 07 92 09 1B E0 6F B0 91
            :     18 F6 BF 4A FB CC 63 79 FB 81 BF DD
            :     97 C7 90 6B CB 0A 37 2B 41 6A 03 98
            :     C5 1B 3E 32 C8 45 2B 86 01 9C 1C E2
            :     36     21 EF 16 21 D4 C1 1A 92 B8 BE 62 FB 53 3E
            : 85 95 49 47 0B C4 B9 E4 2B 58 A6 06 83 F0 6B CA 45
            :     B2 A7 BB 85 7E D5 C6 DA CE 9C 7B 31     62 DC D7 09 FF A9 51 2E 8E D9 47 18
            :     FA F8 E5 72 D7 A2 EA 41 AB 6A C0 DD 1F B9 14 4F ED 74 74 E3 F3 65
            :     44 18 CF 84     32 65 28 2C 9A 1D 57 66 E8 C5 E6 B8 DC 2D E5 D5 26 06 EA
            :     B3 1F 1B 28 43     D5 E6 23 95 84 8D 0E 89 9E EE 9B 0C
            :     2F CE 07 F7 A3 D1 6B 85 4C 0F FF E6
            :     DD FC DC CD 73 2C 1E 7D DC B0 71 C5
            :     4C FC 01 6E 52 57 69 1E 39 63 DF 12
            :     22 30 C7 13 55 94 05 6E 2A 00 A9 5B
            :     C4 2A 66 94 62 CE 36 75 7A 33 C2 2B 63 47
            :     25 9D F3 DE 70 EE 00 56
            :   }

EricaDHEncryptByCarl

CarlRSACRLEmpty =
   0 30  743:  199: SEQUENCE {
   4
   3 30  679:   50:   SEQUENCE {
   8 A0    3:     [0] {
  10 02    1:       INTEGER 2
            :       }
  13 02    2:     INTEGER 212
  17
   5 30    9:   13:     SEQUENCE {
  19
   7 06    7:    9:       OBJECT IDENTIFIER dsaWithSha1
            :         md5withRSAEncryption (1 2 840 10040 4 3) 113549 1 1 4)
            :         (ANSI X9.57 algorithm)         (PKCS #1)
  18 05    0:       NULL
            :       }
  28
  20 30   18:     SEQUENCE {
  30
  22 31   16:       SET {
  32
  24 30   14:         SEQUENCE {
  34
  26 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  39
  31 13    7:           PrintableString 'CarlDSS' 'CarlRSA'
            :           }
            :         }
            :       }
  48 30   30:     SEQUENCE {
  50 17   13:       UTCTime '990817021716Z'
  65
  40 17   13:     UTCTime '391231235959Z'
            :       }
  80 30   18:     SEQUENCE {
  82 31   16:       SET {
  84 30   14:         SEQUENCE {
  86 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  91 13    7:           PrintableString 'EricaDH'
            :           }
            :         } '990820070000Z'
            :     }
 100 30  452:     SEQUENCE {
 104
  55 30  312:   13:   SEQUENCE {
 108
  57 06    7:    9:     OBJECT IDENTIFIER
            :           dhPublicKey       md5withRSAEncryption (1 2 840 10046 2 1) 113549 1 1 4)
            :           (ANSI X9.42 number type)
 117 30  299:         SEQUENCE {
 121 02  129:           INTEGER       (PKCS #1)
  68 05    0:     NULL
            :             00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB     }
  70 03  129:   BIT STRING 0 unused bits
            :             23 4D DF 2B 25 C1 68 D2 9E     A9 45 5B
            :             36 F1 94 89 1A AF 7D C5 21 B8 13 7C 74 F3 B5 11 24 9D 3D B9 EC 04
            :             3C 29 E8 D7 23 80 33 A6 9E     F3 20 45 02 BB 86 1E 0B 6E 7F 83 6D 5F F4
            :             AA CC 9E 28 05 95 A0 B3 17     34 76 C1 F7
            : 06 59 25 35 61 02 41 92 27 0C 5E AE 48 E5 0E 04 3D 88 09 88 81
            :             F3 6E 38 EF 91 D1 CF     37 FE 9A 40 97
            :             C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA
            :             74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8 DC 20 98 FA 17 81 0B 37 94 AC
            :     B4 8F 7B 51 89 14 A4 CB 72 73 14 07
            :             7E     BC 3A AA 43 0A 81 64 22 9C 40 A1 07 FC 63 F0 7B 44 7C 85 0F 0B
            :             71 98 FA C0 38 79 10 1A 33
 253 02  129:           INTEGER     88 D1 EE E1 0E AF F6 16 74 AD A1 AF
            :     C1 00 BA 75 00 64 EA A5 9A F6 0B D7 74 3D E7 34 E5 4C 13 A7 08 A2
            :     DB 95 96 BB F1 E4 61 37 08 FB 12 C7 FB 19 5F A6 A7 B9 39 45 25 0A 0E
            :             9C 91 77 06 99 35 F0 48 24 96 33 12
            :             01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
            :             5E 95 86 A2 73 C5 49 46 37 79 60 FD
            :             77 05 09 48 9B 70 8D 3C 05     F6 CE 44
            :             2C 7F 7D 1B 2B 15 DD F3 05 2F BE 85
            :             20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
            :             42 62 34 27 27 81 8E 6F 0F 5E 62 85
            :             89 CC ED 21 C3 91 70 06 54 EE 70 A8
            :             92 55 5B 6E 19 22 4D 62 A7
 385 02   33:           INTEGER
            :             00 C3 AB 4A 30 79 B3 D3 97 4E CA F5
            :             A2 7D C7 70 A3 45 F3 B3 A2 86 05 D2
            :             3E 49 F9 9F D9 0A B3 BE BD
            :           }
            :         }
 420 03  133:       BIT STRING 0 unused bits, encapsulates {
 424 02  129:           INTEGER
            :             00 D1 2B E4 1D 3E BA 18 CF 75 20 C6
            :             C7 5E C3 C4 6C EA F3 23 D9 09 1F 46
            :             98 F4 CE 59 84 E7 F8 B9 B6 CE E8 3A C6 5A C9 18 F8
            :             59 77 1B 99 B0 DA DC C0 9D 09 E4 AF
            :             F9 61 91 2C 47 CC 47 5E DF 2B 33 76
            :             F3 67 EC 77 E8 2C 37 30 A1 89 5D F3
            :             C8 F6 5C 16 4A E4 B7 8C F5 7B D5 38
            :             FD 14 AC E8 7A C2 7D EE 07 90 27 0A
            :             7C 87 A8 A2 E2 70 35 EA 6E DE 9E 50
            :             31 6B E9 09 DA 25 1A 01 8E E3 FF 26
            :             1C 75 F5 C3 CE 5A F5 9E 85
            :           }
            :       }
 556 A3  128:     [3] {
 559 30  126:       SEQUENCE {
 561 30   12:         SEQUENCE {
 563 06    3:           OBJECT IDENTIFIER
            :             basicConstraints (2 5 29 19)
            :             (X.509 id-ce (2 5 29))
 568 01    1:           BOOLEAN TRUE
 571 04    2:           OCTET STRING, encapsulates {
 573 30    0:               SEQUENCE {}
            :               }
            :           }
 575 30   14:         SEQUENCE {
 577 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
            :             (X.509 id-ce (2 5 29))
 582 01    1:           BOOLEAN TRUE
 585 04    4:           OCTET STRING, encapsulates {
 587 03    2:               BIT STRING 3 unused bits
            :                 '10000'B (bit 4)
            :               }
            :           }
 591 30   31:         SEQUENCE {
 593 06    3:           OBJECT IDENTIFIER
            :             authorityKeyIdentifier (2 5 29 35) 0E B8
            :             (X.509 id-ce (2 5 29))
 598 04   24:           OCTET STRING, encapsulates {
 600 30   22:               SEQUENCE {
 602     A0 96 BE 81 3A 80   20:                 [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                   3D 20 BC 43 2B 93 F1 1F
            :                 }
            :               }
            :           }
 624 30   29:         SEQUENCE {
 626 06    3:           OBJECT IDENTIFIER
            :             subjectKeyIdentifier (2 5 29 14)
            :             (X.509 id-ce (2 5 29))
 631 04   22:           OCTET STRING, encapsulates {
 633 04   20:               OCTET STRING
            :                 8D 53 1D 61 55 7F 60 35 6D A6 36 A2
            :                 C5 93 F8 9A FD C0 75 74
            :               }
            :           }
 655 30   30:         SEQUENCE {
 657 06    3:           OBJECT IDENTIFIER subjectAltName (2 5 29 17)
            :             (X.509 id-ce (2 5 29))
 662 04   23:           OCTET STRING, encapsulates {
 664 30   21:               SEQUENCE {
 666 81   19:                 [1] 'EricaDH@example.com'
            :                 }
            :               }
            :           }
            :         }
            :       }
            :     }
 687 30    9:   SEQUENCE {
 689 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :       (ANSI X9.57 algorithm)
            :     }
 698 03   47:   BIT STRING 0 unused bits, encapsulates {
 701 30   44:       SEQUENCE {
 703 02   20:         INTEGER
            :           51 1F D4 7A 1D C6 D4 7E E9 AA 8E 73
            :           B3 2F 9D 65 29 95 B7 49
 725 02   20:         INTEGER
            :           09 CD 58 35 70 4B C3 0F 07 9D 09 19
            :           51 89 8F 98 7F D1 88 91
            :         }
            :       }
            :   }

3.4 CRLs

CarlDSSCRLForAll =
   0 30  216: SEQUENCE {
   3 30  153:   SEQUENCE {
   6 30    9:     SEQUENCE {
   8 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :         (ANSI X9.57 algorithm)
            :       }
  17 30   18:     SEQUENCE {
  19 31   16:       SET {
  21 30   14:         SEQUENCE {
  23 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  28 13    7:           PrintableString 'CarlDSS'
            :           }
            :         }
            :       }
  37 17   13:     UTCTime '990827070000Z'
  52 30  105:     SEQUENCE {
  54 30   19:       SEQUENCE {
  56 02    2:         INTEGER 200
  60 17   13:         UTCTime '990822070000Z'
            :         }
  75 30   19:       SEQUENCE {
  77 02    2:         INTEGER 201
  81 17   13:         UTCTime '990822070000Z'
            :         }
  96 30   19:       SEQUENCE {
  98 02    2:         INTEGER 211
 102 17   13:         UTCTime '990822070000Z'
            :         }
 117 30   19:       SEQUENCE {
 119 02    2:         INTEGER 210
 123 17   13:         UTCTime '990822070000Z'
            :         }
 138 30   19:       SEQUENCE {
 140 02    2:         INTEGER 212
 144 17   13:         UTCTime '990824070000Z'
            :         }
            :       }
            :     }
 159 30    9:   SEQUENCE {
 161 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :       (ANSI X9.57 algorithm)
            :     }
 170 03   47:   BIT STRING 0 unused bits, encapsulates {
 173 30   44:       SEQUENCE {
 175 02   20:         INTEGER
            :           7E 65 52 76 33 FE 34 73 17 D1 F7 96
            :           F9 A0 D4 D8 6D 5C 7D 3D
 197 02   20:         INTEGER
            :           02 7A 5B B7 D5 5B 18 C1 CF 87 EF 7E
            :           DA 24 F3 2A 83 9C 35 A1
            :         }
            :       }
            :   }

CarlDSSCRLForCarl =
   0 30  131: SEQUENCE {
   3 30   68:   SEQUENCE {
   5 30    9:     SEQUENCE {
   7 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :         (ANSI X9.57 algorithm)
            :       }
  16 30   18:     SEQUENCE {
  18 31   16:       SET {
  20 30   14:         SEQUENCE {
  22 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  27 13    7:           PrintableString 'CarlDSS'
            :           }
            :         }
            :       }
  36 17   13:     UTCTime '990825070000Z'
  51 30   20:     SEQUENCE {
  53 30   18:       SEQUENCE {
  55 02    1:         INTEGER 1
  58 17   13:         UTCTime '990822070000Z'
            :         }
            :       }
            :     }
  73 30    9:   SEQUENCE {
  75 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :       (ANSI X9.57 algorithm)
            :     }
  84 03   48:   BIT STRING 0 unused bits, encapsulates {
  87 30   45:       SEQUENCE {
  89 02   21:         INTEGER
            :           00 B3 1F C5 4F 7A 3D EC 76 D5 60 F9
            :           DE 79 22 EC 4F B0 90 FE 97
 112 02   20:         INTEGER
            :           5A 8B C3 84 BC 66 87 1B BF 79 82 5B
            :           0A 5D 07 F6 BA A9 05 29
            :         }
            :       }
            :   }

CarlDSSCRLEmpty =
   0 30  109: SEQUENCE {
   2 30   46:   SEQUENCE {
   4 30    9:     SEQUENCE {
   6 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :         (ANSI X9.57 algorithm)
            :       }
  15 30   18:     SEQUENCE {
  17 31   16:       SET {
  19 30   14:         SEQUENCE {
  21 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  26 13    7:           PrintableString 'CarlDSS'
            :           }
            :         }
            :       }
  35 17   13:     UTCTime '990820070000Z'
            :     }
  50 30    9:   SEQUENCE {
  52 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
            :       (ANSI X9.57 algorithm)
            :     }
  61 03   48:   BIT STRING 0 unused bits, encapsulates {
  64 30   45:       SEQUENCE {
  66 02   20:         INTEGER
            :           62 3F 36 17 31 58 2E 67 50 79 F5 09
            :           4B 8C AD D4 6B F4 64 9F
  88 02   21:         INTEGER
            :           00 B5 3B 4E A1 4C 7B FD 0F C3 8D 9B
            :           B6 FE C3 5D 6F DE 65 28 7D
            :         }
            :       }
            :   }

CarlRSACRLForAll =
   0 30  307: SEQUENCE {
   4 30  157:   SEQUENCE {
   7 30   13:     SEQUENCE {
   9 06    9:       OBJECT IDENTIFIER
            :         md5withRSAEncryption (1 2 840 113549 1 1 4)
            :         (PKCS #1)
  20 05    0:       NULL
            :       }
  22 30   18:     SEQUENCE {
  24 31   16:       SET {
  26 30   14:         SEQUENCE {
  28 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  33 13    7:           PrintableString 'CarlRSA'
            :           }
            :         }
            :       }
  42 17   13:     UTCTime '990827070000Z'
  57 30  105:     SEQUENCE {
  59 30   33:       SEQUENCE {
  61 02   16:         INTEGER
            :           46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :           C4 10 B3 B0
  79 17   13:         UTCTime '990822070000Z'
            :         }
  94 30   33:       SEQUENCE {
  96 02   16:         INTEGER
            :           46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :           D5 9A 30 90
 114 17   13:         UTCTime '990822070000Z'
            :         }
 129 30   33:       SEQUENCE {
 131 02   16:         INTEGER
            :           46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :           CD 5D 71 D0
 149 17   13:         UTCTime '990824070000Z'
            :         }
            :       }
            :     }
 164 30   13:   SEQUENCE {
 166 06    9:     OBJECT IDENTIFIER
            :       md5withRSAEncryption (1 2 840 113549 1 1 4)
            :       (PKCS #1)
 177 05    0:     NULL
            :     }
 179 03  129:   BIT STRING 0 unused bits
            :     BF B3 97 AA 53 F0 32 21 16 2B 77 92
            :     7A 6B BB 97 C8 DC EA F1 FA 66 16 30
            :     0E B5 9E 5C F0 81 D4 5E B3 6E C1 88
            :     6B 8C D4 5E C5 4D FB 47 5E 66 F3 5D
            :     AB E5 B4 18 36 60 A8 4D 9C 3C 89 EC
            :     6F 27 BF 35 50 71 81 C2 B9 44 5B 62
            :     89 19 12 31 A9 7B 9A D3 CC 66 CB 11
            :     D9 0B 10 47 77 AD 4F 22 D9 E5 7F 30
            :     F2 5B FC 94 51 A5 58 76 3B 1F A8 46
            :     A6 1F F6 A1 DE 55 A1 ED 31 88 69 97
            :     0F 08 D3 D4 0C 60 5B 1E
            :   }

CarlRSACRLForCarl =
   0 30  236: SEQUENCE {
   3 30   87:   SEQUENCE {
   5 30   13:     SEQUENCE {
   7 06    9:       OBJECT IDENTIFIER
            :         md5withRSAEncryption (1 2 840 113549 1 1 4)
            :         (PKCS #1)
  18 05    0:       NULL
            :       }
  20 30   18:     SEQUENCE {
  22 31   16:       SET {
  24 30   14:         SEQUENCE {
  26 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  31 13    7:           PrintableString 'CarlRSA'
            :           }
            :         }
            :       }
  40 17   13:     UTCTime '990825070000Z'
  55 30   35:     SEQUENCE {
  57 30   33:       SEQUENCE {
  59 02   16:         INTEGER
            :           46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :           9F F2 50 20
  77 17   13:         UTCTime '990822070000Z'
            :         }
            :       }
            :     }
  92 30   13:   SEQUENCE {
  94 06    9:     OBJECT IDENTIFIER
            :       md5withRSAEncryption (1 2 840 113549 1 1 4)
            :       (PKCS #1)
 105 05    0:     NULL
            :     }
 107 03  129:   BIT STRING 0 unused bits
            :     21 EF 21 D4 C1 1A 85 95 49 6B CA 45
            :     62 DC D7 09 FF A9 51 2E 8E D9 47 18
            :     FA F8 E5 72 DD 4F ED 74 74 E3 F3 65
            :     32 65 28 2C 9A 1D 57 E5 D5 26 06 EA
            :     D5 E6 23 95 84 8D 0E 89 9E EE 9B 0C
            :     2F CE 07 F7 A3 D1 6B 85 4C 0F FF E6
            :     DD FC DC CD 73 2C 1E 7D DC B0 71 C5
            :     4C FC 01 6E 52 57 69 1E 39 63 DF 12
            :     22 30 C7 13 55 94 05 6E 2A 00 A9 5B
            :     C4 2A 66 94 62 CE 36 33 C2 2B 63 47
            :     25 9D F3 DE 70 EE 00 56
            :   }

CarlRSACRLEmpty =
   0 30  199: SEQUENCE {
   3 30   50:   SEQUENCE {
   5 30   13:     SEQUENCE {
   7 06    9:       OBJECT IDENTIFIER
            :         md5withRSAEncryption (1 2 840 113549 1 1 4)
            :         (PKCS #1)
  18 05    0:       NULL
            :       }
  20 30   18:     SEQUENCE {
  22 31   16:       SET {
  24 30   14:         SEQUENCE {
  26 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
            :             (X.520 id-at (2 5 4))
  31 13    7:           PrintableString 'CarlRSA'
            :           }
            :         }
            :       }
  40 17   13:     UTCTime '990820070000Z'
            :     }
  55 30   13:   SEQUENCE {
  57 06    9:     OBJECT IDENTIFIER
            :       md5withRSAEncryption (1 2 840 113549 1 1 4)
            :       (PKCS #1)
  68 05    0:     NULL
            :     }
  70 03  129:   BIT STRING 0 unused bits
            :     A9 C5 21 B8 13 7C 74 F3 B5 11 EC 04
            :     F3 20 45 86 1E 0B 6E 7F 83 6D 5F F4
            :     34 76 06 59 25 0E 04 3D 88 09 88 81
            :     37 C4 DC 20 98 FA 17 81 0B 37 94 AC
            :     B4 8F 7B 51 89 14 A4 CB 72 73 14 07
            :     BC 22 9C 40 A1 07 FC 44 7C 85 0F 0B
            :     88 D1 EE E1 0E AF F6 16 74 AD A1 AF
            :     C1 00 75 00 64 EA A5 9A F6 0B 08 A2
            :     DB 95 19 5F A6 A7 B9 39 45 25 0A 0E
            :     F6 5E 84 E7 F8 B9 5A C9 18 C2 0E B8
            :     A0 96 BE 81 3A 80 6D C9
            :   }

4. Trivial Examples

This section covers examples of small CMS types.

4.1 ContentInfo with Data type, BER

The object is a ContentInfo containing a Data object in BER format that
is ExContent.

   0 30 NDEF: SEQUENCE {
   2 06    9:   OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :     (PKCS #7)
  13 A0 NDEF:   [0] {
  15 24 NDEF:     OCTET STRING {
  17 04    4:       OCTET STRING 'This'
  23 04   24:       OCTET STRING ' is some sample content.'
            :       }
            :     }
            :   }

4.2 ContentInfo with Data type, DER

The object is a ContentInfo containing a Data object in DER format that
is ExContent.

   0 30   43: SEQUENCE {
   2 06    9:   OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :     (PKCS #7)
  13 A0   30:   [0] {
  15 04   28:     OCTET STRING 'This is some sample content.'
            :     }
            :   }

5.  Signed-data

5.1 Basic signed content, DSS

A SignedData with no attribute certificates, signed by Alice using
DSS, just her certificate (not Carl's root cert), no CRL. The
message is ExContent, and is included in the eContent. There are no
signed or unsigned attributes.

   0 30  919: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  15 A0  904:   [0] {
  19 30  900:     SEQUENCE {
  23 02    1:       INTEGER 1
  26 31    9:       SET {
  28 30    7:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
            :           }
            :         }
  37 30   43:       SEQUENCE {
  39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  50 A0   30:         [0] {
  52 04   28:           OCTET STRING 'This is some sample content.'
            :           }
            :         }
  82 A0  736:       [0] {
  86 30  732:         SEQUENCE {
  90 30  667:           SEQUENCE {
  94 A0    3:             [0] {
  96 02    1:               INTEGER 2
            :               }
  99 02    2:             INTEGER 200
 103 30    9:             SEQUENCE {
 105 06    7:               OBJECT IDENTIFIER
            :                 dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)
            :               }
 114 30   18:             SEQUENCE {
 116 31   16:               SET {
 118 30   14:                 SEQUENCE {
 120 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 125 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 134 30   30:             SEQUENCE {
 136 17   13:               UTCTime '990817011049Z'
 151 17   13:               UTCTime '391231235959Z'
            :               }
 166 30   19:             SEQUENCE {
 168 31   17:               SET {
 170 30   15:                 SEQUENCE {
 172 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 177 13    8:                   PrintableString 'AliceDSS'
            :                   }
            :                 }
            :               }
 187 30  438:             SEQUENCE {
 191 30  299:               SEQUENCE {
 195 06    7:                 OBJECT IDENTIFIER
            :                   dsa (1 2 840 10040 4 1)
            :                   (ANSI X9.57 algorithm)
 204 30  286:                 SEQUENCE {
 208 02  129:                   INTEGER
            :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
            :                   48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
            :                   53 C5 AB 84 08 4F FF 94 E1 73 48 7E
            :                   0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
            :                   DC 5F 69 8A E4 75 D0 37 0C 91 08 95
            :                   9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
            :                   8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
            :                   78 BD FF 9D B0 84 97 37 F2 E4 51 1B
            :                   B5 E4 09 96 5C F3 7E 5B DB
 340 02   21:                   INTEGER
            :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
            :                   B8 37 21 2B 62 8B F7 93 CD
 363 02  128:                   INTEGER
            :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
            :                   4B 59 6A 4C 76 23 39 04 02 35 5C F2
            :                   CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
            :                   AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
            :                   3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
            :                   E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30
            :                   01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
            :                   1F 11 7F C2 BD ED D1 50 FF 98 74 C2
            :                   D1 81 4A 60 39 BA 36 39
            :                   }
            :                 }
 494 03  132:               BIT STRING 0 unused bits, encapsulates {
 498 02  128:                   INTEGER
            :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
            :                   3F A9 EC AC 5E DC BD B7 13 11 34 A6
            :                   16 89 28 11 23 D9 34 86 67 75 75 13
            :                   12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
            :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
            :                   A5 A0 4A E3 85 D6 CE 06 80 3F E8 23
            :                   7E 1A F2 24 AB 53 1A B8 27 0D 1E EF
            :                   08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
            :                   32 84 F0 7E 41 40 FD 46 A7 63 4E 33
            :                   F2 A5 E2 F4 F2 83 E5 B8
            :                   }
            :               }
 629 A3  129:             [3] {
 632 30  127:               SEQUENCE {
 634 30   12:                 SEQUENCE {
 636 06    3:                   OBJECT IDENTIFIER
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 641 01    1:                   BOOLEAN TRUE
 644 04    2:                   OCTET STRING, encapsulates {
 646 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 648 30   14:                 SEQUENCE {
 650 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
 655 01    1:                   BOOLEAN TRUE
 658 04    4:                   OCTET STRING, encapsulates {
 660 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
 664 30   31:                 SEQUENCE {
 666 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
 671 04   24:                   OCTET STRING, encapsulates {
 673 30   22:                       SEQUENCE {
 675 80   20:                         [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                   3D 20 BC 43 2B 93 F1 1F
            :                         }
            :                       }
            :                   }
 697 30   29:                 SEQUENCE {
 699 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
 704 04   22:                   OCTET STRING, encapsulates {
 706 04   20:                       OCTET STRING
            :                   BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
            :                   13 01 E2 FD E3 97 FE CD
            :                       }
            :                   }
 728 30   31:                 SEQUENCE {
 730 06    3:                   OBJECT IDENTIFIER
            :                     subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
 735 04   24:                   OCTET STRING, encapsulates {
 737 30   22:                       SEQUENCE {
 739 81   20:                         [1] 'AliceDSS@example.com'
            :                         }
            :                       }
            :                   }
            :                 }
            :               }
            :             }
 761 30    9:           SEQUENCE {
 763 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
 772 03   48:           BIT STRING 0 unused bits, encapsulates {
 775 30   45:               SEQUENCE {
 777 02   20:                 INTEGER
            :                   55 0C A4 19 1F 42 2B 89 71 22 33 8D
            :                   83 6A B5 3D 67 6B BF 45
 799 02   21:                 INTEGER
            :                   00 9F 61 53 52 54 0B 5C B2 DD DA E7
            :                   76 1D E2 10 52 5B 43 5E BD
            :                 }
            :               }
            :           }
            :         }
 822 31   99:       SET {
 824 30   97:         SEQUENCE {
 826 02    1:           INTEGER 1
 829 30   24:           SEQUENCE {
 831 30   18:             SEQUENCE {
 833 31   16:               SET {
 835 30   14:                 SEQUENCE {
 837 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 842 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 851 02    2:             INTEGER 200
            :             }
 855 30    7:           SEQUENCE {
 857 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
            :             }
 864 30    9:           SEQUENCE {
 866 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
 875 04   46:           OCTET STRING, encapsulates {
 877 30   44:               SEQUENCE {
 879 02   20:                 INTEGER
            :                   09 91 FE EB D2 69 F5 18 B7 D7 CD 55
            :                   F4 81 EA 2A 42 6A AD 03
 901 02   20:                 INTEGER
            :                   3A 07 CC C3 21 BE E1 1A 4B 7F 3E B5
            :                   0D DB BA 1C EA BC CD 89
            :                 }
            :               }
            :           }
            :         }
            :       }
            :     }
            :   }

5.2 Basic signed content, RSA

Same as 5.1, except using RSA signatures. A SignedData with no
attribute certificates, signed by Alice using RSA, just her certificate
(not Carl's root cert), no CRL. The message is ExContent, and is
included in the eContent. There are no signed or unsigned attributes.

   0 30  850: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  15 A0  835:   [0] {
  19 30  831:     SEQUENCE {
  23 02    1:       INTEGER 1
  26 31   11:       SET {
  28 30    9:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
  37 05    0:           NULL
            :           }
            :         }
  39 30   43:       SEQUENCE {
  41 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  52 A0   30:         [0] {
  54 04   28:           OCTET STRING 'This is some sample content.'
            :           }
            :         }
  84 A0  560:       [0] {
  88 30  556:         SEQUENCE {
  92 30  405:           SEQUENCE {
  96 A0    3:             [0] {
  98 02    1:               INTEGER 2
            :               }
 101 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :               C4 10 B3 B0
 119 30   13:             SEQUENCE {
 121 06    9:               OBJECT IDENTIFIER
            :                 sha1withRSAEncryption
            :                     (1 2 840 113549 1 1 5)
            :                 (PKCS #1)
 132 05    0:               NULL
            :               }
 134 30   18:             SEQUENCE {
 136 31   16:               SET {
 138 30   14:                 SEQUENCE {
 140 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 145 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
 154 30   30:             SEQUENCE {
 156 17   13:               UTCTime '990919010847Z'
 171 17   13:               UTCTime '391231235959Z'
            :               }
 186 30   19:             SEQUENCE {
 188 31   17:               SET {
 190 30   15:                 SEQUENCE {
 192 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 197 13    8:                   PrintableString 'AliceRSA'
            :                   }
            :                 }
            :               }
 207 30  159:             SEQUENCE {
 210 30   13:               SEQUENCE {
 212 06    9:                 OBJECT IDENTIFIER
            :                   rsaEncryption (1 2 840 113549 1 1 1)
            :                   (PKCS #1)
 223 05    0:                 NULL
            :                 }
 225 03  141:               BIT STRING 0 unused bits, encapsulates {
 229 30  137:                   SEQUENCE {
 232 02  129:                     INTEGER
            :                   00 E0 89 73 39 8D D8 F5 F5 E8 87 76
            :                   39 7F 4E B0 05 BB 53 83 DE 0F B7 AB
            :                   DC 7D C7 75 29 0D 05 2E 6D 12 DF A6
            :                   86 26 D4 D2 6F AA 58 29 FC 97 EC FA
            :                   82 51 0F 30 80 BE B1 50 9E 46 44 F1
            :                   2C BB D8 32 CF C6 68 6F 07 D9 B0 60
            :                   AC BE EE 34 09 6A 13 F5 F7 05 05 93
            :                   DF 5E BA 35 56 D9 61 FF 19 7F C9 81
            :                   E6 F8 6C EA 87 40 70 EF AC 6D 2C 74
            :                   9F 2D FA 55 3A B9 99 77 02 A6 48 52
            :                   8C 4E F3 57 38 57 74 57 5F
 364 02    3:                     INTEGER 65537
            :                     }
            :                   }
            :               }
 369 A3  129:             [3] {
 372 30  127:               SEQUENCE {
 374 30   12:                 SEQUENCE {
 376 06    3:                   OBJECT IDENTIFIER
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 381 01    1:                   BOOLEAN TRUE
 384 04    2:                   OCTET STRING, encapsulates {
 386 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 388 30   14:                 SEQUENCE {
 390 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
 395 01    1:                   BOOLEAN TRUE
 398 04    4:                   OCTET STRING, encapsulates {
 400 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
 404 30   31:                 SEQUENCE {
 406 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
 411 04   24:                   OCTET STRING, encapsulates {
 413 30   22:                       SEQUENCE {
 415 80   20:                         [0]
            :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
            :                   42 37 4E 22 AE 9E 38 BB
            :                         }
            :                       }
            :                   }
 437 30   29:                 SEQUENCE {
 439 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
 444 04   22:                   OCTET STRING, encapsulates {
 446 04   20:                       OCTET STRING
            :                   77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D
            :                   CE EC 3C A0 3A E3 FF 50
            :                       }
            :                   }
 468 30   31:                 SEQUENCE {
 470 06    3:                   OBJECT IDENTIFIER
            :                     subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
 475 04   24:                   OCTET STRING, encapsulates {
 477 30   22:                       SEQUENCE {
 479 81   20:                         [1] 'AliceRSA@example.com'
            :                         }
            :                       }
            :                   }
            :                 }
            :               }
            :             }
 501 30   13:           SEQUENCE {
 503 06    9:             OBJECT IDENTIFIER
            :               sha1withRSAEncryption
            :                   (1 2 840 113549 1 1 5)
            :               (PKCS #1)
 514 05    0:             NULL
            :             }
 516 03  129:           BIT STRING 0 unused bits
            :             3E 70 47 A8 48 CC 13 58 8F CA 51 71
            :             6B 4E 36 18 5D 04 7E 80 B1 8D 4D CC
            :             CA A3 8F CC 7D 56 C8 BC CF 6E B3 1C
            :             59 A9 20 AA 05 81 A8 4E 25 AD A7 70
            :             14 75 2F F5 C7 9B D1 0E E9 63 D2 64
            :             B7 C6 66 6E 73 21 54 DF F4 BA 25 5D
            :             7D 49 D3 94 6B 22 36 74 73 B8 4A EC
            :             2F 64 ED D3 3D D2 A7 42 C5 E8 37 8A
            :             B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA
            :             F9 EE 63 6A D8 3F 4B 25 09 B5 D8 1A
            :             76 AE EB 9B DB 49 B0 22
            :           }
            :         }
 648 31  203:       SET {
 651 30  200:         SEQUENCE {
 654 02    1:           INTEGER 1
 657 30   38:           SEQUENCE {
 659 30   18:             SEQUENCE {
 661 31   16:               SET {
 663 30   14:                 SEQUENCE {
 665 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 670 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
 679 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :               C4 10 B3 B0
            :             }
 697 30    9:           SEQUENCE {
 699 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
 706 05    0:             NULL
            :             }
 708 30   13:           SEQUENCE {
 710 06    9:             OBJECT IDENTIFIER
            :               rsaEncryption (1 2 840 113549 1 1 1)
            :               (PKCS #1)
 721 05    0:             NULL
            :             }
 723 04  128:           OCTET STRING
            :             2F 23 82 D2 F3 09 5F B8 0C 58 EB 4E
            :             9D BF 89 9A 81 E5 75 C4 91 3D D3 D0
            :             D5 7B B6 D5 FE 94 A1 8A AC E3 C4 84
            :             F5 CD 60 4E 27 95 F6 CF 00 86 76 75
            :             3F 2B F0 E7 D4 02 67 A7 F5 C7 8D 16
            :             04 A5 B3 B5 E7 D9 32 F0 24 EF E7 20
            :             44 D5 9F 07 C5 53 24 FA CE 01 1D 0F
            :             17 13 A7 2A 95 9D 2B E4 03 95 14 0B
            :             E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6
            :             55 13 D4 68 6F D0 07 D7 A2 B1 62 4C
            :             E3 8F AF FD E0 D5 5D C7
            :           }
            :         }
            :       }
            :     }
            :   }

5.3 Basic signed content, detached content

Same as 5.1, except with no eContent. A SignedData with no attribute
certificates, signed by Alice using DSS, just her certificate (not
Carl's root cert), no CRL. The message is ExContent, but the eContent
is not included. There are no signed or unsigned attributes.

   0 30  887: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  15 A0  872:   [0] {
  19 30  868:     SEQUENCE {
  23 02    1:       INTEGER 1
  26 31    9:       SET {
  28 30    7:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
            :           }
            :         }
  37 30   11:       SEQUENCE {
  39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
            :         }
  50 A0  736:       [0] {
  54 30  732:         SEQUENCE {
  58 30  667:           SEQUENCE {
  62 A0    3:             [0] {
  64 02    1:               INTEGER 2
            :               }
  67 02    2:             INTEGER 200
  71 30    9:             SEQUENCE {
  73 06    7:               OBJECT IDENTIFIER
            :                 dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)
            :               }
  82 30   18:             SEQUENCE {
  84 31   16:               SET {
  86 30   14:                 SEQUENCE {
  88 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
  93 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 102 30   30:             SEQUENCE {
 104 17   13:               UTCTime '990817011049Z'
 119 17   13:               UTCTime '391231235959Z'
            :               }
 134 30   19:             SEQUENCE {
 136 31   17:               SET {
 138 30   15:                 SEQUENCE {
 140 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 145 13    8:                   PrintableString 'AliceDSS'
            :                   }
            :                 }
            :               }
 155 30  438:             SEQUENCE {
 159 30  299:               SEQUENCE {
 163 06    7:                 OBJECT IDENTIFIER
            :                   dsa (1 2 840 10040 4 1)
            :                   (ANSI X9.57 algorithm)
 172 30  286:                 SEQUENCE {
 176 02  129:                   INTEGER
            :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
            :                   48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
            :                   53 C5 AB 84 08 4F FF 94 E1 73 48 7E
            :                   0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
            :                   DC 5F 69 8A E4 75 D0 37 0C 91 08 95
            :                   9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
            :                   8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
            :                   78 BD FF 9D B0 84 97 37 F2 E4 51 1B
            :                   B5 E4 09 96 5C F3 7E 5B DB
 308 02   21:                   INTEGER
            :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
            :                   B8 37 21 2B 62 8B F7 93 CD
 331 02  128:                   INTEGER
            :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
            :                   4B 59 6A 4C 76 23 39 04 02 35 5C F2
            :                   CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
            :                   AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
            :                   3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
            :                   E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30
            :                   01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
            :                   1F 11 7F C2 BD ED D1 50 FF 98 74 C2
            :                   D1 81 4A 60 39 BA 36 39
            :                   }
            :                 }
 462 03  132:               BIT STRING 0 unused bits, encapsulates {
 466 02  128:                   INTEGER
            :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
            :                   3F A9 EC AC 5E DC BD B7 13 11 34 A6
            :                   16 89 28 11 23 D9 34 86 67 75 75 13
            :                   12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
            :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
            :                   A5 A0 4A E3 85 D6 CE 06 80 3F E8 23
            :                   7E 1A F2 24 AB 53 1A B8 27 0D 1E EF
            :                   08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
            :                   32 84 F0 7E 41 40 FD 46 A7 63 4E 33
            :                   F2 A5 E2 F4 F2 83 E5 B8
            :                   }
            :               }
 597 A3  129:             [3] {
 600 30  127:               SEQUENCE {
 602 30   12:                 SEQUENCE {
 604 06    3:                   OBJECT IDENTIFIER
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 609 01    1:                   BOOLEAN TRUE
 612 04    2:                   OCTET STRING, encapsulates {
 614 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 616 30   14:                 SEQUENCE {
 618 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
 623 01    1:                   BOOLEAN TRUE
 626 04    4:                   OCTET STRING, encapsulates {
 628 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
 632 30   31:                 SEQUENCE {
 634 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
 639 04   24:                   OCTET STRING, encapsulates {
 641 30   22:                       SEQUENCE {
 643 80   20:                         [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                   3D 20 BC 43 2B 93 F1 1F
            :                         }
            :                       }
            :                   }
 665 30   29:                 SEQUENCE {
 667 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
 672 04   22:                   OCTET STRING, encapsulates {
 674 04   20:                       OCTET STRING
            :                   BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
            :                   13 01 E2 FD E3 97 FE CD
            :                       }
            :                   }
 696 30   31:                 SEQUENCE {
 698 06    3:                   OBJECT IDENTIFIER
            :                     subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
 703 04   24:                   OCTET STRING, encapsulates {
 705 30   22:                       SEQUENCE {
 707 81   20:                         [1] 'AliceDSS@example.com'
            :                         }
            :                       }
            :                   }
            :                 }
            :               }
            :             }
 729 30    9:           SEQUENCE {
 731 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
 740 03   48:           BIT STRING 0 unused bits, encapsulates {
 743 30   45:               SEQUENCE {
 745 02   20:                 INTEGER
            :                   55 0C A4 19 1F 42 2B 89 71 22 33 8D
            :                   83 6A B5 3D 67 6B BF 45
 767 02   21:                 INTEGER
            :                   00 9F 61 53 52 54 0B 5C B2 DD DA E7
            :                   76 1D E2 10 52 5B 43 5E BD
            :                 }
            :               }
            :           }
            :         }
 790 31   99:       SET {
 792 30   97:         SEQUENCE {
 794 02    1:           INTEGER 1
 797 30   24:           SEQUENCE {
 799 30   18:             SEQUENCE {
 801 31   16:               SET {
 803 30   14:                 SEQUENCE {
 805 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 810 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 819 02    2:             INTEGER 200
            :             }
 823 30    7:           SEQUENCE {
 825 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
            :             }
 832 30    9:           SEQUENCE {
 834 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
 843 04   46:           OCTET STRING, encapsulates {
 845 30   44:               SEQUENCE {
 847 02   20:                 INTEGER
            :                   06 FB C7 2A 24 D5 34 89 F7 8B B5 FD
            :                   73 24 A5 86 C8 0F 5A 6C
 869 02   20:                 INTEGER
            :                   66 69 19 BC 68 58 D1 8D B1 9D 52 3F
            :                   DA 14 88 0D FD C9 A1 B8
            :                 }
            :               }
            :           }
            :         }
            :       }
            :     }
            :   }

5.4 Fancier signed content

Same as 5.1, but includes Carl's root cert, Carl's CRL, some signed and
unsigned attributes (Countersignature by Diane). A SignedData with no
attribute certificates, signed by Alice using DSS, her certificate
and Carl's root cert, Carl's DSS CRL. The message is ExContent, and is
included in the eContent. The signed attributes are Content Type,
Message Digest and Signing Time; the unsigned attributes are content
hint and counter signature.

   0 30 2829: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  15 A0 2814:   [0] {
  19 30 2810:     SEQUENCE {
  23 02    1:       INTEGER 1
  26 31    9:       SET {
  28 30    7:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
            :           }
            :         }
  37 30   43:       SEQUENCE {
  39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  50 A0   30:         [0] {
  52 04   28:           OCTET STRING 'This is some sample content.'
            :           }
            :         }
  82 A0 1967:       [0] {
  86 30  556:         SEQUENCE {
  90 30  405:           SEQUENCE {
  94 A0    3:             [0] {
  96 02    1:               INTEGER 2
            :               }
  99 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :               C4 10 B3 B0
 117 30   13:             SEQUENCE {
 119 06    9:               OBJECT IDENTIFIER
            :                 sha1withRSAEncryption
            :                     (1 2 840 113549 1 1 5)
            :                 (PKCS #1)
 130 05    0:               NULL
            :               }
 132 30   18:             SEQUENCE {
 134 31   16:               SET {
 136 30   14:                 SEQUENCE {
 138 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 143 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
 152 30   30:             SEQUENCE {
 154 17   13:               UTCTime '990919010847Z'
 169 17   13:               UTCTime '391231235959Z'
            :               }
 184 30   19:             SEQUENCE {
 186 31   17:               SET {
 188 30   15:                 SEQUENCE {
 190 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 195 13    8:                   PrintableString 'AliceRSA'
            :                   }
            :                 }
            :               }
 205 30  159:             SEQUENCE {
 208 30   13:               SEQUENCE {
 210 06    9:                 OBJECT IDENTIFIER
            :                   rsaEncryption (1 2 840 113549 1 1 1)
            :                   (PKCS #1)
 221 05    0:                 NULL
            :                 }
 223 03  141:               BIT STRING 0 unused bits, encapsulates {
 227 30  137:                   SEQUENCE {
 230 02  129:                     INTEGER
            :                   00 E0 89 73 39 8D D8 F5 F5 E8 87 76
            :                   39 7F 4E B0 05 BB 53 83 DE 0F B7 AB
            :                   DC 7D C7 75 29 0D 05 2E 6D 12 DF A6
            :                   86 26 D4 D2 6F AA 58 29 FC 97 EC FA
            :                   82 51 0F 30 80 BE B1 50 9E 46 44 F1
            :                   2C BB D8 32 CF C6 68 6F 07 D9 B0 60
            :                   AC BE EE 34 09 6A 13 F5 F7 05 05 93
            :                   DF 5E BA 35 56 D9 61 FF 19 7F C9 81
            :                   E6 F8 6C EA 87 40 70 EF AC 6D 2C 74
            :                   9F 2D FA 55 3A B9 99 77 02 A6 48 52
            :                   8C 4E F3 57 38 57 74 57 5F
 362 02    3:                     INTEGER 65537
            :                     }
            :                   }
            :               }
 367 A3  129:             [3] {
 370 30  127:               SEQUENCE {
 372 30   12:                 SEQUENCE {
 374 06    3:                   OBJECT IDENTIFIER
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 379 01    1:                   BOOLEAN TRUE
 382 04    2:                   OCTET STRING, encapsulates {
 384 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 386 30   14:                 SEQUENCE {
 388 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
 393 01    1:                   BOOLEAN TRUE
 396 04    4:                   OCTET STRING, encapsulates {
 398 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
 402 30   31:                 SEQUENCE {
 404 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
 409 04   24:                   OCTET STRING, encapsulates {
 411 30   22:                       SEQUENCE {
 413 80   20:                         [0]
            :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
            :                   42 37 4E 22 AE 9E 38 BB
            :                         }
            :                       }
            :                   }
 435 30   29:                 SEQUENCE {
 437 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
 442 04   22:                   OCTET STRING, encapsulates {
 444 04   20:                       OCTET STRING
            :                   77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D
            :                   CE EC 3C A0 3A E3 FF 50
            :                       }
            :                   }
 466 30   31:                 SEQUENCE {
 468 06    3:                   OBJECT IDENTIFIER
            :                     subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
 473 04   24:                   OCTET STRING, encapsulates {
 475 30   22:                       SEQUENCE {
 477 81   20:                         [1] 'AliceRSA@example.com'
            :                         }
            :                       }
            :                   }
            :                 }
            :               }
            :             }
 499 30   13:           SEQUENCE {
 501 06    9:             OBJECT IDENTIFIER
            :               sha1withRSAEncryption
            :                   (1 2 840 113549 1 1 5)
            :               (PKCS #1)
 512 05    0:             NULL
            :             }
 514 03  129:           BIT STRING 0 unused bits
            :             3E 70 47 A8 48 CC 13 58 8F CA 51 71
            :             6B 4E 36 18 5D 04 7E 80 B1 8D 4D CC
            :             CA A3 8F CC 7D 56 C8 BC CF 6E B3 1C
            :             59 A9 20 AA 05 81 A8 4E 25 AD A7 70
            :             14 75 2F F5 C7 9B D1 0E E9 63 D2 64
            :             B7 C6 66 6E 73 21 54 DF F4 BA 25 5D
            :             7D 49 D3 94 6B 22 36 74 73 B8 4A EC
            :             2F 64 ED D3 3D D2 A7 42 C5 E8 37 8A
            :             B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA
            :             F9 EE 63 6A D8 3F 4B 25 09 B5 D8 1A
            :             76 AE EB 9B DB 49 B0 22
            :           }
 646 30  667:         SEQUENCE {
 650 30  602:           SEQUENCE {
 654 A0    3:             [0] {
 656 02    1:               INTEGER 2
            :               }
 659 02    1:             INTEGER 1
 662 30    9:             SEQUENCE {
 664 06    7:               OBJECT IDENTIFIER
            :                 dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)
            :               }
 673 30   18:             SEQUENCE {
 675 31   16:               SET {
 677 30   14:                 SEQUENCE {
 679 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 684 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 693 30   30:             SEQUENCE {
 695 17   13:               UTCTime '990816225050Z'
 710 17   13:               UTCTime '391231235959Z'
            :               }
 725 30   18:             SEQUENCE {
 727 31   16:               SET {
 729 30   14:                 SEQUENCE {
 731 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 736 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 745 30  439:             SEQUENCE {
 749 30  299:               SEQUENCE {
 753 06    7:                 OBJECT IDENTIFIER
            :                   dsa (1 2 840 10040 4 1)
            :                   (ANSI X9.57 algorithm)
 762 30  286:                 SEQUENCE {
 766 02  129:                   INTEGER
            :                   00 B6 49 18 3E 8A 44 C1 29 71 94 4C
            :                   01 C4 12 C1 7A 79 CB 54 4D AB 1E 81
            :                   FB C6 4C B3 0E 94 09 06 EB 01 D4 B1
            :                   C8 71 4B C7 45 C0 50 25 5D 9C FC DA
            :                   E4 6D D3 E2 86 48 84 82 7D BA 15 95
            :                   4A 16 F6 46 ED DD F6 98 D2 BB 7E 8A
            :                   0A 8A BA 16 7B B9 50 01 48 93 8B EB
            :                   25 15 51 97 55 DC 8F 53 0E 10 A9 50
            :                   FC 70 B7 CD 30 54 FD DA DE A8 AA 22
            :                   B5 A1 AF 8B CC 02 88 E7 8B 70 5F B9
            :                   AD E1 08 D4 6D 29 2D D6 E9
 898 02   21:                   INTEGER
            :                   00 DD C1 2F DF 53 CE 0B 34 60 77 3E
            :                   02 A4 BF 8A 5D 98 B9 10 D5
 921 02  128:                   INTEGER
            :                   0C EE 57 9B 4B BD DA B6 07 6A 74 37
            :                   4F 55 7F 9D ED BC 61 0D EB 46 59 3C
            :                   56 0B 2B 5B 0C 91 CE A5 62 52 69 CA
            :                   E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
            :                   AD CB AE 45 E3 06 AC 8C 22 9D 9C 44
            :                   87 0B C7 CD F0 1C D9 B5 4E 5D 73 DE
            :                   AF 0E C9 1D 5A 51 F5 4F 44 79 35 5A
            :                   73 AA 7F 46 51 1F A9 42 16 9C 48 EB
            :                   8A 79 61 B4 D5 2F 53 22 44 63 1F 86
            :                   B8 A3 58 06 25 F8 29 C0 EF BA E0 75
            :                   F0 42 C4 63 65 52 9B 0A
            :                   }
            :                 }
1052 03  133:               BIT STRING 0 unused bits, encapsulates {
1056 02  129:                   INTEGER
            :                   00 99 87 74 27 03 66 A0 B1 C0 AD DC
            :                   2C 75 BB E1 6C 44 9C DA 21 6D 4D 47
            :                   6D B1 62 09 E9 D8 AE 1E F2 3A B4 94
            :                   B1 A3 8E 7A 9B 71 4E 00 94 C9 B4 25
            :                   4E B9 60 96 19 24 01 F3 62 0C FE 75
            :                   C0 FB CE D8 68 00 E3 FD D5 70 4F DF
            :                   23 96 19 06 94 F4 B1 61 8F 3A 57 B1
            :                   08 11 A4 0B 26 25 F0 52 76 81 EA 0B
            :                   62 0D 95 2A E6 86 BA 72 B2 A7 50 83
            :                   0B AA 27 CD 1B A9 4D 89 9A D7 8D 18
            :                   39 84 3F 8B C5 56 4D 80 7A
            :                   }
            :               }
1188 A3   66:             [3] {
1190 30   64:               SEQUENCE {
1192 30   15:                 SEQUENCE {
1194 06    3:                   OBJECT IDENTIFIER
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
1199 01    1:                   BOOLEAN TRUE
1202 04    5:                   OCTET STRING, encapsulates {
1204 30    3:                       SEQUENCE {
1206 01    1:                         BOOLEAN TRUE
            :                         }
            :                       }
            :                   }
1209 30   14:                 SEQUENCE {
1211 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
1216 01    1:                   BOOLEAN TRUE
1219 04    4:                   OCTET STRING, encapsulates {
1221 03    2:                       BIT STRING 1 unused bits
            :                         '1100001'B
            :                       }
            :                   }
1225 30   29:                 SEQUENCE {
1227 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
1232 04   22:                   OCTET STRING, encapsulates {
1234 04   20:                       OCTET STRING
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                   3D 20 BC 43 2B 93 F1 1F
            :                       }
            :                   }
            :                 }
            :               }
            :             }
1256 30    9:           SEQUENCE {
1258 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
1267 03   48:           BIT STRING 0 unused bits, encapsulates {
1270 30   45:               SEQUENCE {
1272 02   20:                 INTEGER
            :                   6B A9 F0 4E 7A 5A 79 E3 F9 BE 3D 2B
            :                   C9 06 37 E9 11 17 A1 13
1294 02   21:                 INTEGER
            :                   00 8F 34 69 2A 8B B1 3C 03 79 94 32
            :                   4D 12 1F CE 89 FB 46 B2 3B
            :                 }
            :               }
            :           }
1317 30  732:         SEQUENCE {
1321 30  667:           SEQUENCE {
1325 A0    3:             [0] {
1327 02    1:               INTEGER 2
            :               }
1330 02    2:             INTEGER 200
1334 30    9:             SEQUENCE {
1336 06    7:               OBJECT IDENTIFIER
            :                 dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)
            :               }
1345 30   18:             SEQUENCE {
1347 31   16:               SET {
1349 30   14:                 SEQUENCE {
1351 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
1356 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
1365 30   30:             SEQUENCE {
1367 17   13:               UTCTime '990817011049Z'
1382 17   13:               UTCTime '391231235959Z'
            :               }
1397 30   19:             SEQUENCE {
1399 31   17:               SET {
1401 30   15:                 SEQUENCE {
1403 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
1408 13    8:                   PrintableString 'AliceDSS'
            :                   }
            :                 }
            :               }
1418 30  438:             SEQUENCE {
1422 30  299:               SEQUENCE {
1426 06    7:                 OBJECT IDENTIFIER
            :                   dsa (1 2 840 10040 4 1)
            :                   (ANSI X9.57 algorithm)
1435 30  286:                 SEQUENCE {
1439 02  129:                   INTEGER
            :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
            :                   48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
            :                   53 C5 AB 84 08 4F FF 94 E1 73 48 7E
            :                   0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
            :                   DC 5F 69 8A E4 75 D0 37 0C 91 08 95
            :                   9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
            :                   8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
            :                   78 BD FF 9D B0 84 97 37 F2 E4 51 1B
            :                   B5 E4 09 96 5C F3 7E 5B DB
1571 02   21:                   INTEGER
            :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
            :                   B8 37 21 2B 62 8B F7 93 CD
1594 02  128:                   INTEGER
            :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
            :                   4B 59 6A 4C 76 23 39 04 02 35 5C F2
            :                   CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
            :                   AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
            :                   3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
            :                   E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30
            :                   01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
            :                   1F 11 7F C2 BD ED D1 50 FF 98 74 C2
            :                   D1 81 4A 60 39 BA 36 39
            :                   }
            :                 }
1725 03  132:               BIT STRING 0 unused bits, encapsulates {
1729 02  128:                   INTEGER
            :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
            :                   3F A9 EC AC 5E DC BD B7 13 11 34 A6
            :                   16 89 28 11 23 D9 34 86 67 75 75 13
            :                   12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
            :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
            :                   A5 A0 4A E3 85 D6 CE 06 80 3F E8 23
            :                   7E 1A F2 24 AB 53 1A B8 27 0D 1E EF
            :                   08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
            :                   32 84 F0 7E 41 40 FD 46 A7 63 4E 33
            :                   F2 A5 E2 F4 F2 83 E5 B8
            :                   }
            :               }
1860 A3  129:             [3] {
1863 30  127:               SEQUENCE {
1865 30   12:                 SEQUENCE {
1867 06    3:                   OBJECT IDENTIFIER
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
1872 01    1:                   BOOLEAN TRUE
1875 04    2:                   OCTET STRING, encapsulates {
1877 30    0:                       SEQUENCE {}
            :                       }
            :                   }
1879 30   14:                 SEQUENCE {
1881 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
1886 01    1:                   BOOLEAN TRUE
1889 04    4:                   OCTET STRING, encapsulates {
1891 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
1895 30   31:                 SEQUENCE {
1897 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
1902 04   24:                   OCTET STRING, encapsulates {
1904 30   22:                       SEQUENCE {
1906 80   20:                         [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                   3D 20 BC 43 2B 93 F1 1F
            :                         }
            :                       }
            :                   }
1928 30   29:                 SEQUENCE {
1930 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
1935 04   22:                   OCTET STRING, encapsulates {
1937 04   20:                       OCTET STRING
            :                   BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
            :                   13 01 E2 FD E3 97 FE CD
            :                       }
            :                   }
1959 30   31:                 SEQUENCE {
1961 06    3:                   OBJECT IDENTIFIER
            :                     subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
1966 04   24:                   OCTET STRING, encapsulates {
1968 30   22:                       SEQUENCE {
1970 81   20:                         [1] 'AliceDSS@example.com'
            :                         }
            :                       }
            :                   }
            :                 }
            :               }
            :             }
1992 30    9:           SEQUENCE {
1994 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
2003 03   48:           BIT STRING 0 unused bits, encapsulates {
2006 30   45:               SEQUENCE {
2008 02   20:                 INTEGER
            :                   55 0C A4 19 1F 42 2B 89 71 22 33 8D
            :                   83 6A B5 3D 67 6B BF 45
2030 02   21:                 INTEGER
            :                   00 9F 61 53 52 54 0B 5C B2 DD DA E7
            :                   76 1D E2 10 52 5B 43 5E BD
            :                 }
            :               }
            :           }
            :         }
2053 A1  219:       [1] {
2056 30  216:         SEQUENCE {
2059 30  153:           SEQUENCE {
2062 30    9:             SEQUENCE {
2064 06    7:               OBJECT IDENTIFIER
            :                 dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)
            :               }
2073 30   18:             SEQUENCE {
2075 31   16:               SET {
2077 30   14:                 SEQUENCE {
2079 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
2084 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
2093 17   13:             UTCTime '990827070000Z'
2108 30  105:             SEQUENCE {
2110 30   19:               SEQUENCE {
2112 02    2:                 INTEGER 200
2116 17   13:                 UTCTime '990822070000Z'
            :                 }
2131 30   19:               SEQUENCE {
2133 02    2:                 INTEGER 201
2137 17   13:                 UTCTime '990822070000Z'
            :                 }
2152 30   19:               SEQUENCE {
2154 02    2:                 INTEGER 211
2158 17   13:                 UTCTime '990822070000Z'
            :                 }
2173 30   19:               SEQUENCE {
2175 02    2:                 INTEGER 210
2179 17   13:                 UTCTime '990822070000Z'
            :                 }
2194 30   19:               SEQUENCE {
2196 02    2:                 INTEGER 212
2200 17   13:                 UTCTime '990824070000Z'
            :                 }
            :               }
            :             }
2215 30    9:           SEQUENCE {
2217 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
2226 03   47:           BIT STRING 0 unused bits, encapsulates {
2229 30   44:               SEQUENCE {
2231 02   20:                 INTEGER
            :                   7E 65 52 76 33 FE 34 73 17 D1 F7 96
            :                   F9 A0 D4 D8 6D 5C 7D 3D
2253 02   20:                 INTEGER
            :                   02 7A 5B B7 D5 5B 18 C1 CF 87 EF 7E
            :                   DA 24 F3 2A 83 9C 35 A1
            :                 }
            :               }
            :           }
            :         }
2275 31  554:       SET {
2279 30  550:         SEQUENCE {
2283 02    1:           INTEGER 1
2286 30   24:           SEQUENCE {
2288 30   18:             SEQUENCE {
2290 31   16:               SET {
2292 30   14:                 SEQUENCE {
2294 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
2299 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
2308 02    2:             INTEGER 200
            :             }
2312 30    7:           SEQUENCE {
2314 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
            :             }
2321 A0   93:           [0] {
2323 30   24:             SEQUENCE {
2325 06    9:               OBJECT IDENTIFIER
            :                 contentType (1 2 840 113549 1 9 3)
            :                 (PKCS #9 (1 2 840 113549 1 9))
2336 31   11:               SET {
2338 06    9:                 OBJECT IDENTIFIER
            :                   data (1 2 840 113549 1 7 1)
            :                   (PKCS #7)
            :                 }
            :               }
2349 30   28:             SEQUENCE {
2351 06    9:               OBJECT IDENTIFIER
            :                 signingTime (1 2 840 113549 1 9 5)
            :                 (PKCS #9 (1 2 840 113549 1 9))
2362 31   15:               SET {
2364 17   13:                 UTCTime '030514153900Z'
            :                 }
            :               }
2379 30   35:             SEQUENCE {
2381 06    9:               OBJECT IDENTIFIER
            :                 messageDigest (1 2 840 113549 1 9 4)
            :                 (PKCS #9 (1 2 840 113549 1 9))
2392 31   22:               SET {
2394 04   20:                 OCTET STRING
            :                   40 6A EC 08 52 79 BA 6E 16 02 2D 9E
            :                   06 29 C0 22 96 87 DD 48
            :                 }
            :               }
            :             }
2416 30    9:           SEQUENCE {
2418 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
2427 04   46:           OCTET STRING, encapsulates {
2429 30   44:               SEQUENCE {
2431 02   20:                 INTEGER
            :                   3B A5 E0 4A DB 6D 58 E0 19 D1 00 1C
            :                   4F 44 9A 57 7A 71 66 68
2453 02   20:                 INTEGER
            :                   1A 11 98 D6 1F 1F AF 34 81 01 DE BE
            :                   8B DC B6 A8 6A 91 69 13
            :                 }
            :               }
2475 A1  354:           [1] {
2479 30   62:             SEQUENCE {
2481 06   11:               OBJECT IDENTIFIER
            :                 id-aa-contentHint
            :                     (1 2 840 113549 1 9 16 2 4)
            :                 (S/MIME Authenticated Attributes
            :                     (1 2 840 113549 1 9 16 2))
2494 31   47:               SET {
2496 30   45:                 SEQUENCE {
2498 0C   32:                   UTF8String
            :                   'Content Hints Description Buffer'
2532 06    9:                   OBJECT IDENTIFIER
            :                     data (1 2 840 113549 1 7 1)
            :                     (PKCS #7)
            :                   }
            :                 }
            :               }
2543 30  286:             SEQUENCE {
2547 06    9:               OBJECT IDENTIFIER
            :                 countersignature (1 2 840 113549 1 9 6)
            :                 (PKCS #9 (1 2 840 113549 1 9))
2558 31  271:               SET {
2562 30  267:                 SEQUENCE {
2566 02    1:                   INTEGER 1
2569 30   38:                   SEQUENCE {
2571 30   18:                     SEQUENCE {
2573 31   16:                       SET {
2575 30   14:                         SEQUENCE {
2577 06    3:                           OBJECT IDENTIFIER
            :                             commonName (2 5 4 3)
            :                             (X.520 id-at (2 5 4))
2582 13    7:                           PrintableString 'CarlRSA'
            :                           }
            :                         }
            :                       }
2591 02   16:                     INTEGER
            :                   46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :                   C4 10 B3 B0
            :                     }
2609 30    7:                   SEQUENCE {
2611 06    5:                     OBJECT IDENTIFIER
            :                       sha1 (1 3 14 3 2 26)
            :                       (OIW)
            :                     }
2618 A0   67:                   [0] {
2620 30   28:                     SEQUENCE {
2622 06    9:                       OBJECT IDENTIFIER
            :                         signingTime
            :                             (1 2 840 113549 1 9 5)
            :                         (PKCS #9 (1 2 840 113549 1 9))
2633 31   15:                       SET {
2635 17   13:                         UTCTime '030514153900Z'
            :                         }
            :                       }
2650 30   35:                     SEQUENCE {
2652 06    9:                       OBJECT IDENTIFIER
            :                         messageDigest
            :                             (1 2 840 113549 1 9 4)
            :                         (PKCS #9 (1 2 840 113549 1 9))
2663 31   22:                       SET {
2665 04   20:                         OCTET STRING
            :                   02 5F 49 4E 39 98 50 85 B3 66 D3 8A
            :                   1F 7B 9E 69 AA FB D8 33
            :                         }
            :                       }
            :                     }
2687 30   13:                   SEQUENCE {
2689 06    9:                     OBJECT IDENTIFIER
            :                       rsaEncryption
            :                           (1 2 840 113549 1 1 1)
            :                       (PKCS #1)
2700 05    0:                     NULL
            :                     }
2702 04  128:                   OCTET STRING
            :                   6D AA 20 24 ED 7A EE A5 5E 87 DD 75
            :                   1F 2B 54 10 65 F4 CE 9B B1 2C 78 74
            :                   BC 8B 1C 60 B5 DB 8B 03 9E 49 F2 2B
            :                   7F 93 6E 3D 89 14 C9 E3 6B F4 F6 7D
            :                   76 AE 3E 58 1F 9B BB BC 7C 30 19 4E
            :                   10 F7 02 F1 8B 5B B4 DB 9A BB 93 B4
            :                   18 D0 CC 2B C9 91 A9 AD D9 46 F8 65
            :                   A9 E2 71 95 D0 D4 4E 1F CD 74 6F 82
            :                   E8 37 6F 5A 3D CB C7 D4 5F C2 80 1B
            :                   DA D3 84 40 68 5F 56 9A 62 F5 3B 0D
            :                   6C 33 C3 ED 67 3F 43 BF
            :                   }
            :                 }
            :               }
            :             }
            :           }
            :         }
            :       }
            :     }
            :   }

5.5 All RSA signed message

Same as 5.2, but includes Carl's RSA root cert (but no CRL). A
SignedData with no attribute certificates, signed by Alice using RSA,
her certificate and Carl's root cert, no CRL. The message is ExContent,
and is included in the eContent. There are no signed or unsigned
attributes.

   0 30 NDEF: SEQUENCE {
   2 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  13 A0 NDEF:   [0] {
  15 30 NDEF:     SEQUENCE {
  17 02    1:       INTEGER 1
  20 31   11:       SET {
  22 30    9:         SEQUENCE {
  24 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
  31 05    0:           NULL
            :           }
            :         }
  33 30 NDEF:       SEQUENCE {
  35 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  46 A0 NDEF:         [0] {
  48 24 NDEF:           OCTET STRING {
  50 04    4:             OCTET STRING 'This'
  56 04   24:             OCTET STRING ' is some sample content.'
            :             }
            :           }
            :         }
  88 A0 NDEF:       [0] {
  90 30  491:         SEQUENCE {
  94 30  340:           SEQUENCE {
  98 A0    3:             [0] {
 100 02    1:               INTEGER 2
            :               }
 103 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :               9F F2 50 20
 121 30   13:             SEQUENCE {
 123 06    9:               OBJECT IDENTIFIER
            :                 sha1withRSAEncryption
            :                     (1 2 840 113549 1 1 5)
            :                 (PKCS #1)
 134 05    0:               NULL
            :               }
 136 30   18:             SEQUENCE {
 138 31   16:               SET {
 140 30   14:                 SEQUENCE {
 142 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 147 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
 156 30   30:             SEQUENCE {
 158 17   13:               UTCTime '990818070000Z'
 173 17   13:               UTCTime '391231235959Z'
            :               }
 188 30   18:             SEQUENCE {
 190 31   16:               SET {
 192 30   14:                 SEQUENCE {
 194 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 199 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
 208 30  159:             SEQUENCE {
 211 30   13:               SEQUENCE {
 213 06    9:                 OBJECT IDENTIFIER
            :                   rsaEncryption (1 2 840 113549 1 1 1)
            :                   (PKCS #1)
 224 05    0:                 NULL
            :                 }
 226 03  141:               BIT STRING 0 unused bits, encapsulates {
 230 30  137:                   SEQUENCE {
 233 02  129:                     INTEGER
            :                   00 E4 4B FF 18 B8 24 57 F4 77 FF 6E
            :                   73 7B 93 71 5C BC 33 1A 92 92 72 23
            :                   D8 41 46 D0 CD 11 3A 04 B3 8E AF 82
            :                   9D BD 51 1E 17 7A F2 76 2C 2B 86 39
            :                   A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC
            :                   A2 36 B1 ED E2 50 E2 32 09 8A 3F 9F
            :                   99 25 8F B8 4E AB B9 7D D5 96 65 DA
            :                   16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7
            :                   29 CB 82 DD AC 44 E9 AA 93 94 29 0E
            :                   F8 18 D6 C8 57 5E F2 76 C4 F2 11 60
            :                   38 B9 1B 3C 1D 97 C9 6A F1
 365 02    3:                     INTEGER 65537
            :                     }
            :                   }
            :               }
 370 A3   66:             [3] {
 372 30   64:               SEQUENCE {
 374 30   15:                 SEQUENCE {
 376 06    3:                   OBJECT IDENTIFIER
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 381 01    1:                   BOOLEAN TRUE
 384 04    5:                   OCTET STRING, encapsulates {
 386 30    3:                       SEQUENCE {
 388 01    1:                         BOOLEAN TRUE
            :                         }
            :                       }
            :                   }
 391 30   14:                 SEQUENCE {
 393 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
 398 01    1:                   BOOLEAN TRUE
 401 04    4:                   OCTET STRING, encapsulates {
 403 03    2:                       BIT STRING 1 unused bits
            :                         '1100001'B
            :                       }
            :                   }
 407 30   29:                 SEQUENCE {
 409 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
 414 04   22:                   OCTET STRING, encapsulates {
 416 04   20:                       OCTET STRING
            :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
            :                   42 37 4E 22 AE 9E 38 BB
            :                       }
            :                   }
            :                 }
            :               }
            :             }
 438 30   13:           SEQUENCE {
 440 06    9:             OBJECT IDENTIFIER
            :               sha1withRSAEncryption
            :                   (1 2 840 113549 1 1 5)
            :               (PKCS #1)
 451 05    0:             NULL
            :             }
 453 03  129:           BIT STRING 0 unused bits
            :             B7 9E D4 04 D3 ED 29 E4 FF 89 89 15
            :             2E 4C DB 0C F0 48 0F 32 61 EE C4 04
            :             EC 12 5D 2D FF 0F 64 59 7E 0A C3 ED
            :             18 FD E3 56 40 37 A7 07 B5 F0 38 12
            :             61 50 ED EF DD 3F E3 0B B8 61 A5 A4
            :             9B 3C E6 9E 9C 54 9A B6 95 D6 DA 6C
            :             3B B5 2D 45 35 9D 49 01 76 FA B9 B9
            :             31 F9 F9 6B 12 53 A0 F5 14 60 9B 7D
            :             CA 3E F2 53 6B B0 37 6F AD E6 74 D7
            :             DB FA 5A EA 14 41 63 5D CD BE C8 0E
            :             C1 DA 6A 8D 53 34 18 02
            :           }
 585 30  556:         SEQUENCE {
 589 30  405:           SEQUENCE {
 593 A0    3:             [0] {
 595 02    1:               INTEGER 2
            :               }
 598 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :               C4 10 B3 B0
 616 30   13:             SEQUENCE {
 618 06    9:               OBJECT IDENTIFIER
            :                 sha1withRSAEncryption
            :                     (1 2 840 113549 1 1 5)
            :                 (PKCS #1)
 629 05    0:               NULL
            :               }
 631 30   18:             SEQUENCE {
 633 31   16:               SET {
 635 30   14:                 SEQUENCE {
 637 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 642 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
 651 30   30:             SEQUENCE {
 653 17   13:               UTCTime '990919010847Z'
 668 17   13:               UTCTime '391231235959Z'
            :               }
 683 30   19:             SEQUENCE {
 685 31   17:               SET {
 687 30   15:                 SEQUENCE {
 689 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 694 13    8:                   PrintableString 'AliceRSA'
            :                   }
            :                 }
            :               }
 704 30  159:             SEQUENCE {
 707 30   13:               SEQUENCE {
 709 06    9:                 OBJECT IDENTIFIER
            :                   rsaEncryption (1 2 840 113549 1 1 1)
            :                   (PKCS #1)
 720 05    0:                 NULL
            :                 }
 722 03  141:               BIT STRING 0 unused bits, encapsulates {
 726 30  137:                   SEQUENCE {
 729 02  129:                     INTEGER
            :                   00 E0 89 73 39 8D D8 F5 F5 E8 87 76
            :                   39 7F 4E B0 05 BB 53 83 DE 0F B7 AB
            :                   DC 7D C7 75 29 0D 05 2E 6D 12 DF A6
            :                   86 26 D4 D2 6F AA 58 29 FC 97 EC FA
            :                   82 51 0F 30 80 BE B1 50 9E 46 44 F1
            :                   2C BB D8 32 CF C6 68 6F 07 D9 B0 60
            :                   AC BE EE 34 09 6A 13 F5 F7 05 05 93
            :                   DF 5E BA 35 56 D9 61 FF 19 7F C9 81
            :                   E6 F8 6C EA 87 40 70 EF AC 6D 2C 74
            :                   9F 2D FA 55 3A B9 99 77 02 A6 48 52
            :                   8C 4E F3 57 38 57 74 57 5F
 861 02    3:                     INTEGER 65537
            :                     }
            :                   }
            :               }
 866 A3  129:             [3] {
 869 30  127:               SEQUENCE {
 871 30   12:                 SEQUENCE {
 873 06    3:                   OBJECT IDENTIFIER
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 878 01    1:                   BOOLEAN TRUE
 881 04    2:                   OCTET STRING, encapsulates {
 883 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 885 30   14:                 SEQUENCE {
 887 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
 892 01    1:                   BOOLEAN TRUE
 895 04    4:                   OCTET STRING, encapsulates {
 897 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
 901 30   31:                 SEQUENCE {
 903 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
 908 04   24:                   OCTET STRING, encapsulates {
 910 30   22:                       SEQUENCE {
 912 80   20:                         [0]
            :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
            :                   42 37 4E 22 AE 9E 38 BB
            :                         }
            :                       }
            :                   }
 934 30   29:                 SEQUENCE {
 936 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
 941 04   22:                   OCTET STRING, encapsulates {
 943 04   20:                       OCTET STRING
            :                   77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D
            :                   CE EC 3C A0 3A E3 FF 50
            :                       }
            :                   }
 965 30   31:                 SEQUENCE {
 967 06    3:                   OBJECT IDENTIFIER
            :                     subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
 972 04   24:                   OCTET STRING, encapsulates {
 974 30   22:                       SEQUENCE {
 976 81   20:                         [1] 'AliceRSA@example.com'
            :                         }
            :                       }
            :                   }
            :                 }
            :               }
            :             }
 998 30   13:           SEQUENCE {
1000 06    9:             OBJECT IDENTIFIER
            :               sha1withRSAEncryption
            :                   (1 2 840 113549 1 1 5)
            :               (PKCS #1)
1011 05    0:             NULL
            :             }
1013 03  129:           BIT STRING 0 unused bits
            :             3E 70 47 A8 48 CC 13 58 8F CA 51 71
            :             6B 4E 36 18 5D 04 7E 80 B1 8D 4D CC
            :             CA A3 8F CC 7D 56 C8 BC CF 6E B3 1C
            :             59 A9 20 AA 05 81 A8 4E 25 AD A7 70
            :             14 75 2F F5 C7 9B D1 0E E9 63 D2 64
            :             B7 C6 66 6E 73 21 54 DF F4 BA 25 5D
            :             7D 49 D3 94 6B 22 36 74 73 B8 4A EC
            :             2F 64 ED D3 3D D2 A7 42 C5 E8 37 8A
            :             B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA
            :             F9 EE 63 6A D8 3F 4B 25 09 B5 D8 1A
            :             76 AE EB 9B DB 49 B0 22
            :           }
            :         }
1147 31  203:       SET {
1150 30  200:         SEQUENCE {
1153 02    1:           INTEGER 1
1156 30   38:           SEQUENCE {
1158 30   18:             SEQUENCE {
1160 31   16:               SET {
1162 30   14:                 SEQUENCE {
1164 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
1169 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
1178 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :               C4 10 B3 B0
            :             }
1196 30    9:           SEQUENCE {
1198 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
1205 05    0:             NULL
            :             }
1207 30   13:           SEQUENCE {
1209 06    9:             OBJECT IDENTIFIER
            :               rsaEncryption (1 2 840 113549 1 1 1)
            :               (PKCS #1)
1220 05    0:             NULL
            :             }
1222 04  128:           OCTET STRING
            :             2F 23 82 D2 F3 09 5F B8 0C 58 EB 4E
            :             9D BF 89 9A 81 E5 75 C4 91 3D D3 D0
            :             D5 7B B6 D5 FE 94 A1 8A AC E3 C4 84
            :             F5 CD 60 4E 27 95 F6 CF 00 86 76 75
            :             3F 2B F0 E7 D4 02 67 A7 F5 C7 8D 16
            :             04 A5 B3 B5 E7 D9 32 F0 24 EF E7 20
            :             44 D5 9F 07 C5 53 24 FA CE 01 1D 0F
            :             17 13 A7 2A 95 9D 2B E4 03 95 14 0B
            :             E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6
            :             55 13 D4 68 6F D0 07 D7 A2 B1 62 4C
            :             E3 8F AF FD E0 D5 5D C7
            :           }
            :         }
            :       }
            :     }
            :   }

5.6 Multiple signers

Similar to 5.1, but the message is also signed by Diane. Two
signerInfos (one for Alice, one for Diane) with no attribute
certificates, each signed using DSS, Alice's and Diane's certificate
(not Carl's root cert), no CRL. The message is ExContent, and is
included in the eContent. There are no signed or unsigned attributes.

   0 30 1463: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  15 A0 1448:   [0] {
  19 30 1444:     SEQUENCE {
  23 02    1:       INTEGER 1
  26 31    9:       SET {
  28 30    7:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
            :           }
            :         }
  37 30   43:       SEQUENCE {
  39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  50 A0   30:         [0] {
  52 04   28:           OCTET STRING 'This is some sample content.'
            :           }
            :         }
  82 A0 1180:       [0] {
  86 30  440:         SEQUENCE {
  90 30  375:           SEQUENCE {
  94 A0    3:             [0] {
  96 02    1:               INTEGER 2
            :               }
  99 02    2:             INTEGER 210
 103 30    9:             SEQUENCE {
 105 06    7:               OBJECT IDENTIFIER
            :                 dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)
            :               }
 114 30   18:             SEQUENCE {
 116 31   16:               SET {
 118 30   14:                 SEQUENCE {
 120 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 125 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 134 30   30:             SEQUENCE {
 136 17   13:               UTCTime '990817020810Z'
 151 17   13:               UTCTime '391231235959Z'
            :               }
 166 30   19:             SEQUENCE {
 168 31   17:               SET {
 170 30   15:                 SEQUENCE {
 172 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 177 13    8:                   PrintableString 'DianeDSS'
            :                   }
            :                 }
            :               }
 187 30  147:             SEQUENCE {
 190 30    9:               SEQUENCE {
 192 06    7:                 OBJECT IDENTIFIER
            :                   dsa (1 2 840 10040 4 1)
            :                   (ANSI X9.57 algorithm)
            :                 }
 201 03  133:               BIT STRING 0 unused bits, encapsulates {
 205 02  129:                   INTEGER
            :                   00 A0 00 17 78 2C EE 7E 81 53 2E 2E
            :                   61 08 0F A1 9B 51 52 1A DA 59 A8 73
            :                   2F 12 25 B6 08 CB CA EF 2A 44 76 8A
            :                   52 09 EA BD 05 22 D5 0F F6 FD 46 D7
            :                   AF 99 38 09 0E 13 CB 4F 2C DD 1C 34
            :                   F7 1C BF 25 FF 23 D3 3B 59 E7 82 97
            :                   37 BE 31 24 D8 18 C8 F3 49 39 5B B7
            :                   E2 E5 27 7E FC 8C 45 72 5B 7E 3E 8F
            :                   68 4D DD 46 7A 22 BE 8E FF CC DA 39
            :                   29 A3 39 E5 9F 43 E9 55 C9 D7 5B A6
            :                   81 67 CC C0 AA CD 2E C5 23
            :                   }
            :               }
 337 A3  129:             [3] {
 340 30  127:               SEQUENCE {
 342 30   12:                 SEQUENCE {
 344 06    3:                   OBJECT IDENTIFIER
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 349 01    1:                   BOOLEAN TRUE
 352 04    2:                   OCTET STRING, encapsulates {
 354 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 356 30   14:                 SEQUENCE {
 358 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
 363 01    1:                   BOOLEAN TRUE
 366 04    4:                   OCTET STRING, encapsulates {
 368 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
 372 30   31:                 SEQUENCE {
 374 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
 379 04   24:                   OCTET STRING, encapsulates {
 381 30   22:                       SEQUENCE {
 383 80   20:                         [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                   3D 20 BC 43 2B 93 F1 1F
            :                         }
            :                       }
            :                   }
 405 30   29:                 SEQUENCE {
 407 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
 412 04   22:                   OCTET STRING, encapsulates {
 414 04   20:                       OCTET STRING
            :                   64 30 99 7D 5C DC 45 0B 99 3A 52 2F
            :                   16 BF 58 50 DD CE 2B 18
            :                       }
            :                   }
 436 30   31:                 SEQUENCE {
 438 06    3:                   OBJECT IDENTIFIER
            :                     subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
 443 04   24:                   OCTET STRING, encapsulates {
 445 30   22:                       SEQUENCE {
 447 81   20:                         [1] 'DianeDSS@example.com'
            :                         }
            :                       }
            :                   }
            :                 }
            :               }
            :             }
 469 30    9:           SEQUENCE {
 471 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
 480 03   48:           BIT STRING 0 unused bits, encapsulates {
 483 30   45:               SEQUENCE {
 485 02   21:                 INTEGER
            :                   00 A1 1A F8 17 0E 3E 5D A8 8C F4 B6
            :                   55 33 1E 4B E3 2C AC B9 5F
 508 02   20:                 INTEGER
            :                   28 4B 10 45 58 D2 1C 9D 55 35 14 18
            :                   91 B2 3F 39 DF B5 6E D3
            :                 }
            :               }
            :           }
 530 30  732:         SEQUENCE {
 534 30  667:           SEQUENCE {
 538 A0    3:             [0] {
 540 02    1:               INTEGER 2
            :               }
 543 02    2:             INTEGER 200
 547 30    9:             SEQUENCE {
 549 06    7:               OBJECT IDENTIFIER
            :                 dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)
            :               }
 558 30   18:             SEQUENCE {
 560 31   16:               SET {
 562 30   14:                 SEQUENCE {
 564 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 569 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 578 30   30:             SEQUENCE {
 580 17   13:               UTCTime '990817011049Z'
 595 17   13:               UTCTime '391231235959Z'
            :               }
 610 30   19:             SEQUENCE {
 612 31   17:               SET {
 614 30   15:                 SEQUENCE {
 616 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 621 13    8:                   PrintableString 'AliceDSS'
            :                   }
            :                 }
            :               }
 631 30  438:             SEQUENCE {
 635 30  299:               SEQUENCE {
 639 06    7:                 OBJECT IDENTIFIER
            :                   dsa (1 2 840 10040 4 1)
            :                   (ANSI X9.57 algorithm)
 648 30  286:                 SEQUENCE {
 652 02  129:                   INTEGER
            :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
            :                   48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
            :                   53 C5 AB 84 08 4F FF 94 E1 73 48 7E
            :                   0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
            :                   DC 5F 69 8A E4 75 D0 37 0C 91 08 95
            :                   9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
            :                   8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
            :                   78 BD FF 9D B0 84 97 37 F2 E4 51 1B
            :                   B5 E4 09 96 5C F3 7E 5B DB
 784 02   21:                   INTEGER
            :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
            :                   B8 37 21 2B 62 8B F7 93 CD
 807 02  128:                   INTEGER
            :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
            :                   4B 59 6A 4C 76 23 39 04 02 35 5C F2
            :                   CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
            :                   AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
            :                   3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
            :                   E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30
            :                   01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
            :                   1F 11 7F C2 BD ED D1 50 FF 98 74 C2
            :                   D1 81 4A 60 39 BA 36 39
            :                   }
            :                 }
 938 03  132:               BIT STRING 0 unused bits, encapsulates {
 942 02  128:                   INTEGER
            :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
            :                   3F A9 EC AC 5E DC BD B7 13 11 34 A6
            :                   16 89 28 11 23 D9 34 86 67 75 75 13
            :                   12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
            :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
            :                   A5 A0 4A E3 85 D6 CE 06 80 3F E8 23
            :                   7E 1A F2 24 AB 53 1A B8 27 0D 1E EF
            :                   08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
            :                   32 84 F0 7E 41 40 FD 46 A7 63 4E 33
            :                   F2 A5 E2 F4 F2 83 E5 B8
            :                   }
            :               }
1073 A3  129:             [3] {
1076 30  127:               SEQUENCE {
1078 30   12:                 SEQUENCE {
1080 06    3:                   OBJECT IDENTIFIER
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
1085 01    1:                   BOOLEAN TRUE
1088 04    2:                   OCTET STRING, encapsulates {
1090 30    0:                       SEQUENCE {}
            :                       }
            :                   }
1092 30   14:                 SEQUENCE {
1094 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
1099 01    1:                   BOOLEAN TRUE
1102 04    4:                   OCTET STRING, encapsulates {
1104 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
1108 30   31:                 SEQUENCE {
1110 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
1115 04   24:                   OCTET STRING, encapsulates {
1117 30   22:                       SEQUENCE {
1119 80   20:                         [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                   3D 20 BC 43 2B 93 F1 1F
            :                         }
            :                       }
            :                   }
1141 30   29:                 SEQUENCE {
1143 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
1148 04   22:                   OCTET STRING, encapsulates {
1150 04   20:                       OCTET STRING
            :                   BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
            :                   13 01 E2 FD E3 97 FE CD
            :                       }
            :                   }
1172 30   31:                 SEQUENCE {
1174 06    3:                   OBJECT IDENTIFIER
            :                     subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
1179 04   24:                   OCTET STRING, encapsulates {
1181 30   22:                       SEQUENCE {
1183 81   20:                         [1] 'AliceDSS@example.com'
            :                         }
            :                       }
            :                   }
            :                 }
            :               }
            :             }
1205 30    9:           SEQUENCE {
1207 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
1216 03   48:           BIT STRING 0 unused bits, encapsulates {
1219 30   45:               SEQUENCE {
1221 02   20:                 INTEGER
            :                   55 0C A4 19 1F 42 2B 89 71 22 33 8D
            :                   83 6A B5 3D 67 6B BF 45
1243 02   21:                 INTEGER
            :                   00 9F 61 53 52 54 0B 5C B2 DD DA E7
            :                   76 1D E2 10 52 5B 43 5E BD
            :                 }
            :               }
            :           }
            :         }
1266 31  198:       SET {
1269 30   97:         SEQUENCE {
1271 02    1:           INTEGER 1
1274 30   24:           SEQUENCE {
1276 30   18:             SEQUENCE {
1278 31   16:               SET {
1280 30   14:                 SEQUENCE {
1282 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
1287 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
1296 02    2:             INTEGER 200
            :             }
1300 30    7:           SEQUENCE {
1302 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
            :             }
1309 30    9:           SEQUENCE {
1311 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
1320 04   46:           OCTET STRING, encapsulates {
1322 30   44:               SEQUENCE {
1324 02   20:                 INTEGER
            :                   48 24 DE 8B 85 F2 16 AF EC 82 61 A9
            :                   54 D0 2D 04 A1 CC 5A 4F
1346 02   20:                 INTEGER
            :                   17 ED D5 77 02 EE 75 13 D8 10 BD 3D
            :                   97 17 20 88 BB FD 7B 81
            :                 }
            :               }
            :           }
1368 30   97:         SEQUENCE {
1370 02    1:           INTEGER 1
1373 30   24:           SEQUENCE {
1375 30   18:             SEQUENCE {
1377 31   16:               SET {
1379 30   14:                 SEQUENCE {
1381 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
1386 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
1395 02    2:             INTEGER 210
            :             }
1399 30    7:           SEQUENCE {
1401 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
            :             }
1408 30    9:           SEQUENCE {
1410 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
1419 04   46:           OCTET STRING, encapsulates {
1421 30   44:               SEQUENCE {
1423 02   20:                 INTEGER
            :                   15 FF 81 4D 8C AD 80 4E 9B 35 58 04
            :                   37 6E 63 6E E9 5B 83 FA
1445 02   20:                 INTEGER
            :                   06 7E 58 4E 2B 31 84 41 ED 49 79 38
            :                   3E 77 D2 A6 8C 75 08 21
            :                 }
            :               }
            :           }
            :         }
            :       }
            :     }
            :   }

5.7 Signing using SKI

Same as 5.1, but the signature uses the SKI instead of the
issuer/serial number in the cert. A SignedData with no attribute
certificates, signed by Alice using DSS, just her certificate (not
Carl's root cert), identified by the SKI, no CRL. The message is
ExContent, and is included in the eContent. There are no signed or
unsigned attributes.

   0 30  915: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  15 A0  900:   [0] {
  19 30  896:     SEQUENCE {
  23 02    1:       INTEGER 3
  26 31    9:       SET {
  28 30    7:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
            :           }
            :         }
  37 30   43:       SEQUENCE {
  39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  50 A0   30:         [0] {
  52 04   28:           OCTET STRING 'This is some sample content.'
            :           }
            :         }
  82 A0  736:       [0] {
  86 30  732:         SEQUENCE {
  90 30  667:           SEQUENCE {
  94 A0    3:             [0] {
  96 02    1:               INTEGER 2
            :               }
  99 02    2:             INTEGER 200
 103 30    9:             SEQUENCE {
 105 06    7:               OBJECT IDENTIFIER
            :                 dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)
            :               }
 114 30   18:             SEQUENCE {
 116 31   16:               SET {
 118 30   14:                 SEQUENCE {
 120 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 125 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 134 30   30:             SEQUENCE {
 136 17   13:               UTCTime '990817011049Z'
 151 17   13:               UTCTime '391231235959Z'
            :               }
 166 30   19:             SEQUENCE {
 168 31   17:               SET {
 170 30   15:                 SEQUENCE {
 172 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 177 13    8:                   PrintableString 'AliceDSS'
            :                   }
            :                 }
            :               }
 187 30  438:             SEQUENCE {
 191 30  299:               SEQUENCE {
 195 06    7:                 OBJECT IDENTIFIER
            :                   dsa (1 2 840 10040 4 1)
            :                   (ANSI X9.57 algorithm)
 204 30  286:                 SEQUENCE {
 208 02  129:                   INTEGER
            :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
            :                   48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
            :                   53 C5 AB 84 08 4F FF 94 E1 73 48 7E
            :                   0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
            :                   DC 5F 69 8A E4 75 D0 37 0C 91 08 95
            :                   9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
            :                   8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
            :                   78 BD FF 9D B0 84 97 37 F2 E4 51 1B
            :                   B5 E4 09 96 5C F3 7E 5B DB
 340 02   21:                   INTEGER
            :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
            :                   B8 37 21 2B 62 8B F7 93 CD
 363 02  128:                   INTEGER
            :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
            :                   4B 59 6A 4C 76 23 39 04 02 35 5C F2
            :                   CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
            :                   AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
            :                   3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
            :                   E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30
            :                   01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
            :                   1F 11 7F C2 BD ED D1 50 FF 98 74 C2
            :                   D1 81 4A 60 39 BA 36 39
            :                   }
            :                 }
 494 03  132:               BIT STRING 0 unused bits, encapsulates {
 498 02  128:                   INTEGER
            :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
            :                   3F A9 EC AC 5E DC BD B7 13 11 34 A6
            :                   16 89 28 11 23 D9 34 86 67 75 75 13
            :                   12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
            :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
            :                   A5 A0 4A E3 85 D6 CE 06 80 3F E8 23
            :                   7E 1A F2 24 AB 53 1A B8 27 0D 1E EF
            :                   08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
            :                   32 84 F0 7E 41 40 FD 46 A7 63 4E 33
            :                   F2 A5 E2 F4 F2 83 E5 B8
            :                   }
            :               }
 629 A3  129:             [3] {
 632 30  127:               SEQUENCE {
 634 30   12:                 SEQUENCE {
 636 06    3:                   OBJECT IDENTIFIER
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 641 01    1:                   BOOLEAN TRUE
 644 04    2:                   OCTET STRING, encapsulates {
 646 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 648 30   14:                 SEQUENCE {
 650 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
 655 01    1:                   BOOLEAN TRUE
 658 04    4:                   OCTET STRING, encapsulates {
 660 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
 664 30   31:                 SEQUENCE {
 666 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
 671 04   24:                   OCTET STRING, encapsulates {
 673 30   22:                       SEQUENCE {
 675 80   20:                         [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                   3D 20 BC 43 2B 93 F1 1F
            :                         }
            :                       }
            :                   }
 697 30   29:                 SEQUENCE {
 699 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
 704 04   22:                   OCTET STRING, encapsulates {
 706 04   20:                       OCTET STRING
            :                   BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
            :                   13 01 E2 FD E3 97 FE CD
            :                       }
            :                   }
 728 30   31:                 SEQUENCE {
 730 06    3:                   OBJECT IDENTIFIER
            :                     subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
 735 04   24:                   OCTET STRING, encapsulates {
 737 30   22:                       SEQUENCE {
 739 81   20:                         [1] 'AliceDSS@example.com'
            :                         }
            :                       }
            :                   }
            :                 }
            :               }
            :             }
 761 30    9:           SEQUENCE {
 763 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
 772 03   48:           BIT STRING 0 unused bits, encapsulates {
 775 30   45:               SEQUENCE {
 777 02   20:                 INTEGER
            :                   55 0C A4 19 1F 42 2B 89 71 22 33 8D
            :                   83 6A B5 3D 67 6B BF 45
 799 02   21:                 INTEGER
            :                   00 9F 61 53 52 54 0B 5C B2 DD DA E7
            :                   76 1D E2 10 52 5B 43 5E BD
            :                 }
            :               }
            :           }
            :         }
 822 31   95:       SET {
 824 30   93:         SEQUENCE {
 826 02    1:           INTEGER 3
 829 80   20:           [0]
            :             BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
            :             13 01 E2 FD E3 97 FE CD
 851 30    7:           SEQUENCE {
 853 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
            :             }
 860 30    9:           SEQUENCE {
 862 06    7:             OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
            :               (ANSI X9.57 algorithm)
            :             }
 871 04   46:           OCTET STRING, encapsulates {
 873 30   44:               SEQUENCE {
 875 02   20:                 INTEGER
            :                   6D 8E 5A CD 28 A0 1F D9 86 AD 7A E9
            :                   DF AC D7 BE EC BE 3F F8
 897 02   20:                 INTEGER
            :                   7C 8A 06 1E FC A4 41 35 7E F7 24 14
            :                   FD 3D C0 56 B7 05 27 D5
            :                 }
            :               }
            :           }
            :         }
            :       }
            :     }
            :   }

5.8 S/MIME multipart/signed message

A full S/MIME message, including MIME, that includes the body part from
5.3 and the body containing the content of the message.

MIME-Version: 1.0
To: User2@examples.com
From: aliceDss@examples.com
Subject: Example 5.8
Message-Id: <020906002550300.249@examples.com>
Date: Fri, 06 Sep 2002 00:25:21 -0300
Content-Type: multipart/signed;
    micalg=SHA1;
    boundary="----=_NextBoundry____Fri,_06_Sep_2002_00:25:21";
    protocol="application/pkcs7-signature"

This is a multi-part message in MIME format.

------=_NextBoundry____Fri,_06_Sep_2002_00:25:21

This is some sample content.
------=_NextBoundry____Fri,_06_Sep_2002_00:25:21
Content-Type: application/pkcs7-signature; name=smime.p7s
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=smime.p7s

MIIDeQYJKoZIhvcNAQcCoIIDajCCA2YCAQExCTAHBgUrDgMCGjALBgkqhkiG9w0BBwGggg
LiMIIC3jCCAp2gAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4X
DTk5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1Mwgg
G2MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE//
lOFzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6
iLVPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6Ya
RWa4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dm1
nizaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB80jhbgvMAF8
bUmJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GEAAKBgFzjuV
p1FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyohs+JH09B41b
Y8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTSljf2YUeyxD
KE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GDMIGAMCAGA1UdEQQZMBeBFWFsaWNlRHNzQGV4YW1w
bGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD
6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wCQYH
KoZIzjgEAwMwADAtAhUAmLDGP89xR1o1qUqPwPgkBehGlI4CFFufSMCMocECnETq6aGHwa
V/KC27MWMwYQIBATAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaMAkGByqG
SM44BAEELjAsAhQz+YZ/qCSCn1nRe1F0aKYl4H8HFQIUYUUmrBhG3VZhwg5CgaJqjCobNU
g=

------=_NextBoundry____Fri,_06_Sep_2002_00:25:21--

5.9 S/MIME application/pkcs7-mime signed message

A full S/MIME message, including MIME, that includes the body part from
5.1.

MIME-Version: 1.0
To: User2@examples.com
From: aliceDss@examples.com
Subject: Example 5.9
Message-Id: <021031164540300.304@examples.com>
Date: Thu, 31 Oct 2002 16:45:14 -0300
Content-Type: application/pkcs7-mime; smime-type=signed-data;
    name=smime.p7m
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=smime.p7m

MIIDmwYJKoZIhvcNAQcCoIIDjDCCA4gCAQExCTAHBgUrDgMCGjAtBgkqhkiG9w0BBwGgIA
QeDQpUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIIC4jCCAt4wggKdoAMCAQICAgDI
MAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUzAeFw05OTA4MTcwMTEwNDlaFw0zOT
EyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlRFNTMIIBtjCCASsGByqGSM44BAEwggEe
AoGBAIGNze2D6gqeOT7CSCij5EeT3Q7XqA7sU8WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+
HZMMg23j+bv7dM3F9piuR10DcMkQiVm96nXvn89J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UI
ddU5dhDEeL3/nbCElzfy5FEbteQJllzzflvbAhUA4kemGkVmuBPG2o+4NyErYov3k80CgY
AmONAUiTKqOfs+bdlLWWpMdiM5BAI1XPLLGjDDHlBd3ZtZ4s2qBT1YwHuiNrhuB699ikIl
p/R1z0oIXks+kPht6pzJIYo7dhTpzi5dowfNI4W4LzABfG1JiRGJNkS9+MiVSlNWteL5c+
waYTYfEX/Cve3RUP+YdMLRgUpgObo2OQOBhAACgYBc47ladRSWC6l63eM/qeysXty9txMR
NKYWiSgRI9k0hmd1dRMSPUNbb+VRv/qJ8qIbPiR9PQeNW2PIu0WloErjhdbOBoA/6CN+Gv
Ikq1MauCcNHu8Iv2YUgFxirGX6FYvxuzTU0pY39mFHssQyhPB+QUD9RqdjTjPypeL08oPl
uKOBgzCBgDAgBgNVHREEGTAXgRVhbGljZURzc0BleGFtcGxlcy5jb20wDAYDVR0TAQH/BA
IwADAOBgNVHQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8w
HQYDVR0OBBYEFL5sobPjwfftQ3CkzhMB4v3jl/7NMAkGByqGSM44BAMDMAAwLQIVAJiwxj
/PcUdaNalKj8D4JAXoRpSOAhRbn0jAjKHBApxE6umhh8GlfygtuzFjMGECAQEwGDASMRAw
DgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGjAJBgcqhkjOOAQBBC4wLAIUPVxJboshQX
N5eV7dgjlIpIF6v+wCFCYKruz8JMUc4SOABJ5SNsynHmDo

5.10 SignedData With Attributes

A SignedData message with the following list of signedAttributes:
- contentIdentifier
- contentReference
- contentHints
- smimeCapabilities
- sMIMEEncryptionKeyPreference
- unknown OID

   0 30 2047: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  15 A0 2032:   [0] {
  19 30 2028:     SEQUENCE {
  23 02    1:       INTEGER 1
  26 31    9:       SET {
  28 30    7:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
            :           }
            :         }
  37 30   43:       SEQUENCE {
  39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  50 A0   30:         [0] {
  52 04   28:           OCTET STRING 'This is some sample content.'
            :           }
            :         }
  82 A0  736:       [0] {
  86 30  732:         SEQUENCE {
  90 30  667:           SEQUENCE {
  94 A0    3:             [0] {
  96 02    1:               INTEGER 2
            :               }
  99 02    2:             INTEGER 200
 103 30    9:             SEQUENCE {
 105 06    7:               OBJECT IDENTIFIER
            :                 dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)
            :               }
 114 30   18:             SEQUENCE {
 116 31   16:               SET {
 118 30   14:                 SEQUENCE {
 120 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 125 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 134 30   30:             SEQUENCE {
 136 17   13:               UTCTime '990817011049Z'
 151 17   13:               UTCTime '391231235959Z'
            :               }
 166 30   19:             SEQUENCE {
 168 31   17:               SET {
 170 30   15:                 SEQUENCE {
 172 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 177 13    8:                   PrintableString 'AliceDSS'
            :                   }
            :                 }
            :               }
 187 30  438:             SEQUENCE {
 191 30  299:               SEQUENCE {
 195 06    7:                 OBJECT IDENTIFIER
            :                   dsa (1 2 840 10040 4 1)
            :                   (ANSI X9.57 algorithm)
 204 30  286:                 SEQUENCE {
 208 02  129:                   INTEGER
            :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
            :                   48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
            :                   53 C5 AB 84 08 4F FF 94 E1 73 48 7E
            :                   0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
            :                   DC 5F 69 8A E4 75 D0 37 0C 91 08 95
            :                   9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
            :                   8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
            :                   78 BD FF 9D B0 84 97 37 F2 E4 51 1B
            :                   B5 E4 09 96 5C F3 7E 5B DB
 340 02   21:                   INTEGER
            :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
            :                   B8 37 21 2B 62 8B F7 93 CD
 363 02  128:                   INTEGER
            :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
            :                   4B 59 6A 4C 76 23 39 04 02 35 5C F2
            :                   CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
            :                   AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
            :                   3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
            :                   E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30
            :                   01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
            :                   1F 11 7F C2 BD ED D1 50 FF 98 74 C2
            :                   D1 81 4A 60 39 BA 36 39
            :                   }
            :                 }
 494 03  132:               BIT STRING 0 unused bits, encapsulates {
 498 02  128:                   INTEGER
            :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
            :                   3F A9 EC AC 5E DC BD B7 13 11 34 A6
            :                   16 89 28 11 23 D9 34 86 67 75 75 13
            :                   12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
            :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
            :                   A5 A0 4A E3 85 D6 CE 06 80 3F E8 23
            :                   7E 1A F2 24 AB 53 1A B8 27 0D 1E EF
            :                   08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
            :                   32 84 F0 7E 41 40 FD 46 A7 63 4E 33
            :                   F2 A5 E2 F4 F2 83 E5 B8
            :                   }
            :               }
 629 A3  129:             [3] {
 632 30  127:               SEQUENCE {
 634 30   12:                 SEQUENCE {
 636 06    3:                   OBJECT IDENTIFIER
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 641 01    1:                   BOOLEAN TRUE
 644 04    2:                   OCTET STRING, encapsulates {
 646 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 648 30   14:                 SEQUENCE {
 650 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
 655 01    1:                   BOOLEAN TRUE
 658 04    4:                   OCTET STRING, encapsulates {
 660 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
 664 30   31:                 SEQUENCE {
 666 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
 671 04   24:                   OCTET STRING, encapsulates {
 673 30   22:                       SEQUENCE {
 675 80   20:                         [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                   3D 20 BC 43 2B 93 F1 1F
            :                         }
            :                       }
            :                   }
 697 30   29:                 SEQUENCE {
 699 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
 704 04   22:                   OCTET STRING, encapsulates {
 706 04   20:                       OCTET STRING
            :                   BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
            :                   13 01 E2 FD E3 97 FE CD
            :                       }
            :                   }
 728 30   31:                 SEQUENCE {
 730 06    3:                   OBJECT IDENTIFIER
            :                     subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
 735 04   24:                   OCTET STRING, encapsulates {
 737 30   22:                       SEQUENCE {
 739 81   20:                         [1] 'AliceDSS@example.com'
            :                         }
            :                       }
            :                   }
            :                 }
            :               }
            :             }
 761 30    9:           SEQUENCE {
 763 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
 772 03   48:           BIT STRING 0 unused bits, encapsulates {
 775 30   45:               SEQUENCE {
 777 02   20:                 INTEGER
            :                   55 0C A4 19 1F 42 2B 89 71 22 33 8D
            :                   83 6A B5 3D 67 6B BF 45
 799 02   21:                 INTEGER
            :                   00 9F 61 53 52 54 0B 5C B2 DD DA E7
            :                   76 1D E2 10 52 5B 43 5E BD
            :                 }
            :               }
            :           }
            :         }
 822 31 1225:       SET {
 826 30 1221:         SEQUENCE {
 830 02    1:           INTEGER 1
 833 30   24:           SEQUENCE {
 835 30   18:             SEQUENCE {
 837 31   16:               SET {
 839 30   14:                 SEQUENCE {
 841 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 846 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 855 02    2:             INTEGER 200
            :             }
 859 30    7:           SEQUENCE {
 861 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
            :             }
 868 A0 1119:           [0] {
 872 30   24:             SEQUENCE {
 874 06    9:               OBJECT IDENTIFIER
            :                 contentType (1 2 840 113549 1 9 3)
            :                 (PKCS #9 (1 2 840 113549 1 9))
 885 31   11:               SET {
 887 06    9:                 OBJECT IDENTIFIER
            :                   data (1 2 840 113549 1 7 1)
            :                   (PKCS #7)
            :                 }
            :               }
 898 30   35:             SEQUENCE {
 900 06    9:               OBJECT IDENTIFIER
            :                 messageDigest (1 2 840 113549 1 9 4)
            :                 (PKCS #9 (1 2 840 113549 1 9))
 911 31   22:               SET {
 913 04   20:                 OCTET STRING
            :                   40 6A EC 08 52 79 BA 6E 16 02 2D 9E
            :                   06 29 C0 22 96 87 DD 48
            :                 }
            :               }
 935 30   56:             SEQUENCE {
 937 06    3:               OBJECT IDENTIFIER '1 2 5555'
 942 31   49:               SET {
 944 04   47:                 OCTET STRING
            :                   'This is a test General ASN Attribut'
            :                   'e, number 1.'
            :                 }
            :               }
 993 30   62:             SEQUENCE {
 995 06   11:               OBJECT IDENTIFIER
            :                 id-aa-contentHint
            :                     (1 2 840 113549 1 9 16 2 4)
            :                 (S/MIME Authenticated Attributes 6D C9
            :                     (1 2 840 113549 1 9 16 2))
1008 31   47:               SET {
1010   }

3. Trivial Examples

This section covers examples of small CMS types.

3.1 ContentInfo with Data type, BER

The object is a ContentInfo containing a Data object in BER format that
is ExContent.

   0 30   45: NDEF: SEQUENCE {
1012 0C   32:                   UTF8String
            :                   'Content Hints Description Buffer'
1046
   2 06    9:   OBJECT IDENTIFIER
            : data (1 2 840 113549 1 7 1)
            :     (PKCS #7)
  13 A0 NDEF:   [0] {
  15 24 NDEF:     OCTET STRING {
  17 04    4:       OCTET STRING 'This'
  23 04   24:       OCTET STRING ' is some sample content.'
            :       }
            :     }
            :   }
1057

3.2 ContentInfo with Data type, DER

The object is a ContentInfo containing a Data object in DER format that
is ExContent.

   0 30   74:   43: SEQUENCE {
1059
   2 06    9:   OBJECT IDENTIFIER
            :                 sMIMECapabilities
            : data (1 2 840 113549 1 9 15) 7 1)
            :     (PKCS #9
            :                     (1 2 840 113549 1 9))
1070 31   61:               SET {
1072 30   59:                 SEQUENCE {
1074 30    7:                   SEQUENCE {
1076 06    5:                     OBJECT IDENTIFIER '1 2 3 4 5 6'
            :                     }
1083 30   48:                   SEQUENCE #7)
  13 A0   30:   [0] {
1085 06    6:                     OBJECT IDENTIFIER '1 2 3 4 5 6 77'
1093
  15 04   38:   28:     OCTET STRING
            :                   'Smime Capabilities parameters buffe'
            :                   'r 2'
            :                     }
            :                   } 'This is some sample content.'
            :     }
            :   }
1133

4.  Signed-data

4.1 Basic signed content, DSS

A SignedData with no attribute certificates, signed by Alice using
DSS, just her certificate (not Carl's root cert), no CRL. The
message is ExContent, and is included in the eContent. There are no
signed or unsigned attributes.

   0 30  109:  919: SEQUENCE {
1135
   4 06   11:    9:   OBJECT IDENTIFIER
            :                 id-aa-securityLabel
            : signedData (1 2 840 113549 1 9 16 2 7 2)
            :                 (S/MIME Authenticated Attributes
            :                     (1 2 840 113549 1 9 16 2))
1148 31   94:               SET     (PKCS #7)
  15 A0  904:   [0] {
1150 31   92:                 SET
  19 30  900:     SEQUENCE {
1152
  23 02    1:       INTEGER 1
1155 06    7:                   OBJECT IDENTIFIER '1 2 3 4 5 6 7 8'
1164 13   27:                   PrintableString
            :                   'THIS IS A PRIVACY MARK TEST'
1193
  26 31   49:    9:       SET {
1195
  28 30   47:    7:         SEQUENCE {
1197 80    8:                       [0]
            :                   2A 03 04 05
  30 06 07 86 78
1207 A1   35:                       [1] {
1209 13   33:                         PrintableString
            :                         'THIS IS A TEST SECURITY-'
            :                         'CATEGORY.'
            :                         }
            :                       }
            :                     }    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :                   }             (OIW)
            :           }
            :         }
1244
  37 30  111:   43:       SEQUENCE {
1246
  39 06   11:    9:         OBJECT IDENTIFIER
            :                 id-aa-contentReference
            : data (1 2 840 113549 1 9 16 2 10)
            :                 (S/MIME Authenticated Attributes 7 1)
            :                     (1 2 840 113549 1 9 16 2))
1259 31   96:               SET {
1261 30   94:                 SEQUENCE           (PKCS #7)
  50 A0   30:         [0] {
1263 06    5:                   OBJECT IDENTIFIER '1 2 3 4 5 6'
1270 04   43:                   OCTET STRING
            :                   'Content Reference Content Identifie'
            :                   'r Buffer'
1315
  52 04   40:   28:           OCTET STRING
            :                   'Content Reference Signature Value B'
            :                   'uffer'
            :                   } 'This is some sample content.'
            :           }
            :         }
1357 30  115:             SEQUENCE {
1359 06   11:               OBJECT IDENTIFIER
            :                 id-aa-encrypKeyPref
            :                     (1 2 840 113549 1 9 16 2 11)
            :                 (S/MIME Authenticated Attributes
            :                     (1 2 840 113549 1 9 16 2))
1372 31  100:               SET {
1374
  82 A0   98:  736:       [0] {
1376
  86 30   90:  732:         SEQUENCE {
1378 31   11:                     SET {
1380
  90 30    9:  667:           SEQUENCE {
1382 06
  94 A0    3:                         OBJECT IDENTIFIER
            :                           countryName (2 5 4 6)
            :                           (X.520 id-at (2 5 4))
1387 13    2:                         PrintableString 'US'
            :                         }             [0] {
  96 02    1:               INTEGER 2
            :               }
1391 31   22:                     SET {
1393
  99 02    2:             INTEGER 200
 103 30   20:    9:             SEQUENCE {
1395
 105 06    3:    7:               OBJECT IDENTIFIER
            :                           organizationName (2 5                 dsaWithSha1 (1 2 840 10040 4 10)
            :                           (X.520 id-at (2 5 4))
1400 13   13:                         PrintableString 'US Government' 3)
            :                         }                 (ANSI X9.57 algorithm)
            :               }
1415
 114 30   18:             SEQUENCE {
 116 31   17:   16:               SET {
1417
 118 30   15:   14:                 SEQUENCE {
1419
 120 06    3:                   OBJECT IDENTIFIER
            :                           organizationalUnitName
            :                     commonName (2 5 4 11) 3)
            :                     (X.520 id-at (2 5 4))
1424
 125 13    8:    7:                   PrintableString 'VDA Site' 'CarlDSS'
            :                   }
            :                 }
1434 31   12:                     SET {
1436
            :               }
 134 30   10:   30:             SEQUENCE {
1438 06    3:                         OBJECT IDENTIFIER
            :                           organizationalUnitName
            :                               (2 5 4 11)
            :                           (X.520 id-at (2 5 4))
1443 13    3:                         PrintableString 'VDA'
            :                         }
 136 17   13:               UTCTime '990817011049Z'
 151 17   13:               UTCTime '391231235959Z'
            :               }
1448
 166 30   19:             SEQUENCE {
 168 31   18:   17:               SET {
1450
 170 30   16:   15:                 SEQUENCE {
1452
 172 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
1457
 177 13    9:    8:                   PrintableString 'Daisy RSA'
            :                         }
            :                       }
            :                     }
1468 02    4:                   INTEGER 173360179 'AliceDSS'
            :                   }
            :                 }
            :               }
1474
 187 30  252:  438:             SEQUENCE {
1477
 191 30  299:               SEQUENCE {
 195 06   11:    7:                 OBJECT IDENTIFIER
            :                 id-aa-mlExpandHistory
            :                   dsa (1 2 840 113549 1 9 16 2 3)
            :                 (S/MIME Authenticated Attributes 10040 4 1)
            :                     (1 2 840 113549 1 9 16 2))
1490 31  236:               SET {
1493 30  233:                 SEQUENCE {
1496 30  230:                   SEQUENCE {
1499 04    7:                     OCTET STRING '5738299'
1508 18   15:                     GeneralizedTime '19990311104433Z'
1525 A1  201:                     [1] {
1528                   (ANSI X9.57 algorithm)
 204 30  198:  286:                 SEQUENCE {
1531
 208 02  129:                   INTEGER
            :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
            :                   48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
            :                   53 C5 AB 84 08 4F FF 94 E1 73 48 7E
            :                   0C D6 F3 44 48 D1 FE 9F AF A4   97:                         [4] {
1533 30   95:                           SEQUENCE {
1535 31   11:                             SET {
1537 A1 89
            :                   2F E1 D9 30    9:                               SEQUENCE {
1539 06    3:                                 OBJECT IDENTIFIER C8 36 DE 3F 9B BF B7 4C
            :                                   countryName (2 5 4 6)                   DC 5F 69 8A E4 75 D0 37 0C 91 08 95
            :                                   (X.520 id-at (2 5 4))
1544                   9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
            :                   8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
            :                   78 BD FF 9D B0 84 97 37 F2 E4 51 1B
            :                   B5 E4 09 96 5C F3 7E 5B DB
 340 02   21:                   INTEGER
            :                   00 E2 47 A6 1A 45 66 B8 13    2:                                 PrintableString 'US' C6 DA 8F
            :                                 }                   B8 37 21 2B 62 8B F7 93 CD
 363 02  128:                   INTEGER
            :                               }
1548 31   22:                             SET {
1550 30   20:                               SEQUENCE {
1552 06    3:                                 OBJECT IDENTIFIER                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
            :                                   organizationName                   4B 59 6A 4C 76 23 39 04 02 35 5C F2
            :                                       (2 5 4 10)                   CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
            :                                   (X.520 id-at (2 5 4))
1557 13   13:                                 PrintableString                   AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :                                 'US Government'                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
            :                                 }                   3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
            :                               }
1572 31   17:                             SET {
1574                   E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30   15:                               SEQUENCE {
1576 06    3:                                 OBJECT IDENTIFIER
            :                                   organizationalUnitName                   01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :                                       (2 5 4 11)                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
            :                                   (X.520 id-at (2 5 4))
1581 13    8:                                 PrintableString                   1F 11 7F C2 BD ED D1 50 FF 98 74 C2
            :                                 'VDA Site'                   D1 81 4A 60 39 BA 36 39
            :                   }
            :                 }
1591 31   12:                             SET {
1593 30   10:                               SEQUENCE
 494 03  132:               BIT STRING 0 unused bits, encapsulates {
1595 06    3:                                 OBJECT IDENTIFIER
 498 02  128:                   INTEGER
            :                                   organizationalUnitName                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
            :                                       (2 5 4 11)                   3F A9 EC AC 5E DC BD B7 13 11 34 A6
            :                                   (X.520 id-at (2 5 4))
1600                   16 89 28 11 23 D9 34 86 67 75 75 13    3:                                 PrintableString 'VDA'
            :                                 }                   12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
            :                               }
1605 31   23:                             SET {
1607 30   21:                               SEQUENCE {
1609                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
            :                   A5 A0 4A E3 85 D6 CE 06    3:                                 OBJECT IDENTIFIER 80 3F E8 23
            :                                   commonName (2 5 4 3)                   7E 1A F2 24 AB 53 1A B8 27 0D 1E EF
            :                                   (X.520 id-at (2 5 4))
1614 13   14:                                 PrintableString                   08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :                                 'Bugs Bunny DSA'                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
            :                                 }                   32 84 F0 7E 41 40 FD 46 A7 63 4E 33
            :                               }                   F2 A5 E2 F4 F2 83 E5 B8
            :                   }
            :               }
1630 A4   97:                         [4]
 629 A3  129:             [3] {
1632
 632 30   95:  127:               SEQUENCE {
1634 31   11:                             SET {
1636
 634 30    9:   12:                 SEQUENCE {
1638
 636 06    3:                   OBJECT IDENTIFIER
            :                                   countryName                     basicConstraints (2 5 4 6) 29 19)
            :                                   (X.520 id-at                     (X.509 id-ce (2 5 4))
1643 13 29))
 641 01    1:                   BOOLEAN TRUE
 644 04    2:                                 PrintableString 'US'                   OCTET STRING, encapsulates {
 646 30    0:                       SEQUENCE {}
            :                       }
            :                   }
1647 31   22:                             SET {
1649
 648 30   20:   14:                 SEQUENCE {
1651
 650 06    3:                   OBJECT IDENTIFIER
            :                                   organizationName
            :                     keyUsage (2 5 4 10) 29 15)
            :                                   (X.520 id-at                     (X.509 id-ce (2 5 4))
1656 13   13:                                 PrintableString 29))
 655 01    1:                   BOOLEAN TRUE
 658 04    4:                   OCTET STRING, encapsulates {
 660 03    2:                       BIT STRING 6 unused bits
            :                                 'US Government'                         '11'B
            :                       }
            :                   }
1671 31   17:                             SET {
1673
 664 30   15:   31:                 SEQUENCE {
1675
 666 06    3:                   OBJECT IDENTIFIER
            :                                   organizationalUnitName                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 4 11) 29))
 671 04   24:                   OCTET STRING, encapsulates {
 673 30   22:                       SEQUENCE {
 675 80   20:                         [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                                   (X.520 id-at (2 5 4))
1680 13    8:                                 PrintableString                   3D 20 BC 43 2B 93 F1 1F
            :                                 'VDA Site'                         }
            :                       }
            :                   }
1690 31   12:                             SET {
1692
 697 30   10:   29:                 SEQUENCE {
1694
 699 06    3:                   OBJECT IDENTIFIER
            :                                   organizationalUnitName
            :                     subjectKeyIdentifier (2 5 4 11) 29 14)
            :                                   (X.520 id-at                     (X.509 id-ce (2 5 4))
1699 29))
 704 04   22:                   OCTET STRING, encapsulates {
 706 04   20:                       OCTET STRING
            :                   BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
            :                   13    3:                                 PrintableString 'VDA' 01 E2 FD E3 97 FE CD
            :                       }
            :                   }
1704 31   23:                             SET {
1706
 728 30   21:   31:                 SEQUENCE {
1708
 730 06    3:                   OBJECT IDENTIFIER
            :                                   commonName                     subjectAltName (2 5 4 3) 29 17)
            :                                   (X.520 id-at                     (X.509 id-ce (2 5 4))
1713 13   14:                                 PrintableString
            :                                 'Elmer Fudd DSA'
            :                                 }
            :                               }
            :                             }
            :                           } 29))
 735 04   24:                   OCTET STRING, encapsulates {
 737 30   22:                       SEQUENCE {
 739 81   20:                         [1] 'AliceDSS@example.com'
            :                         }
            :                       }
            :                   }
            :                 }
            :               }
            :             }
1729
 761 30  258:    9:           SEQUENCE {
1733
 763 06   11:    7:             OBJECT IDENTIFIER
            :                 id-aa-equivalentLabels
            :               dsaWithSha1 (1 2 840 113549 1 9 16 2 9) 10040 4 3)
            :                 (S/MIME Authenticated Attributes               (ANSI X9.57 algorithm)
            :                     (1 2 840 113549 1 9 16 2))
1746 31  242:               SET             }
 772 03   48:           BIT STRING 0 unused bits, encapsulates {
1749
 775 30  239:   45:               SEQUENCE {
1752 31  114:                   SET {
1754
 777 02    1:   20:                 INTEGER 1
1757 06    7:                     OBJECT IDENTIFIER '1 2 3 4 5 6 7 9'
1766 13   38:                     PrintableString
            :                   'EQUIVALENT THIS IS A PRIVACY MARK T'
            :                   'EST'
1806 31   60:                     SET {
1808 30   58:                       SEQUENCE {
1810 80    8:                         [0]                   55 0C A4 19 1F 42 2B 89 71 22 33 8D
            :                   2A 03 04 05 06 07 86 78
1820 A1   46:                         [1] {
1822 13   44:                           PrintableString                   83 6A B5 3D 67 6B BF 45
 799 02   21:                 INTEGER
            :                   'EQUIVALENT THIS IS A TEST SECURITY-'                   00 9F 61 53 52 54 0B 5C B2 DD DA E7
            :                   'CATEGORY.'                   76 1D E2 10 52 5B 43 5E BD
            :                 }
            :               }
            :           }
            :         }
1868
 822 31  121:   99:       SET {
1870
 824 30   97:         SEQUENCE {
 826 02    1:           INTEGER 1
1873 06    7:                     OBJECT IDENTIFIER
            :                     '1 2 3 4 5 6 7 10'
1882 13   45:                     PrintableString
            :                   'EQUIVALENT THIS IS A SECOND PRIVACY'
            :                   ' MARK TEST'
1929
 829 30   24:           SEQUENCE {
 831 30   18:             SEQUENCE {
 833 31   60:   16:               SET {
1931
 835 30   58:   14:                 SEQUENCE {
1933 80    8:                         [0]
            :                   2A 03 04 05
 837 06 07 86 78
1943 A1   46:                         [1] {
1945 13   44:                           PrintableString
            :                   'EQUIVALENT THIS IS A TEST SECURITY-'
            :                   'CATEGORY.'    3:                   OBJECT IDENTIFIER
            :                           }                     commonName (2 5 4 3)
            :                         }                     (X.520 id-at (2 5 4))
 842 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 851 02    2:             INTEGER 200
            :             }
 855 30    7:           SEQUENCE {
 857 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               }               (OIW)
            :             }
1991
 864 30    9:           SEQUENCE {
1993
 866 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
2002
 875 04   47:   46:           OCTET STRING, encapsulates {
2004
 877 30   45:   44:               SEQUENCE {
2006
 879 02   21:   20:                 INTEGER
            :                   00 BC 33 37 65 C4 F7 70 5C 17 49 13
            :                   AA 4C 85 CA BB 52                   09 91 48 59
2029 FE EB D2 69 F5 18 B7 D7 CD 55
            :                   F4 81 EA 2A 42 6A AD 03
 901 02   20:                 INTEGER
            :                   63 96 A2 14 8B CF 57 DE B0 48 5F 6C                   3A 07 CC C3 21 BE E1 1A 4B 7F 3E B5
            :                   64 DD 84 04 49 5F                   0D DB BA 1C CA EA BC CD 89
            :                 }
            :               }
            :           }
            :         }
            :       }
            :     }
            :   }

5.11

4.2 Basic signed content, RSA

Same as 4.1, except using RSA signatures. A SignedData with Certificates Only

CA SignedData no
attribute certificates, signed by Alice using RSA, just her certificate
(not Carl's root cert), no CRL. The message with is ExContent, and is
included in the eContent. There are no content signed or signature, containing only
Alices's and Carl's certificates. unsigned attributes.

   0 30 1672:  850: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  15 A0 1657:  835:   [0] {
  19 30 1653:  831:     SEQUENCE {
  23 02    1:       INTEGER 1
  26 31    0:   11:       SET {} {
  28 30   11:    9:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
  37 05    0:           NULL
            :           }
            :         }
  39 30   43:       SEQUENCE {
  41 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  52 A0   30:         [0] {
  54 04   28:           OCTET STRING 'This is some sample content.'
            :           }
  41
            :         }
  84 A0 1407:  560:       [0] {
  45
  88 30  667:  556:         SEQUENCE {
  49
  92 30  602:  405:           SEQUENCE {
  53
  96 A0    3:             [0] {
  55
  98 02    1:               INTEGER 2
            :               }
  58
 101 02    1:   16:             INTEGER 1
  61 30    9:             SEQUENCE {
  63 06    7:               OBJECT IDENTIFIER
            :                 dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)               46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :               }
  72 30   18:             SEQUENCE {
  74 31   16:               SET {
  76               C4 10 B3 B0
 119 30   14:   13:             SEQUENCE {
  78
 121 06    3:    9:               OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
  83 13    7:                   PrintableString 'CarlDSS'
            :                   }                 sha1withRSAEncryption
            :                 }                     (1 2 840 113549 1 1 5)
            :               }
  92 30   30:             SEQUENCE {
  94 17   13:               UTCTime '990816225050Z'
 109 17   13:               UTCTime '391231235959Z'                 (PKCS #1)
 132 05    0:               NULL
            :               }
 124
 134 30   18:             SEQUENCE {
 126
 136 31   16:               SET {
 128
 138 30   14:                 SEQUENCE {
 130
 140 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 135 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 144 30  439:             SEQUENCE {
 148 30  299:               SEQUENCE {
 152 06    7:                 OBJECT IDENTIFIER
            :                   dsa (1 2 840 10040 4 1)
            :                   (ANSI X9.57 algorithm)
 161 30  286:                 SEQUENCE {
 165 02  129:                   INTEGER
            :                   00 B6 49 18 3E 8A 44 C1 29 71 94 4C
            :                   01 C4 12 C1 7A 79 CB 54 4D AB 1E 81
            :                   FB C6 4C B3 0E 94 09 06 EB 01 D4 B1
            :                   C8 71 4B C7 45 C0 50 25 5D 9C FC DA
            :                   E4 6D D3 E2 86 48 84 82 7D BA 15 95
            :                   4A 16 F6 46 ED DD F6 98 D2 BB 7E 8A
            :                   0A 8A BA 16 7B B9 50 01 48 93 8B EB
            :                   25 15 51 97 55 DC 8F 53 0E 10 A9 50
            :                   FC 70 B7 CD 30 54 FD DA DE A8 AA 22
            :                   B5 A1 AF 8B CC 02 88 E7 8B 70 5F B9
            :                   AD E1 08 D4 6D 29 2D D6 E9
 297 02   21:                   INTEGER
            :                   00 DD C1 2F DF 53 CE 0B 34 60 77 3E
            :                   02 A4 BF 8A 5D 98 B9 10 D5
 320 02  128:                   INTEGER
            :                   0C EE 57 9B 4B BD DA B6 07 6A 74 37 5 4 3)
            :                   4F 55 7F 9D ED BC 61 0D EB 46 59 3C                     (X.520 id-at (2 5 4))
 145 13    7:                   PrintableString 'CarlRSA'
            :                   56 0B 2B 5B 0C 91 CE A5 62 52 69 CA                   }
            :                   E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C                 }
            :                   AD CB AE 45 E3               }
 154 30   30:             SEQUENCE {
 156 17   13:               UTCTime '990919010847Z'
 171 17   13:               UTCTime '391231235959Z'
            :               }
 186 30   19:             SEQUENCE {
 188 31   17:               SET {
 190 30   15:                 SEQUENCE {
 192 06 AC 8C 22 9D 9C 44    3:                   OBJECT IDENTIFIER
            :                   87 0B C7 CD F0 1C D9 B5 4E 5D 73 DE                     commonName (2 5 4 3)
            :                   AF 0E C9 1D 5A 51 F5 4F 44 79 35 5A                     (X.520 id-at (2 5 4))
 197 13    8:                   PrintableString 'AliceRSA'
            :                   73 AA 7F 46 51 1F A9 42 16 9C 48 EB                   }
            :                   8A 79 61 B4 D5 2F 53 22 44 63 1F 86                 }
            :                   B8 A3 58               }
 207 30  159:             SEQUENCE {
 210 30   13:               SEQUENCE {
 212 06 25 F8 29 C0 EF BA E0 75    9:                 OBJECT IDENTIFIER
            :                   F0 42 C4 63 65 52 9B 0A                   rsaEncryption (1 2 840 113549 1 1 1)
            :                   }                   (PKCS #1)
 223 05    0:                 NULL
            :                 }
 451
 225 03  133:  141:               BIT STRING 0 unused bits, encapsulates {
 455
 229 30  137:                   SEQUENCE {
 232 02  129:                     INTEGER
            :                   00 99 E0 89 73 39 8D D8 F5 F5 E8 87 74 27 03 66 A0 B1 C0 AD DC 76
            :                   2C 75                   39 7F 4E B0 05 BB E1 6C 44 9C DA 21 6D 4D 47 53 83 DE 0F B7 AB
            :                   DC 7D C7 75 29 0D 05 2E 6D B1 62 09 E9 D8 AE 1E F2 3A B4 94 12 DF A6
            :                   86 26 D4 D2 6F AA 58 29 FC 97 EC FA
            :                   82 51 0F 30 80 BE B1 A3 8E 7A 9B 71 4E 00 94 C9 B4 25 50 9E 46 44 F1
            :                   4E B9                   2C BB D8 32 CF C6 68 6F 07 D9 B0 60 96
            :                   AC BE EE 34 09 6A 13 F5 F7 05 05 93
            :                   DF 5E BA 35 56 D9 61 FF 19 24 01 F3 62 0C FE 75 7F C9 81
            :                   C0 FB CE D8 68 00 E3 FD D5                   E6 F8 6C EA 87 40 70 4F DF EF AC 6D 2C 74
            :                   23 96 19 06 94 F4 B1 61 8F                   9F 2D FA 55 3A B9 99 77 02 A6 48 52
            :                   8C 4E F3 57 B1 38 57 74 57 5F
 364 02    3:                     INTEGER 65537
            :                   08 11 A4 0B 26 25 F0 52 76 81 EA 0B                     }
            :                   62 0D 95 2A E6 86 BA 72 B2 A7 50 83                   }
            :                   0B AA 27 CD 1B A9 4D 89 9A D7 8D 18               }
 369 A3  129:             [3] {
 372 30  127:               SEQUENCE {
 374 30   12:                 SEQUENCE {
 376 06    3:                   OBJECT IDENTIFIER
            :                   39 84 3F 8B C5 56 4D 80 7A                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 381 01    1:                   BOOLEAN TRUE
 384 04    2:                   OCTET STRING, encapsulates {
 386 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 587 A3   66:             [3] {
 589 30   64:               SEQUENCE {
 591
 388 30   15:   14:                 SEQUENCE {
 593
 390 06    3:                   OBJECT IDENTIFIER
            :                     basicConstraints                     keyUsage (2 5 29 19) 15)
            :                     (X.509 id-ce (2 5 29))
 598
 395 01    1:                   BOOLEAN TRUE
 601
 398 04    5:    4:                   OCTET STRING, encapsulates {
 603
 400 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
 404 30   31:                 SEQUENCE {
 406 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
 411 04   24:                   OCTET STRING, encapsulates {
 413 30   22:                       SEQUENCE {
 605 01    1:                         BOOLEAN TRUE
 415 80   20:                         [0]
            :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
            :                   42 37 4E 22 AE 9E 38 BB
            :                         }
            :                       }
            :                   }
 608
 437 30   14:   29:                 SEQUENCE {
 610
 439 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage                     subjectKeyIdentifier (2 5 29 15) 14)
            :                     (X.509 id-ce (2 5 29))
 615 01    1:                   BOOLEAN TRUE
 618
 444 04    4:   22:                   OCTET STRING, encapsulates {
 620
 446 04   20:                       OCTET STRING
            :                   77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D
            :                   CE EC 3C A0 3A E3 FF 50
            :                       }
            :                   }
 468 30   31:                 SEQUENCE {
 470 06    3:                   OBJECT IDENTIFIER
            :                     subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
 475 04   24:                   OCTET STRING, encapsulates {
 477 30   22:                       SEQUENCE {
 479 81   20:                         [1] 'AliceRSA@example.com'
            :                         }
            :                       }
            :                   }
            :                 }
            :               }
            :             }
 501 30   13:           SEQUENCE {
 503 06    9:             OBJECT IDENTIFIER
            :               sha1withRSAEncryption
            :                   (1 2 840 113549 1 1 5)
            :               (PKCS #1)
 514 05    0:             NULL
            :             }
 516 03    2:  129:           BIT STRING 1 0 unused bits
            :                         '1100001'B             3E 70 47 A8 48 CC 13 58 8F CA 51 71
            :             6B 4E 36 18 5D 04 7E 80 B1 8D 4D CC
            :             CA A3 8F CC 7D 56 C8 BC CF 6E B3 1C
            :             59 A9 20 AA 05 81 A8 4E 25 AD A7 70
            :             14 75 2F F5 C7 9B D1 0E E9 63 D2 64
            :             B7 C6 66 6E 73 21 54 DF F4 BA 25 5D
            :             7D 49 D3 94 6B 22 36 74 73 B8 4A EC
            :             2F 64 ED D3 3D D2 A7 42 C5 E8 37 8A
            :             B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA
            :             F9 EE 63 6A D8 3F 4B 25 09 B5 D8 1A
            :             76 AE EB 9B DB 49 B0 22
            :           }
            :         }
 624
 648 31  203:       SET {
 651 30   29:  200:         SEQUENCE {
 626
 654 02    1:           INTEGER 1
 657 30   38:           SEQUENCE {
 659 30   18:             SEQUENCE {
 661 31   16:               SET {
 663 30   14:                 SEQUENCE {
 665 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 670 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
 679 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :               C4 10 B3 B0
            :             }
 697 30    9:           SEQUENCE {
 699 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
 706 05    0:             NULL
            :             }
 708 30   13:           SEQUENCE {
 710 06    9:             OBJECT IDENTIFIER
            :               rsaEncryption (1 2 840 113549 1 1 1)
            :               (PKCS #1)
 721 05    0:             NULL
            :                     (X.509 id-ce (2 5 29))
 631 04   22:                   OCTET STRING, encapsulates {
 633             }
 723 04   20:  128:           OCTET STRING
            :                   70 44 3E             2F 23 82 2E 6F 87 DE 4A D3 D2 F3 09 5F B8 0C 58 EB 4E
            :             9D BF 89 9A 81 E5 75 C4 91 3D D3 D0
            :             D5 7B B6 D5 FE 94 A1 8A AC E3 C4 84
            :                   3D             F5 CD 60 4E 27 95 F6 CF 00 86 76 75
            :             3F 2B F0 E7 D4 02 67 A7 F5 C7 8D 16
            :             04 A5 B3 B5 E7 D9 32 F0 24 EF E7 20 BC 43
            :             44 D5 9F 07 C5 53 24 FA CE 01 1D 0F
            :             17 13 A7 2A 95 9D 2B 93 F1 1F E4 03 95 14 0B
            :             E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6
            :             55 13 D4 68 6F D0 07 D7 A2 B1 62 4C
            :             E3 8F AF FD E0 D5 5D C7
            :           }
            :         }
            :       }
            :     }
            :   }
 655

4.3 Basic signed content, detached content

Same as 4.1, except with no eContent. A SignedData with no attribute
certificates, signed by Alice using DSS, just her certificate (not
Carl's root cert), no CRL. The message is ExContent, but the eContent
is not included. There are no signed or unsigned attributes.

   0 30    9:  887: SEQUENCE {
 657
   4 06    7:    9:   OBJECT IDENTIFIER
            :               dsaWithSha1 signedData (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm) 113549 1 7 2)
            :             }
 666 03   48:           BIT STRING 0 unused bits, encapsulates     (PKCS #7)
  15 A0  872:   [0] {
 669
  19 30   45:  868:     SEQUENCE {
 671
  23 02   20:    1:       INTEGER
            :                   6B A9 F0 4E 7A 5A 79 E3 F9 BE 3D 2B
            :                   C9 1
  26 31    9:       SET {
  28 30    7:         SEQUENCE {
  30 06 37 E9 11 17 A1 13
 693 02   21:                 INTEGER
            :                   00 8F 34 69 2A 8B B1 3C 03 79 94 32    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :                   4D 12 1F CE 89 FB 46 B2 3B             (OIW)
            :           }
            :         }
  37 30   11:       SEQUENCE {
  39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
            :         }
 716
  50 A0  736:       [0] {
  54 30  732:         SEQUENCE {
 720
  58 30  667:           SEQUENCE {
 724
  62 A0    3:             [0] {
 726
  64 02    1:               INTEGER 2
            :               }
 729
  67 02    2:             INTEGER 200
 733
  71 30    9:             SEQUENCE {
 735
  73 06    7:               OBJECT IDENTIFIER
            :                 dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)
            :               }
 744
  82 30   18:             SEQUENCE {
 746
  84 31   16:               SET {
 748
  86 30   14:                 SEQUENCE {
 750
  88 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 755
  93 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 764
 102 30   30:             SEQUENCE {
 766
 104 17   13:               UTCTime '990817011049Z'
 781
 119 17   13:               UTCTime '391231235959Z'
            :               }
 796
 134 30   19:             SEQUENCE {
 798
 136 31   17:               SET {
 800
 138 30   15:                 SEQUENCE {
 802
 140 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 807
 145 13    8:                   PrintableString 'AliceDSS'
            :                   }
            :                 }
            :               }
 817
 155 30  438:             SEQUENCE {
 821
 159 30  299:               SEQUENCE {
 825
 163 06    7:                 OBJECT IDENTIFIER
            :                   dsa (1 2 840 10040 4 1)
            :                   (ANSI X9.57 algorithm)
 834
 172 30  286:                 SEQUENCE {
 838
 176 02  129:                   INTEGER
            :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
            :                   48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
            :                   53 C5 AB 84 08 4F FF 94 E1 73 48 7E
            :                   0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
            :                   DC 5F 69 8A E4 75 D0 37 0C 91 08 95
            :                   9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
            :                   8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
            :                   78 BD FF 9D B0 84 97 37 F2 E4 51 1B
            :                   B5 E4 09 96 5C F3 7E 5B DB
 970
 308 02   21:                   INTEGER
            :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
            :                   B8 37 21 2B 62 8B F7 93 CD
 993
 331 02  128:                   INTEGER
            :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
            :                   4B 59 6A 4C 76 23 39 04 02 35 5C F2
            :                   CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
            :                   AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
            :                   3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
            :                   E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30
            :                   01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
            :                   1F 11 7F C2 BD ED D1 50 FF 98 74 C2
            :                   D1 81 4A 60 39 BA 36 39
            :                   }
            :                 }
1124
 462 03  132:               BIT STRING 0 unused bits, encapsulates {
1128
 466 02  128:                   INTEGER
            :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
            :                   3F A9 EC AC 5E DC BD B7 13 11 34 A6
            :                   16 89 28 11 23 D9 34 86 67 75 75 13
            :                   12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
            :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
            :                   A5 A0 4A E3 85 D6 CE 06 80 3F E8 23
            :                   7E 1A F2 24 AB 53 1A B8 27 0D 1E EF
            :                   08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
            :                   32 84 F0 7E 41 40 FD 46 A7 63 4E 33
            :                   F2 A5 E2 F4 F2 83 E5 B8
            :                   }
            :               }
1259
 597 A3  129:             [3] {
1262
 600 30  127:               SEQUENCE {
1264
 602 30   12:                 SEQUENCE {
1266
 604 06    3:                   OBJECT IDENTIFIER
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
1271
 609 01    1:                   BOOLEAN TRUE
1274
 612 04    2:                   OCTET STRING, encapsulates {
1276
 614 30    0:                       SEQUENCE {}
            :                       }
            :                   }
1278
 616 30   14:                 SEQUENCE {
1280
 618 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
1285
 623 01    1:                   BOOLEAN TRUE
1288
 626 04    4:                   OCTET STRING, encapsulates {
1290
 628 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
1294
 632 30   31:                 SEQUENCE {
1296
 634 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
1301
 639 04   24:                   OCTET STRING, encapsulates {
1303
 641 30   22:                       SEQUENCE {
1305
 643 80   20:                         [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                   3D 20 BC 43 2B 93 F1 1F
            :                         }
            :                       }
            :                   }
1327
 665 30   29:                 SEQUENCE {
1329
 667 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
1334
 672 04   22:                   OCTET STRING, encapsulates {
1336
 674 04   20:                       OCTET STRING
            :                   BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
            :                   13 01 E2 FD E3 97 FE CD
            :                       }
            :                   }
1358
 696 30   31:                 SEQUENCE {
1360
 698 06    3:                   OBJECT IDENTIFIER
            :                     subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
1365
 703 04   24:                   OCTET STRING, encapsulates {
1367
 705 30   22:                       SEQUENCE {
1369
 707 81   20:                         [1] 'AliceDSS@example.com'
            :                         }
            :                       }
            :                   }
            :                 }
            :               }
            :             }
1391
 729 30    9:           SEQUENCE {
1393
 731 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
1402
 740 03   48:           BIT STRING 0 unused bits, encapsulates {
1405
 743 30   45:               SEQUENCE {
1407
 745 02   20:                 INTEGER
            :                   55 0C A4 19 1F 42 2B 89 71 22 33 8D
            :                   83 6A B5 3D 67 6B BF 45
1429
 767 02   21:                 INTEGER
            :                   00 9F 61 53 52 54 0B 5C B2 DD DA E7
            :                   76 1D E2 10 52 5B 43 5E BD
            :                 }
            :               }
            :           }
            :         }
1452 A1  219:       [1] {
1455 30  216:         SEQUENCE
 790 31   99:       SET {
1458
 792 30  153:   97:         SEQUENCE {
1461
 794 02    1:           INTEGER 1
 797 30    9:   24:           SEQUENCE {
1463 06    7:               OBJECT IDENTIFIER
            :                 dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)
            :               }
1472
 799 30   18:             SEQUENCE {
1474
 801 31   16:               SET {
1476
 803 30   14:                 SEQUENCE {
1478
 805 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
1483
 810 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
1492 17   13:             UTCTime '990827070000Z'
1507 30  105:             SEQUENCE {
1509 30   19:               SEQUENCE {
1511
 819 02    2:             INTEGER 200
1515 17   13:                 UTCTime '990822070000Z'
            :                 }
1530 30   19:               SEQUENCE {
1532 02    2:                 INTEGER 201
1536 17   13:                 UTCTime '990822070000Z'
            :                 }
1551 30   19:               SEQUENCE {
1553 02    2:                 INTEGER 211
1557 17   13:                 UTCTime '990822070000Z'
            :                 }
1572 30   19:               SEQUENCE {
1574 02    2:                 INTEGER 210
1578 17   13:                 UTCTime '990822070000Z'
            :             }
1593
 823 30   19:    7:           SEQUENCE {
1595 02    2:                 INTEGER 212
1599 17   13:                 UTCTime '990824070000Z'
            :                 }
 825 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               }               (OIW)
            :             }
1614
 832 30    9:           SEQUENCE {
1616
 834 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
1625 03   47:           BIT STRING 0 unused bits,
 843 04   46:           OCTET STRING, encapsulates {
1628
 845 30   44:               SEQUENCE {
1630
 847 02   20:                 INTEGER
            :                   7E 65 52 76 33 FE                   06 FB C7 2A 24 D5 34 73 17 D1 89 F7 96 8B B5 FD
            :                   F9 A0 D4 D8 6D 5C 7D 3D
1652                   73 24 A5 86 C8 0F 5A 6C
 869 02   20:                 INTEGER
            :                   02 7A 5B B7 D5 5B 18 C1 CF 87 EF 7E                   66 69 19 BC 68 58 D1 8D B1 9D 52 3F
            :                   DA 24 F3 2A 83 9C 35 14 88 0D FD C9 A1 B8
            :                 }
            :               }
            :           }
            :         }
1674 31    0:       SET {}
            :       }
            :     }
            :   }

6.  Enveloped-data

6.1 Basic encrypted content, TripleDES

4.4 Fancier signed content

Same as 4.1, but includes Carl's root cert, Carl's CRL, some signed and DH

An EnvelopedData from
unsigned attributes (Countersignature by Diane). A SignedData with no
attribute certificates, signed by Alice to Bob of ExContent using TripleDES for
encrypting DSS, her certificate
and Diffie-Hellman for key management. Does not have a
OriginatorInfo or any attributes. Carl's root cert, Carl's DSS CRL. The message is ExContent, and is
included in the eContent. The signed attributes are Content Type,
Message Digest and Signing Time; the unsigned attributes are content
hint and counter signature.

   0 30  426: 2829: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  15 A0 2814:   [0] {
  19 30 2810:     SEQUENCE {
  23 02    1:       INTEGER 1
  26 31    9:       SET {
  28 30    7:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
            :           }
            :         }
  37 30   43:       SEQUENCE {
  39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  50 A0   30:         [0] {
  52 04   28:           OCTET STRING 'This is some sample content.'
            :           }
            :         }
  82 A0 1967:       [0] {
  86 30  556:         SEQUENCE {
  90 30  405:           SEQUENCE {
  94 A0    3:             [0] {
  96 02    1:               INTEGER 2
            :               }
  99 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :               C4 10 B3 B0
 117 30   13:             SEQUENCE {
 119 06    9:               OBJECT IDENTIFIER
            :                 sha1withRSAEncryption
            :                     (1 2 840 113549 1 1 5)
            :                 (PKCS #1)
 130 05    0:               NULL
            :               }
 132 30   18:             SEQUENCE {
 134 31   16:               SET {
 136 30   14:                 SEQUENCE {
   4
 138 06    9:    3:                   OBJECT IDENTIFIER
            :     envelopedData (1 2 840 113549 1 7                     commonName (2 5 4 3)
            :     (PKCS #7)
  15 A0  411:   [0]                     (X.520 id-at (2 5 4))
 143 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
 152 30   30:             SEQUENCE {
  19
 154 17   13:               UTCTime '990919010847Z'
 169 17   13:               UTCTime '391231235959Z'
            :               }
 184 30  407:   19:             SEQUENCE {
  23 02    1:       INTEGER 2
  26
 186 31  331:   17:               SET {
 188 30 A1  327:         [1] {
  34 02    1:           INTEGER 3
  37 A0  149:           [0]   15:                 SEQUENCE {
  40 A1  146:             [1]
 190 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 195 13    8:                   PrintableString 'AliceRSA'
            :                   }
            :                 }
            :               }
 205 30  159:             SEQUENCE {
  43
 208 30    9:   13:               SEQUENCE {
  45
 210 06    7:    9:                 OBJECT IDENTIFIER
            :                   dhPublicKey                   rsaEncryption (1 2 840 10046 2 113549 1 1 1)
            :                   (ANSI X9.42 number type)                   (PKCS #1)
 221 05    0:                 NULL
            :                 }
  54
 223 03  132:  141:               BIT STRING 0 unused bits, encapsulates {
  58
 227 30  137:                   SEQUENCE {
 230 02  128:  129:                     INTEGER
            :                   44 B9 26 32 13 77 AD 88 CD F5 9F 4B
            :                   4D A9 6C FF 38 60 EB 84 AB 45 E6 A3
            :                   F4 E2 94 27 97 F0 8D 29 A5 EB 1F 21
            :                   91 68 58                   00 E0 89 73 39 C8 F2 49 8D D8 99 DB 48 A8
            :                   9E 47 A5 9E 06 BE B4 F4 A0 86 01 10
            :                   C4 50 FB B1 F5 31 88 12 7B 15 18 70
            :                   F8 72 08 65 4F 51 A7 A3 96 18 F5 E8 79 87 76
            :                   B4 A6 6C F1                   39 7F 4E B0 05 BB 53 83 DE 0F B7 7A 61 26 F6 AF 4D 34 AB
            :                   42 22 DD 80 F3                   DC 7D C7 42 CE 6A 1C 8C 75 29 0D 05 2E 6D 12 DF A6
            :                   24 E9 54 6A A0 67 B1 80 DE BB B0 C4
            :                   FE BC 45 4C                   86 26 D4 D2 EC 35 74
            :                   }
            :               }
            :             }
 189 A1   66:           [1] {
 191 04   64:             OCTET STRING
            :               A9 74 C4 E9 6F AA 79 D3 CE 5C 74 A4 ED
            :               A5 DB 65 F5 C0 37 D6 81 F1 0A 93 5F
            :               24 A1 DB 58 29 FC 97 96 EE 87 8B 79 DB E9 07 EC FA
            :               11 23 CE 70 24 84                   82 51 0F 30 72 02 83 D5 7D 80 BE B1 50 9E 46 44 F1
            :                   2C BB D8 32 CF C6 68 6F 07 D9 B0 60 D3 D4 F6 A7 4D 4C C2 E0 89 FA CD
            :               59 20 A2                   AC BE EE 34 09 6A 13 F5 F7 05 05 93
            :             }
 257 30   30:           SEQUENCE {
 259 06   11:             OBJECT IDENTIFIER
            :               id-alg-ESDH (1 2 840 113549 1 9 16 3 5)
            :               (S/MIME Algorithms
            :                   (1 2 840 113549 1 9 16 3))
 272 30   15:             SEQUENCE {
 274 06   11:               OBJECT IDENTIFIER                   DF 5E BA 35 56 D9 61 FF 19 7F C9 81
            :                 id-alg-CMS3DESwrap                   E6 F8 6C EA 87 40 70 EF AC 6D 2C 74
            :                     (1 2 840 113549 1 9 16 3 6)                   9F 2D FA 55 3A B9 99 77 02 A6 48 52
            :                 (S/MIME Algorithms                   8C 4E F3 57 38 57 74 57 5F
 362 02    3:                     INTEGER 65537
            :                     (1 2 840 113549 1 9 16 3))
 287 05    0:               NULL                     }
            :                   }
            :               }
 289 30   70:           SEQUENCE {
 291 30   68:             SEQUENCE {
 293 30   24:               SEQUENCE
 367 A3  129:             [3] {
 295
 370 30   18:  127:               SEQUENCE {
 297 31   16:                   SET {
 299
 372 30   14:   12:                 SEQUENCE {
 301
 374 06    3:                   OBJECT IDENTIFIER
            :                         commonName                     basicConstraints (2 5 4 3) 29 19)
            :                         (X.520 id-at                     (X.509 id-ce (2 5 4))
 306 13    7:                       PrintableString 'CarlDSS'
            :                       }
            :                     }
            :                   }
 315 02    2:                 INTEGER 201
            :                 }
 319 29))
 379 01    1:                   BOOLEAN TRUE
 382 04   40:    2:                   OCTET STRING
            :                 97 A2 1C 9B 1D 72 03 4C FA 1F CE DA
            :                 AE 85 49 E1 0D 32 04 97 80 43 CB 00
            :                 49 60 36 A7 DD 4B 0E E5 D6 A8 7B BA
            :                 66 94 97 A7
            :               }
            :             } STRING, encapsulates {
 384 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 361 30   67:       SEQUENCE {
 363 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
 374
 386 30   20:   14:                 SEQUENCE {
 376
 388 06    8:    3:                   OBJECT IDENTIFIER
            :             des-EDE3-CBC (1 2 840 113549 3 7)
            :             (RSADSI encryptionAlgorithm                     keyUsage (2 5 29 15)
            :                 (1 2 840 113549 3))
 386                     (X.509 id-ce (2 5 29))
 393 01    1:                   BOOLEAN TRUE
 396 04    8:    4:                   OCTET STRING, encapsulates {
 398 03    2:                       BIT STRING 6 unused bits
            :             37 E7 7E D7 16 17 C8 AC
            :           }
 396 80   32:         [0]
            :           6A F2 B8 9A 58 65 B2 AD F4 3A A0 31
            :           B2 BD F7 52 7A EB 2B FB 04 77 0F E2
            :           59 C6 33 BB 05 FD 0C EA
            :         }
            :       }                         '11'B
            :                       }
            :                   }

Some additional information on this example:

3DES CEK
    cd 4f 7c 83 73 c4 26 ce 5d b0 cd ea 7c 16 15 cb
    2f 8c a8 20 16 0e c8 2a

Ephemeral X (reverse the bytes)
    2e 92 4e b9 2a bd ab 1e cb 5b d8 3b c5 6c b0 ef
    2d 89 7b 0e e7 d6 33 8c 1f 33 81 6d 2d d1 61 4f

ZZ
    de 42 2f c3 fb 44 ab ce 71 3f f6 3a aa dc 09 d1
    ca 30 97 22 73 eb de 6a af 87 e1 74 62 60 73 c7
    93 1f 2e 26 b3 09 8f 1c 93 31 33 63 5f 0e ad 89
    89 f5 1a cb 8c 3f b7 8f 50 b3 9a fe 06 b0 8a 68
    c0 f7 b1 fe 20 af 96 f2 a6 cf de 12 1e 74 f9 38
    d1 90 da 4d 10 45 b2 6a be 3f f9 3b 61 c0 6d 8f
    bc 2e c8 a3 e6 d8 e2 a8 52 ea 58 65 b3 93 99 b7
    77 91 67 e6 04 e5 ca ce 46 86 b0 83 17 d9 de 1d

3DES KEK (no parity check)
    02 1f 67 5c 92 58 e5 5a 2a fb 3b ed 94 6b 39 8a
    b1 38 a7 8c 63 fc d6 14

wrapped key
    51 46 57 41 34 1c d6 c7 cd 36 4b a4 93 b7 16 e6
    2e f0 58 24 9c 6d 4b e9 90 8b 0f 46 b8 e5 93 19
    ff 7c f0 56 4d 4f fa f5

3DES CEK
    1c b6 57 1a 25 bc f8 13 5b 01 1a d5 a2 46 31 7a
    85 fe 4f 62 45 4a 2a 43

6.2 Basic encrypted content, TripleDES and RSA

Same as 6.1, except with RSA for key management. An EnvelopedData from
Alice to Bob of ExContent using TripleDES for encrypting and RSA for
key management. Does not have a OriginatorInfo.

   0
 402 30  286:   31:                 SEQUENCE {
   4
 404 06    9:    3:                   OBJECT IDENTIFIER
            :     envelopedData (1 2 840 113549 1 7 3)
            :     (PKCS #7)
  15 A0  271:   [0] {
  19 30  267:     SEQUENCE {
  23 02    1:       INTEGER 0
  26 31  192:       SET {                     authorityKeyIdentifier (2 5 29 30  189:         SEQUENCE 35)
            :                     (X.509 id-ce (2 5 29))
 409 04   24:                   OCTET STRING, encapsulates {
  32 02    1:           INTEGER 0
  35
 411 30   38:   22:                       SEQUENCE {
 413 80   20:                         [0]
            :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
            :                   42 37 4E 22 AE 9E 38 BB
            :                         }
            :                       }
            :                   }
 435 30   18:   29:                 SEQUENCE {
  39 31   16:               SET
 437 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
 442 04   22:                   OCTET STRING, encapsulates {
  41
 444 04   20:                       OCTET STRING
            :                   77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D
            :                   CE EC 3C A0 3A E3 FF 50
            :                       }
            :                   }
 466 30   14:   31:                 SEQUENCE {
  43
 468 06    3:                   OBJECT IDENTIFIER
            :                     commonName                     subjectAltName (2 5 4 3) 29 17)
            :                     (X.520 id-at                     (X.509 id-ce (2 5 4))
  48 13    7:                   PrintableString 'CarlRSA' 29))
 473 04   24:                   OCTET STRING, encapsulates {
 475 30   22:                       SEQUENCE {
 477 81   20:                         [1] 'AliceRSA@example.com'
            :                         }
            :                       }
            :                   }
  57 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E                 }
            :               CD 5D 71 D0               }
            :             }
  75
 499 30   13:           SEQUENCE {
  77
 501 06    9:             OBJECT IDENTIFIER
            :               rsaEncryption               sha1withRSAEncryption
            :                   (1 2 840 113549 1 1 1) 5)
            :               (PKCS #1)
  88
 512 05    0:             NULL
            :             }
  90 04  128:           OCTET
 514 03  129:           BIT STRING 0 unused bits
            :             0B 71 0D E6 71 88 88 98 B6 96 C1 8F
            :             3E 70 FD A2 27 DE DA E1 EF 24 6C A4 33 47 A8 48 CC 13 58 8F CA 51 71
            :             DF AC E0 E9 9D A2 D3 2C 7A CD             6B 4E 36 18 5D 04 7E 80 B8
            :             99 9E E6 5F B1 41 B3 72 16 83 E7 FA 8D 4D CC
            :             2A 00 8B C7 73 35 78 26 D6 C7             CA A3 8F CC 7D 56 C8 BC CF 8C 6E B3 1C
            :             0C 56 DB A5 76 9D 08 38 0E F3 F9 D4             59 A9 20 AA 05 81 A8 4E 25 AD A7 70
            :             91 43 58 78 DC 49 B6 EC EE 6C 68 33             14 75 2F F5 C7 9B D1 0E E9 63 D2 64
            :             A3             B7 C6 66 6E 73 21 1D F0 28 78 1F F7 54 DF F4 BA 25 5D F6 07 73
            :             4D DF AD 69 31 20 4B 48 A9 75             7D 49 D3 94 6B 22 6E
            : 36 79 15 63 8F CC EB 9D A3 28 A1 D1
            :             2C 57 F4 DA 1A 2C 75 1F
            :           }
            :         }
 221 30   67:       SEQUENCE {
 223 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
 234 30   20:         SEQUENCE {
 236 06    8:           OBJECT IDENTIFIER
            :             des-EDE3-CBC (1 2 840 113549 3 7)
            :             (RSADSI encryptionAlgorithm
            :                 (1 2 840 113549 3))
 246 04    8:           OCTET STRING 74 73 B8 4A EC
            :             2D 68             2F 64 ED D3 3D D2 A7 42 C5 E9 47 06 51 35 E8 37 8A
            :           }
 256 80   32:         [0]             B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA
            :           0E C8 92 7F C6 7D             F9 EE 63 6A D8 3F 8D CB AD 8E 0E
            :           C5 49 3A EB 47 2E D6 55 DE 09 21 4E
            :           48 EA 4E 27 B1 6E 57 4B 25 09 B5 D8 1A
            :         }
            :       }             76 AE EB 9B DB 49 B0 22
            :           }
 646 30  667:         SEQUENCE {
 650 30  602:           SEQUENCE {
 654 A0    3:             [0] {
 656 02    1:               INTEGER 2
            :               }

6.3 Basic encrypted content, RC2/40 and RSA

Same as 6.1, except using RC2/40 for encryption and RSA for key
management. An EnvelopedData from Alice to Bob of ExContent using
RC2/40 for encrypting and RSA for key management. Does not have a
OriginatorInfo or any attributes.

   0
 659 02    1:             INTEGER 1
 662 30  291:    9:             SEQUENCE {
   4
 664 06    9:    7:               OBJECT IDENTIFIER
            :     envelopedData                 dsaWithSha1 (1 2 840 113549 1 7 10040 4 3)
            :     (PKCS #7)
  15 A0  276:   [0] {
  19                 (ANSI X9.57 algorithm)
            :               }
 673 30  272:   18:             SEQUENCE {
  23 02    1:       INTEGER 0
  26
 675 31  192:   16:               SET {
  29
 677 30  189:   14:                 SEQUENCE {
  32 02    1:           INTEGER 0
  35
 679 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 684 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 693 30   38:   30:             SEQUENCE {
  37
 695 17   13:               UTCTime '990816225050Z'
 710 17   13:               UTCTime '391231235959Z'
            :               }
 725 30   18:             SEQUENCE {
  39
 727 31   16:               SET {
  41
 729 30   14:                 SEQUENCE {
  43
 731 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
  48
 736 13    7:                   PrintableString 'CarlRSA' 'CarlDSS'
            :                   }
            :                 }
            :               }
  57
 745 30  439:             SEQUENCE {
 749 30  299:               SEQUENCE {
 753 06    7:                 OBJECT IDENTIFIER
            :                   dsa (1 2 840 10040 4 1)
            :                   (ANSI X9.57 algorithm)
 762 30  286:                 SEQUENCE {
 766 02   16:  129:                   INTEGER
            :               46 34 6B                   00 B6 49 18 3E 8A 44 C1 29 71 94 4C
            :                   01 C4 12 C1 7A 79 CB 54 4D AB 1E 81
            :                   FB C6 4C B3 0E 94 09 06 EB 01 D4 B1
            :                   C8 71 4B C7 80 45 C0 50 25 5D 9C FC DA
            :                   E4 6D D3 E2 86 48 84 82 7D BA 15 95
            :                   4A 16 F6 46 ED DD F6 98 D2 BB 7E 8A
            :                   0A 8A BA 16 7B B9 50 01 48 93 8B EB
            :                   25 15 51 97 55 DC 8F 53 0E 10 A9 50
            :                   FC 70 B7 CD 30 54 FD DA DE A8 AA 22
            :                   B5 A1 AF 8B CC 02 88 E7 8B 70 5F B9
            :                   AD E1 08 D4 6D 29 2D D6 E9
 898 02   21:                   INTEGER
            :                   00 56 DD C1 2F DF 53 CE 0B 34 60 77 3E
            :                   02 A4 BF 8A 5D 98 B9 10 D5
 921 02  128:                   INTEGER
            :                   0C EE 57 9B 4B BD DA B6 07 6A 74 37
            :                   4F 55 7F 9D ED BC 11 D3 6E 2E 61 0D EB 46 59 3C
            :                   56 0B 2B 5B 0C 91 CE A5 62 52 69 CA
            :                   E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
            :                   AD CB AE 45 E3 06 AC 8C 22 9D 9C 44
            :                   87 0B C7 CD F0 1C D9 B5 4E 5D 71 D0 73 DE
            :             }
  75 30   13:           SEQUENCE {
  77                   AF 0E C9 1D 5A 51 F5 4F 44 79 35 5A
            :                   73 AA 7F 46 51 1F A9 42 16 9C 48 EB
            :                   8A 79 61 B4 D5 2F 53 22 44 63 1F 86
            :                   B8 A3 58 06    9:             OBJECT IDENTIFIER 25 F8 29 C0 EF BA E0 75
            :               rsaEncryption (1 2 840 113549 1 1 1)                   F0 42 C4 63 65 52 9B 0A
            :               (PKCS #1)
  88 05    0:             NULL                   }
            :                 }
  90 04  128:           OCTET
1052 03  133:               BIT STRING 0 unused bits, encapsulates {
1056 02  129:                   INTEGER
            :             85 42 BE E3 0B 2E E5 0F 09 AA 24 CA
            :             DE DA C1 D3 09 B8                   00 99 87 74 27 2B 25 CB D5 71
            :             FB C9 9C DB F0 B2 6E 03 66 A0 8A 5F 1C 9D
            :             4A ED 98 9D 15 39 26 01 1A 2E 6B F0 B1 C0 AD DC
            :                   2C 75 BB E1 6C 44 39 89 37 3C 6F C7 4A 61 0B 0B 27
            :             77 AA F9 D4 97 A4 D2 9C DA 21 3F C2 3F 20 6D 4D 47
            :             D4 DC 10                   6D B1 62 09 E9 D6 3F D8 AE 1E F2 3A B4 94
            :                   B1 A3 8E 7A 9B 71 4E 00 DB 9C 82 47 D6 94 C9 B4 25
            :             7E                   4E B9 60 96 FF 12 6E 87 84 A0 BA ED 81 0F 19 24 01 F3 62 0C FE 75
            :             56 6D A6 1D EB AB C3 B7 A1 B9 F8 5F                   C0 FB CE D8 68 00 E3 FD D5 70 4F DF
            :             8B CC 1B 4A E5 14 36                   23 96 19 06 94 F4 B1 61 D0 C7 64 8F 3A 57 B1
            :             5F 69 67 91 A9                   08 11 A4 0B 26 25 F0 52 76 81 EA 0B
            :                   62 0D 95 2A E6 86 BA 72 B2 A7 50 EE D8 83
            :                   0B AA 27 CD 1B A9 4D 89 9A D7 8D 18
            :                   39 84 3F 8B C5 56 4D 80 7A
            :                   }
            :               }
 221
1188 A3   66:             [3] {
1190 30   72:   64:               SEQUENCE {
 223 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
 234
1192 30   25:   15:                 SEQUENCE {
 236
1194 06    8:    3:                   OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2)
            :             (RSADSI encryptionAlgorithm                     basicConstraints (2 5 29 19)
            :                 (1 2 840 113549 3))
 246                     (X.509 id-ce (2 5 29))
1199 01    1:                   BOOLEAN TRUE
1202 04    5:                   OCTET STRING, encapsulates {
1204 30   13:    3:                       SEQUENCE {
 248 02
1206 01    1:             INTEGER 58
 251 04    8:             OCTET STRING
            :               E8 70 81 E2 EF C5 15 57                         BOOLEAN TRUE
            :                         }
            :                       }
 261 80   32:         [0]
            :           06 53 0A 7B 8D 5C 16 0D CC D5 76 D6
            :           8B 59 D6 45 8C 1A 1A 0C E6 1E F3 DE
            :           43 56 00 9B 40 8C 38 5D
            :                   }
1209 30   14:                 SEQUENCE {
1211 06    3:                   OBJECT IDENTIFIER
            :       }                     keyUsage (2 5 29 15)
            :     }                     (X.509 id-ce (2 5 29))
1216 01    1:                   BOOLEAN TRUE
1219 04    4:                   OCTET STRING, encapsulates {
1221 03    2:                       BIT STRING 1 unused bits
            :   }

6.4 Encrypted content, two recipients, no shared keying material

Same as 6.1, except sent to both Bob and Diane. An EnvelopedData from
Alice to Bob and Diane of ExContent using TripleDES for encrypting and
Diffie-Hellman for key management. Does not have a OriginatorInfo or
any attributes.

   0                         '1100001'B
            :                       }
            :                   }
1225 30  759:   29:                 SEQUENCE {
   4
1227 06    9:    3:                   OBJECT IDENTIFIER
            :     envelopedData (1 2 840 113549 1 7 3)                     subjectKeyIdentifier (2 5 29 14)
            :     (PKCS #7)
  15 A0  744:   [0] {
  19 30  740:     SEQUENCE {
  23 02    1:       INTEGER 2
  26 31  664:       SET {
  30 A1  328:         [1] {
  34 02    1:           INTEGER 3
  37 A0  150:           [0] {
  40 A1  147:             [1]                     (X.509 id-ce (2 5 29))
1232 04   22:                   OCTET STRING, encapsulates {
1234 04   20:                       OCTET STRING
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                   3D 20 BC 43 2B 93 F1 1F
            :                       }
            :                   }
            :                 }
            :               }
            :             }
1256 30    9:           SEQUENCE {
  45
1258 06    7:             OBJECT IDENTIFIER
            :                   dhPublicKey               dsaWithSha1 (1 2 840 10046 2 1) 10040 4 3)
            :               (ANSI X9.42 number type) X9.57 algorithm)
            :             }
  54
1267 03  133:   48:           BIT STRING 0 unused bits, encapsulates {
  58
1270 30   45:               SEQUENCE {
1272 02  129:   20:                 INTEGER
            :                   00 9D 6E AA 4D 55 35 05 66 65 F7 A0
            :                   64 75 99 67 FB                   6B A9 F0 4E 4F 53 55 34 7A 85
            :                   21 95 2B 7E 62 3C DE 0A C9 20 1C 4C
            :                   80 47 3E A6 5F F5 4B 07 12 26 74 5A 79 E3 F9 BE 3D 2B
            :                   D8 B8 2E 2C EA 45 21 05 C8 7D FA 68                   C9 06 37 E9 11 17 A1 13
1294 02   21:                 INTEGER
            :                   6E 23 46 87 0F D2 D0 A8                   00 8F 34 69 2A 8B 0E DE 4D
            :                   7D 2C F3 51 76 9F 58 F7 F2 7B 23 30
            :                   D7 21 53 90 29 9A 5B 5E 64 1C 0D FF
            :                   7E EB 9D 35 DF B5 D3 A3 FF 30 22 B8
            :                   AF 31 09 C2 8E BF C8 BD 51 F2 27 A5 B1 3C 03 79 94 32
            :                   CD 34 11 B5 4C 2B BF 68 18                   4D 12 1F CE 89 FB 46 B2 3B
            :                 }
            :               }
            :           }
 190 A1   66:           [1]
1317 30  732:         SEQUENCE {
 192 04   64:             OCTET STRING
            :               83 14 1A D8 46 28 EF 78 3F C8 1E 29
            :               3B 14 F8 FE 16 36 2E 6F 35 C8 29 60
            :               8A C6 6A BF 48 E6 76 DB 6A 7C 18 36
            :               13 47 20 E2 5F 39 08 C2 04 97 F3 FC
            :               E6 C3 6F 75 4E C9
1321 30 97 B1 41 6B A1
            :               E8 50 D6 C7  667:           SEQUENCE {
1325 A0    3:             [0] {
1327 02    1:               INTEGER 2
            :               }
 258
1330 02    2:             INTEGER 200
1334 30   30:    9:             SEQUENCE {
 260
1336 06   11:    7:               OBJECT IDENTIFIER
            :               id-alg-ESDH                 dsaWithSha1 (1 2 840 113549 1 9 16 3 5) 10040 4 3)
            :               (S/MIME Algorithms                 (ANSI X9.57 algorithm)
            :                   (1 2 840 113549 1 9 16 3))
 273               }
1345 30   15:   18:             SEQUENCE {
 275
1347 31   16:               SET {
1349 30   14:                 SEQUENCE {
1351 06   11:    3:                   OBJECT IDENTIFIER
            :                 id-alg-CMS3DESwrap
            :                     (1 2 840 113549 1 9 16 3 6)                     commonName (2 5 4 3)
            :                 (S/MIME Algorithms                     (X.520 id-at (2 5 4))
1356 13    7:                   PrintableString 'CarlDSS'
            :                     (1 2 840 113549 1 9 16 3))
 288 05    0:               NULL                   }
            :                 }
            :               }
 290 30   70:           SEQUENCE {
 292 30   68:             SEQUENCE {
 294
1365 30   24:   30:             SEQUENCE {
 296
1367 17   13:               UTCTime '990817011049Z'
1382 17   13:               UTCTime '391231235959Z'
            :               }
1397 30   18:   19:             SEQUENCE {
 298
1399 31   16:   17:               SET {
 300
1401 30   14:   15:                 SEQUENCE {
 302
1403 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 307
1408 13    7:    8:                   PrintableString 'CarlDSS'
            :                       }
            :                     }
            :                   }
 316 02    2:                 INTEGER 211
            :                 }
 320 04   40:               OCTET STRING
            :                 38 73 93 2D 46 83 C1 7E EA 60 6B 41
            :                 CF 72 6F 35 0D 59 B1 E3 C5 09 59 94
            :                 E2 82 ED 18 FE 26 1B BC 46 81 1B 85
            :                 9A 56 3F 3C 'AliceDSS'
            :                   }
            :                 }
            :               }
 362 A1  328:         [1] {
 366 02    1:           INTEGER 3
 369 A0  150:           [0] {
 372 A1  147:             [1]
1418 30  438:             SEQUENCE {
 375
1422 30    9:  299:               SEQUENCE {
 377
1426 06    7:                 OBJECT IDENTIFIER
            :                   dhPublicKey                   dsa (1 2 840 10046 2 10040 4 1)
            :                   (ANSI X9.42 number type)
            :                 }
 386 03  133:               BIT STRING 0 unused bits, encapsulates X9.57 algorithm)
1435 30  286:                 SEQUENCE {
 390
1439 02  129:                   INTEGER
            :                   00 BA 58 81 8D CD ED 83 EA 0A 9E 39 3E C2
            :                   48 28 A3 E4 47 93 8B BC 31 59 F9 CF F7 23 DD 0E D7 A8 0E EC
            :                   3A 77 75 CB F4 9B 7C 5E                   53 EB 73 C5 AB 84 08 4F FF 94 E1 73 48 7E
            :                   4F E5 75 55                   0C D6 F3 44 48 4D 50 C4 D1 FE 9F AF 71 A4 A1 89
            :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
            :                   DC 5F 69 87 8A E4 75 D0 37 0C 91 08 95
            :                   CA BC                   9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
            :                   8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :                   C3 B5 5B 63 3B 9A 0E A5 D0 F3 B3 E3 55 08 75 D5 39 76 10 C4
            :                   78 BD FF 9D B0 84 97 37 F2 E4 51 1B
            :                   B5 E4 09 96 5C F3 7E 5B DB 18 51 C0 CB 35 A5 07 20 21 79
1571 02   21:                   INTEGER
            :                   07 AE CA 26 EE 44 AE 9C 37 37 8B C8
            :                   00 E2 47 A6 1A 45 B3 66 B8 13 C6 DA 8F
            :                   B8 37 21 2B 62 4F A4 87 0E 11 7E 48 96 B6 8B F7 93 CD
1594 02  128:                   INTEGER
            :                   A3 74 E0 F4 9F 5D                   26 C1 E8 7E BC BF 38 D0 14 89 32 AA 39 FB 3E 6D D9
            :                   B3                   4B 59 6A 4C EB 4A 5A 58 76 23 39 04 02 35 5C F2
            :                   CB 12 E8 3E 42 3C 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
            :                   99 DC B3 D3 7A 4F D3 08 83 76 6B 73                   AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :                   E6 B0                   7D 8A 42 25 A7 F4 75 CF 4A 08 EB 5E 4B
            :                   3E 90 F8 6D EA 9C C9 21 8A 3B 76 0E 14
            :                   E9 CE 2E 5D A3 07 CD 23 85 B8 40 4C 2F 30
            :                   01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
            :                   1F 11 7F C2 BD ED D1 50 FF 98 74 C2
            :                   }                   D1 81 4A 60 39 BA 36 39
            :                   }
            :                 }
 522 A1   66:           [1] {
 524 04   64:             OCTET
1725 03  132:               BIT STRING 0 unused bits, encapsulates {
1729 02  128:                   INTEGER
            :               FF DE 88                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
            :                   3F AA 44 D8 10 14 A9 EC AC 5E DC BD B7 13 11 34 A6 29
            :               72 D0 08 4C 9A AC 7D                   16 89 28 11 23 D9 34 B5 68 4D 08 86 67 75 75 13
            :               ED CB 48 2A 70 D6 7A C5 41 9B AE C6                   12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
            :               03 23 F0 87                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
            :                   A5 A0 4A E3 85 D6 CE 06 80 3F C1 55 4D 6F E0 FF E7 E8 23
            :               6B 1C                   7E 1A F2 24 AB 53 1A B8 27 0D 1E EF 54 ED
            :                   08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 52 DD 90 04 25 5E
            :                   32 84 F0 7E 41 40 FD 46 A7 63 4E 33
            :                   F2 43 C1 19 A5 E2 F4 F2 83 E5 B8
            :                   }
            :               }
 590
1860 A3  129:             [3] {
1863 30   30:  127:               SEQUENCE {
 592 06   11:             OBJECT IDENTIFIER
            :               id-alg-ESDH (1 2 840 113549 1 9 16 3 5)
            :               (S/MIME Algorithms
            :                   (1 2 840 113549 1 9 16 3))
 605
1865 30   15:   12:                 SEQUENCE {
 607
1867 06   11:    3:                   OBJECT IDENTIFIER
            :                 id-alg-CMS3DESwrap
            :                     (1 2 840 113549 1 9 16 3 6)
            :                 (S/MIME Algorithms                     basicConstraints (2 5 29 19)
            :                     (1 2 840 113549 1 9 16 3))
 620 05                     (X.509 id-ce (2 5 29))
1872 01    1:                   BOOLEAN TRUE
1875 04    2:                   OCTET STRING, encapsulates {
1877 30    0:               NULL                       SEQUENCE {}
            :                       }
            :                   }
 622 30   70:           SEQUENCE {
 624 30   68:             SEQUENCE {
 626 30   24:               SEQUENCE {
 628 30   18:                 SEQUENCE {
 630 31   16:                   SET {
 632
1879 30   14:                 SEQUENCE {
 634
1881 06    3:                   OBJECT IDENTIFIER
            :                         commonName                     keyUsage (2 5 4 3) 29 15)
            :                         (X.520 id-at                     (X.509 id-ce (2 5 4))
 639 13    7:                       PrintableString 'CarlDSS' 29))
1886 01    1:                   BOOLEAN TRUE
1889 04    4:                   OCTET STRING, encapsulates {
1891 03    2:                       BIT STRING 6 unused bits
            :                       }                         '11'B
            :                       }
            :                   }
 648 02    2:                 INTEGER 201
1895 30   31:                 SEQUENCE {
1897 06    3:                   OBJECT IDENTIFIER
            :                 }
 652                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
1902 04   40:   24:                   OCTET STRING STRING, encapsulates {
1904 30   22:                       SEQUENCE {
1906 80   20:                         [0]
            :                 21 9F 65 F0 97 04 C0                   70 44 3E 82 2E 6F 87 7E D9 69 22
            :                 E3 A1 80 B2 89 4E D6 7D B3 55 DE 23 4A D3 75 E3
            :                 AA 5B AC 0E 17 2B 45 13 A9 24                   3D 20 BC 09
            :                 35 00 E6 92
            :               } 43 2B 93 F1 1F
            :                         }
            :                       }
            :                   }
 694 30   67:       SEQUENCE {
 696 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
 707
1928 30   20:   29:                 SEQUENCE {
 709
1930 06    8:    3:                   OBJECT IDENTIFIER
            :             des-EDE3-CBC (1 2 840 113549 3 7)
            :             (RSADSI encryptionAlgorithm                     subjectKeyIdentifier (2 5 29 14)
            :                 (1 2 840 113549 3))
 719                     (X.509 id-ce (2 5 29))
1935 04    8:   22:                   OCTET STRING, encapsulates {
1937 04   20:                       OCTET STRING
            :             B8 9A                   BE 6C A1 B3 E3 C1 F7 ED 3F 5E 67 11 8A
            :           }
 729 80   32:         [0]
            :           EA AA D8 C4 71 63 E4 31 96 11 12 E4 43 70 A4 CE
            :           8E 84 60 F0 A0 14 02 F9 23 79                   13 01 E2 3D
            :           F3 FC E3 A6 74 FD 25 38
            :         }
            :       } E3 97 FE CD
            :                       }
            :                   }

6.5 Encrypted content, two recipients, shared keying material

Same as 6.4, except sent to Bob and Erica using keys that have shared
parameters so the result does not include the UKMs. An EnvelopedData
from Alice to Bob and Erica of ExContent using TripleDES for encrypting
and Diffie-Hellman for key management. Does not have a OriginatorInfo
or any attributes. Uses BobPubDHSharedEncrypt and
DianePubDHSharedEncrypt for keys.

   0
1959 30  429:   31:                 SEQUENCE {
   4
1961 06    9:    3:                   OBJECT IDENTIFIER
            :     envelopedData (1 2 840 113549 1 7 3)                     subjectAltName (2 5 29 17)
            :     (PKCS #7)
  15 A0  414:   [0]                     (X.509 id-ce (2 5 29))
1966 04   24:                   OCTET STRING, encapsulates {
  19
1968 30  410:   22:                       SEQUENCE {
  23 02    1:       INTEGER 2
  26 31  334:       SET {
  30 A1  330:         [1] {
  34 02    1:           INTEGER 3
  37 A0  149:           [0] {
  40 A1  146:
1970 81   20:                         [1] {
  43 'AliceDSS@example.com'
            :                         }
            :                       }
            :                   }
            :                 }
            :               }
            :             }
1992 30    9:           SEQUENCE {
  45
1994 06    7:             OBJECT IDENTIFIER
            :                   dhPublicKey               dsaWithSha1 (1 2 840 10046 2 1) 10040 4 3)
            :               (ANSI X9.42 number type) X9.57 algorithm)
            :             }
  54
2003 03  132:   48:           BIT STRING 0 unused bits, encapsulates {
  58
2006 30   45:               SEQUENCE {
2008 02  128:   20:                 INTEGER
            :                   21 CA                   55 A3 10 33 D3 85 A1 A6 4A D8
            :                   18 85 13 15 D7 45 A5 17 94 DD 67 5B
            :                   ED 43 03 E1 36 E3 2E DD F9 3C 38 65
            :                   B9 34 66 0C A4 19 1F 42 2B 89 29 0D 7E 6F 85 72 F9 DD
            :                   E4 62 7E C3 9E F3 C4 38 39 6A EA 4E 71 22 33 8D
            :                   07                   83 B8 44 23 7F BE FD 02 8F 48 95
            :                   48 D0 2C 6A B5 3D 67 6B BF 45
2030 02 EE CD A9 AE E3 20 FD
            :                   20 2B 7A BD AC 59 88 62 F5 48 85 26   21:                 INTEGER
            :                   A0 20 2B F5 96 02 4A 1A FC A1 0F 8F                   00 9F 61 53 52 54 0B 5C B2 DD DA E7
            :                   90 03 EE 91 41 46 DE A7 E5 79 30 37                   76 1D E2 10 52 5B 43 5E BD
            :                   8A CB 41 3F 66 F3 F7 07                 }
            :               }
            :           }
            :         }
 189
2053 A1  219:       [1] {
2056 30   30:  216:         SEQUENCE {
 191 06   11:             OBJECT IDENTIFIER
            :               id-alg-ESDH (1 2 840 113549 1 9 16 3 5)
            :               (S/MIME Algorithms
            :                   (1 2 840 113549 1 9 16 3))
 204
2059 30   15:  153:           SEQUENCE {
2062 30    9:             SEQUENCE {
 206
2064 06   11:    7:               OBJECT IDENTIFIER
            :                 id-alg-CMS3DESwrap
            :                     (1 2 840 113549 1 9 16 3 6)
            :                 (S/MIME Algorithms
            :                 dsaWithSha1 (1 2 840 113549 1 9 16 3))
 219 05    0:               NULL 10040 4 3)
            :               }                 (ANSI X9.57 algorithm)
            :               }
 221 30  140:           SEQUENCE {
 224 30   68:             SEQUENCE {
 226 30   24:               SEQUENCE {
 228
2073 30   18:             SEQUENCE {
 230
2075 31   16:               SET {
 232
2077 30   14:                 SEQUENCE {
 234
2079 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 239
2084 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 248
2093 17   13:             UTCTime '990827070000Z'
2108 30  105:             SEQUENCE {
2110 30   19:               SEQUENCE {
2112 02    2:                 INTEGER 200
2116 17   13:                 UTCTime '990822070000Z'
            :                 }
2131 30   19:               SEQUENCE {
2133 02    2:                 INTEGER 201
2137 17   13:                 UTCTime '990822070000Z'
            :                 }
 252 04   40:               OCTET
2152 30   19:               SEQUENCE {
2154 02    2:                 INTEGER 211
2158 17   13:                 UTCTime '990822070000Z'
            :                 }
2173 30   19:               SEQUENCE {
2175 02    2:                 INTEGER 210
2179 17   13:                 UTCTime '990822070000Z'
            :                 }
2194 30   19:               SEQUENCE {
2196 02    2:                 INTEGER 212
2200 17   13:                 UTCTime '990824070000Z'
            :                 }
            :               }
            :             }
2215 30    9:           SEQUENCE {
2217 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
2226 03   47:           BIT STRING 0 unused bits, encapsulates {
2229 30   44:               SEQUENCE {
2231 02   20:                 INTEGER
            :                   7E 65 52 76 33 FE 34 73 26 3A 6B 97 17 D1 F7 96
            :                   F9 50 3A B8 6A 8D E7 A0 D4 D8 6D 5C 7D 3D
2253 02   20:                 INTEGER
            :                 47 58 BA 4C 0B 4D C7                   02 7A 5B B7 D5 5B 18 C1 CF 87 EF 7E
            :                   DA 24 A2 13 22 6F F3 2A 83 9C 35 A1
            :                 3A 93 70 EC 2C 17 D1 6B 80 1A B9 E3                 }
            :                 79 B8 A6 7B               }
            :           }
 294
            :         }
2275 31  554:       SET {
2279 30   68:  550:         SEQUENCE {
 296
2283 02    1:           INTEGER 1
2286 30   24:           SEQUENCE {
 298
2288 30   18:             SEQUENCE {
 300
2290 31   16:               SET {
 302
2292 30   14:                 SEQUENCE {
 304
2294 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 309
2299 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 318
2308 02    2:             INTEGER 212
            :                 }
 322 04   40:               OCTET STRING
            :                 AC 84 BF 28 B5 19 56 19 B7 F2 BD 32
            :                 59 5A 9E C6 7E F5 95 DC F1 20 80 15
            :                 C2 BC 95 47 3E 92 EE CF B6 41 8F 45
            :                 83 C9 C8 5F
            :               }
            :             }
            :           } 200
            :             }
 364 30   67:       SEQUENCE {
 366 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
 377
2312 30   20:    7:           SEQUENCE {
 379
2314 06    8:    5:             OBJECT IDENTIFIER
            :             des-EDE3-CBC sha1 (1 2 840 113549 3 7)
            :             (RSADSI encryptionAlgorithm
            :                 (1 14 3 2 840 113549 3))
 389 04    8:           OCTET STRING
            :             CA D4 C8 C2 29 B4 FA AC
            :           }
 399 80   32:         [0]
            :           02 18 E2 7C 19 21 34 CC 43 88 88 45
            :           F6 7E AD AB 97 2A 43 11 E6 45 01 11
            :           3A C2 D8 29 6D 4D 6C 78
            :         }
            :       } 26)
            :     }               (OIW)
            :             }

6.6 Encrypted content, TripleDES and DH, previously-distributed keys

Same as 6.1, except sent using a previously-distributed key. An
EnvelopedData from Alice to Bob of ExContent using TripleDES for
encrypting and Diffie-Hellman for key management, using the
MailListTripleDES key. Does not have a OriginatorInfo or any
attributes.

Subject: Test subject
MIME-Version: 1.0
Content-Type: application/pkcs7-mime;
    name="smime.p7m";
    smime-type=enveloped-data
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
    filename="smime.p7m"

MIAGCSqGSIb3DQEHA6CAMIACAQIxggFdoYIBBAIBA6CBlaGBkjAJBgcqhkjOPgIBA4
GEAAKBgE348O8WYkb+mh9JywImIJ1j0PIj84SnpKclqO31EcScZzkSiQQP+gqphImf
EwIGh7P7ywuoFuxdot8C2X/nDubhrrKImG3Z96h/FAh6/rgA6P10r2yesV1QvqfGgY
Bh9+o9zq/S1+Q8ssFH9j1nZzTLLL3rrG8W4ztmu4qX+Q89MB8GCyqGSIb3DQEJEAMF
MBAGCyqGSIb3DQEJEAMHAgE6MEYwRDAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDJBC
hTEv/IiYb58fJpBc1MQAJ1FSG33LdFbpRq8QirMU12JiHd9qAJjj9ColMCAQQwEwQR
TWFpbExpc3RUcmlwbGVERVMwDwYLKoZIhvcNAQkQAwYFAAQo/JV25qipslbuubZDLs
lEB93Y4rGtOJHpymNu+u5Fe7bpypVtjw4VWjCABgkqhkiG9w0BBwEwGQYIKoZIhvcN
AwIwDQIBOgQIj3hP9Fg2yEqggAQg4lYLOgn0NuOrSALLvtN4NzeVtYJ07hsW2OZ7Fq
QNmuoAAAAAAAAAAAAA

6.7 Encrypted content, RC2/40 and RSA, previously-distributed keys

Same as 6.1, except sent using a previously-distributed key. An
EnvelopedData from Alice to Bob of ExContent using RC2/40 for
encrypting and RSA for key management, using the MailListRC2 key. Does
not have a OriginatorInfo or any attributes.

   0
2321 A0   93:           [0] {
2323 30  357:   24:             SEQUENCE {
   4
2325 06    9:               OBJECT IDENTIFIER
            :     envelopedData                 contentType (1 2 840 113549 1 7 9 3)
            :                 (PKCS #7)
  15 A0  342:   [0] {
  19 30  338:     SEQUENCE {
  23 02    1:       INTEGER #9 (1 2
  26 840 113549 1 9))
2336 31  256:   11:               SET {
2338 06    9:                 OBJECT IDENTIFIER
            :                   data (1 2 840 113549 1 7 1)
            :                   (PKCS #7)
            :                 }
            :               }
2349 30 30  189:   28:             SEQUENCE {
  33 02    1:           INTEGER 0
  36 30   38:           SEQUENCE
2351 06    9:               OBJECT IDENTIFIER
            :                 signingTime (1 2 840 113549 1 9 5)
            :                 (PKCS #9 (1 2 840 113549 1 9))
2362 31   15:               SET {
  38
2364 17   13:                 UTCTime '030514153900Z'
            :                 }
            :               }
2379 30   18:   35:             SEQUENCE {
  40
2381 06    9:               OBJECT IDENTIFIER
            :                 messageDigest (1 2 840 113549 1 9 4)
            :                 (PKCS #9 (1 2 840 113549 1 9))
2392 31   16:   22:               SET {
  42
2394 04   20:                 OCTET STRING
            :                   40 6A EC 08 52 79 BA 6E 16 02 2D 9E
            :                   06 29 C0 22 96 87 DD 48
            :                 }
            :               }
            :             }
2416 30   14:    9:           SEQUENCE {
  44
2418 06    3:    7:             OBJECT IDENTIFIER
            :                     commonName (2 5               dsaWithSha1 (1 2 840 10040 4 3)
            :                     (X.520 id-at (2 5 4))
  49 13    7:                   PrintableString 'CarlRSA'
            :                   }               (ANSI X9.57 algorithm)
            :             }
2427 04   46:           OCTET STRING, encapsulates {
2429 30   44:               SEQUENCE {
2431 02   20:                 INTEGER
            :               }                   3B A5 E0 4A DB 6D 58 E0 19 D1 00 1C
            :                   4F 44 9A 57 7A 71 66 68
2453 02   16:   20:                 INTEGER
            :               46 34 6B C7 80 00 56 BC                   1A 11 D3 6E 2E 98 D6 1F 1F AF 34 81 01 DE BE
            :               CD 5D 71 D0                   8B DC B6 A8 6A 91 69 13
            :                 }
  76
            :               }
2475 A1  354:           [1] {
2479 30   13:   62:             SEQUENCE {
  78
2481 06    9:   11:               OBJECT IDENTIFIER
            :               rsaEncryption                 id-aa-contentHint
            :                     (1 2 840 113549 1 9 16 2 4)
            :                 (S/MIME Authenticated Attributes
            :                     (1 2 840 113549 1 9 16 2))
2494 31   47:               SET {
2496 30   45:                 SEQUENCE {
2498 0C   32:                   UTF8String
            :                   'Content Hints Description Buffer'
2532 06    9:                   OBJECT IDENTIFIER
            :                     data (1 2 840 113549 1 7 1)
            :                     (PKCS #1)
  89 05    0:             NULL #7)
            :                   }
  91 04  128:           OCTET STRING
            :             94 26 42 88 C6 8B B6 78 20 FF 82 57
            :             2A 41 98 D1 68 08 3A 04 A7 CE E4 86
            :             D8 32 7D FD 8D E1 29 AA 0F 74 71 3F                 }
            :             1F BC 85 B2 D0 B7 D8 B7 61 C3               }
2543 30 71  286:             SEQUENCE {
2547 06    9:               OBJECT IDENTIFIER
            :             AA 7E 6A 23 A4 CA A8 CC 6A 54 F4 DD                 countersignature (1 2 840 113549 1 9 6)
            :             55                 (PKCS #9 (1 2 840 113549 1 9))
2558 31  271:               SET {
2562 30  267:                 SEQUENCE {
2566 02 D1 70 4E 1A FF 87 60 8D C7 05
            :             99 BF 68 5C F1 A2 AF 98 39 70 16 B3
            :             9C 65 19 EA D9 C1 33 9C F6 3E 80 62
            :             52 B8 A9 7B E7 CE D4 79 49 0F 13    1:                   INTEGER 1
2569 30   38:                   SEQUENCE {
2571 30   18:                     SEQUENCE {
2573 31   16:                       SET {
2575 30   14:                         SEQUENCE {
2577 06    3:                           OBJECT IDENTIFIER
            :             39 73 CA D9 B8 57 BC E0 F9 31 AB 9C                             commonName (2 5 4 3)
            :             65 4D 40                             (X.520 id-at (2 5 4))
2582 13 70 E3 B1 30    7:                           PrintableString 'CarlRSA'
            :                           }
 222 A2   62:         [2] {
 224
            :                         }
            :                       }
2591 02    1:   16:                     INTEGER 4
 227
            :                   46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :                   C4 10 B3 B0
            :                     }
2609 30   13:    7:                   SEQUENCE {
 229 04   11:             OCTET STRING 'MailListRC2'
2611 06    5:                     OBJECT IDENTIFIER
            :                       sha1 (1 3 14 3 2 26)
            :                       (OIW)
            :                     }
 242
2618 A0   67:                   [0] {
2620 30   16:   28:                     SEQUENCE {
 244
2622 06   11:    9:                       OBJECT IDENTIFIER
            :               id-alg-CMSRC2wrap                         signingTime
            :                             (1 2 840 113549 1 9 16 3 7)
            :               (S/MIME Algorithms 5)
            :                         (PKCS #9 (1 2 840 113549 1 9 16 3))
 257 02    1:             INTEGER 58
            :             }
 260 04   24:           OCTET STRING
            :             77 14 AF 93 12 27 F8 3D 1E 72 55 1E
            :             C4 3A 5F 9E 95 73 06 1B F8 E7 E8 8D 9))
2633 31   15:                       SET {
2635 17   13:                         UTCTime '030514153900Z'
            :                         }
            :                       }
 286
2650 30   73:   35:                     SEQUENCE {
 288
2652 06    9:                       OBJECT IDENTIFIER data
            :                         messageDigest
            :                             (1 2 840 113549 1 7 1) 9 4)
            :                         (PKCS #7)
 299 #9 (1 2 840 113549 1 9))
2663 31   22:                       SET {
2665 04   20:                         OCTET STRING
            :                   02 5F 49 4E 39 98 50 85 B3 66 D3 8A
            :                   1F 7B 9E 69 AA FB D8 33
            :                         }
            :                       }
            :                     }
2687 30   26:   13:                   SEQUENCE {
 301
2689 06    8:    9:                     OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2)
            :             (RSADSI encryptionAlgorithm                       rsaEncryption
            :                           (1 2 840 113549 3))
 311 30   14:           SEQUENCE {
 313 02    2:             INTEGER 160
 317 1 1 1)
            :                       (PKCS #1)
2700 05    0:                     NULL
            :                     }
2702 04    8:  128:                   OCTET STRING
            :               9C 04 D2 19 2E 2A 55 A1
            :             }                   6D AA 20 24 ED 7A EE A5 5E 87 DD 75
            :           }
 327 80   32:         [0]                   1F 2B 54 10 65 F4 CE 9B B1 2C 78 74
            :           5E 28 D5 E1 A2 3B                   BC 8B 1C 60 B5 DB 8B 03 9E 8F 7A 49 F2 2B 83 D2
            :           ED EE                   7F B0 5B 13 A1 9E 4C B9 57 9D 93 6E 3D 89 14 C9 E3 6B F4 F6 7D
            :           2F 4A                   76 AE 3E 58 1F 9B BB BC 7C 30 19 4E
            :                   10 F7 02 F1 8B 5B B4 DB 9A BB 93 B4
            :                   18 45 F4 51 D0 CC 2B C9 91 A9 AD D9 46 F8 65
            :                   A9 E2 71 95 D0 D4 4E 1F CD 74 6F 82
            :                   E8 37 6F 5A 3D CB C7 D4 5F C2 80 1B
            :                   DA D3 84 40 68 5F 56 9A 62 F5 3B 0D
            :                   6C 33 C3 ED 67 3F 43 BF
            :                   }
            :                 }
            :               }
            :             }

6.8 S/MIME application/pkcs7-mime encrypted
            :           }
            :         }
            :       }
            :     }
            :   }

4.5 All RSA signed message

A full S/MIME message, including MIME, that

Same as 4.2, but includes the body part from
6.1.

MIME-Version: 1.0
Message-Id: <00103112005203.00349@amyemily.ig.com>
Date: Tue, 31 Oct 2000 12:00:52 -0600 (Central Standard Time)
From: User1
To: User2
Subject: Example 6.8
Content-Type: Application/pkcs7-mime;name=smime.p7m;filename=smime.p7m
Content-Transfer-Encoding: base64
Content-Description: attachment;filename=smime.p7m

MIIEYQYJKoZIhvcNAQcDoIIEUjCCBE4CAQKgggLxoIIC7TCCAukwggKooAMCAQICAgDUMA
kGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUzAeFw05OTA4MTcwMjE3MTZaFw0zOTEy
MzEyMzU5NTlaMBIxEDAOBgNVBAMTB0VyaWNhREgwggHEMIIBOAYHKoZIzj4CATCCASsCgY
EA7CzNpO+aJi9ip7sjTd8rJcFo0p6pRVs28ZSJGq99ESSdPbk8KejXI4Azpp5FAruqzJ4o
BZWgsxd2wfclNWECQZInDF6uSOXzbjjvkdHPN/6aQJfILTWenZPG+BWvP9p0OrfEk7W5u3
ZsH6h+vDqqQwqBZPxj8HtxmPrAOHkQGjMCgYEAugvXdD3nNOVME6eVlrvx5GE3CPsSx/uc
kXcGmTXwSCSWMxIBfo3sC/aywGOnFcVelYaic8VJRjd5YP13BQlIm3CNPAX2zkQsf30bKx
Xd8wUvvoUgj435tKBFdCv0O51CYjQnJ4GObw9eYoWJzO0hw5FwBlTucKiSVVtuGSJNYqcC
IQDDq0owebPTl07K9aJ9x3CjRfOzooYF0j5J+Z/ZCrO+vQOBhQACgYEA0SvkHT66GM91IM
bHXsPEbOrzI9kJH0aY9M5ZubbO6DrGGPhZdxuZsNrcwJ0J5K/5YZEsR8xHXt8rM3bzZ+x3
6Cw3MKGJXfPI9lwWSuS3jPV71Tj9FKzoesJ97geQJwp8h6ii4nA16m7enlAxa+kJ2iUaAY
7j/yYcdfXDzlr1noWjgYEwfzAfBgNVHREEGDAWgRRlcmljYURoQGV4YW1wbGVzLmNvbTAM
BgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIDCDAfBgNVHSMEGDAWgBRwRD6CLm+H3krTde
M9ILxDK5PxHzAdBgNVHQ4EFgQUjVMdYVV/YDVtpjaixZP4mv3AdXQwCQYHKoZIzjgEAwMw
ADAtAhQ+UUII41IuqruPvRg4ccuYg75HngIVALSzFYWZEQZAH0BZjdQbLc2B8ehoMYIBDa
GCAQkCAQOgGjAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDUoYGDBIGAJ9S2hbjOL6X23QgU
dLjyo8uBXzTZNwDsNvWKidLJx6umMnV9PmfRxy1Yb1UDNDP//1Rd+xFYA9EYd8THsNDKdr
YosuLojimdW0xih8BOgn9UXlE/I2msgkJ24mxcUyzvA/u0LTN5aPoRdMYVS61QLPDsvr51
5f5TB2z9KPYVK5MwGgYHKoZIzj4CATAPBgsqhkiG9w0BCRADBgUAMEYwRDAYMBIxEDAOBg
NVBAMTB0NhcmxEU1MCAgDJBCiytQ66TKk5FRNqm13l4cUwtrsv92WphxKHjq0EFCHI35VP
2nLoq2YXMEMGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQI280UIM+ZHBiAIAl3prOldtS3Jw
rzjhCb6aJInx+tKnG5Ec9QDq9XDrm8

6.9 EnvelopedData Carl's RSA root cert (but no CRL). A
SignedData with All Recipient Types

EnvelopedData no attribute certificates, signed by Alice using RSA,
her certificate and Carl's root cert, no CRL. The message with an example of each recipient type (kari,
ktri, kekri), is ExContent,
and has unprotected is included in the eContent. There are no signed or unsigned
attributes.

   0 30  841: NDEF: SEQUENCE {
   4
   2 06    9:   OBJECT IDENTIFIER
            :     envelopedData signedData (1 2 840 113549 1 7 3) 2)
            :     (PKCS #7)
  15
  13 A0  826: NDEF:   [0] {
  19 30  822:     SEQUENCE {
  23 02    1:       INTEGER 2
  26 31  621:       SET {
  30
  15 30  189: NDEF:     SEQUENCE {
  33
  17 02    1:       INTEGER 0
  36 30   38:           SEQUENCE {
  38 30   18:             SEQUENCE {
  40 1
  20 31   16:   11:       SET {
  42
  22 30   14:    9:         SEQUENCE {
  44
  24 06    3:    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
  49 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }             (OIW)
  31 05    0:           NULL
            :           }
  58 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :               CD 5D 71 D0
            :         }
  76
  33 30   13: NDEF:       SEQUENCE {
  78
  35 06    9:         OBJECT IDENTIFIER
            :               rsaEncryption data (1 2 840 113549 1 1 7 1)
            :           (PKCS #1)
  89 05    0:             NULL
            :             }
  91 04  128:           OCTET STRING
            :             0C 08 70 9E 65 37 ED BD 39 C0 CF 06
            :             C9 40 97 DC 5F 03 05 23 08 F9 D7 D2
            :             52 5C 86 58 E4 68 27 00 96 DF 89 A8
            :             5F AE C0 7E 03 02 71 EC D6 2B 9B A1
            :             8E B3 17 12 C5 43 F7 4A 40 88 27 5E
            :             45 C1 24 C7 38 C0 5B 20 64 12 02 BE
            :             27 63 35 7C 70 A3 35 DB 81 11 6F 93
            :             97 1D 4A BA 66 D4 5C D6 76 54 B5 95
            :             8E A8 7E B8 66 C7 87 07 01 0D 22 7F
            :             B3 52 A9 C9 E1 7D F2 37 95 CB CD 29
            :             8E F4 6E EF 15 30 21 7B
            :           }
 222 A1  328:         [1] {
 226 02    1:           INTEGER 3
 229 #7)
  46 A0  149: NDEF:         [0] {
 232 A1  146:             [1] {
 235 30    9:               SEQUENCE {
 237 06    7:                 OBJECT IDENTIFIER
            :                   dhPublicKey (1 2 840 10046 2 1)
            :                   (ANSI X9.42 number type)
            :                 }
 246 03  132:               BIT
  48 24 NDEF:           OCTET STRING 0 unused bits, encapsulates {
 250 02  128:                   INTEGER
            :                   7D 91 66 39 5E 11 FF 09 C3 A0 DA 33
            :                   96 9F 47 4E 81 71 B2 C2 80 58 95 40
            :                   4E 22 4A 08 55 28 60 25 17 BC E4 AB
            :                   17 D7 C3 31 05 6E 68 08 EC 8B E0 21
            :                   9B 75 DF 60 A5 B2 4A BE 41 F1 31 33
            :                   DB 77 62 DC 3A E4 A0 C8 3F DA BE 4E
            :                   6A 6B 44 0F F5 09 86 51 17 58 D6 F1
            :                   46 BA C9 37 AC AD 58 0D DF 6C 32 BF
            :                   AE B5 8F 16 91 A2 0A 93 28 44 E7 55
            :                   78 28 5A 9A 9D BD DE 8D AF A4 5B 21
            :                   BB 12 02 30 17 97 09 61
  50 04    4:             OCTET STRING 'This'
  56 04   24:             OCTET STRING ' is some sample content.'
            :             }
            :           }
            :         }
 381 A1   66:           [1]
  88 A0 NDEF:       [0] {
  90 30  491:         SEQUENCE {
 383 04   64:             OCTET STRING
            :               67 65
  94 10 B2 F2 7F 1D 31 EF 6A 31
            :               76 88 4D E2 46 79 43 4B 83 77 34 BE
            :               B4 30  340:           SEQUENCE {
  98 A0    3:             [0] {
 100 02 E5 F9 CA DE BB CB 5F 85 22 07
            :               32 62 E6 8E 51 74 67 C2 D2 FC 2B 73    1:               INTEGER 2
            :               33 2A 9D FF 68 1E 6C 74 8E F4 4D 34               }
 103 02   16:             INTEGER
            :               B2 DA               46 07 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :             }
 449               9F F2 50 20
 121 30   31:   13:             SEQUENCE {
 451
 123 06   11:    9:               OBJECT IDENTIFIER
            :               id-alg-ESDH                 sha1withRSAEncryption
            :                     (1 2 840 113549 1 9 16 3 1 5)
            :               (S/MIME Algorithms                 (PKCS #1)
 134 05    0:               NULL
            :                   (1 2 840 113549 1 9 16 3))
 464               }
 136 30   18:             SEQUENCE {
 138 31   16:               SET {
 140 30   14:                 SEQUENCE {
 466
 142 06   11:    3:                   OBJECT IDENTIFIER
            :                 id-alg-CMSRC2wrap
            :                     (1 2 840 113549 1 9 16 3 7)                     commonName (2 5 4 3)
            :                 (S/MIME Algorithms                     (X.520 id-at (2 5 4))
 147 13    7:                   PrintableString 'CarlRSA'
            :                     (1 2 840 113549 1 9 16 3))
 479 02    1:               INTEGER 58                   }
            :                 }
            :               }
 482 30   70:           SEQUENCE {
 484 30   68:             SEQUENCE {
 486
 156 30   24:   30:             SEQUENCE {
 488
 158 17   13:               UTCTime '990818070000Z'
 173 17   13:               UTCTime '391231235959Z'
            :               }
 188 30   18:             SEQUENCE {
 490
 190 31   16:               SET {
 492
 192 30   14:                 SEQUENCE {
 494
 194 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 499
 199 13    7:                   PrintableString 'CarlDSS' 'CarlRSA'
            :                   }
            :                 }
            :               }
 508 02    2:                 INTEGER 201
 208 30  159:             SEQUENCE {
 211 30   13:               SEQUENCE {
 213 06    9:                 OBJECT IDENTIFIER
            :                   rsaEncryption (1 2 840 113549 1 1 1)
            :                   (PKCS #1)
 224 05    0:                 NULL
            :                 }
 512 04   40:               OCTET
 226 03  141:               BIT STRING 0 unused bits, encapsulates {
 230 30  137:                   SEQUENCE {
 233 02  129:                     INTEGER
            :                 67 01 E1 31 C6 44 D5 CE 6B 38 70 C8                   00 E4 4B FF 18 B8 24 57 F4 77 FF 6E
            :                   73 7B 93 71 5C BC 33 1A 92 92 72 23
            :                 69 96                   D8 41 46 D0 CD 11 3A 04 B3 8E AF 82
            :                   9D BD 51 1E 17 7A F2 76 2C E9 C3 3E 4B 7E D2 95 29 2B 86 39
            :                 CB 4A 0E E2 5C B1 2A 47                   A7 BD D7 8D 1A 53 EC E4 BF 10 00 D5 E8 EC
            :                 6E                   A2 36 B1 ED E2 50 E2 32 09 8A 3F 9F
            :                   99 25 8F B8 4E AB B9 7D D5 96 65 DA
            :                   16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7
            :                   29 CB 82 DD AC 44 E9 AA 93 94 29 0E
            :                   F8 18 D6 C8 57 5E F2 1E 76 C4 F2 11 60
            :                   38 B9 1B 3C 1D 97 C9 6A F1
 365 02    3:                     INTEGER 65537
            :                     }
            :                   }
            :               }
 370 A3   66:             [3] {
 372 30   64:               SEQUENCE {
 374 30   15:                 SEQUENCE {
 376 06    3:                   OBJECT IDENTIFIER
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 381 01    1:                   BOOLEAN TRUE
 384 04    5:                   OCTET STRING, encapsulates {
 386 30    3:                       SEQUENCE {
 388 01    1:                         BOOLEAN TRUE
            :                         }
            :                       }
            :                   }
 554 A2   95:         [2] {
 556 02    1:           INTEGER 4
 559
 391 30   30:   14:                 SEQUENCE {
 561
 393 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
 398 01    1:                   BOOLEAN TRUE
 401 04   11:    4:                   OCTET STRING, encapsulates {
 403 03    2:                       BIT STRING 'MailListRC2'
 574 18   15:             GeneralizedTime '19951230235959Z' 1 unused bits
            :                         '1100001'B
            :                       }
 591
            :                   }
 407 30   16:   29:                 SEQUENCE {
 593
 409 06   11:    3:                   OBJECT IDENTIFIER
            :               id-alg-CMSRC2wrap
            :                   (1 2 840 113549 1 9 16 3 7)
            :               (S/MIME Algorithms
            :                   (1 2 840 113549 1 9 16 3))
 606 02    1:             INTEGER 58                     subjectKeyIdentifier (2 5 29 14)
            :             }
 609                     (X.509 id-ce (2 5 29))
 414 04   40:   22:                   OCTET STRING, encapsulates {
 416 04   20:                       OCTET STRING
            :             66 F3 29 29 43 EE 9C A3 96 50 BF 54                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
            :             AD                   42 37 4E 5C 28 22 1A 9B 13 A1 B4 99 9F AE 9E 38 BB
            :             E0 7B AD 07 F0 1B 52 34 E7 BC 00 07                       }
            :             71 6B F9 C1                   }
            :                 }
            :               }
 651
            :             }
 438 30   72:   13:           SEQUENCE {
 653
 440 06    9:             OBJECT IDENTIFIER data
            :               sha1withRSAEncryption
            :                   (1 2 840 113549 1 7 1) 1 5)
            :               (PKCS #7)
 664 30   25:         SEQUENCE {
 666 06    8:           OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2) #1)
 451 05    0:             NULL
            :             (RSADSI encryptionAlgorithm             }
 453 03  129:           BIT STRING 0 unused bits
            :                 (1 2 840 113549 3))
 676 30   13:           SEQUENCE {
 678 02    1:             INTEGER 58
 681             B7 9E D4 04    8:             OCTET STRING D3 ED 29 E4 FF 89 89 15
            :               23             2E 4C DB 0C F0 48 0F 32 61 EE C4 04
            :             EC 12 5D 2D FF 0F 64 59 7E 97 B8 3F C1 8E 75 0A C3 ED
            :             }             18 FD E3 56 40 37 A7 07 B5 F0 38 12
            :           }
 691 80   32:         [0]             61 50 ED EF DD 3F E3 0B B8 61 A5 A4
            :           12 E4 41 F6 AA 41 A2 36 81 62 F1 47             9B 3C E6 9E 9C 54 9A B6 95 D6 DA 6C
            :             3B 68 C7 65 B5 2D 45 35 9D 49 01 76 FA B9 B9
            :             31 F9 F9 6B 12 A7 A6 54 8E D2 0F 4F 53 A0 F5 14 60 9B 7D
            :           98 DE 79 8B A5 9A 8C 55             CA 3E F2 53 6B B0 37 6F AD E6 74 D7
            :             DB FA 5A EA 14 41 63 5D CD BE C8 0E
            :             C1 DA 6A 8D 53 34 18 02
            :           }
 725 A1  118:       [1]
 585 30  556:         SEQUENCE {
 727
 589 30   56:  405:           SEQUENCE {
 729 06
 593 A0    3:           OBJECT IDENTIFIER '1 2 5555'
 734 31   49:           SET             [0] {
 736 04   47:             OCTET STRING
            :               'This is a test General ASN Attribut'
            :               'e, number 1.'
 595 02    1:               INTEGER 2
            :               }
 598 02   16:             INTEGER
            :           }
 785               46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :               C4 10 B3 B0
 616 30   58:   13:             SEQUENCE {
 787
 618 06   11:    9:               OBJECT IDENTIFIER
            :             id-aa-contentHint                 sha1withRSAEncryption
            :                     (1 2 840 113549 1 9 16 2 4)
            :             (S/MIME Authenticated Attributes
            :                 (1 2 840 113549 1 9 16 2))
 800 5)
            :                 (PKCS #1)
 629 05    0:               NULL
            :               }
 631 30   18:             SEQUENCE {
 633 31   43:   16:               SET {
 802
 635 30   41:   14:                 SEQUENCE {
 804 0C   32:               UTF8String
            :               'Content Hints Description Buffer'
 838
 637 06    5:    3:                   OBJECT IDENTIFIER '1 2 3 6 5 4'
            :               }
            :             }                     commonName (2 5 4 3)
            :           }                     (X.520 id-at (2 5 4))
 642 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
 651 30   30:             SEQUENCE {
 653 17   13:               UTCTime '990919010847Z'
 668 17   13:               UTCTime '391231235959Z'
            :               }

6.10 EnvelopedData with KARI RC2 Encryption

EnvelopedData message like 6.1 except using the RC2 content encryption
algorithm for both the content and key.

   0
 683 30  433:   19:             SEQUENCE {
   4
 685 31   17:               SET {
 687 30   15:                 SEQUENCE {
 689 06    9:    3:                   OBJECT IDENTIFIER
            :     envelopedData (1 2 840 113549 1 7                     commonName (2 5 4 3)
            :     (PKCS #7)
  15 A0  418:   [0] {
  19                     (X.520 id-at (2 5 4))
 694 13    8:                   PrintableString 'AliceRSA'
            :                   }
            :                 }
            :               }
 704 30  414:  159:             SEQUENCE {
  23 02    1:       INTEGER 2
  26 31  333:       SET {
  30 A1  329:         [1] {
  34 02    1:           INTEGER 3
  37 A0  150:           [0] {
  40 A1  147:             [1] {
  43
 707 30    9:   13:               SEQUENCE {
  45
 709 06    7:    9:                 OBJECT IDENTIFIER
            :                   dhPublicKey                   rsaEncryption (1 2 840 10046 2 113549 1 1 1)
            :                   (ANSI X9.42 number type)                   (PKCS #1)
 720 05    0:                 NULL
            :                 }
  54
 722 03  133:  141:               BIT STRING 0 unused bits, encapsulates {
  58
 726 30  137:                   SEQUENCE {
 729 02  129:                     INTEGER
            :                   00 B1 54 32 12 FB 62 53 7D AD 6A E2
            :                   C0 52 BB B1 E7 9E 62 93 4B E0 BF DF 89 73 39 8D D8 F5 F5 E8 87 76
            :                   D2                   39 7F 25 92 23 69 D7 16 80 B4 0C 4E B0 05 BB 53 83 DE 0F B7 AB
            :                   93 A1 63 6E 2F 61 93 6E 0C 78 E2                   DC
            :                   C6 C8 50 5F D9 7D C7 75 29 0D 77 6A D5 8F 38 45
            :                   C6 22 2B 94 DC C5 7A 8B E3 48 BC 44 05 2E 6D 12 DF A6
            :                   E5 9B 45 6C 17 17 E7 5F 81 E5 03 42                   86 26 D4 D2 6F AA 58 29 FC 97 EC FA
            :                   16 43                   82 1B 96 A4 DC 75 98 B4 5A 0E 51 0F 30 80 BE B1 50 9E 46 44 F1
            :                   2C BB D8 32 CF C6 68 6F 07 D9 B0 60 DF 0A EB 0B C7 1D
            :                   AC 74 19 2F 2E BE EE 34 09 6A 13 F5 F7 05 05 93
            :                   E6 98 A9 38 9F D5 AB 23 9F 4A 8C A4                   DF 5E BA 35 56 D9 61 FF 19 7F C9 81
            :                   D3 AF 72 2D 6D                   E6 CC 5A 10
            :                   }
            :               }
            :             }
 190 A1   66:           [1] {
 192 04   64:             OCTET STRING
            :               5D BC 4E 4E 3C 48 09 83 DF F8 6C 0A 45 EA 87 40 70 EF AC 6D 2C 74
            :               E8 EC 6E 73                   9F 2D FA 55 3A 7B 2A 93 AB 2E 75 36
            :               48 F4 37 B9 99 77 02 7E 2E 07 54 CB 81 6D 9D A6 48 52
            :               AF DB 0B 64 85 AE 45 69 30 8A C7 12                   8C 4E F3 57 38 57 74 57 5F
 861 02    3:                     INTEGER 65537
            :               F1 68 37 1C A1 44 F8 8D 46 81 D3 1F                     }
            :               7A 0F 96 4D                   }
            :               }
 258
 866 A3  129:             [3] {
 869 30   31:  127:               SEQUENCE {
 871 30   12:                 SEQUENCE {
 260
 873 06   11:    3:                   OBJECT IDENTIFIER
            :               id-alg-ESDH (1 2 840 113549 1 9 16 3 5)                     basicConstraints (2 5 29 19)
            :               (S/MIME Algorithms                     (X.509 id-ce (2 5 29))
 878 01    1:                   BOOLEAN TRUE
 881 04    2:                   OCTET STRING, encapsulates {
 883 30    0:                       SEQUENCE {}
            :                   (1 2 840 113549 1 9 16 3))
 273                       }
            :                   }
 885 30   16:   14:                 SEQUENCE {
 275
 887 06   11:    3:                   OBJECT IDENTIFIER
            :                 id-alg-CMSRC2wrap
            :                     (1 2 840 113549 1 9 16 3 7)
            :                 (S/MIME Algorithms                     keyUsage (2 5 29 15)
            :                     (1 2 840 113549 1 9 16 3))
 288 02                     (X.509 id-ce (2 5 29))
 892 01    1:               INTEGER 58                   BOOLEAN TRUE
 895 04    4:                   OCTET STRING, encapsulates {
 897 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
 291 30   70:           SEQUENCE {
 293
 901 30   68:   31:                 SEQUENCE {
 295 30
 903 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
 908 04   24:               SEQUENCE                   OCTET STRING, encapsulates {
 297
 910 30   18:   22:                       SEQUENCE {
 299 31   16:                   SET {
 301
 912 80   20:                         [0]
            :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
            :                   42 37 4E 22 AE 9E 38 BB
            :                         }
            :                       }
            :                   }
 934 30   14:   29:                 SEQUENCE {
 303
 936 06    3:                   OBJECT IDENTIFIER
            :                         commonName                     subjectKeyIdentifier (2 5 4 3) 29 14)
            :                         (X.520 id-at                     (X.509 id-ce (2 5 4))
 308 13    7:                       PrintableString 'CarlDSS' 29))
 941 04   22:                   OCTET STRING, encapsulates {
 943 04   20:                       OCTET STRING
            :                       }                   77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D
            :                     }                   CE EC 3C A0 3A E3 FF 50
            :                       }
 317 02    2:                 INTEGER 201
            :                   }
 321 04   40:               OCTET STRING
 965 30   31:                 SEQUENCE {
 967 06    3:                   OBJECT IDENTIFIER
            :                 32 63 D0 F6 96 76 4D BF 96 25 B4 7F                     subjectAltName (2 5 29 17)
            :                 31 C2 A2 A2 F5 57 1C D6 4C BF 61 9E                     (X.509 id-ce (2 5 29))
 972 04   24:                   OCTET STRING, encapsulates {
 974 30   22:                       SEQUENCE {
 976 81   20:                         [1] 'AliceRSA@example.com'
            :                 63 9F 65 2B 98 93 2A 74 46 AD 35 A3                         }
            :                 8E CB 84 F8                       }
            :                   }
            :                 }
            :               }
            :             }
 363
 998 30   72:   13:           SEQUENCE {
 365
1000 06    9:             OBJECT IDENTIFIER data
            :               sha1withRSAEncryption
            :                   (1 2 840 113549 1 7 1) 1 5)
            :               (PKCS #7)
 376 30   25:         SEQUENCE {
 378 06    8:           OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2) #1)
1011 05    0:             NULL
            :             (RSADSI encryptionAlgorithm             }
1013 03  129:           BIT STRING 0 unused bits
            :                 (1 2 840 113549 3))
 388 30   13:           SEQUENCE {
 390 02    1:             INTEGER             3E 70 47 A8 48 CC 13 58
 393 8F CA 51 71
            :             6B 4E 36 18 5D 04    8:             OCTET STRING 7E 80 B1 8D 4D CC
            :               BE C3 7C             CA A3 8F CC 7D 56 C8 BC CF 6E B3 1C
            :             59 A9 20 AA 05 81 57 B1 04 F3 A8 4E 25 AD A7 70
            :             }             14 75 2F F5 C7 9B D1 0E E9 63 D2 64
            :           }
 403 80   32:         [0]             B7 C6 66 6E 73 21 54 DF F4 BA 25 5D
            :             7D 49 D3 94 6B 22 36 74 73 B8 4A EC
            :           1E 1C EB             2F 64 ED D3 3D CC 03 FF 59 BB F7 D2 A7 42 C5 E8 37 D6
            :           7E F8 EA 27 75 91 04 FD B1 8A 82 A0
            :           78 F1 29 E8 29 64 BF E5             B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA
            :         }             F9 EE 63 6A D8 3F 4B 25 09 B5 D8 1A
            :       }             76 AE EB 9B DB 49 B0 22
            :           }
            :         }

6.11 EnvelopedData with KEK 3DES Encryption

EnvelopedData message like 6.7 except using the 3DES content encryption
algorithm for both the content and key.

   0 30  193: SEQUENCE {
   3 06    9:   OBJECT IDENTIFIER
            :     envelopedData (1 2 840 113549 1 7 3)
            :     (PKCS #7)
  14 A0  179:   [0] {
  17 30  176:     SEQUENCE {
  20 02    1:       INTEGER 2
  23
1147 31  102:  203:       SET {
  25 A2  100:         [2]
1150 30  200:         SEQUENCE {
  27
1153 02    1:           INTEGER 4 1
1156 30   38:           SEQUENCE {
1158 30   36:   18:             SEQUENCE {
  32 04   17:             OCTET STRING 'MailListTripleDES'
  51 18   15:             GeneralizedTime '19951230235959Z'
            :             }
  68
1160 31   16:               SET {
1162 30   15:   14:                 SEQUENCE {
  70
1164 06   11:    3:                   OBJECT IDENTIFIER
            :               id-alg-CMS3DESwrap
            :                   (1 2 840 113549 1 9 16 3 6)
            :               (S/MIME Algorithms                     commonName (2 5 4 3)
            :                   (1 2 840 113549 1 9 16 3))
  83 05    0:             NULL                     (X.520 id-at (2 5 4))
1169 13    7:                   PrintableString 'CarlRSA'
            :                   }
  85 04   40:           OCTET STRING
            :             74 31 C0 45 51 4C 3C 2D 2E DA 63 50                 }
            :             8B AE D4 AC 64 CC 95 AE AF CD 0F 8C               }
1178 02   16:             INTEGER
            :             B6 48 1F 0B 45 12 4D FB A4 AB               46 34 6B C7 83
            :             30 4B 69 AD 80 00 56 BC 11 D3 6E 2E
            :           }               C4 10 B3 B0
            :             }
 127
1196 30   67:    9:           SEQUENCE {
 129
1198 06    9:    5:             OBJECT IDENTIFIER data sha1 (1 3 14 3 2 840 113549 1 7 1) 26)
            :           (PKCS #7)
 140               (OIW)
1205 05    0:             NULL
            :             }
1207 30   20:   13:           SEQUENCE {
 142
1209 06    8:    9:             OBJECT IDENTIFIER
            :             des-EDE3-CBC               rsaEncryption (1 2 840 113549 3 7) 1 1 1)
            :             (RSADSI encryptionAlgorithm               (PKCS #1)
1220 05    0:             NULL
            :                 (1 2 840 113549 3))
 152             }
1222 04    8:  128:           OCTET STRING
            :             41 1E 70 EC 7D 56 80 D9             2F 23 82 D2 F3 09 5F B8 0C 58 EB 4E
            :           }
 162 80   32:         [0]             9D BF 89 9A 81 E5 75 C4 91 3D D3 D0
            :           C0 4C 7E 6E 31 E9 60 44 49 B9             D5 7B B6 D5 FE 94 A1 8A AC E3 3E C4 84
            :           24 A6             F5 CD 60 4E 27 95 F6 CF 00 86 76 75
            :             3F 2B F0 E7 D4 58 4D 5E 65 07 69 A5 69 A9 02 67 A7 F5 C7 8D 16
            :           38 F3 7D 50 C9 09             04 A5 B3 C0 B5 E7 D9 32 F0 24 EF E7 20
            :         }             44 D5 9F 07 C5 53 24 FA CE 01 1D 0F
            :             17 13 A7 2A 95 9D 2B E4 03 95 14 0B
            :             E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6
            :             55 13 D4 68 6F D0 07 D7 A2 B1 62 4C
            :             E3 8F AF FD E0 D5 5D C7
            :           }
            :         }
            :       }

7. Digested-data

A DigestedData from Alice
            :     }
            :   }

4.6 Multiple signers

Similar to Bob of ExContent 4.1, but the message is also signed by Diane. Two
signerInfos (one for Alice, one for Diane) with no attribute
certificates, each signed using SHA-1. DSS, Alice's and Diane's certificate
(not Carl's root cert), no CRL. The message is ExContent, and is
included in the eContent. There are no signed or unsigned attributes.

   0 30   94: 1463: SEQUENCE {
   2
   4 06    9:   OBJECT IDENTIFIER digestedData signedData (1 2 840 113549 1 7 5) 2)
            :     (PKCS #7)
  13
  15 A0   81: 1448:   [0] {
  15
  19 30   79: 1444:     SEQUENCE {
  17
  23 02    1:       INTEGER 0
  20 1
  26 31    9:       SET {
  28 30    7:         SEQUENCE {
  22
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
            :           }
  29
            :         }
  37 30   43:       SEQUENCE {
  31
  39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  42
  50 A0   30:         [0] {
  44
  52 04   28:           OCTET STRING 'This is some sample content.'
            :           }
            :         }
  74 04   20:       OCTET STRING
            :         40 6A EC 08 52 79 BA 6E 16
  82 A0 1180:       [0] {
  86 30  440:         SEQUENCE {
  90 30  375:           SEQUENCE {
  94 A0    3:             [0] {
  96 02 2D 9E    1:               INTEGER 2
            :               }
  99 02    2:             INTEGER 210
 103 30    9:             SEQUENCE {
 105 06 29 C0 22 96 87 DD 48    7:               OBJECT IDENTIFIER
            :       }                 dsaWithSha1 (1 2 840 10040 4 3)
            :     }                 (ANSI X9.57 algorithm)
            :               }

8. Encrypted-data

8.1 Simple EncryptedData

An EncryptedData from Alice to Bob of ExContent with no attributes.

   0
 114 30   87:   18:             SEQUENCE {
   2
 116 31   16:               SET {
 118 30   14:                 SEQUENCE {
 120 06    9:    3:                   OBJECT IDENTIFIER
            :     encryptedData (1 2 840 113549 1 7 6)                     commonName (2 5 4 3)
            :     (PKCS #7)                     (X.520 id-at (2 5 4))
 125 13 A0   74:   [0] {
  15    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 134 30   72:   30:             SEQUENCE {
 136 17 02    1:       INTEGER 0
  20   13:               UTCTime '990817020810Z'
 151 17   13:               UTCTime '391231235959Z'
            :               }
 166 30   67:   19:             SEQUENCE {
  22
 168 31   17:               SET {
 170 30   15:                 SEQUENCE {
 172 06    9:    3:                   OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  33                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 177 13    8:                   PrintableString 'DianeDSS'
            :                   }
            :                 }
            :               }
 187 30   20:  147:             SEQUENCE {
  35
 190 30    9:               SEQUENCE {
 192 06    8:    7:                 OBJECT IDENTIFIER
            :             des-EDE3-CBC                   dsa (1 2 840 113549 3 7) 10040 4 1)
            :             (RSADSI encryptionAlgorithm                   (ANSI X9.57 algorithm)
            :                 (1 2 840 113549 3))
  45 04    8:           OCTET                 }
 201 03  133:               BIT STRING 0 unused bits, encapsulates {
 205 02  129:                   INTEGER
            :             B3 6B 6B FB 62 31                   00 A0 00 17 78 2C EE 7E 81 53 2E 2E
            :                   61 08 4E 0F A1 9B 51 52 1A DA 59 A8 73
            :           }
  55 80   32:         [0]                   2F 12 25 B6 08 CB CA EF 2A 44 76 8A
            :           FA FC ED DB 3F 18 17 1D 38 89 11                   52 09 EA BD 05 22 D5 0F F6 FD 46 D7
            :                   AF 99 38 09 0E 13 CB 4F 2C DD 1C 34 D6 20 DB F4 C3 D9 58 15 EF 93
            :                   F7 1C BF 25 FF 23 D3 3B 59 E7 82 97
            :                   37 BE 31 24 D8 18 C8 F3 49 39 5B B7
            :           9A F5 D7 04 F6 B5 70                   E2 E5 27 7E FC 8C 45 72 5B 7E 3E 8F
            :         }                   68 4D DD 46 7A 22 BE 8E FF CC DA 39
            :                   29 A3 39 E5 9F 43 E9 55 C9 D7 5B A6
            :       }                   81 67 CC C0 AA CD 2E C5 23
            :                   }
            :               }

The TripleDES key is:
    73 7c 79 1f 25 ea d0 e0 46 29 25 43 52 f7 dc 62
    91 e5 cb 26 91 7a da 32

8.2 EncryptedData with unprotected attributes

An EncryptedData from Alice to Bob of ExContent with unprotected
attributes.

   0
 337 A3  129:             [3] {
 340 30  149:  127:               SEQUENCE {
   3
 342 30   12:                 SEQUENCE {
 344 06    9:    3:                   OBJECT IDENTIFIER
            :     encryptedData (1 2 840 113549 1 7 6)                     basicConstraints (2 5 29 19)
            :     (PKCS #7)
  14 A0  135:   [0] {
  17 30  132:     SEQUENCE {
  20 02                     (X.509 id-ce (2 5 29))
 349 01    1:       INTEGER 2
  23                   BOOLEAN TRUE
 352 04    2:                   OCTET STRING, encapsulates {
 354 30   67:    0:                       SEQUENCE {
  25 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) {}
            :           (PKCS #7)
  36                       }
            :                   }
 356 30   20:   14:                 SEQUENCE {
  38
 358 06    8:    3:                   OBJECT IDENTIFIER
            :             des-EDE3-CBC (1 2 840 113549 3 7)
            :             (RSADSI encryptionAlgorithm                     keyUsage (2 5 29 15)
            :                 (1 2 840 113549 3))
  48                     (X.509 id-ce (2 5 29))
 363 01    1:                   BOOLEAN TRUE
 366 04    8:    4:                   OCTET STRING, encapsulates {
 368 03    2:                       BIT STRING 6 unused bits
            :             07 27 20 85 90 9E B0 7E                         '11'B
            :                       }
  58 80   32:         [0]
            :           D2 20 8F 67 48 8A CB 41 E4 22 68 5D
            :           BE 77 05 52 26 ED E3 01 BD 00 91 58
            :           A7 35 6E BC 4B A2 07 33
            :                   }
  92 A1   58:       [1] {
  94
 372 30   56:   31:                 SEQUENCE {
  96
 374 06    3:                   OBJECT IDENTIFIER '1 2 5555'
 101 31   49:           SET {
 103 04   47:             OCTET STRING
            :               'This is a test General ASN Attribut'                     authorityKeyIdentifier (2 5 29 35)
            :               'e, number 1.'                     (X.509 id-ce (2 5 29))
 379 04   24:                   OCTET STRING, encapsulates {
 381 30   22:                       SEQUENCE {
 383 80   20:                         [0]
            :             }                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :           }                   3D 20 BC 43 2B 93 F1 1F
            :                         }
            :                       }
            :                   }
 405 30   29:                 SEQUENCE {
 407 06    3:                   OBJECT IDENTIFIER
            :   }

9. Authenticated-data

No examples are given in this section because no one has created them.

10. Key Wrapping

This section shows the steps needed to wrap keys, as described in
section 12.6 of [CMS].

10.1 Wrapping RC2

This example shows how to wrap an RC2 key.

The CEK to be wrapped is
b70a 25fb c9d8 6a86 050c e0d7 11ea d4d9

The random value used is
4845 cce7 fd12 50

The hash of the CEK is
0a6f f19f db40 4988

The CEK initialization vector is
c7d9 0059 b29e 97f7

The KEK is
fd04 fd08 0607 07fb 0003 feff fd02 fe05

The "Pre Encrypt #1" is
10b7 0a25 fbc9 d86a 8605 0ce0 d711 ead4
d9 4845 cce7 fd12 500a 6ff1 9fdb 4049 88

The "Pre Encrypt #2" is
a7 f7 1f a3 07 8a a9 9f 32 99 8e ff 9e d7 8c ac
b8 70 ce 04 f5 55 8c e4 60 12 93 37 59 a2 1d a0
f7 97 9e b2 59 00 d9 c7

The wrapped CEK is
70e6 99fb 5701 f783 3330 fb71 e87c 85a4
20bd c99a f05d 22af 5a0e 48d3 5f31 3898
6cba afb4 b28d 4f35

10.2 Wrapping TripleDES

This example shows how to wrap an TripleDES key.

The CEK to be wrapped is
2923 bf85 e06d d6ae 5291 49f1 f1ba e9ea b3a7 da3d 860d 3e98

The hash of the CEK is
181b 7e96 86e04a4e

The CEK initialization vector is
5dd4 cbfc 96f5 453b

The KEK is
255e 0d1c 07b6 46df b313 4cc8 43ba 8aa7 1f02 5b7c 0838 251f

The "Pre Encrypt #1" is                     subjectKeyIdentifier (2 5 29 23 bf 85 e0 6d d6 ae 52 91 49 f1 f1 ba e9 ea
   b3 a7 da 3d 86 0d 3e 98 18 1b 7e 96 86 e0 4a 4e

The "Pre Encrypt #2" is
    49 84 9d 72 5f cc 4d a4 f6 60 79 7a 3b 97 1f 5c
    03 cc 92 ef 04 32 9a b4 2a dd 75 c6 89 a7 c1 cf
    3b 45 f5 96 fc cb d4 5d

The wrapped CEK is
    69 01 07 61 8e f0 92 b3 b4 8c a1 79 6b 23 4a e9
    fa 33 eb b4 15 96 14)
            :                     (X.509 id-ce (2 5 29))
 412 04 03 7d b5 d6 a8 4e b3 aa c2
    76 8c 63 27 75 a4 67 d4

11. ESS Examples

11.1 ReceiptRequest

Alice asks Bob for a reciept on the message in 5.1 using RSA.

   0   22:                   OCTET STRING, encapsulates {
 414 04   20:                       OCTET STRING
            :                   64 30 99 7D 5C DC 45 0B 99 3A 52 2F
            :                   16 BF 58 50 DD CE 2B 18
            :                       }
            :                   }
 436 30 1152:   31:                 SEQUENCE {
   4
 438 06    9:    3:                   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  15 A0 1137:   [0] {
  19 30 1133:     SEQUENCE {
  23 02    1:       INTEGER 1
  26 31    9:       SET                     subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
 443 04   24:                   OCTET STRING, encapsulates {
  28
 445 30    7:   22:                       SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
 447 81   20:                         [1] 'DianeDSS@example.com'
            :             (OIW)                         }
            :                       }
            :                   }
  37
            :                 }
            :               }
            :             }
 469 30   43:    9:           SEQUENCE {
  39
 471 06    9:    7:             OBJECT IDENTIFIER data
            :               dsaWithSha1 (1 2 840 113549 1 7 1) 10040 4 3)
            :           (PKCS #7)
  50 A0   30:         [0] {
  52 04   28:           OCTET               (ANSI X9.57 algorithm)
            :             }
 480 03   48:           BIT STRING 'This is some sample content.' 0 unused bits, encapsulates {
 483 30   45:               SEQUENCE {
 485 02   21:                 INTEGER
            :                   00 A1 1A F8 17 0E 3E 5D A8 8C F4 B6
            :                   55 33 1E 4B E3 2C AC B9 5F
 508 02   20:                 INTEGER
            :                   28 4B 10 45 58 D2 1C 9D 55 35 14 18
            :                   91 B2 3F 39 DF B5 6E D3
            :                 }
            :               }
  82 A0  736:       [0] {
  86
            :           }
 530 30  732:         SEQUENCE {
  90
 534 30  667:           SEQUENCE {
  94
 538 A0    3:             [0] {
  96
 540 02    1:               INTEGER 2
            :               }
  99
 543 02    2:             INTEGER 200
 103
 547 30    9:             SEQUENCE {
 105
 549 06    7:               OBJECT IDENTIFIER
            :                 dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)
            :               }
 114
 558 30   18:             SEQUENCE {
 116
 560 31   16:               SET {
 118
 562 30   14:                 SEQUENCE {
 120
 564 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 125
 569 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 134
 578 30   30:             SEQUENCE {
 136
 580 17   13:               UTCTime '990817011049Z'
 151
 595 17   13:               UTCTime '391231235959Z'
            :               }
 166
 610 30   19:             SEQUENCE {
 168
 612 31   17:               SET {
 170
 614 30   15:                 SEQUENCE {
 172
 616 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 177
 621 13    8:                   PrintableString 'AliceDSS'
            :                   }
            :                 }
            :               }
 187
 631 30  438:             SEQUENCE {
 191
 635 30  299:               SEQUENCE {
 195
 639 06    7:                 OBJECT IDENTIFIER
            :                   dsa (1 2 840 10040 4 1)
            :                   (ANSI X9.57 algorithm)
 204
 648 30  286:                 SEQUENCE {
 208
 652 02  129:                   INTEGER
            :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
            :                   48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
            :                   53 C5 AB 84 08 4F FF 94 E1 73 48 7E
            :                   0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
            :                   DC 5F 69 8A E4 75 D0 37 0C 91 08 95
            :                   9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
            :                   8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
            :                   78 BD FF 9D B0 84 97 37 F2 E4 51 1B
            :                   B5 E4 09 96 5C F3 7E 5B DB
 340
 784 02   21:                   INTEGER
            :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
            :                   B8 37 21 2B 62 8B F7 93 CD
 363
 807 02  128:                   INTEGER
            :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
            :                   4B 59 6A 4C 76 23 39 04 02 35 5C F2
            :                   CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
            :                   AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
            :                   3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
            :                   E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30
            :                   01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
            :                   1F 11 7F C2 BD ED D1 50 FF 98 74 C2
            :                   D1 81 4A 60 39 BA 36 39
            :                   }
            :                 }
 494
 938 03  132:               BIT STRING 0 unused bits, encapsulates {
 498
 942 02  128:                   INTEGER
            :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
            :                   3F A9 EC AC 5E DC BD B7 13 11 34 A6
            :                   16 89 28 11 23 D9 34 86 67 75 75 13
            :                   12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
            :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
            :                   A5 A0 4A E3 85 D6 CE 06 80 3F E8 23
            :                   7E 1A F2 24 AB 53 1A B8 27 0D 1E EF
            :                   08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
            :                   32 84 F0 7E 41 40 FD 46 A7 63 4E 33
            :                   F2 A5 E2 F4 F2 83 E5 B8
            :                   }
            :               }
 629 A3  129:             [3] {
 632 30  127:               SEQUENCE {
 634 30   12:                 SEQUENCE {
 636 06    3:                   OBJECT IDENTIFIER
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 641 01    1:                   BOOLEAN TRUE
 644 04    2:                   OCTET STRING, encapsulates {
 646 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 648 30   14:                 SEQUENCE {
 650 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
 655 01    1:                   BOOLEAN TRUE
 658 04    4:                   OCTET STRING, encapsulates {
 660 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
 664 30   31:                 SEQUENCE {
 666 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
 671 04   24:                   OCTET STRING, encapsulates {
 673 30   22:                       SEQUENCE {
 675 80   20:                         [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                   3D 20 BC 43 2B 93 F1 1F
            :                         }
            :                       }
            :                   }
 697 30   29:                 SEQUENCE {
 699 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
 704 04   22:                   OCTET STRING, encapsulates {
 706 04   20:                       OCTET STRING
            :                   BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 33
            :                   13 01                   F2 A5 E2 FD E3 97 FE CD F4 F2 83 E5 B8
            :                   }
            :               }
 728
1073 A3  129:             [3] {
1076 30   31:  127:               SEQUENCE {
 730
1078 30   12:                 SEQUENCE {
1080 06    3:                   OBJECT IDENTIFIER
            :                     subjectAltName                     basicConstraints (2 5 29 17) 19)
            :                     (X.509 id-ce (2 5 29))
 735
1085 01    1:                   BOOLEAN TRUE
1088 04   24:    2:                   OCTET STRING, encapsulates {
 737
1090 30   22:    0:                       SEQUENCE {
 739 81   20:                         [1] 'AliceDSS@example.com'
            :                         }
            :                       }
            :                   }
            :                 } {}
            :                       }
            :                   }
 761
1092 30    9:   14:                 SEQUENCE {
 763
1094 06    7:    3:                   OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)                     keyUsage (2 5 29 15)
            :             }
 772                     (X.509 id-ce (2 5 29))
1099 01    1:                   BOOLEAN TRUE
1102 04    4:                   OCTET STRING, encapsulates {
1104 03   48:    2:                       BIT STRING 0 6 unused bits, encapsulates {
 775 30   45:               SEQUENCE {
 777 02   20:                 INTEGER
            :                   55 0C A4 19 1F 42 2B 89 71 22 33 8D
            :                   83 6A B5 3D 67 6B BF 45
 799 02   21:                 INTEGER
            :                   00 9F 61 53 52 54 0B 5C B2 DD DA E7
            :                   76 1D E2 10 52 5B 43 5E BD
            :                 } bits
            :               }                         '11'B
            :                       }
            :                   }
 822 31  330:       SET {
 826 30  326:         SEQUENCE {
 830 02    1:           INTEGER 1
 833 30   24:           SEQUENCE {
 835 30   18:             SEQUENCE {
 837 31   16:               SET {
 839
1108 30   14:   31:                 SEQUENCE {
 841
1110 06    3:                   OBJECT IDENTIFIER
            :                     commonName                     authorityKeyIdentifier (2 5 4 3) 29 35)
            :                     (X.520 id-at                     (X.509 id-ce (2 5 4))
 846 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 855 02    2:             INTEGER 200
            :             }
 859 30    7:           SEQUENCE {
 861 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
            :             }
 868 A0  224:           [0] {
 871 30 29))
1115 04   24:             SEQUENCE {
 873 06    9:               OBJECT IDENTIFIER
            :                 contentType (1 2 840 113549 1 9 3)
            :                 (PKCS #9 (1 2 840 113549 1 9))
 884 31   11:               SET {
 886 06    9:                 OBJECT IDENTIFIER
            :                   data (1 2 840 113549 1 7 1)
            :                   (PKCS #7)
            :                 }
            :               }
 897 30   30:             SEQUENCE {
 899 06    9:               OBJECT IDENTIFIER
            :                 sMIMECapabilities
            :                     (1 2 840 113549 1 9 15)
            :                 (PKCS #9
            :                     (1 2 840 113549 1 9))
 910 31   17:               SET {
 912 30   15:                 SEQUENCE {
 914 30   13:                   SEQUENCE                   OCTET STRING, encapsulates {
 916 06   11:                     OBJECT IDENTIFIER
            :                       id-alg-zlib
            :                           (1 2 840 113549 1 9 16 3 8)
            :                       (S/MIME Algorithms
            :                           (1 2 840 113549 1 9 16 3))
            :                     }
            :                   }
            :                 }
            :               }
 929
1117 30   35:             SEQUENCE {
 931 06    9:               OBJECT IDENTIFIER
            :                 messageDigest (1 2 840 113549 1 9 4)
            :                 (PKCS #9 (1 2 840 113549 1 9))
 942 31   22:               SET                       SEQUENCE {
 944 04
1119 80   20:                 OCTET STRING
            :                   40 6A EC 08 52 79 BA 6E 16 02 2D 9E                         [0]
            :                   06 29 C0 22 96                   70 44 3E 82 2E 6F 87 DD 48
            :                 }
            :               }
 966 30  127:             SEQUENCE {
 968 06   11:               OBJECT IDENTIFIER
            :                 id-aa-receiptRequest
            :                     (1 2 840 113549 1 9 16 2 1)
            :                 (S/MIME Authenticated Attributes DE 4A D3 75 E3
            :                     (1 2 840 113549 1 9 16 2))
 981 31  112:               SET {
 983 30  110:                 SEQUENCE {
 985 04   50:                   OCTET STRING                   3D 20 BC 43 2B 93 F1 1F
            :                   'Example 11.1 (Alice asks for a rece'                         }
            :                   'ipt from Diane)'
1037 A1   25:                   [1] {
1039 30   23:                     SEQUENCE {
1041 A4   21:                       [4] {
1043 30   19:                         SEQUENCE {
1045 31   17:                           SET {
1047                       }
            :                   }
1141 30   15:   29:                 SEQUENCE {
1049
1143 06    3:                   OBJECT IDENTIFIER
            :                                 commonName                     subjectKeyIdentifier (2 5 4 3) 29 14)
            :                                 (X.520 id-at                     (X.509 id-ce (2 5 4))
1054 13    8:                               PrintableString
            :                               'AliceRSA'
            :                               }
            :                             } 29))
1148 04   22:                   OCTET STRING, encapsulates {
1150 04   20:                       OCTET STRING
            :                           }                   BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
            :                         }                   13 01 E2 FD E3 97 FE CD
            :                       }
            :                   }
1064
1172 30   29:   31:                 SEQUENCE {
1066
1174 06    3:                   OBJECT IDENTIFIER
            :                     subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
1179 04   24:                   OCTET STRING, encapsulates {
1181 30   27:   22:                       SEQUENCE {
1068
1183 81   25:   20:                         [1] 'robert.colestock@wang.com' 'AliceDSS@example.com'
            :                         }
            :                       }
            :                   }
            :                 }
            :               }
            :             }
1095
1205 30    9:           SEQUENCE {
1097
1207 06    7:             OBJECT IDENTIFIER dsa
            :               dsaWithSha1 (1 2 840 10040 4 1) 3)
            :               (ANSI X9.57 algorithm)
            :             }
1106 04
1216 03   48:           OCTET STRING,           BIT STRING 0 unused bits, encapsulates {
1108
1219 30   46:   45:               SEQUENCE {
1110
1221 02   21:   20:                 INTEGER
            :                   00 D3 1C 25 34 3D DB 96 88 D6 7B 99
            :                   4A C2 30 5B E3 C6                   55 0C A4 19 1F 42 2B 89 71 22 33 DC
1133 8D
            :                   83 6A B5 3D 67 6B BF 45
1243 02   21:                 INTEGER
            :                   00 CE 3D 70 65 34 A5 2F BC 75 84 77
            :                   EC CE EB 6B 15 F8 9D B1 FA
            :                 }
            :               } 9F 61 53 52 54 0B 5C B2 DD DA E7
            :           }                   76 1D E2 10 52 5B 43 5E BD
            :                 }
            :               }
            :           }
            :         }

11.2 Receipt

Bob gives Alice a receipt for the message in 11.1 using RSA.

   0
1266 31  198:       SET {
1269 30 1068:   97:         SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549
1271 02    1:           INTEGER 1 7 2)
            :     (PKCS #7)
  15 A0 1053:   [0]
1274 30   24:           SEQUENCE {
  19
1276 30 1049:   18:             SEQUENCE {
  23 02    1:       INTEGER 3
  26
1278 31    9:   16:               SET {
  28
1280 30    7:   14:                 SEQUENCE {
  30
1282 06    5:    3:                   OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
1287 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
  37
            :               }
1296 02    2:             INTEGER 200
            :             }
1300 30  135:    7:           SEQUENCE {
  40
1302 06   11:    5:             OBJECT IDENTIFIER
            :           id-ct-receipt sha1 (1 3 14 3 2 840 113549 1 9 16 1 1) 26)
            :           (S/MIME Content Types               (OIW)
            :               (1 2 840 113549 1 9 16 1))
  53 A0  120:         [0] {
  55 04  118:           OCTET STRING, encapsulates {
  57             }
1309 30  116:    9:           SEQUENCE {
  59 02    1:                 INTEGER 1
  62
1311 06    9:    7:             OBJECT IDENTIFIER
            :                   data               dsaWithSha1 (1 2 840 113549 1 7 1)
            :                   (PKCS #7)
  73 04   50:                 OCTET STRING 10040 4 3)
            :                   'Example 11.1 (Alice asks for a rece'               (ANSI X9.57 algorithm)
            :                   'ipt from Diane)'
 125             }
1320 04   48:   46:           OCTET STRING, encapsulates {
 127
1322 30   46:   44:               SEQUENCE {
 129
1324 02   21:   20:                 INTEGER
            :                   00 D3 1C 25 34 3D DB 96 88 D6 7B 99                   48 24 DE 8B 85 F2 16 AF EC 82 61 A9
            :                   4A C2 30 5B E3 C6 42 33 DC
 152                   54 D0 2D 04 A1 CC 5A 4F
1346 02   21:   20:                 INTEGER
            :                   00 CE 3D 70 65 34 A5 2F BC 75 84                   17 ED D5 77 02 EE 75 13 D8 10 BD 3D
            :                   EC CE EB 6B 15 F8 9D B1 FA
            :                       }
            :                     }
            :                 }                   97 17 20 88 BB FD 7B 81
            :                 }
            :               }
            :           }
 175 A0  518:       [0] {
 179 30  514:         SEQUENCE {
 183
1368 30  367:   97:         SEQUENCE {
 187 A0    3:             [0] {
 189
1370 02    1:           INTEGER 2
            :               }
 192 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :               C4 10 B3 B0
 210 1
1373 30    9:   24:           SEQUENCE {
 212 06    5:               OBJECT IDENTIFIER
            :                 sha-1WithRSAEncryption (1 3 14 3 2 29)
            :                 (Oddball OIW OID)
 219 05    0:               NULL
            :               }
 221
1375 30   18:             SEQUENCE {
 223
1377 31   16:               SET {
 225
1379 30   14:                 SEQUENCE {
 227
1381 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 232
1386 13    7:                   PrintableString 'CarlRSA' 'CarlDSS'
            :                   }
            :                 }
            :               }
 241 30   30:             SEQUENCE {
 243 17   13:               UTCTime '990919010847Z'
 258 17   13:               UTCTime '391231235959Z'
1395 02    2:             INTEGER 210
            :             }
 273 30   19:             SEQUENCE {
 275 31   17:               SET {
 277
1399 30   15:    7:           SEQUENCE {
 279
1401 06    3:    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 284 13    8:                   PrintableString 'AliceRSA'
            :                   }
            :                 }               (OIW)
            :             }
 294 30  159:             SEQUENCE {
 297
1408 30   13:    9:           SEQUENCE {
 299
1410 06    9:    7:             OBJECT IDENTIFIER
            :                   rsaEncryption               dsaWithSha1 (1 2 840 113549 1 1 1) 10040 4 3)
            :                   (PKCS #1)
 310 05    0:                 NULL               (ANSI X9.57 algorithm)
            :             }
 312 03  141:               BIT STRING 0 unused bits,
1419 04   46:           OCTET STRING, encapsulates {
 316
1421 30  137:   44:               SEQUENCE {
 319
1423 02  129:   20:                 INTEGER
            :                   00 E0 89 73 39 8D D8 F5 F5 E8 87 76
            :                   39 7F                   15 FF 81 4D 8C AD 80 4E B0 05 BB 53 9B 35 58 04
            :                   37 6E 63 6E E9 5B 83 DE 0F B7 AB FA
1445 02   20:                 INTEGER
            :                   DC 7D C7 75 29 0D 05 2E 6D 12 DF A6                   06 7E 58 4E 2B 31 84 41 ED 49 79 38
            :                   86 26 D4                   3E 77 D2 6F AA 58 29 FC 97 EC FA A6 8C 75 08 21
            :                   82 51 0F 30 80 BE B1 50 9E 46 44 F1                 }
            :                   2C BB D8 32 CF C6 68 6F 07 D9 B0 60               }
            :                   AC BE EE 34 09 6A 13 F5 F7 05 05 93           }
            :                   DF 5E BA 35 56 D9 61 FF 19 7F C9 81         }
            :                   E6 F8 6C EA 87 40 70 EF AC 6D 2C 74       }
            :                   9F 2D FA 55 3A B9 99 77 02 A6 48 52     }
            :                   8C 4E F3 57 38 57 74 57 5F
 451   }

4.7 Signing using SKI

Same as 4.1, but the signature uses the SKI instead of the
issuer/serial number in the cert. A SignedData with no attribute
certificates, signed by Alice using DSS, just her certificate (not
Carl's root cert), identified by the SKI, no CRL. The message is
ExContent, and is included in the eContent. There are no signed or
unsigned attributes.

   0 30  915: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  15 A0  900:   [0] {
  19 30  896:     SEQUENCE {
  23 02    3:    1:       INTEGER 65537 3
  26 31    9:       SET {
  28 30    7:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
            :           }
            :         }
  37 30   43:       SEQUENCE {
  39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :                     }           (PKCS #7)
  50 A0   30:         [0] {
  52 04   28:           OCTET STRING 'This is some sample content.'
            :           }
            :         }
 456 A3   96:             [3]
  82 A0  736:       [0] {
 458
  86 30   94:  732:         SEQUENCE {
 460
  90 30   12:  667:           SEQUENCE {
 462 06
  94 A0    3:                   OBJECT IDENTIFIER
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 467 01             [0] {
  96 02    1:                   BOOLEAN TRUE
 470 04               INTEGER 2
            :               }
  99 02    2:                   OCTET STRING, encapsulates {
 472             INTEGER 200
 103 30    0:    9:             SEQUENCE {} {
 105 06    7:               OBJECT IDENTIFIER
            :                       }                 dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)
            :               }
 474
 114 30   18:             SEQUENCE {
 116 31   16:               SET {
 118 30   14:                 SEQUENCE {
 476
 120 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage                     commonName (2 5 29 15) 4 3)
            :                     (X.509 id-ce                     (X.520 id-at (2 5 29))
 481 01    1:                   BOOLEAN TRUE
 484 04    4:                   OCTET STRING, encapsulates {
 486 03    2:                       BIT STRING 6 unused bits 4))
 125 13    7:                   PrintableString 'CarlDSS'
            :                         '11'B                   }
            :                 }
            :               }
 490
 134 30   31:   30:             SEQUENCE {
 136 17   13:               UTCTime '990817011049Z'
 151 17   13:               UTCTime '391231235959Z'
            :               }
 166 30   19:             SEQUENCE {
 168 31   17:               SET {
 170 30   15:                 SEQUENCE {
 492
 172 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier                     commonName (2 5 29 35) 4 3)
            :                     (X.509 id-ce                     (X.520 id-at (2 5 29))
 497 04   24:                   OCTET STRING, encapsulates {
 499 30   22:                       SEQUENCE {
 501 80   20:                         [0]
            :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
            :                   42 37 4E 22 AE 9E 38 BB 4))
 177 13    8:                   PrintableString 'AliceDSS'
            :                   }
            :                 }
            :               }
 523
 187 30   29:  438:             SEQUENCE {
 191 30  299:               SEQUENCE {
 525
 195 06    3:    7:                 OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)                   dsa (1 2 840 10040 4 1)
            :                     (X.509 id-ce (2 5 29))
 530 04   22:                   OCTET STRING, encapsulates                   (ANSI X9.57 algorithm)
 204 30  286:                 SEQUENCE {
 532 04   20:                       OCTET STRING
 208 02  129:                   INTEGER
            :                   77 D2 B4                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
            :                   48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
            :                   53 C5 AB 84 08 4F FF 94 E1 73 48 7E
            :                   0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
            :                   DC 5F 69 8A E4 75 D0 37 0C 91 08 95
            :                   9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
            :                   8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
            :                   78 BD FF 9D B0 84 97 37 F2 E4 51 1B
            :                   B5 E4 09 96 5C F3 7E 5B DB
 340 02   21:                   INTEGER
            :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
            :                   B8 37 21 2B 62 8B F7 93 CD
 363 02  128:                   INTEGER
            :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
            :                   4B 59 6A 4C 76 23 39 04 02 35 5C F2
            :                   CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
            :                   AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
            :                   3E 90 F8 6D EA 9C C9 21 8A A3 CE 45 9D 3B 76 14
            :                   E9 CE EC 3C A0 3A E3 FF 50 2E 5D A3 07 CD 23 85 B8 2F 30
            :                       }                   01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :                   }                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
            :                 }                   1F 11 7F C2 BD ED D1 50 FF 98 74 C2
            :               }                   D1 81 4A 60 39 BA 36 39
            :                   }
 554 30    9:           SEQUENCE {
 556 06    5:             OBJECT IDENTIFIER
            :               sha-1WithRSAEncryption (1 3 14 3 2 29)
            :               (Oddball OIW OID)
 563 05    0:             NULL
            :                 }
 565
 494 03  129:  132:               BIT STRING 0 unused bits bits, encapsulates {
 498 02  128:                   INTEGER
            :             BF 34 32 E6 FC 6A 88 41 7D F0                   5C 99 E3 B9 5A 75 14 96 0B A9 7A DD E3
            :             A1 93 B7 49 B7 02 52 1E CB 84                   3F A9 EC AC 93
            :             D7 58 2B 00 A1 9C C4 48 48 99 DD 02 5E DC BD B7 13 11 34 A6
            :             C3 C6 05 F8 D2 25 F1 A3 9C C9 33 01                   16 89 28 11 23 D9 34 86 67 75 75 13
            :             8A 76 0E 6F 77                   12 3D 43 A3 5B 6F E5 51 BF E1 E6 B3 6A FA 89 F2 A2
            :             04 79 39 EE E1 E9 E5 9D 50                   1B 3E 24 7D 3D 07 8B 22 8D 5B 63 C8 BB 45
            :             DC 12 50                   A5 A0 4A E3 F3 B4 3D 9E E5 93 9E B1 85 D6 CE 06 80 3F E8 23
            :             CD 33 F9 E0                   7E 1A F2 24 AB 98 71 09 F8 EB B0 FC 53 1A B8 27 0D 1E EF
            :             9C EC F1 88 D8 AE 03 D1 FE 60 E1                   08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :             14 B1 A2 23                   F1 BB 34 D4 D2 C8 8D 18 1F 5E EE 9B 96 37 F6 61 47 B2 C4
            :             72 02 27 C2 85 3D 04 2E                   32 84 F0 7E 41 40 FD 46 A7 63 4E 33
            :                   F2 A5 E2 F4 F2 83 E5 B8
            :                   }
            :               }
 697 31  371:       SET {
 701 30  367:         SEQUENCE {
 705 02    1:           INTEGER 1
 708 30   38:           SEQUENCE
 629 A3  129:             [3] {
 710
 632 30   18:  127:               SEQUENCE {
 712 31   16:               SET {
 714
 634 30   14:   12:                 SEQUENCE {
 716
 636 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at                     basicConstraints (2 5 4))
 721 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
 730 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :               C4 10 B3 B0
            :             }
 748 30    7:           SEQUENCE {
 750 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
            :             }
 757 A0  166:           [0] {
 760 30   26:             SEQUENCE {
 762 06    9:               OBJECT IDENTIFIER
            :                 contentType (1 2 840 113549 1 9 3)
            :                 (PKCS #9 (1 2 840 113549 1 9))
 773 31   13:               SET {
 775 06   11:                 OBJECT IDENTIFIER
            :                   id-ct-receipt
            :                       (1 2 840 113549 1 9 16 1 1)
            :                   (S/MIME Content Types
            :                       (1 2 840 113549 1 9 16 1)) 29 19)
            :                     (X.509 id-ce (2 5 29))
 641 01    1:                   BOOLEAN TRUE
 644 04    2:                   OCTET STRING, encapsulates {
 646 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 788
 648 30   28:   14:                 SEQUENCE {
 790
 650 06    9:    3:                   OBJECT IDENTIFIER
            :                 signingTime (1 2 840 113549 1 9 5)                     keyUsage (2 5 29 15)
            :                 (PKCS #9 (1 2 840 113549 1 9))
 801 31   15:               SET                     (X.509 id-ce (2 5 29))
 655 01    1:                   BOOLEAN TRUE
 658 04    4:                   OCTET STRING, encapsulates {
 803 17   13:                 UTCTime '030506171300Z'
 660 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
 818
 664 30   30:   31:                 SEQUENCE {
 820
 666 06    9:    3:                   OBJECT IDENTIFIER
            :                 sMIMECapabilities
            :                     (1 2 840 113549 1 9 15)
            :                 (PKCS #9                     authorityKeyIdentifier (2 5 29 35)
            :                     (1 2 840 113549 1 9))
 831 31   17:               SET {
 833 30   15:                 SEQUENCE                     (X.509 id-ce (2 5 29))
 671 04   24:                   OCTET STRING, encapsulates {
 835
 673 30   13:   22:                       SEQUENCE {
 837 06   11:                     OBJECT IDENTIFIER
            :                       id-alg-zlib
            :                           (1 2 840 113549 1 9 16 3 8)
            :                       (S/MIME Algorithms
 675 80   20:                         [0]
            :                           (1 2 840 113549 1 9 16 3))                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                     }                   3D 20 BC 43 2B 93 F1 1F
            :                         }
            :                       }
            :                   }
 850
 697 30   35:   29:                 SEQUENCE {
 852
 699 06    9:    3:                   OBJECT IDENTIFIER
            :                 messageDigest (1 2 840 113549 1 9 4)                     subjectKeyIdentifier (2 5 29 14)
            :                 (PKCS #9 (1 2 840 113549 1 9))
 863 31                     (X.509 id-ce (2 5 29))
 704 04   22:               SET                   OCTET STRING, encapsulates {
 865
 706 04   20:                       OCTET STRING
            :                   31 35 03 EC DF FE 05 84 AA 54 1B 38
            :                   57 C7 D0 90                   BE 6C A1 B3 E3 C1 F7 ED 43 70 9B 2B 8C A4 CE
            :                   13 01 E2 FD E3 97 FE CD
            :                       }
            :                   }
 887
 728 30   37:   31:                 SEQUENCE {
 889
 730 06   11:    3:                   OBJECT IDENTIFIER
            :                 id-aa-msgSigDigest
            :                     (1 2 840 113549 1 9 16 2 5)
            :                 (S/MIME Authenticated Attributes                     subjectAltName (2 5 29 17)
            :                     (1 2 840 113549 1 9 16 2))
 902 31                     (X.509 id-ce (2 5 29))
 735 04   24:                   OCTET STRING, encapsulates {
 737 30   22:               SET                       SEQUENCE {
 904 04
 739 81   20:                 OCTET STRING                         [1] 'AliceDSS@example.com'
            :                   92 98 46 1D 67 6E BB 2B 04 89 3C E0                         }
            :                   BB 3F F4 E4 2C F7 B5 0A                       }
            :                   }
            :                 }
            :               }
 926
            :             }
 761 30   13:    9:           SEQUENCE {
 928
 763 06    9:    7:             OBJECT IDENTIFIER
            :               rsaEncryption               dsaWithSha1 (1 2 840 113549 1 1 1) 10040 4 3)
            :               (PKCS #1)
 939 05    0:             NULL               (ANSI X9.57 algorithm)
            :             }
 941 04  128:           OCTET
 772 03   48:           BIT STRING 0 unused bits, encapsulates {
 775 30   45:               SEQUENCE {
 777 02   20:                 INTEGER
            :                   55 2E 3A 0C A4 19 1F 42 2B 89 71 22 33 8D
            :                   83 6A B5 3D 67 6B BF 45
 799 02   21:                 INTEGER
            :                   00 9F 61 53 52 54 0B 5C B2 DD DA E7
            :                   76 1D E2 10 52 5B 43 5E BD
            :                 }
            :               }
            :           }
            :         }
 822 31   95:       SET {
 824 30   93:         SEQUENCE {
 826 02    1:           INTEGER 3
 829 80   20:           [0]
            :             BE 6C A1 CF B3 E3 C1 F7 ED 43 70 A4 CE 42 65 05 1B 3C
            :             2B 42 E7 23 7A 16 51 56 4F 95 72 F1             13 01 E2 FD E3 97 FE CD
 851 30    7:           SEQUENCE {
 853 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
            :             37 83 3C F9 BA F3 65 BE A6 DA C1 8F             }
 860 30    9:           SEQUENCE {
 862 06    7:             OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
            :             74 3C AA 27 EE               (ANSI X9.57 algorithm)
            :             }
 871 04 7F 51 17 42 99 85   46:           OCTET STRING, encapsulates {
 873 30   44:               SEQUENCE {
 875 02   20:                 INTEGER
            :             3B 25 4E E4 5C E9 69 03                   6D 8E 5A CD 28 A0 1F D9 86 40 D2 AD 7A E9
            :             80 33 0A FC                   DF 2D CE FC 9A 30 5C 95
            :             0C C1 AC D7 BE EC BE 3F 53 93 99 10 D8 B1 97 0C F7
            :             16 83 93 5E 82 74 A8 D5 03 00 44 7E F8
 897 02   20:                 INTEGER
            :             37 74 1F DE EE 08                   7C 8A 06 1E FC 54 45 6D C3 D0
            :             CA F3 5A F9 F5 1F B4 79 A1 A4 41 35 7E CC AF F7 24 14
            :             1B 11 B9 64                   FD 3D C0 25 78 E2 56 B7 05 27 D5
            :                 }
            :               }
            :           }
            :         }
            :       }

11.3 eSSSecurityLabel

Alice
            :     }
            :   }

4.8 S/MIME multipart/signed message

A full S/MIME message, including MIME, that includes the body part from
4.3 and the body containing the content of the message.

MIME-Version: 1.0
To: User2@examples.com
From: aliceDss@examples.com
Subject: Example 4.8
Message-Id: <020906002550300.249@examples.com>
Date: Fri, 06 Sep 2002 00:25:21 -0300
Content-Type: multipart/signed;
    micalg=SHA1;
    boundary="----=_NextBoundry____Fri,_06_Sep_2002_00:25:21";
    protocol="application/pkcs7-signature"

This is a security label multi-part message in MIME format.

------=_NextBoundry____Fri,_06_Sep_2002_00:25:21

This is some sample content.
------=_NextBoundry____Fri,_06_Sep_2002_00:25:21
Content-Type: application/pkcs7-signature; name=smime.p7s
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=smime.p7s

MIIDeQYJKoZIhvcNAQcCoIIDajCCA2YCAQExCTAHBgUrDgMCGjALBgkqhkiG9w0BBwGggg
LiMIIC3jCCAp2gAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4X
DTk5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1Mwgg
G2MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE//
lOFzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6
iLVPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6Ya
RWa4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dm1
nizaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB80jhbgvMAF8
bUmJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GEAAKBgFzjuV
p1FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyohs+JH09B41b
Y8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTSljf2YUeyxD
KE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GDMIGAMCAGA1UdEQQZMBeBFWFsaWNlRHNzQGV4YW1w
bGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD
6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wCQYH
KoZIzjgEAwMwADAtAhUAmLDGP89xR1o1qUqPwPgkBehGlI4CFFufSMCMocECnETq6aGHwa
V/KC27MWMwYQIBATAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaMAkGByqG
SM44BAEELjAsAhQz+YZ/qCSCn1nRe1F0aKYl4H8HFQIUYUUmrBhG3VZhwg5CgaJqjCobNU
g=

------=_NextBoundry____Fri,_06_Sep_2002_00:25:21--

4.9 S/MIME application/pkcs7-mime signed message

A full S/MIME message, including MIME, that includes the body part from
4.1.

MIME-Version: 1.0
To: User2@examples.com
From: aliceDss@examples.com
Subject: Example 4.9
Message-Id: <021031164540300.304@examples.com>
Date: Thu, 31 Oct 2002 16:45:14 -0300
Content-Type: application/pkcs7-mime; smime-type=signed-data;
    name=smime.p7m
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=smime.p7m

MIIDmwYJKoZIhvcNAQcCoIIDjDCCA4gCAQExCTAHBgUrDgMCGjAtBgkqhkiG9w0BBwGgIA
QeDQpUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIIC4jCCAt4wggKdoAMCAQICAgDI
MAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUzAeFw05OTA4MTcwMTEwNDlaFw0zOT
EyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlRFNTMIIBtjCCASsGByqGSM44BAEwggEe
AoGBAIGNze2D6gqeOT7CSCij5EeT3Q7XqA7sU8WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+
HZMMg23j+bv7dM3F9piuR10DcMkQiVm96nXvn89J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UI
ddU5dhDEeL3/nbCElzfy5FEbteQJllzzflvbAhUA4kemGkVmuBPG2o+4NyErYov3k80CgY
AmONAUiTKqOfs+bdlLWWpMdiM5BAI1XPLLGjDDHlBd3ZtZ4s2qBT1YwHuiNrhuB699ikIl
p/R1z0oIXks+kPht6pzJIYo7dhTpzi5dowfNI4W4LzABfG1JiRGJNkS9+MiVSlNWteL5c+
waYTYfEX/Cve3RUP+YdMLRgUpgObo2OQOBhAACgYBc47ladRSWC6l63eM/qeysXty9txMR
NKYWiSgRI9k0hmd1dRMSPUNbb+VRv/qJ8qIbPiR9PQeNW2PIu0WloErjhdbOBoA/6CN+Gv
Ikq1MauCcNHu8Iv2YUgFxirGX6FYvxuzTU0pY39mFHssQyhPB+QUD9RqdjTjPypeL08oPl
uKOBgzCBgDAgBgNVHREEGTAXgRVhbGljZURzc0BleGFtcGxlcy5jb20wDAYDVR0TAQH/BA
IwADAOBgNVHQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8w
HQYDVR0OBBYEFL5sobPjwfftQ3CkzhMB4v3jl/7NMAkGByqGSM44BAMDMAAwLQIVAJiwxj
/PcUdaNalKj8D4JAXoRpSOAhRbn0jAjKHBApxE6umhh8GlfygtuzFjMGECAQEwGDASMRAw
DgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGjAJBgcqhkjOOAQBBC4wLAIUPVxJboshQX
N5eV7dgjlIpIF6v+wCFCYKruz8JMUc4SOABJ5SNsynHmDo

4.10 SignedData With Attributes

A SignedData message in 5.1. with the following list of signedAttributes:
- contentIdentifier
- contentReference
- contentHints
- smimeCapabilities
- sMIMEEncryptionKeyPreference
- unknown OID

   0 30 1103: 2047: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  15 A0 1088: 2032:   [0] {
  19 30 1084: 2028:     SEQUENCE {
  23 02    1:       INTEGER 1
  26 31    9:       SET {
  28 30    7:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
            :           }
            :         }
  37 30   43:       SEQUENCE {
  39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  50 A0   30:         [0] {
  52 04   28:           OCTET STRING 'This is some sample content.'
            :           }
            :         }
  82 A0  738:  736:       [0] {
  86 30  734:  732:         SEQUENCE {
  90 30  669:  667:           SEQUENCE {
  94 A0    3:             [0] {
  96 02    1:               INTEGER 2
            :               }
  99 02    2:             INTEGER 200
 103 30    9:             SEQUENCE {
 105 06    7:               OBJECT IDENTIFIER
            :                 dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)
            :               }
 114 30   18:             SEQUENCE {
 116 31   16:               SET {
 118 30   14:                 SEQUENCE {
 120 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 125 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 134 30   30:             SEQUENCE {
 136 17   13:               UTCTime '990817011049Z'
 151 17   13:               UTCTime '391231235959Z'
            :               }
 166 30   19:             SEQUENCE {
 168 31   17:               SET {
 170 30   15:                 SEQUENCE {
 172 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 177 13    8:                   PrintableString 'AliceDSS'
            :                   }
            :                 }
            :               }
 187 30  438:             SEQUENCE {
 191 30  299:               SEQUENCE {
 195 06    7:                 OBJECT IDENTIFIER
            :                   dsa (1 2 840 10040 4 1)
            :                   (ANSI X9.57 algorithm)
 204 30  286:                 SEQUENCE {
 208 02  129:                   INTEGER
            :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
            :                   48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
            :                   53 C5 AB 84 08 4F FF 94 E1 73 48 7E
            :                   0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
            :                   DC 5F 69 8A E4 75 D0 37 0C 91 08 95
            :                   9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
            :                   8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
            :                   78 BD FF 9D B0 84 97 37 F2 E4 51 1B
            :                   B5 E4 09 96 5C F3 7E 5B DB
 340 02   21:                   INTEGER
            :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
            :                   B8 37 21 2B 62 8B F7 93 CD
 363 02  128:                   INTEGER
            :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
            :                   4B 59 6A 4C 76 23 39 04 02 35 5C F2
            :                   CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
            :                   AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
            :                   3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
            :                   E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30
            :                   01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
            :                   1F 11 7F C2 BD ED D1 50 FF 98 74 C2
            :                   D1 81 4A 60 39 BA 36 39
            :                   }
            :                 }
 494 03  132:               BIT STRING 0 unused bits, encapsulates {
 498 02  128:                   INTEGER
            :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
            :                   3F A9 EC AC 5E DC BD B7 13 11 34 A6
            :                   16 89 28 11 23 D9 34 86 67 75 75 13
            :                   12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
            :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
            :                   A5 A0 4A E3 85 D6 CE 06 80 3F E8 23
            :                   7E 1A F2 24 AB 53 1A B8 27 0D 1E EF
            :                   08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
            :                   32 84 F0 7E 41 40 FD 46 A7 63 4E 33
            :                   F2 A5 E2 F4 F2 83 E5 B8
            :                   }
            :               }
 629 A3  131:  129:             [3] {
 632 30  128:               SEQUENCE {
 635 30   32:                 SEQUENCE {
 637 06    3:                   OBJECT IDENTIFIER
            :                     subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
 642 04   25:                   OCTET STRING, encapsulates {
 644 30   23:  127:               SEQUENCE {
 646 81   21:                         [1] 'aliceDss@examples.com'
            :                         }
            :                       }
            :                   }
 669
 634 30   12:                 SEQUENCE {
 671
 636 06    3:                   OBJECT IDENTIFIER
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 676
 641 01    1:                   BOOLEAN TRUE
 679
 644 04    2:                   OCTET STRING, encapsulates {
 681
 646 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 683
 648 30   14:                 SEQUENCE {
 685
 650 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage (2 5 29 15)
            :                     (X.509 id-ce (2 5 29))
 690
 655 01    1:                   BOOLEAN TRUE
 693
 658 04    4:                   OCTET STRING, encapsulates {
 695
 660 03    2:                       BIT STRING 6 unused bits
            :                         '11'B
            :                       }
            :                   }
 699
 664 30   31:                 SEQUENCE {
 701
 666 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)
            :                     (X.509 id-ce (2 5 29))
 706
 671 04   24:                   OCTET STRING, encapsulates {
 708
 673 30   22:                       SEQUENCE {
 710
 675 80   20:                         [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                   3D 20 BC 43 2B 93 F1 1F
            :                         }
            :                       }
            :                   }
 732
 697 30   29:                 SEQUENCE {
 734
 699 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier (2 5 29 14)
            :                     (X.509 id-ce (2 5 29))
 739
 704 04   22:                   OCTET STRING, encapsulates {
 741
 706 04   20:                       OCTET STRING
            :                   BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
            :                   13 01 E2 FD E3 97 FE CD
            :                       }
            :                   }
 728 30   31:                 SEQUENCE {
 730 06    3:                   OBJECT IDENTIFIER
            :                     subjectAltName (2 5 29 17)
            :                     (X.509 id-ce (2 5 29))
 735 04   24:                   OCTET STRING, encapsulates {
 737 30   22:                       SEQUENCE {
 739 81   20:                         [1] 'AliceDSS@example.com'
            :                         }
            :                       }
            :                   }
            :                 }
            :               }
 763
            :             }
 761 30    9:           SEQUENCE {
 765
 763 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
 774
 772 03   48:           BIT STRING 0 unused bits, encapsulates {
 777
 775 30   45:               SEQUENCE {
 779
 777 02   21:   20:                 INTEGER
            :                   00 98 B0 C6 3F CF                   55 0C A4 19 1F 42 2B 89 71 47 5A 35 A9 4A 22 33 8D
            :                   8F C0 F8 24 05 E8 46 94 8E
 802                   83 6A B5 3D 67 6B BF 45
 799 02   20:   21:                 INTEGER
            :                   5B                   00 9F 48 C0 8C A1 C1 02 9C 44 EA E9 61 53 52 54 0B 5C B2 DD DA E7
            :                   A1 87 C1 A5 7F 28 2D BB                   76 1D E2 10 52 5B 43 5E BD
            :                 }
            :               }
            :           }
            :         }
 824
 822 31  279: 1225:       SET {
 828
 826 30  275: 1221:         SEQUENCE {
 832
 830 02    1:           INTEGER 1
 835
 833 30   24:           SEQUENCE {
 837
 835 30   18:             SEQUENCE {
 839
 837 31   16:               SET {
 841
 839 30   14:                 SEQUENCE {
 843
 841 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 848
 846 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 857
 855 02    2:             INTEGER 200
            :             }
 861
 859 30    7:           SEQUENCE {
 863
 861 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
            :             }
 870
 868 A0  174: 1119:           [0] {
 873
 872 30   24:             SEQUENCE {
 875
 874 06    9:               OBJECT IDENTIFIER
            :                 contentType (1 2 840 113549 1 9 3)
            :                 (PKCS #9 (1 2 840 113549 1 9))
 886
 885 31   11:               SET {
 887 06    9:                 OBJECT IDENTIFIER
            :                   data (1 2 840 113549 1 7 1)
            :                   (PKCS #7)
            :                 }
            :               }
 898 30   35:             SEQUENCE {
 900 06    9:               OBJECT IDENTIFIER
            :                 messageDigest (1 2 840 113549 1 9 4)
            :                 (PKCS #9 (1 2 840 113549 1 9))
 911 31   22:               SET {
 913 04   20:                 OCTET STRING
            :                   40 6A EC 08 52 79 BA 6E 16 02 2D 9E
            :                   06 29 C0 22 96 87 DD 48
            :                 }
            :               }
 935 30   56:             SEQUENCE {
 937 06    3:               OBJECT IDENTIFIER '1 2 5555'
 942 31   49:               SET {
 944 04   47:                 OCTET STRING
            :                   'This is a test General ASN Attribut'
            :                   'e, number 1.'
            :                 }
            :               }
 993 30   62:             SEQUENCE {
 995 06   11:               OBJECT IDENTIFIER
            :                 id-aa-contentHint
            :                     (1 2 840 113549 1 9 16 2 4)
            :                 (S/MIME Authenticated Attributes
            :                     (1 2 840 113549 1 9 16 2))
1008 31   47:               SET {
 888
1010 30   45:                 SEQUENCE {
1012 0C   32:                   UTF8String
            :                   'Content Hints Description Buffer'
1046 06    9:                   OBJECT IDENTIFIER
            :                     data (1 2 840 113549 1 7 1)
            :                     (PKCS #7)
            :                   }
            :                 }
            :               }
1057 30   74:             SEQUENCE {
1059 06    9:               OBJECT IDENTIFIER
            :                   data (1 2 840 113549 1 7 1)                 sMIMECapabilities
            :                     (1 2 840 113549 1 9 15)
            :                 (PKCS #9
            :                     (1 2 840 113549 1 9))
1070 31   61:               SET {
1072 30   59:                 SEQUENCE {
1074 30    7:                   SEQUENCE {
1076 06    5:                     OBJECT IDENTIFIER '1 2 3 4 5 6'
            :                     }
1083 30   48:                   SEQUENCE {
1085 06    6:                     OBJECT IDENTIFIER '1 2 3 4 5 6 77'
1093 04   38:                     OCTET STRING
            :                   'Smime Capabilities parameters buffe'
            :                   'r 2'
            :                     }
            :                   }
            :                 }
            :               }
1133 30  109:             SEQUENCE {
1135 06   11:               OBJECT IDENTIFIER
            :                 id-aa-securityLabel
            :                     (1 2 840 113549 1 9 16 2 2)
            :                 (S/MIME Authenticated Attributes
            :                     (1 2 840 113549 1 9 16 2))
1148 31   94:               SET {
1150 31   92:                 SET {
1152 02    1:                   INTEGER 1
1155 06    7:                   OBJECT IDENTIFIER '1 2 3 4 5 6 7 8'
1164 13   27:                   PrintableString
            :                   'THIS IS A PRIVACY MARK TEST'
1193 31   49:                   SET {
1195 30   47:                     SEQUENCE {
1197 80    8:                       [0]
            :                   2A 03 04 05 06 07 86 78
1207 A1   35:                       [1] {
1209 13   33:                         PrintableString
            :                         'THIS IS A TEST SECURITY-'
            :                         'CATEGORY.'
            :                         }
            :                       }
            :                   (PKCS #7)                     }
            :                   }
            :                 }
 899
            :               }
1244 30   35:  111:             SEQUENCE {
 901
1246 06    9:   11:               OBJECT IDENTIFIER
            :                 messageDigest                 id-aa-contentReference
            :                     (1 2 840 113549 1 9 4) 16 2 10)
            :                 (S/MIME Authenticated Attributes
            :                 (PKCS #9                     (1 2 840 113549 1 9))
 912 9 16 2))
1259 31   22:   96:               SET {
 914
1261 30   94:                 SEQUENCE {
1263 06    5:                   OBJECT IDENTIFIER '1 2 3 4 5 6'
1270 04   20:   43:                   OCTET STRING
            :                   40 6A EC 08 52 79 BA 6E 16 02 2D 9E                   'Content Reference Content Identifie'
            :                   06 29 C0 22 96 87 DD 48                   'r Buffer'
1315 04   40:                   OCTET STRING
            :                   'Content Reference Signature Value B'
            :                   'uffer'
            :                   }
            :                 }
 936
            :               }
1357 30  109:  115:             SEQUENCE {
 938
1359 06   11:               OBJECT IDENTIFIER
            :                 id-aa-securityLabel                 id-aa-encrypKeyPref
            :                     (1 2 840 113549 1 9 16 2 2) 11)
            :                 (S/MIME Authenticated Attributes
            :                     (1 2 840 113549 1 9 16 2))
 951
1372 31   94:  100:               SET {
 953
1374 A0   98:                 [0] {
1376 30   90:                   SEQUENCE {
1378 31   92:   11:                     SET {
 955 02    1:                   INTEGER 1
 958
1380 30    9:                       SEQUENCE {
1382 06    7:    3:                         OBJECT IDENTIFIER '1 2 3
            :                           countryName (2 5 4 6)
            :                           (X.520 id-at (2 5 6 7 8'
 967 4))
1387 13    2:                         PrintableString 'US'
            :                         }
            :                       }
1391 31   49:   22:                     SET {
 969
1393 30   47:   20:                       SEQUENCE {
 971 80    8:                       [0]
            :                   2A 03 04 05
1395 06 07 86 78
 981 A1   35:                       [1] {
 983 13   33:                         PrintableString    3:                         OBJECT IDENTIFIER
            :                     'THIS IS A TEST SECURITY-CATEGORY.'                           organizationName (2 5 4 10)
            :                         }                           (X.520 id-at (2 5 4))
1400 13   13:                         PrintableString 'US Government'
            :                         }
            :                       }
1018 13   27:                   PrintableString
1415 31   17:                     SET {
1417 30   15:                       SEQUENCE {
1419 06    3:                         OBJECT IDENTIFIER
            :                   'THIS IS A PRIVACY MARK TEST'                           organizationalUnitName
            :                   }                               (2 5 4 11)
            :                 }                           (X.520 id-at (2 5 4))
1424 13    8:                         PrintableString 'VDA Site'
            :                         }
            :                       }
1047
1434 31   12:                     SET {
1436 30    9:   10:                       SEQUENCE {
1049
1438 06    7:    3:                         OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040                           organizationalUnitName
            :                               (2 5 4 3) 11)
            :               (ANSI X9.57 algorithm)                           (X.520 id-at (2 5 4))
1443 13    3:                         PrintableString 'VDA'
            :                         }
1058 04   47:           OCTET STRING, encapsulates
            :                       }
1448 31   18:                     SET {
1060
1450 30   45:   16:                       SEQUENCE {
1062 02   20:                 INTEGER
            :                   28 15 7C BF 62 B1 1E 09 97 BC 49 81
            :                   90 CF 8A 46 7E 94 F5 5D
1084 02   21:                 INTEGER
            :                   00 88
1452 06 C2 4E DF 4D FD 60 49 C1 21    3:                         OBJECT IDENTIFIER
            :                   29 0C 04 4D 08 B7 DB 5A 92                           commonName (2 5 4 3)
            :                 }                           (X.520 id-at (2 5 4))
1457 13    9:                         PrintableString 'Daisy RSA'
            :                         }
            :                       }
            :                     }
1468 02    4:                   INTEGER 173360179
            :                   }
            :                 }
            :               }

11.4 EquivalentLabels

Alice uses an EquivalentLabels in the message in 11.3.

   0
1474 30 1340:  252:             SEQUENCE {
   4
1477 06    9:   11:               OBJECT IDENTIFIER signedData
            :                 id-aa-mlExpandHistory
            :                     (1 2 840 113549 1 7 2) 9 16 2 3)
            :     (PKCS #7)
  15 A0 1325:   [0]                 (S/MIME Authenticated Attributes
            :                     (1 2 840 113549 1 9 16 2))
1490 31  236:               SET {
  19
1493 30 1321:  233:                 SEQUENCE {
  23 02    1:       INTEGER 1
  26
1496 30  230:                   SEQUENCE {
1499 04    7:                     OCTET STRING '5738299'
1508 18   15:                     GeneralizedTime '19990311104433Z'
1525 A1  201:                     [1] {
1528 30  198:                       SEQUENCE {
1531 A4   97:                         [4] {
1533 30   95:                           SEQUENCE {
1535 31   11:                             SET {
1537 30    9:                               SEQUENCE {
1539 06    3:                                 OBJECT IDENTIFIER
            :                                   countryName (2 5 4 6)
            :                                   (X.520 id-at (2 5 4))
1544 13    2:                                 PrintableString 'US'
            :                                 }
            :                               }
1548 31   22:                             SET {
  28
1550 30    7:   20:                               SEQUENCE {
  30
1552 06    5:    3:                                 OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)                                   organizationName
            :                                       (2 5 4 10)
            :                                   (X.520 id-at (2 5 4))
1557 13   13:                                 PrintableString
            :                                 'US Government'
            :                                 }
            :                               }
  37
1572 31   17:                             SET {
1574 30   43:   15:                               SEQUENCE {
  39
1576 06    9:    3:                                 OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  50 A0   30:         [0] {
  52 04   28:           OCTET STRING 'This is some sample content.'                                   organizationalUnitName
            :                                       (2 5 4 11)
            :                                   (X.520 id-at (2 5 4))
1581 13    8:                                 PrintableString
            :                                 'VDA Site'
            :                                 }
            :                               }
  82 A0  738:       [0] {
  86 30  734:         SEQUENCE
1591 31   12:                             SET {
  90
1593 30  669:   10:                               SEQUENCE {
  94 A0
1595 06    3:             [0] {
  96 02    1:               INTEGER 2                                 OBJECT IDENTIFIER
            :                                   organizationalUnitName
            :                                       (2 5 4 11)
            :                                   (X.520 id-at (2 5 4))
1600 13    3:                                 PrintableString 'VDA'
            :                                 }
  99 02    2:             INTEGER 200
 103
            :                               }
1605 31   23:                             SET {
1607 30    9:   21:                               SEQUENCE {
 105
1609 06    7:    3:                                 OBJECT IDENTIFIER
            :                 dsaWithSha1 (1 2 840 10040                                   commonName (2 5 4 3)
            :                 (ANSI X9.57 algorithm)                                   (X.520 id-at (2 5 4))
1614 13   14:                                 PrintableString
            :                                 'Bugs Bunny DSA'
            :                                 }
 114
            :                               }
            :                             }
            :                           }
1630 A4   97:                         [4] {
1632 30   18:   95:                           SEQUENCE {
 116
1634 31   16:   11:                             SET {
 118
1636 30   14:    9:                               SEQUENCE {
 120
1638 06    3:                                 OBJECT IDENTIFIER
            :                     commonName                                   countryName (2 5 4 3) 6)
            :                                   (X.520 id-at (2 5 4))
 125
1643 13    7:    2:                                 PrintableString 'CarlDSS'
            :                   } 'US'
            :                                 }
            :                               }
 134
1647 31   22:                             SET {
1649 30   30:   20:                               SEQUENCE {
 136 17   13:               UTCTime '990817011049Z'
 151 17
1651 06    3:                                 OBJECT IDENTIFIER
            :                                   organizationName
            :                                       (2 5 4 10)
            :                                   (X.520 id-at (2 5 4))
1656 13   13:               UTCTime '391231235959Z'                                 PrintableString
            :                                 'US Government'
            :                                 }
 166 30   19:             SEQUENCE {
 168
            :                               }
1671 31   17:                             SET {
 170
1673 30   15:                               SEQUENCE {
 172
1675 06    3:                                 OBJECT IDENTIFIER
            :                     commonName                                   organizationalUnitName
            :                                       (2 5 4 3) 11)
            :                                   (X.520 id-at (2 5 4))
 177
1680 13    8:                                 PrintableString 'AliceDSS'
            :                   }                                 'VDA Site'
            :                                 }
            :                               }
 187 30  438:             SEQUENCE
1690 31   12:                             SET {
 191
1692 30  299:   10:                               SEQUENCE {
 195
1694 06    7:    3:                                 OBJECT IDENTIFIER
            :                   dsa (1 2 840 10040                                   organizationalUnitName
            :                                       (2 5 4 1) 11)
            :                   (ANSI X9.57 algorithm)
 204                                   (X.520 id-at (2 5 4))
1699 13    3:                                 PrintableString 'VDA'
            :                                 }
            :                               }
1704 31   23:                             SET {
1706 30  286:   21:                               SEQUENCE {
 208 02  129:                   INTEGER
1708 06    3:                                 OBJECT IDENTIFIER
            :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2                                   commonName (2 5 4 3)
            :                   48 28 A3 E4 47 93 DD 0E D7 A8 0E EC                                   (X.520 id-at (2 5 4))
1713 13   14:                                 PrintableString
            :                   53 C5 AB 84 08 4F FF 94 E1 73 48 7E                                 'Elmer Fudd DSA'
            :                   0C D6 F3 44 48 D1 FE 9F AF A4 A1 89                                 }
            :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C                               }
            :                   DC 5F 69 8A E4 75 D0 37 0C 91 08 95                             }
            :                   9B DE A7 5E F9 FC F4 9F 2F DD 43 A8                           }
            :                   8B 54 F1 3F B0 07 08 47 4D 5D 88 C3                         }
            :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4                       }
            :                   78 BD FF 9D B0 84 97 37 F2 E4 51 1B                     }
            :                   B5 E4 09 96 5C F3 7E 5B DB
 340 02   21:                   INTEGER                   }
            :                 }
            :               }
1729 30  258:             SEQUENCE {
1733 06   11:               OBJECT IDENTIFIER
            :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F                 id-aa-equivalentLabels
            :                   B8 37 21 2B 62 8B F7 93 CD
 363 02  128:                   INTEGER                     (1 2 840 113549 1 9 16 2 9)
            :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9                 (S/MIME Authenticated Attributes
            :                   4B 59 6A 4C 76 23 39 04                     (1 2 840 113549 1 9 16 2))
1746 31  242:               SET {
1749 30  239:                 SEQUENCE {
1752 31  114:                   SET {
1754 02 35 5C F2    1:                     INTEGER 1
1757 06    7:                     OBJECT IDENTIFIER '1 2 3 4 5 6 7 9'
1766 13   38:                     PrintableString
            :                   CB 1A                   'EQUIVALENT THIS IS A PRIVACY MARK T'
            :                   'EST'
1806 31   60:                     SET {
1808 30 C3 1E 50 5D DD 9B 59 E2 CD   58:                       SEQUENCE {
1810 80    8:                         [0]
            :                   AA                   2A 03 04 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
            :                   3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
            :                   E9 CE 2E 5D A3 06 07 CD 23 85 B8 2F 30 86 78
1820 A1   46:                         [1] {
1822 13   44:                           PrintableString
            :                   01 7C 6D 49 89 11 89 36 44 BD F8 C8                   'EQUIVALENT THIS IS A TEST SECURITY-'
            :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36                   'CATEGORY.'
            :                   1F 11 7F C2 BD ED D1 50 FF 98 74 C2                           }
            :                   D1 81 4A 60 39 BA 36 39                         }
            :                       }
            :                     }
 494 03  132:               BIT STRING 0 unused bits, encapsulates
1868 31  121:                   SET {
 498
1870 02  128:    1:                     INTEGER 1
1873 06    7:                     OBJECT IDENTIFIER
            :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
            :                   3F A9 EC AC 5E DC BD B7                     '1 2 3 4 5 6 7 10'
1882 13 11 34 A6   45:                     PrintableString
            :                   16 89 28 11 23 D9 34                   'EQUIVALENT THIS IS A SECOND PRIVACY'
            :                   ' MARK TEST'
1929 31   60:                     SET {
1931 30   58:                       SEQUENCE {
1933 80    8:                         [0]
            :                   2A 03 04 05 06 07 86 67 75 75 78
1943 A1   46:                         [1] {
1945 13   44:                           PrintableString
            :                   12 3D 43 5B 6F E5 51 BF FA 89 F2 A2                   'EQUIVALENT THIS IS A TEST SECURITY-'
            :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45                   'CATEGORY.'
            :                   A5 A0 4A E3 85 D6 CE 06 80 3F E8 23                           }
            :                   7E 1A F2 24 AB 53 1A B8 27 0D 1E EF                         }
            :                   08 BF 66 14 80 5C 62 AC 65 FA 15 8B                       }
            :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4                     }
            :                   32 84 F0 7E 41 40 FD 46 A7 63 4E 33                   }
            :                   F2 A5 E2 F4 F2 83 E5 B8                 }
            :               }
            :             }
 629 A3  131:             [3] {
 632 30  128:               SEQUENCE {
 635
1991 30   32:    9:           SEQUENCE {
 637
1993 06    3:    7:             OBJECT IDENTIFIER
            :                     subjectAltName (2 5 29 17)               dsaWithSha1 (1 2 840 10040 4 3)
            :                     (X.509 id-ce (2 5 29))
 642               (ANSI X9.57 algorithm)
            :             }
2002 04   25:   47:           OCTET STRING, encapsulates {
 644
2004 30   23:   45:               SEQUENCE {
 646 81
2006 02   21:                         [1] 'aliceDss@examples.com'                 INTEGER
            :                   00 BC 33 37 65 C4 F7 70 5C 17 49 13
            :                   AA 4C 85 CA BB 52 91 48 59
2029 02   20:                 INTEGER
            :                   63 96 A2 14 8B CF 57 DE B0 48 5F 6C
            :                   64 DD 84 04 49 5F 1C CA
            :                 }
            :               }
            :           }
 669
            :         }
            :       }
            :     }
            :   }

4.11 SignedData with Certificates Only

CA SignedData message with no content or signature, containing only
Alices's and Carl's certificates.

   0 30   12: 1672: SEQUENCE {
 671
   4 06    3:    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 676 01    1:                   BOOLEAN TRUE
 679 04    2:                   OCTET STRING, encapsulates     (PKCS #7)
  15 A0 1657:   [0] {
 681
  19 30    0: 1653:     SEQUENCE {
  23 02    1:       INTEGER 1
  26 31    0:       SET {}
            :                       }
            :                   }
 683
  28 30   14:   11:       SEQUENCE {
 685
  30 06    3:    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :                     keyUsage (2 5 29 15)           (PKCS #7)
            :                     (X.509 id-ce (2 5 29))
 690 01         }
  41 A0 1407:       [0] {
  45 30  667:         SEQUENCE {
  49 30  602:           SEQUENCE {
  53 A0    3:             [0] {
  55 02    1:                   BOOLEAN TRUE
 693 04    4:                   OCTET STRING, encapsulates               INTEGER 2
            :               }
  58 02    1:             INTEGER 1
  61 30    9:             SEQUENCE {
 695 03    2:                       BIT STRING 6 unused bits
  63 06    7:               OBJECT IDENTIFIER
            :                         '11'B                 dsaWithSha1 (1 2 840 10040 4 3)
            :                       }                 (ANSI X9.57 algorithm)
            :               }
 699
  72 30   31:   18:             SEQUENCE {
  74 31   16:               SET {
  76 30   14:                 SEQUENCE {
 701
  78 06    3:                   OBJECT IDENTIFIER
            :                     authorityKeyIdentifier                     commonName (2 5 29 35) 4 3)
            :                     (X.509 id-ce                     (X.520 id-at (2 5 29))
 706 04   24:                   OCTET STRING, encapsulates {
 708 30   22:                       SEQUENCE {
 710 80   20:                         [0]
            :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 4))
  83 13    7:                   PrintableString 'CarlDSS'
            :                   3D 20 BC 43 2B 93 F1 1F                   }
            :                 }
            :               }
  92 30   30:             SEQUENCE {
  94 17   13:               UTCTime '990816225050Z'
 109 17   13:               UTCTime '391231235959Z'
            :               }
 732
 124 30   29:   18:             SEQUENCE {
 126 31   16:               SET {
 128 30   14:                 SEQUENCE {
 734
 130 06    3:                   OBJECT IDENTIFIER
            :                     subjectKeyIdentifier                     commonName (2 5 29 14) 4 3)
            :                     (X.509 id-ce                     (X.520 id-at (2 5 29))
 739 04   22:                   OCTET STRING, encapsulates {
 741 04   20:                       OCTET STRING
            :                   BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
            : 4))
 135 13 01 E2 FD E3 97 FE CD
            :                       }
            :                   }    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 763
 144 30    9:  439:             SEQUENCE {
 765
 148 30  299:               SEQUENCE {
 152 06    7:                 OBJECT IDENTIFIER
            :               dsaWithSha1                   dsa (1 2 840 10040 4 3) 1)
            :                   (ANSI X9.57 algorithm)
 161 30  286:                 SEQUENCE {
 165 02  129:                   INTEGER
            :                   00 B6 49 18 3E 8A 44 C1 29 71 94 4C
            :                   01 C4 12 C1 7A 79 CB 54 4D AB 1E 81
            :                   FB C6 4C B3 0E 94 09 06 EB 01 D4 B1
            :                   C8 71 4B C7 45 C0 50 25 5D 9C FC DA
            :                   E4 6D D3 E2 86 48 84 82 7D BA 15 95
            :                   4A 16 F6 46 ED DD F6 98 D2 BB 7E 8A
            :                   0A 8A BA 16 7B B9 50 01 48 93 8B EB
            :               (ANSI X9.57 algorithm)                   25 15 51 97 55 DC 8F 53 0E 10 A9 50
            :             }
 774 03   48:           BIT STRING 0 unused bits, encapsulates {
 777                   FC 70 B7 CD 30   45:               SEQUENCE {
 779 54 FD DA DE A8 AA 22
            :                   B5 A1 AF 8B CC 02 88 E7 8B 70 5F B9
            :                   AD E1 08 D4 6D 29 2D D6 E9
 297 02   21:                   INTEGER
            :                   00 98 B0 C6 3F CF 71 47 5A 35 A9 4A DD C1 2F DF 53 CE 0B 34 60 77 3E
            :                   8F C0 F8 24 05 E8 46 94 8E
 802                   02   20: A4 BF 8A 5D 98 B9 10 D5
 320 02  128:                   INTEGER
            :                   0C EE 57 9B 4B BD DA B6 07 6A 74 37
            :                   4F 55 7F 9D ED BC 61 0D EB 46 59 3C
            :                   56 0B 2B 5B 9F 48 C0 0C 91 CE A5 62 52 69 CA
            :                   E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
            :                   AD CB AE 45 E3 06 AC 8C A1 C1 02 22 9D 9C 44 EA E9
            :                   A1                   87 C1 A5 7F 28 2D BB 0B C7 CD F0 1C D9 B5 4E 5D 73 DE
            :                 }                   AF 0E C9 1D 5A 51 F5 4F 44 79 35 5A
            :               }                   73 AA 7F 46 51 1F A9 42 16 9C 48 EB
            :           }                   8A 79 61 B4 D5 2F 53 22 44 63 1F 86
            :         }
 824 31  516:       SET {
 828 30  512:         SEQUENCE {
 832 02    1:           INTEGER 1
 835 30   24:           SEQUENCE {
 837 30   18:             SEQUENCE {
 839 31   16:               SET {
 841 30   14:                 SEQUENCE {
 843                   B8 A3 58 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 848 13    7:                   PrintableString 'CarlDSS' 25 F8 29 C0 EF BA E0 75
            :                   }                   F0 42 C4 63 65 52 9B 0A
            :                   }
            :                 }
 857
 451 03  133:               BIT STRING 0 unused bits, encapsulates {
 455 02    2:  129:                   INTEGER 200
            :             }
 861 30    7:           SEQUENCE {
 863 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
            :             }
 870                   00 99 87 74 27 03 66 A0  411:           [0] {
 874 30   24:             SEQUENCE {
 876 06    9:               OBJECT IDENTIFIER B1 C0 AD DC
            :                 contentType (1 2 840 113549 1 9 3)                   2C 75 BB E1 6C 44 9C DA 21 6D 4D 47
            :                 (PKCS #9 (1 2 840 113549 1 9))
 887 31   11:               SET {
 889 06    9:                 OBJECT IDENTIFIER                   6D B1 62 09 E9 D8 AE 1E F2 3A B4 94
            :                   data (1 2 840 113549 1 7 1)                   B1 A3 8E 7A 9B 71 4E 00 94 C9 B4 25
            :                   (PKCS #7)                   4E B9 60 96 19 24 01 F3 62 0C FE 75
            :                 }                   C0 FB CE D8 68 00 E3 FD D5 70 4F DF
            :               }
 900 30   35:             SEQUENCE {
 902                   23 96 19 06    9:               OBJECT IDENTIFIER
            :                 messageDigest (1 2 840 113549 1 9 4)
            :                 (PKCS #9 (1 2 840 113549 1 9))
 913 31   22:               SET {
 915 04   20:                 OCTET STRING
            :                   40 6A EC 94 F4 B1 61 8F 3A 57 B1
            :                   08 11 A4 0B 26 25 F0 52 79 76 81 EA 0B
            :                   62 0D 95 2A E6 86 BA 6E 16 02 2D 9E 72 B2 A7 50 83
            :                   06 29 C0 22 96 87 DD 48                   0B AA 27 CD 1B A9 4D 89 9A D7 8D 18
            :                   39 84 3F 8B C5 56 4D 80 7A
            :                   }
            :               }
 937
 587 A3   66:             [3] {
 589 30   64:               SEQUENCE {
 591 30  113:   15:                 SEQUENCE {
 939
 593 06   11:    3:                   OBJECT IDENTIFIER
            :                 id-aa-securityLabel
            :                     (1 2 840 113549 1 9 16 2 2)
            :                 (S/MIME Authenticated Attributes                     basicConstraints (2 5 29 19)
            :                     (1 2 840 113549 1 9 16 2))
 952 31   98:               SET {
 954 31   96:                 SET {
 956 02    1:                   INTEGER 1
 959 06    7:                   OBJECT IDENTIFIER '1 2 3 4                     (X.509 id-ce (2 5 6 7 8'
 968 31   53:                   SET 29))
 598 01    1:                   BOOLEAN TRUE
 601 04    5:                   OCTET STRING, encapsulates {
 970
 603 30   51:    3:                       SEQUENCE {
 972 80    8:                       [0]
            :                   2A 03 04 05 06 07 86 78
 982 A1   39:                       [1] {
 984 13   37:                         PrintableString
            :                   'BOB THIS IS A TEST SECURITY-CATEGOR'
            :                   'Y.'
            :                         }
            :                       }
            :                     }
1023 13   27:                   PrintableString
            :                   'THIS IS A PRIVACY MARK TEST'
 605 01    1:                         BOOLEAN TRUE
            :                         }
            :                       }
            :                   }
1052
 608 30  230:   14:                 SEQUENCE {
1055
 610 06   11:    3:                   OBJECT IDENTIFIER
            :                 id-aa-equivalentLabels
            :                     (1 2 840 113549 1 9 16 2 9)
            :                 (S/MIME Authenticated Attributes
            :                     (1 2 840 113549 1 9 16 2))
1068 31  214:               SET {
1071 30  211:                 SEQUENCE {
1074 31  100:                   SET {
1076 02    1:                     INTEGER 1
1079 06    7:                     OBJECT IDENTIFIER '1 2 3 4                     keyUsage (2 5 6 7 8'
1088 31   53:                     SET {
1090 30   51:                       SEQUENCE {
1092 80    8:                         [0] 29 15)
            :                   2A 03                     (X.509 id-ce (2 5 29))
 615 01    1:                   BOOLEAN TRUE
 618 04 05 06 07 86 78
1102 A1   39:                         [1]    4:                   OCTET STRING, encapsulates {
1104 13   37:                           PrintableString
            :                   'BOB THIS IS A TEST SECURITY-CATEGOR'
            :                   'Y.'
            :                           }
 620 03    2:                       BIT STRING 1 unused bits
            :                         }                         '1100001'B
            :                       }
1143 13   31:                     PrintableString
            :                     'BOB THIS IS A PRIVACY MARK TEST'
            :                   }
1176 31  107:                   SET
 624 30   29:                 SEQUENCE {
1178 02    1:                     INTEGER 1
1181
 626 06    7:    3:                   OBJECT IDENTIFIER '1 2 3 4
            :                     subjectKeyIdentifier (2 5 6 7 9'
1190 31   53:                     SET {
1192 30   51:                       SEQUENCE {
1194 80    8:                         [0] 29 14)
            :                   2A 03                     (X.509 id-ce (2 5 29))
 631 04 05 06 07 86 78
1204 A1   39:                         [1]   22:                   OCTET STRING, encapsulates {
1206 13   37:                           PrintableString
            :                   'BOB THIS IS A TEST SECURITY-CATEGOR'
            :                   'Y.'
            :                           }
            :                         }
            :                       }
1245 13   38:                     PrintableString
 633 04   20:                       OCTET STRING
            :                   'BOB THIS IS A SECOND PRIVACY MARK T'                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                   'EST'                   3D 20 BC 43 2B 93 F1 1F
            :                       }
            :                   }
            :                 }
            :               }
            :             }
1285
 655 30    9:           SEQUENCE {
1287
 657 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
1296 04   46:           OCTET STRING,
 666 03   48:           BIT STRING 0 unused bits, encapsulates {
1298
 669 30   44:   45:               SEQUENCE {
1300 02   20:                 INTEGER
            :                   16 6C 58 D2 77 50 79 70 9D 52 99 C2
            :                   39 6E 9C 49 FB 2E CC EC
1322
 671 02   20:                 INTEGER
            :                   42 55 41 4F 66                   6B A9 F0 15 DD 46 86 16 3E
            :                   A3 BB 4B 7C 54 C9 7B 00
            :                 } 4E 7A 5A 79 E3 F9 BE 3D 2B
            :               }                   C9 06 37 E9 11 17 A1 13
 693 02   21:                 INTEGER
            :           }                   00 8F 34 69 2A 8B B1 3C 03 79 94 32
            :         }                   4D 12 1F CE 89 FB 46 B2 3B
            :                 }
            :               }
            :           }

11.5 mlExpansionHistory

The mailing list sends a message with a mlExpansionHistory attribute.

   0
 716 30  505:  732:         SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  15 A0  490:   [0] {
  19
 720 30  486:  667:           SEQUENCE {
  23
 724 A0    3:             [0] {
 726 02    1:               INTEGER 1
  26 31    9:       SET {
  28 30    7:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)
            :           }
            :               }
  37
 729 02    2:             INTEGER 200
 733 30   43:    9:             SEQUENCE {
  39
 735 06    9:    7:               OBJECT IDENTIFIER data
            :                 dsaWithSha1 (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  50 A0   30:         [0] {
  52 04   28:           OCTET STRING 'This is some sample content.' 10040 4 3)
            :           }                 (ANSI X9.57 algorithm)
            :               }
  82 31  423:       SET {
  86 30  419:         SEQUENCE {
  90 02    1:           INTEGER 1
  93 30   24:           SEQUENCE {
  95
 744 30   18:             SEQUENCE {
  97
 746 31   16:               SET {
  99
 748 30   14:                 SEQUENCE {
 101
 750 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 106
 755 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 115 02    2:             INTEGER 200
            :             }
 119
 764 30    7:   30:             SEQUENCE {
 121 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :               (OIW)
 766 17   13:               UTCTime '990817011049Z'
 781 17   13:               UTCTime '391231235959Z'
            :               }
 128 A0  318:           [0] {
 132
 796 30   24:   19:             SEQUENCE {
 134 06    9:               OBJECT IDENTIFIER
            :                 contentType (1 2 840 113549 1 9 3)
            :                 (PKCS #9 (1 2 840 113549 1 9))
 145
 798 31   11:   17:               SET {
 147
 800 30   15:                 SEQUENCE {
 802 06    9:    3:                   OBJECT IDENTIFIER
            :                   data (1 2 840 113549 1 7 1)                     commonName (2 5 4 3)
            :                   (PKCS #7)                     (X.520 id-at (2 5 4))
 807 13    8:                   PrintableString 'AliceDSS'
            :                   }
            :                 }
 158
            :               }
 817 30   35:  438:             SEQUENCE {
 821 30  299:               SEQUENCE {
 160
 825 06    9:    7:                 OBJECT IDENTIFIER
            :                 messageDigest                   dsa (1 2 840 113549 1 9 4) 10040 4 1)
            :                 (PKCS #9 (1 2 840 113549 1 9))
 171 31   22:               SET                   (ANSI X9.57 algorithm)
 834 30  286:                 SEQUENCE {
 173 04   20:                 OCTET STRING
            :                   40 6A EC 08 52 79 BA 6E 16
 838 02 2D  129:                   INTEGER
            :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
            :                   06 29 C0 22 96 87                   48 28 A3 E4 47 93 DD 0E D7 A8 0E EC
            :                   53 C5 AB 84 08 4F FF 94 E1 73 48 7E
            :                 }                   0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
            :               }
 195                   2F E1 D9 30  252:             SEQUENCE {
 198 06   11:               OBJECT IDENTIFIER
            :                 id-aa-mlExpandHistory
            :                     (1 2 840 113549 1 9 16 2 3) C8 36 DE 3F 9B BF B7 4C
            :                 (S/MIME Authenticated Attributes                   DC 5F 69 8A E4 75 D0 37 0C 91 08 95
            :                     (1 2 840 113549 1 9 16 2))
 211 31  236:               SET {
 214 30  233:                 SEQUENCE {
 217 30  230:                   SEQUENCE {
 220 04    7:                     OCTET STRING '5738299'
 229 18   15:                     GeneralizedTime '19990311104433Z'
 246 A1  201:                     [1] {
 249 30  198:                       SEQUENCE {
 252 A4   97:                         [4] {
 254 30   95:                           SEQUENCE {
 256 31   11:                             SET {
 258 30    9:                               SEQUENCE {
 260 06    3:                                 OBJECT IDENTIFIER                   9B DE A7 5E F9 FC F4 9F 2F DD 43 A8
            :                                   countryName (2 5 4 6)                   8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
            :                                   (X.520 id-at (2 5 4))
 265                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
            :                   78 BD FF 9D B0 84 97 37 F2 E4 51 1B
            :                   B5 E4 09 96 5C F3 7E 5B DB
 970 02   21:                   INTEGER
            :                   00 E2 47 A6 1A 45 66 B8 13    2:                                 PrintableString 'US' C6 DA 8F
            :                                 }                   B8 37 21 2B 62 8B F7 93 CD
 993 02  128:                   INTEGER
            :                               }
 269 31   22:                             SET {
 271 30   20:                               SEQUENCE {
 273 06    3:                                 OBJECT IDENTIFIER                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
            :                                   organizationName                   4B 59 6A 4C 76 23 39 04 02 35 5C F2
            :                                       (2 5 4 10)                   CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD
            :                                   (X.520 id-at (2 5 4))
 278 13   13:                                 PrintableString                   AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
            :                                 'US Government'                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
            :                                 }                   3E 90 F8 6D EA 9C C9 21 8A 3B 76 14
            :                               }
 293 31   17:                             SET {
 295                   E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30   15:                               SEQUENCE {
 297 06    3:                                 OBJECT IDENTIFIER
            :                                   organizationalUnitName                   01 7C 6D 49 89 11 89 36 44 BD F8 C8
            :                                       (2 5 4 11)                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
            :                                   (X.520 id-at (2 5 4))
 302 13    8:                                 PrintableString                   1F 11 7F C2 BD ED D1 50 FF 98 74 C2
            :                                 'VDA Site'                   D1 81 4A 60 39 BA 36 39
            :                   }
            :                 }
 312 31   12:                             SET {
 314 30   10:                               SEQUENCE
1124 03  132:               BIT STRING 0 unused bits, encapsulates {
 316 06    3:                                 OBJECT IDENTIFIER
1128 02  128:                   INTEGER
            :                                   organizationalUnitName                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
            :                                       (2 5 4 11)                   3F A9 EC AC 5E DC BD B7 13 11 34 A6
            :                                   (X.520 id-at (2 5 4))
 321                   16 89 28 11 23 D9 34 86 67 75 75 13    3:                                 PrintableString 'VDA'
            :                                 }                   12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
            :                               }
 326 31   23:                             SET {
 328 30   21:                               SEQUENCE {
 330                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
            :                   A5 A0 4A E3 85 D6 CE 06    3:                                 OBJECT IDENTIFIER 80 3F E8 23
            :                                   commonName (2 5 4 3)                   7E 1A F2 24 AB 53 1A B8 27 0D 1E EF
            :                                   (X.520 id-at (2 5 4))
 335 13   14:                                 PrintableString                   08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :                                 'Bugs Bunny DSA'                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
            :                                 }                   32 84 F0 7E 41 40 FD 46 A7 63 4E 33
            :                               }                   F2 A5 E2 F4 F2 83 E5 B8
            :                   }
            :               }
 351 A4   97:                         [4]
1259 A3  129:             [3] {
 353
1262 30   95:  127:               SEQUENCE {
 355 31   11:                             SET {
 357
1264 30    9:   12:                 SEQUENCE {
 359
1266 06    3:                   OBJECT IDENTIFIER
            :                                   countryName                     basicConstraints (2 5 4 6) 29 19)
            :                                   (X.520 id-at                     (X.509 id-ce (2 5 4))
 364 13 29))
1271 01    1:                   BOOLEAN TRUE
1274 04    2:                                 PrintableString 'US'                   OCTET STRING, encapsulates {
1276 30    0:                       SEQUENCE {}
            :                       }
            :                   }
 368 31   22:                             SET {
 370
1278 30   20:   14:                 SEQUENCE {
 372
1280 06    3:                   OBJECT IDENTIFIER
            :                                   organizationName
            :                     keyUsage (2 5 4 10) 29 15)
            :                                   (X.520 id-at                     (X.509 id-ce (2 5 4))
 377 13   13:                                 PrintableString 29))
1285 01    1:                   BOOLEAN TRUE
1288 04    4:                   OCTET STRING, encapsulates {
1290 03    2:                       BIT STRING 6 unused bits
            :                                 'US Government'                         '11'B
            :                       }
            :                   }
 392 31   17:                             SET {
 394
1294 30   15:   31:                 SEQUENCE {
 396
1296 06    3:                   OBJECT IDENTIFIER
            :                                   organizationalUnitName
            :                     authorityKeyIdentifier (2 5 4 11) 29 35)
            :                                   (X.520 id-at                     (X.509 id-ce (2 5 4))
 401 13    8:                                 PrintableString 29))
1301 04   24:                   OCTET STRING, encapsulates {
1303 30   22:                       SEQUENCE {
1305 80   20:                         [0]
            :                                 'VDA Site'                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
            :                   3D 20 BC 43 2B 93 F1 1F
            :                         }
            :                       }
 411 31   12:                             SET {
 413
            :                   }
1327 30   10:   29:                 SEQUENCE {
 415
1329 06    3:                   OBJECT IDENTIFIER
            :                                   organizationalUnitName
            :                     subjectKeyIdentifier (2 5 4 11) 29 14)
            :                                   (X.520 id-at                     (X.509 id-ce (2 5 4))
 420 29))
1334 04   22:                   OCTET STRING, encapsulates {
1336 04   20:                       OCTET STRING
            :                   BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE
            :                   13    3:                                 PrintableString 'VDA' 01 E2 FD E3 97 FE CD
            :                       }
            :                   }
 425 31   23:                             SET {
 427
1358 30   21:   31:                 SEQUENCE {
 429
1360 06    3:                   OBJECT IDENTIFIER
            :                                   commonName                     subjectAltName (2 5 4 3) 29 17)
            :                                   (X.520 id-at                     (X.509 id-ce (2 5 4))
 434 13   14:                                 PrintableString
            :                                 'Elmer Fudd DSA'
            :                                 }
            :                               }
            :                             }
            :                           }
            :                         } 29))
1365 04   24:                   OCTET STRING, encapsulates {
1367 30   22:                       SEQUENCE {
1369 81   20:                         [1] 'AliceDSS@example.com'
            :                         }
            :                       }
            :                   }
            :                 }
            :               }
            :             }
 450
1391 30    9:           SEQUENCE {
 452
1393 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
 461 04   46:           OCTET STRING,
1402 03   48:           BIT STRING 0 unused bits, encapsulates {
 463
1405 30   44:   45:               SEQUENCE {
 465
1407 02   20:                 INTEGER
            :                   18 69 FB 62                   55 FA 6D 50 B2 4F 64 F1 0C A4 19 1F 42 2B 89 71 22 33 8D
            :                   23 72 78 85 14 73 C9 B7
 487                   83 6A B5 3D 67 6B BF 45
1429 02   20:   21:                 INTEGER
            :                   7B 15 C6 32 62 F7 92 77 A5 1B 58 8F
            :                   B6 AB 8C 49 D8 BA 59                   00 9F 61 53 52 54 0B 5C B2 DD DA E7
            :                 }
            :               }
            :           }
            :         }
            :       }
            :     }
            :   }

11.6 SigningCertificate

Alice uses a SigningCertificate attribute in the message in 5.1.

   0 30 1110: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)
  15 A0 1095:   [0] {
  19 30 1091:     SEQUENCE {
  23 02    1:       INTEGER 1
  26 31    9:       SET {
  28 30    7:         SEQUENCE {
  30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :             (OIW)                   76 1D E2 10 52 5B 43 5E BD
            :                 }
            :               }
  37 30   43:       SEQUENCE {
  39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :           (PKCS #7)
  50 A0   30:         [0] {
  52 04   28:           OCTET STRING 'This is some sample content.'
            :           }
            :         }
  82 A0  738:       [0]
1452 A1  219:       [1] {
  86
1455 30  734:  216:         SEQUENCE {
  90
1458 30  669:  153:           SEQUENCE {
  94 A0    3:             [0] {
  96 02    1:               INTEGER 2
            :               }
  99 02    2:             INTEGER 200
 103
1461 30    9:             SEQUENCE {
 105
1463 06    7:               OBJECT IDENTIFIER
            :                 dsaWithSha1 (1 2 840 10040 4 3)
            :                 (ANSI X9.57 algorithm)
            :               }
 114
1472 30   18:             SEQUENCE {
 116
1474 31   16:               SET {
 118
1476 30   14:                 SEQUENCE {
 120
1478 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
 125
1483 13    7:                   PrintableString 'CarlDSS'
            :                   }
            :                 }
            :               }
 134
1492 17   13:             UTCTime '990827070000Z'
1507 30   30:  105:             SEQUENCE {
 136
1509 30   19:               SEQUENCE {
1511 02    2:                 INTEGER 200
1515 17   13:                 UTCTime '990817011049Z'
 151 '990822070000Z'
            :                 }
1530 30   19:               SEQUENCE {
1532 02    2:                 INTEGER 201
1536 17   13:                 UTCTime '391231235959Z' '990822070000Z'
            :                 }
 166
1551 30   19:               SEQUENCE {
 168 31   17:               SET {
 170
1553 02    2:                 INTEGER 211
1557 17   13:                 UTCTime '990822070000Z'
            :                 }
1572 30   15:   19:               SEQUENCE {
 172 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
1574 02    2:                 INTEGER 210
1578 17   13:                 UTCTime '990822070000Z'
            :                     (X.520 id-at (2 5 4))
 177 13    8:                   PrintableString 'AliceDSS'                 }
1593 30   19:               SEQUENCE {
1595 02    2:                 INTEGER 212
1599 17   13:                 UTCTime '990824070000Z'
            :                 }
            :               }
            :             }
 187 30  438:             SEQUENCE {
 191
1614 30  299:    9:           SEQUENCE {
 195
1616 06    7:             OBJECT IDENTIFIER
            :                   dsa               dsaWithSha1 (1 2 840 10040 4 1) 3)
            :               (ANSI X9.57 algorithm)
 204
            :             }
1625 03   47:           BIT STRING 0 unused bits, encapsulates {
1628 30  286:   44:               SEQUENCE {
 208
1630 02  129:   20:                 INTEGER
            :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2                   7E 65 52 76 33 FE 34 73 17 D1 F7 96
            :                   48 28 A3 E4 47 93 DD 0E D7 A8 0E EC                   F9 A0 D4 D8 6D 5C 7D 3D
1652 02   20:                 INTEGER
            :                   53 C5 AB 84 08 4F FF 94 E1 73 48                   02 7A 5B B7 D5 5B 18 C1 CF 87 EF 7E
            :                   0C D6                   DA 24 F3 44 48 D1 FE 9F AF A4 2A 83 9C 35 A1 89
            :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C                 }
            :                   DC 5F 69 8A E4 75 D0 37 0C 91 08 95               }
            :                   9B DE A7 5E F9 FC F4 9F 2F DD 43 A8           }
            :                   8B 54 F1 3F B0 07 08 47 4D 5D 88 C3         }
1674 31    0:       SET {}
            :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4       }
            :                   78 BD FF 9D B0 84 97 37 F2 E4 51 1B     }
            :                   B5 E4 09 96 5C F3 7E 5B DB
 340 02   21:                   INTEGER   }

5.  Enveloped-data

5.1 Basic encrypted content, TripleDES and RSA

An EnvelopedData from Alice to Bob of ExContent using TripleDES for
encrypting and RSA for key management. Does not have a OriginatorInfo.

   0 30  286: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER
            :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F     envelopedData (1 2 840 113549 1 7 3)
            :                   B8 37 21 2B 62 8B F7 93 CD
 363     (PKCS #7)
  15 A0  271:   [0] {
  19 30  267:     SEQUENCE {
  23 02  128:    1:       INTEGER
            : 0
  26 38 D0 14 89 31  192:       SET {
  29 30  189:         SEQUENCE {
  32 AA 39 FB 3E 6D D9
            :                   4B 59 6A 4C 76 23 39 04 02    1:           INTEGER 0
  35 5C F2
            :                   CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD   38:           SEQUENCE {
  37 30   18:             SEQUENCE {
  39 31   16:               SET {
  41 30   14:                 SEQUENCE {
  43 06    3:                   OBJECT IDENTIFIER
            :                     commonName (2 5 4 3)
            :                     (X.520 id-at (2 5 4))
  48 13    7:                   PrintableString 'CarlRSA'
            :                   }
            :                 }
            :               }
  57 02   16:             INTEGER
            :                   AA 05 3D 58 C0 7B A2 36 B8               46 34 6B C7 80 00 56 BC 11 D3 6E 07 AF 2E
            :                   7D 8A 42 25 A7 F4               CD 5D 71 D0
            :             }
  75 CF 4A 08 5E 4B 30   13:           SEQUENCE {
  77 06    9:             OBJECT IDENTIFIER
            :                   3E               rsaEncryption (1 2 840 113549 1 1 1)
            :               (PKCS #1)
  88 05    0:             NULL
            :             }
  90 F8 6D EA 9C C9 21 8A 3B 76 14 04  128:           OCTET STRING
            :             0B 71 0D E6 71 88 88 98 B6 96 C1 8F
            :             70 FD A2 27 DE DA E1 EF 24 6C A4 33
            :             DF AC E0 E9 CE 2E 5D A3 07 9D A2 D3 2C 7A CD 23 85 80 B8 2F 30
            :                   01 7C 6D 49 89 11 89 36 44 BD F8 C8             99 9E E6 5F B1 41 B3 72 16 83 E7 FA
            :                   95 4A 53             2A 00 8B C7 73 35 78 26 D6 C7 CF 8C
            :             0C 56 B5 E2 DB A5 76 9D 08 38 0E F3 F9 73 D4
            :             91 43 58 78 DC 49 B6 EC 1A 61 36 EE 6C 68 33
            :             A3 21 1D F0 28 78 1F 11 7F C2 BD ED D1 50 FF 98 74 C2 F7 5D F6 07 73
            :             4D DF AD 69 31 20 4B 48 A9 75 22 6E
            :                   D1 81 4A 60 39 BA             36 39 79 15 63 8F CC EB 9D A3 28 A1 D1
            :             2C 57 F4 DA 1A 2C 75 1F
            :           }
            :         }
 494 03  132:               BIT STRING 0 unused bits, encapsulates
 221 30   67:       SEQUENCE {
 498 02  128:                   INTEGER
 223 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3           (PKCS #7)
 234 30   20:         SEQUENCE {
 236 06    8:           OBJECT IDENTIFIER
            :                   3F A9 EC AC 5E DC BD B7 13 11 34 A6             des-EDE3-CBC (1 2 840 113549 3 7)
            :                   16 89 28 11 23 D9 34 86 67 75 75 13             (RSADSI encryptionAlgorithm
            :                   12 3D 43 5B 6F E5                 (1 2 840 113549 3))
 246 04    8:           OCTET STRING
            :             2D 68 C5 E9 47 06 51 BF FA 89 F2 A2 35
            :                   1B 3E 24           }
 256 80   32:         [0]
            :           0E C8 92 7F C6 7D 3D 07 3F 8D 5B 63 C8 BB 45 CB AD 8E 0E
            :                   A5 A0 4A E3 85           C5 49 3A EB 47 2E D6 CE 06 80 3F E8 23 55 DE 09 21 4E
            :                   7E 1A F2 24 AB 53 1A B8           48 EA 4E 27 0D 1E EF
            :                   08 BF 66 14 80 5C 62 AC 65 FA 15 8B
            :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 B1 6E 57 25
            :                   32 84 F0 7E 41 40 FD 46 A7 63 4E 33         }
            :                   F2 A5 E2 F4 F2 83 E5 B8       }
            :     }
            :   }
 629 A3  131:             [3] {
 632 30  128:               SEQUENCE {
 635

5.2 Basic encrypted content, RC2/128 and RSA

Same as 5.1, except using RC2/128 for encryption and RSA for key
management. An EnvelopedData from Alice to Bob of ExContent using
RC2/40 for encrypting and RSA for key management. Does not have a
OriginatorInfo or any attributes.

   0 30   32:  291: SEQUENCE {
 637
   4 06    3:    9:   OBJECT IDENTIFIER
            :                     subjectAltName (2 5 29 17)     envelopedData (1 2 840 113549 1 7 3)
            :                     (X.509 id-ce (2 5 29))
 642 04   25:                   OCTET STRING, encapsulates     (PKCS #7)
  15 A0  276:   [0] {
 644
  19 30   23:  272:     SEQUENCE {
 646 81   21:                         [1] 'aliceDss@examples.com'
            :                         }
            :                       }
            :                   }
 669
  23 02    1:       INTEGER 0
  26 31  192:       SET {
  29 30   12:  189:         SEQUENCE {
 671 06    3:                   OBJECT IDENTIFIER
            :                     basicConstraints (2 5 29 19)
            :                     (X.509 id-ce (2 5 29))
 676 01
  32 02    1:                   BOOLEAN TRUE
 679 04    2:                   OCTET STRING, encapsulates           INTEGER 0
  35 30   38:           SEQUENCE {
 681
  37 30    0:   18:             SEQUENCE {}
            :                       }
            :                   }
 683 {
  39 31   16:               SET {
  41 30   14:                 SEQUENCE {
 685
  43 06    3:                   OBJECT IDENTIFIER
            :                     keyUsage                     commonName (2 5 29 15) 4 3)
            :                     (X.509 id-ce                     (X.520 id-at (2 5 29))
 690 01    1:                   BOOLEAN TRUE
 693 04    4:                   OCTET STRING, encapsulates {
 695 03    2:                       BIT STRING 6 unused bits 4))
  48 13    7:                   PrintableString 'CarlRSA'
            :                         '11'B                   }
            :                 }
            :               }
 699
  57 02   16:             INTEGER
            :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E
            :               CD 5D 71 D0
            :             }
  75 30   31:   13:           SEQUENCE {
 701
  77 06    3:    9:             OBJECT IDENTIFIER
            :                     authorityKeyIdentifier (2 5 29 35)               rsaEncryption (1 2 840 113549 1 1 1)
            :                     (X.509 id-ce (2 5 29))
 706               (PKCS #1)
  88 05    0:             NULL
            :             }
  90 04   24:  128:           OCTET STRING, encapsulates {
 708 30   22:                       SEQUENCE {
 710 80   20:                         [0] STRING
            :                   70 44 3E 82             85 42 BE E3 0B 2E 6F 87 E5 0F 09 AA 24 CA
            :             DE 4A DA C1 D3 75 E3 09 B8 27 2B 25 CB D5 71
            :                   3D             FB C9 9C DB F0 B2 6E A0 8A 5F 1C 9D
            :             4A ED 98 9D 15 39 26 01 1A 2E 6B F0
            :             44 39 89 37 3C 6F C7 4A 61 0B 0B 27
            :             77 AA F9 D4 97 A4 D2 21 3F C2 3F 20 BC 43 2B 93 F1 1F
            :                         }             D4 DC 10 E9 D6 3F 00 DB 9C 82 47 D6
            :             7E 96 FF 12 6E 87 84 A0 BA ED 81 0F
            :             56 6D A6 1D EB AB C3 B7 A1 B9 F8 5F
            :             8B CC 1B 4A E5 14 36 06 61 D0 C7 64
            :             5F 69 67 91 A9 50 EE D8
            :           }
            :         }
 732
 221 30   29:   72:       SEQUENCE {
 734
 223 06    3:    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :                     subjectKeyIdentifier (2 5 29 14)           (PKCS #7)
 234 30   25:         SEQUENCE {
 236 06    8:           OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2)
            :                     (X.509 id-ce (2 5 29))
 739 04   22:                   OCTET STRING, encapsulates             (RSADSI encryptionAlgorithm
            :                 (1 2 840 113549 3))
 246 30   13:           SEQUENCE {
 741
 248 02    1:             INTEGER 58
 251 04   20:    8:             OCTET STRING
            :                   BE 6C A1 B3 E3 C1 F7 ED 43               E8 70 A4 CE 81 E2 EF C5 15 57
            :             }
            :           }
 261 80   32:         [0]
            :           06 53 0A 7B 8D 5C 16 0D CC D5 76 D6
            :                   13 01 E2 FD E3 97 FE CD           8B 59 D6 45 8C 1A 1A 0C E6 1E F3 DE
            :                       }           43 56 00 9B 40 8C 38 5D
            :         }
            :       }
            :     }
            :   }
 763

5.3 S/MIME application/pkcs7-mime encrypted message

A full S/MIME message, including MIME, that includes the body part from
5.1.

MIME-Version: 1.0
Message-Id: <00103112005203.00349@amyemily.ig.com>
Date: Tue, 31 Oct 2000 12:00:52 -0600 (Central Standard Time)
From: User1
To: User2
Subject: Example 5.3
Content-Type: Application/pkcs7-mime;name=smime.p7m;filename=smime.p7m
Content-Transfer-Encoding: base64
Content-Description: attachment;filename=smime.p7m

MIIBHgYJKoZIhvcNAQcDoIIBDzCCAQsCAQAxgcAwgb0CAQAwJjASMRAwDgYDVQQDEwdDYX
JsUlNBAhBGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUABIGAC3EN5nGIiJi2lsGP
cP2iJ97a4e8kbKQz36zg6Z2i0yx6zYC4mZ7mX7FBs3IWg+f6KgCLx3M1eCbWx8+MDFbbpX
adCDgO8/nUkUNYeNxJtuzubGgzoyEd8Ch4H/dd9gdzTd+taTEgS0ipdSJuNnkVY4/M652j
KKHRLFf02hosdR8wQwYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAgtaMXpRwZRNYAgDsiSf8
Z9P43LrY4OxUk660cu1lXeCSFOSOpOJ7FuVyU=

6. Digested-data

A DigestedData from Alice to Bob of ExContent using SHA-1.

   0 30    9:   94: SEQUENCE {
 765
   2 06    7:    9:   OBJECT IDENTIFIER
            :               dsaWithSha1 digestedData (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
 774 03   48:           BIT STRING 0 unused bits, encapsulates {
 777 30   45:               SEQUENCE {
 779 02   21:                 INTEGER
            :                   00 98 B0 C6 3F CF 71 47 5A 35 A9 4A
            :                   8F C0 F8 24 05 E8 46 94 8E
 802 02   20:                 INTEGER
            :                   5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9
            :                   A1 87 C1 A5 7F 28 2D BB
            :                 }
            :               }
            :           } 113549 1 7 5)
            :         }
 824 31  286:       SET     (PKCS #7)
  13 A0   81:   [0] {
 828
  15 30  282:   79:     SEQUENCE {
 832
  17 02    1:       INTEGER 1
 835 0
  20 30   24:    7:       SEQUENCE {
 837
  22 06    5:         OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
            :           (OIW)
            :         }
  29 30   18:   43:       SEQUENCE {
 839
  31   16:               SET {
 841 30   14:                 SEQUENCE {
 843 06    3:    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
            :                     commonName (2 5 4 3)           (PKCS #7)
  42 A0   30:         [0] {
  44 04   28:           OCTET STRING 'This is some sample content.'
            :                     (X.520 id-at (2 5 4))
 848 13    7:                   PrintableString 'CarlDSS'           }
            :         }
  74 04   20:       OCTET STRING
            :         40 6A EC 08 52 79 BA 6E 16 02 2D 9E
            :         06 29 C0 22 96 87 DD 48
            :       }
            :     }
 857 02    2:             INTEGER 200
            :   }
 861

7. Encrypted-data

7.1 Simple EncryptedData

An EncryptedData from Alice to Bob of ExContent with no attributes.

   0 30    7:   87: SEQUENCE {
 863
   2 06    5:    9:   OBJECT IDENTIFIER sha1
            :     encryptedData (1 3 14 3 2 26)
            :               (OIW) 840 113549 1 7 6)
            :             }
 870     (PKCS #7)
  13 A0  182:   74:   [0] {
 873
  15 30   24:   72:     SEQUENCE {
 875
  17 02    1:       INTEGER 0
  20 30   67:       SEQUENCE {
  22 06    9:         OBJECT IDENTIFIER
            :                 contentType data (1 2 840 113549 1 9 3) 7 1)
            :           (PKCS #9 #7)
  33 30   20:         SEQUENCE {
  35 06    8:           OBJECT IDENTIFIER
            :             des-EDE3-CBC (1 2 840 113549 1 9))
 886 3 7)
            :             (RSADSI encryptionAlgorithm
            :                 (1 2 840 113549 3))
  45 04    8:           OCTET STRING
            :             B3 6B 6B FB 62 31   11:               SET 08 4E
            :           }
  55 80   32:         [0]
            :           FA FC ED DB 3F 18 17 1D 38 89 11 EA
            :           34 D6 20 DB F4 C3 D9 58 15 EF 93 3B
            :           9A F5 D7 04 F6 B5 70 E2
            :         }
            :       }
            :     }
            :   }

The TripleDES key is:
    73 7c 79 1f 25 ea d0 e0 46 29 25 43 52 f7 dc 62
    91 e5 cb 26 91 7a da 32

7.2 EncryptedData with unprotected attributes

An EncryptedData from Alice to Bob of ExContent with unprotected
attributes.

   0 30  149: SEQUENCE {
 888
   3 06    9:   OBJECT IDENTIFIER
            :                   data     encryptedData (1 2 840 113549 1 7 1) 6)
            :     (PKCS #7)
            :                 }
            :               }
 899
  14 A0  135:   [0] {
  17 30   35:  132:     SEQUENCE {
 901
  20 02    1:       INTEGER 2
  23 30   67:       SEQUENCE {
  25 06    9:         OBJECT IDENTIFIER
            :                 messageDigest data (1 2 840 113549 1 9 4) 7 1)
            :           (PKCS #9 (1 2 840 113549 1 9))
 912 31   22:               SET {
 914 04   20:                 OCTET STRING
            :                   40 6A EC 08 52 79 BA 6E 16 02 2D 9E
            :                   06 29 C0 22 96 87 DD 48
            :                 }
            :               }
 936 #7)
  36 30  117:   20:         SEQUENCE {
 938
  38 06   11:    8:           OBJECT IDENTIFIER
            :                 id-aa-signingCertificate
            :             des-EDE3-CBC (1 2 840 113549 1 9 16 2 12) 3 7)
            :                 (S/MIME Authenticated Attributes             (RSADSI encryptionAlgorithm
            :                 (1 2 840 113549 1 9 16 2))
 951 31  102:               SET {
 953 30  100:                 SEQUENCE {
 955 30   48:                   SEQUENCE {
 957 30   46:                     SEQUENCE {
 959 3))
  48 04   44:    8:           OCTET STRING
            :                   'THIS IS A SIGNING CERTIFICATE ATTRI'
            :                   'BUTE TEST'             07 27 20 85 90 9E B0 7E
            :           }
  58 80   32:         [0]
            :           D2 20 8F 67 48 8A CB 41 E4 22 68 5D
            :           BE 77 05 52 26 ED E3 01 BD 00 91 58
            :           A7 35 6E BC 4B A2 07 33
            :         }
1005 30   48:                   SEQUENCE
  92 A1   58:       [1] {
1007
  94 30   46:   56:         SEQUENCE {
1009
  96 06    6:    3:           OBJECT IDENTIFIER '1 2 3 4 5 6 7'
1017 30   36:                       SEQUENCE {
1019 30   34:                         SEQUENCE 5555'
 101 31   49:           SET {
1021 06    6:                           OBJECT IDENTIFIER
            :                           '1 2 3 4 5 6 7'
1029
 103 04   24:   47:             OCTET STRING
            :                           'THIS IS A QUALIFIER TEST'
            :                           }
            :                         }
            :                       }
            :                     }
            :                   }
            :                 }
            :               }
            :             }
1055 30    9:           SEQUENCE {
1057 06    7:             OBJECT IDENTIFIER
            :               dsaWithSha1 (1 2 840 10040 4 3)
            :               (ANSI X9.57 algorithm)
            :             }
1066 04   46:           OCTET STRING, encapsulates {
1068 30   44:               SEQUENCE {
1070 02   20:                 INTEGER
            :                   6F 06 E3 81 05 BD 30 24 2F 09 C8 EB
            :                   61 57 DA 29 79 09 79 AF
1092 02   20:                 INTEGER
            :                   0B 7A CD 31 AC 6A 87 76 6B 3D 17 04
            :                   53 2D F9 AA 8E A6 9C C4               'This is a test General ASN Attribut'
            :                 }               'e, number 1.'
            :             }
            :           }
            :         }
            :       }
            :     }
            :   }

12.

8. Security Considerations

Because this document shows examples of S/MIME, CMS, S/MIME and ESS CMS messages,
this document also inherits all of the security considerations from
[SMIME-MSG], [CMS],
[SMIME-MSG] and [SMIME-ESS]. [CMS].

The Perl script in Appendix B writes to the user's local hard drive. A
malicious attacker could modify the Perl script in this document. Be
sure to read the Perl code carefully before executing it.

A. References

A.1 Normative References

[CMS] Cryptographic Message Syntax, RFC 2630.

[DVCS] PKIX Data Validation and Certification Server Protocols,
RFC 3029.

[PKIX] PKIX Certificate and CRL Profile, RFC 2459.

[SMIME-MSG] S/MIME Version 3 Message Specification. RFC 2633.

[SMIME-ESS] Enhanced Security Services for S/MIME,

A.2 Informative References

[DVCS] PKIX Data Validation and Certification Server Protocols,
RFC 2634. 3029.

B. Binaries of the Examples

This section contains the binaries of the examples shown in the rest of
the document. The binaries are stored in a modified Base64 format.
There is a Perl program that, when run over the contents of this
document, will extract the following binaries and write them out to
disk. The program requires Perl.

B.1 How the binaries and extractor works

The program in the next section looks for lines that begin with a '|'
character (or some whitespace followed by a '|'), ignoring all other
lines. If the line begins with '|', the second character tells what
kind of line it is:
     A line that begins with |* is a comment
     A line that begins with |> gives the name of a new file to start
     A line that begins with |< tells to end the file (and checks the
           file name for sanity)
     A line that begins with |anythingelse is a Base64 line

The program writes out a series of files, so you should run this in an
empty directory. The program will overwrite files (if it can), but won't
delete other files already in the directory.

Run this program with this document as the standard input, such as:
      ./extractsample.pl <draft-ietf-smime-examples

If you want to extract without the program, copy all the lines between
the "|>" and "|<" markers, remove any page breaks, and remove the "|"
in the first column of each line. The result is a valid Base64 blob that
can be processed by any Base64 decoder.

B.2 Example extraction program

#!/usr/bin/perl

# CMS Samples extraction program. v 1.1

# Get all the input as an array of lines
@AllIn = (); while (<STDIN>) { push(@AllIn, $_) }

$Base64Chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqr' .
    'stuvwxyz0123456789+/=';
$LineCount = 0; $CurrFile = '';

foreach $Line (@AllIn) {
    $LineCount++;  # Keep the line counter for error messages
    $Line =~ s/^\s*//;  # Get rid of leading whitespace
    chomp($Line);  # Get rid of CR or CRLF at the end of the line
    if(substr($Line, 0, 1) ne '|') { next }  # Not a special line
    elsif(substr($Line, 1, 1) eq '*') { next }  # It is a comment
    elsif(substr($Line, 1, 1) eq '>')
      { &StartNewFile(substr($Line, 2)) }  # Start a new file
    elsif(substr($Line, 1, 1) eq '<')
      { &EndCurrFile(substr($Line, 2)) }  # End the current file
    else { &DoBase64(substr($Line, 1)) }  # It is a line of Base64
}

sub StartNewFile {
    $TheNewFile = shift(@_);
    if($CurrFile ne '') { die "Was about to start a new file at " .
      "line $LineCount, but the old file, $CurrFile, was open\n" }
    open(OUT, ">$TheNewFile") or
      die "Could not open $TheNewFile for writing: $!\n";
    binmode(OUT);  # This is needed for Windows, is a noop on Unix
    $CurrFile = $TheNewFile;
    $LeftOver = 0;  # Amount left from previous Base64 character
    $NextPos = 0;  # Bit position to start the next Base64 character
                   #     (bits are numbered 01234567)
    $OutString = '';  # Holds the text going out to the file
}

sub EndCurrFile {
    $FileToEnd = shift(@_);
    if($CurrFile ne $FileToEnd) { die "Was about to close " .
      "$FileToEnd at line $LineCount, but that name didn't match " .
      "the name of the currently open file, $CurrFile\n" }
    print OUT $OutString;
    close(OUT);
    $CurrFile = '';
}

sub DoBase64 {
    $TheIn = shift(@_);
    if($CurrFile eq '') { die "Got some Base64 at line $LineCount, " .
      "but appear to not be writing to any particular file.\n" }
    @Chars = split(//, $TheIn);  # Make an array of the characters
    foreach $ThisChar (@Chars) {
    # $ThisVal is the position in the string and the Base64 value
      $ThisVal = index($Base64Chars, $ThisChar);
      if($ThisVal == -1) { die "At line $LineCount, found the " .
          "character $ThisChar, which is not a Base64 character\n" }
      if($ThisVal == 64) { last }  # It is a "=", so we're done
      if ($NextPos == 0 ) {
          # Don't output anything, just fill the left of $LeftOver
          $LeftOver = $ThisVal * 4;
          $NextPos = 6;
      } elsif ($NextPos == 2) {
        # Add $ThisVal to $LeftOver, output, and reset
          $OutString .= chr($LeftOver + $ThisVal);
          $LeftOver = 0;
          $NextPos = 0;
      } elsif ($NextPos == 4) {
          # Add upper 4 bits of $ThisVal to $LeftOver and output
          $Upper4 = ($ThisVal & 60);
          $OutString .= chr($LeftOver + ($Upper4/4));
          $LeftOver = (($ThisVal - $Upper4) * 64);
          $NextPos = 2;
      } elsif ($NextPos == 6) {
          # Add upper 2 bits of $ThisVal to $LeftOver and output
          $Upper2 = ($ThisVal & 48);
          $OutString .= chr($LeftOver + ($Upper2/16));
          $LeftOver = (($ThisVal - $Upper2) * 16);
          $NextPos = 4;
      } else { die "\$NextPos has an illegal value: $NextPos." }
    }
}

C. Examples in order of appearance

From Section 3.1 2.1

***ExContent.bin***

|* Section 3.1 2.1
|>ExContent.bin
|VGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50Lg==
|<ExContent.bin

From Section 3.2 2.2

***AlicePrivDSSSign.pri***

|* Example AlicePrivDSSSign.pri
|>AlicePrivDSSSign.pri
|MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBAIGNze2D6gqeOT7CSCij5EeT3Q7XqA7sU8
|WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+HZMMg23j+bv7dM3F9piuR10DcMkQiVm96nXvn8
|9J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UIddU5dhDEeL3/nbCElzfy5FEbteQJllzzflvbAh
|UA4kemGkVmuBPG2o+4NyErYov3k80CgYAmONAUiTKqOfs+bdlLWWpMdiM5BAI1XPLLGjDD
|HlBd3ZtZ4s2qBT1YwHuiNrhuB699ikIlp/R1z0oIXks+kPht6pzJIYo7dhTpzi5dowfNI4
|W4LzABfG1JiRGJNkS9+MiVSlNWteL5c+waYTYfEX/Cve3RUP+YdMLRgUpgObo2OQQXAhUA
|u0RG0aXJRgcu0P561pIH8JqFiT8=
|<AlicePrivDSSSign.pri

***AlicePrivRSASign.pri***

|* Example AlicePrivRSASign.pri
|>AlicePrivRSASign.pri
|MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAOCJczmN2PX16Id2OX9OsA
|W7U4PeD7er3H3HdSkNBS5tEt+mhibU0m+qWCn8l+z6glEPMIC+sVCeRkTxLLvYMs/GaG8H
|2bBgrL7uNAlqE/X3BQWT3166NVbZYf8Zf8mB5vhs6odAcO+sbSx0ny36VTq5mXcCpkhSjE
|7zVzhXdFdfAgMBAAECgYAApAPDJ0d2NDRspoa1eUkBSy6K0shissfXSAlqi5H3NvJ11ujN
|FZBgJzFHNWRNlc1nY860n1asLzduHO4Ovygt9DmQbzTYbghb1WVq2EHzE9ctOV7+M8v/Ke
|QDCz0Foo+38Y6idjeweVfTLyvehwYifQRmXskbr4saw+yRRKt/IQJBAPbW4CIhTF8KcP8n
|/OWzUGqd5Q+1hZbGQPqoCrSbmwxVwgEd+TeCihTI8pMOks2lZiG5PNIGv7RVMcncrcqYLd
|ECQQDo3rARJQnSAlEB3oromFD1d3dhpEWTawhVlnNd9MhbEpMic4t/03B/9aSqu3T9PCJq
|2jiRKoZbbBTorkye+o4vAkEAl0zwh5sXf+4bgxsUtgtqkF+GJ1Hht6B/9eSI41m5+R6b0y
|l3OCJI1yKxJZi6PVlTt/oeILLIURYjdZNR56vN8QJALPAkW/qgzYUi6tBuT/pszSHTyOTx
|hERIZHPXKY9+RozsFd7kUbOU5yyZLVVleyTqo2IfPmxNZ0ERO+G+6YMCgwJAWIjZoVA4hG
|qrA7y730v0nG+4tCol+/bkBS9u4oiJIW9LJZ7Qq1CTyr9AcewhJcV/+wLpIZa4M83ixpXu
|b41fKA==
|<AlicePrivRSASign.pri

***BobPrivDHEncrypt.pri***

|* Example BobPrivDHEncrypt.pri
|>BobPrivDHEncrypt.pri
|MIIBYwIBADCCATgGByqGSM4+AgEwggErAoGBAOwszaTvmiYvYqe7I03fKyXBaNKeqUVbNv
|GUiRqvfREknT25PCno1yOAM6aeRQK7qsyeKAWVoLMXdsH3JTVhAkGSJwxerkjl824475HR
|zzf+mkCXyC01np2TxvgVrz/adDq3xJO1ubt2bB+ofrw6qkMKgWT8Y/B7cZj6wDh5EBozAo
|GBALoL13Q95zTlTBOnlZa78eRhNwj7Esf7nJF3Bpk18EgkljMSAX6N7Av2ssBjpxXFXpWG
|onPFSUY3eWD9dwUJSJtwjTwF9s5ELH99GysV3fMFL76FII+N+bSgRXQr9DudQmI0JyeBjm
|8PXmKFicztIcORcAZU7nCoklVbbhkiTWKnAiEAw6tKMHmz05dOyvWifcdwo0Xzs6KGBdI+
|Sfmf2Qqzvr0EIgIgIPxngu7PSqbI5YPSjDuK0kUyEScybIbsZspxrfAZTfc=
|<BobPrivDHEncrypt.pri

***BobPrivRSAEncrypt.pri***

|* Example BobPrivRSAEncrypt.pri
|>BobPrivRSAEncrypt.pri
|MIIChQIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKnhZ5g/OdVf8qCTQV6meY
|mFyDVdmpFb+x0B2hlwJhcPvaUi0DWFbXqYZhRBXM+3twg7CcmRuBlpN235ZR572akzJKN/
|O7uvRgGGNjQyywcDWVL8hYsxBLjMGAgUSOZPHPtdYMTgXB9T039T2GkB8QX4enDRvoPGXz
|jPHCyqaqfrAgMBAAECgYBnzUhMmg2PmMIbZf8ig5xt8KYGHbztpwOIlPIcaw+LNd4Ogngw
|y+e6alatd8brUXlweQqg9P5F4Kmy9Bnah5jWMIR05PxZbMHGd9ypkdB8MKCixQheIXFD/A
|0HPfD6bRSeTmPwF1h5HEuYHD09sBvf+iU7o8AsmAX2EAnYh9sDGQJBANDDIsbeopkYdo+N
|vKZ11mY/1I1FUox29XLE6/BGmvE+XKpVC5va3Wtt+Pw7PAhDk7Vb/s7q/WiEI2Kv8zHCue
|UCQQDQUfweIrdb7bWOAcjXq/JY1PeClPNTqBlFy2bKKBlf4hAr84/sajB0+E0R9KfEILVH
|IdxJAfkKICnwJAiEYH2PAkA0umTJSChXdNdVUN5qSO8bKlocSHseIVnDYDubl6nA7xhmqU
|5iUjiEzuUJiEiUacUgFJlaV/4jbOSnI3vQgLeFAkEAni+zN5r7CwZdV+EJBqRd2ZCWBgVf
|JAZAcpw6iIWchw+dYhKIFmioNRobQ+g4wJhprwMKSDIETukPj3d9NDAlBwJAVxhn1grSta
|vCunrnVNqcBU+B1O8BiR4yPWnLMcRSyFRVJQA7HCp8JlDV6abXd8vPFfXuC9WN7rOvTKF8
|Y0ZB9qANMAsGA1UdDzEEAwIAEA==
|<BobPrivRSAEncrypt.pri

***CarlPrivDSSSign.pri***

|* Example CarlPrivDSSSign.pri
|>CarlPrivDSSSign.pri
|MIIBSgIBADCCASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8
|ZMsw6UCQbrAdSxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5
|UAFIk4vrJRVRl1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAh
|UA3cEv31POCzRgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytb
|DJHOpWJSacrhbT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0
|R5NVpzqn9GUR+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgQWAhQZ
|szilIWIxUOV/uT4IRnjRPrXlcg==
|<CarlPrivDSSSign.pri

***CarlPrivRSASign.pri***

|* Example CarlPrivRSASign.pri
|>CarlPrivRSASign.pri
|MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAORL/xi4JFf0d/9uc3uTcV
|y8MxqSknIj2EFG0M0ROgSzjq+Cnb1RHhd68nYsK4Y5p73XjRpT7OQA1ejsojax7eJQ4jIJ
|ij+fmSWPuE6ruX3VlmXaFqDFvg6uRFvvXvSnKcuC3axE6aqTlCkO+BjWyFde8nbE8hFgOL
|kbPB2XyWrxAgMBAAECgYEArnPkW19bZlrJ18bvOF9TISovYv7eKZp6hmc2531ieHU9c6C8
|KQ7zj73Dycm2+LrWE5vDl3rKavC4hWVOD72nqPdUBkG969wgd5DfYZuab3Te6jvUnIdg7X
|aE8WowN9XgkBb4gEfDGWvtdXe6Su05tl0CRztfG8gcq8vo9SY/pIECQQD/3wmgVgtCUp7E
|TZOzsEm73ueBfSiZ0LFIugs54Rx7IhgztkD2v9yuHdChrQRxWmEKbjvOMNo2n2UlKbunDn
|8LAkEA5GloGF/5V9B8ZokPumMdcssgpIF2ZInNfdHCJ6kurHpWmoUH2TADowOrf4iSUCQB
|qhsHHyBMt8l7Vve2wn6rcwJAVzZsj4wEdmy21O4kRAD4gOKvQgGpDxSE+OcA4I+MJ6QtX6
|LlbbVjwK1E6XaRpxlJLkb4d4VLO4cE8K/S2FQmlQJAZKEPrFV0G70NYXsXA82w5qcZHYCv
|8UFI2Bq2iBSgLHrFdtQPDh96KrJuNwSrOUVzukaoD42CXyIUBc+io/N8gwJAJh4dHKGYK+
|TbOOhXbmtzGYhhOvp0SjaLR2hdUOsm4+p9m05lqa97q0sudlE9qNARq6PWqMAnNh1UC6qn
|0W2N+g==
|<CarlPrivRSASign.pri

***DianePrivDHEncrypt.pri***

|* Example DianePrivDHEncrypt.pri
|>DianePrivDHEncrypt.pri
|MIIBYgIBADCCATcGByqGSM4+AgEwggEqAoGBAMpukcKwvahY8jEhdLsf5BC90JOifmHhPb
|ojBBbQZjm9O80FdEjxA3CV9AVjbS6/mrf/l/85u2PbTaRx2JSatPKKPZ+3XY3K4q+1D88F
|ZYJobkPS9ARfA4v5UPXIbAUmvL82D1zDUWpn6HUyZniRY+j+NOcZtnBseDg2gtI0NsLfAo
|GAbtZ2NkvkWQdXXxiaENIxXKYQsCaWQk18o6HTnqWAsh83EUl8ipnYVj+TUe1uVPtu27L8
|NMDnyh5YK9U9O9yucSHZO1a4p/ZNIlJfQbrVHoJpbN1wccxsO++EqXGLqTsqCfi9/ctRvC
|4uyj4wjPpUnn0NA+LfY2Jt81CCJ9zRmfcCIQCqBWX73U6oAvE0Oeej/H1GELhd8C7yxdFe
|onRM2g9OHwQiAiBYLomrVzR9PPWadct9mYoZLzx6poXJLxtaRwPjghbkmw==
|<DianePrivDHEncrypt.pri

***DianePrivDSSSign.pri***

|* Example DianePrivDSSSign.pri
|>DianePrivDSSSign.pri
|MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8
|ZMsw6UCQbrAdSxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5
|UAFIk4vrJRVRl1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAh
|UA3cEv31POCzRgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytb
|DJHOpWJSacrhbT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0
|R5NVpzqn9GUR+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgQXAhUA
|lpX54MHgQS0yD4tCUpMq5h4OISk=
|<DianePrivDSSSign.pri

***DianePrivRSASignEncrypt.pri***

|* Example DianePrivRSASignEncrypt.pri
|>DianePrivRSASignEncrypt.pri
|MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBANb9uMBwxkwl7OrP6ny7om
|L68OYyOlP/sZJaF/Qg4ZkkggrQ9nz7RMqLJwbxfiYDqXadz+ygLHCW8oNC9tS3KAq7+L9K
|TBk/B9ugwWAet35n996xw2BJrEXX+MbvCDchk0fu8HM1crACxPMRw15H5Qq3g/HbdGlki0
|QdlV3NKMCFAgMBAAECgYA9vc3CDmEUW0vnv2AjBCvFazWllkUj/Gl9kzwP0yWWumJSQuKW
|z/5YgI/rsYy91A1l0Dp3RSSeDOuGgMOsIRFxROOyqKkurBfSo4QlY7W8Lx7d9iH/FSAkW/
|GAL9VBDjIk99RKMp65SdgZjj85jWK9gPwMJJKT5MPXBZFTu5a2QQJBAPO4P0rRlLCRYBNB
|kg2NRD93Hf+WI0QI1AtwyRqv6ZCU8rDVX08ZhVChkJGuvQV2UrMi2Kh8jlR/AHJPNnVoc7
|UCQQDh0ucRVwaucpUiFqoCtFrtTp2CEU+WPIbJEI1WezF1eWnndWg4AEsu0iYy3bHi4CxU
|gAp1utFmlhuwDqB+0ruRAkEAr7a82yJzQ0HstLVnqaGZ/O/Sjv0d++Upi/4K39TIXlclCl
|0r1AmgVlvFsWL8IL4ILeMHtaHns//EwKVfrBJcqQJBALmYQfwIUB9zYIoBonxSiiBa6iyJ
|2aUZ3ZTGG8MlwIJR5O4rmhncc+3pHSfU+GwD3asdCHu1rH/pgpvxiYpx22ECQAEHIZdfem
|Co/VpcB9+o3vfisTR9/OuRvbBzdMjEvj9YRTAGkLOsacyz9z98rMe4G2WhFjk5sON0fc/N
|xaxsv+U=
|<DianePrivRSASignEncrypt.pri

***EricaPrivDHEncryptBobParam.pri***

|* Example EricaPrivDHEncryptBobParam.pri
|>EricaPrivDHEncryptBobParam.pri
|MIIBYwIBADCCATgGByqGSM4+AgEwggErAoGBAOwszaTvmiYvYqe7I03fKyXBaNKeqUVbNv
|GUiRqvfREknT25PCno1yOAM6aeRQK7qsyeKAWVoLMXdsH3JTVhAkGSJwxerkjl824475HR
|zzf+mkCXyC01np2TxvgVrz/adDq3xJO1ubt2bB+ofrw6qkMKgWT8Y/B7cZj6wDh5EBozAo
|GBALoL13Q95zTlTBOnlZa78eRhNwj7Esf7nJF3Bpk18EgkljMSAX6N7Av2ssBjpxXFXpWG
|onPFSUY3eWD9dwUJSJtwjTwF9s5ELH99GysV3fMFL76FII+N+bSgRXQr9DudQmI0JyeBjm
|8PXmKFicztIcORcAZU7nCoklVbbhkiTWKnAiEAw6tKMHmz05dOyvWifcdwo0Xzs6KGBdI+
|Sfmf2Qqzvr0EIgIgSGQR5BcBEubB05xwfXyml5W9yJUH989BEacTkfswPYw=
|<EricaPrivDHEncryptBobParam.pri

***MailListRc2.bin***

|* Example MailListRc2.bin
|>MailListRc2.bin
|tw0KJfvJ2GqGBQzg1xHq1Nk=
|<MailListRc2.bin

***MailListTripleDES.bin***

|* Example MailListTripleDES.bin
|>MailListTripleDES.bin
|JV4NHAe2Rt+zE0zIQ7qKpx8CW3wIOCUf
|<MailListTripleDES.bin

From Section 3.3 2.3

***AliceDSSSignByCarlNoInherit.cer***

|* Example AliceDSSSignByCarlNoInherit.cer
|>AliceDSSSignByCarlNoInherit.cer
|MIIC3DCCApugAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1MwggG2
|MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE//lO
|FzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6iL
|VPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6YaRW
|a4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dm1ni
|zaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB80jhbgvMAF8bU
|mJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GEAAKBgFzjuVp1
|FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyohs+JH09B41bY8
|i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTSljf2YUeyxDKE
|8H5BQP1Gp2NOM/Kl4vTyg+W4o4GBMH8wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBs
|AwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8wHQYDVR0OBBYEFL5sobPjwfft
|Q3CkzhMB4v3jl/7NMB8GA1UdEQQYMBaBFEFsaWNlRFNTQGV4YW1wbGUuY29tMAkGByqGSM
|44BAMDMAAwLQIUVQykGR9CK4lxIjONg2q1PWdrv0UCFQCfYVNSVAtcst3a53Yd4hBSW0Ne
|vQ==
|<AliceDSSSignByCarlNoInherit.cer

***AliceRSASignByCarl.cer***

|* Example AliceRSASignByCarl.cer
|>AliceRSASignByCarl.cer
|MIICLDCCAZWgAwIBAgIQRjRrx4AAVrwR024uxBCzsDANBgkqhkiG9w0BAQUFADASMRAwDg
|YDVQQDEwdDYXJsUlNBMB4XDTk5MDkxOTAxMDg0N1oXDTM5MTIzMTIzNTk1OVowEzERMA8G
|A1UEAxMIQWxpY2VSU0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOCJczmN2PX16I
|d2OX9OsAW7U4PeD7er3H3HdSkNBS5tEt+mhibU0m+qWCn8l+z6glEPMIC+sVCeRkTxLLvY
|Ms/GaG8H2bBgrL7uNAlqE/X3BQWT3166NVbZYf8Zf8mB5vhs6odAcO+sbSx0ny36VTq5mX
|cCpkhSjE7zVzhXdFdfAgMBAAGjgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIG
|wDAfBgNVHSMEGDAWgBTp4JAnrHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQUd9K00bdMio
|qjzkWdzuw8oDrj/1AwHwYDVR0RBBgwFoEUQWxpY2VSU0FAZXhhbXBsZS5jb20wDQYJKoZI
|hvcNAQEFBQADgYEAPnBHqEjME1iPylFxa042GF0EfoCxjU3MyqOPzH1WyLzPbrMcWakgqg
|WBqE4lradwFHUv9ceb0Q7pY9Jkt8ZmbnMhVN/0uiVdfUnTlGsiNnRzuErsL2Tt0z3Sp0LF
|6DeKtNufZ+S9n/n+dO/q+e5jatg/SyUJtdgadq7rm9tJsCI=
|<AliceRSASignByCarl.cer

***BobDHEncryptByCarl.cer***

|* Example BobDHEncryptByCarl.cer
|>BobDHEncryptByCarl.cer
|MIIDYjCCAyCgAwIBAgICAMkwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAxMTgyOFoXDTM5MTIzMTIzNTk1OVowEDEOMAwGA1UEAxMFYm9iREgwggJCMIIB
|twYHKoZIzj4CATCCAaoCgYEA7CzNpO+aJi9ip7sjTd8rJcFo0p6pRVs28ZSJGq99ESSdPb
|k8KejXI4Azpp5FAruqzJ4oBZWgsxd2wfclNWECQZInDF6uSOXzbjjvkdHPN/6aQJfILTWe
|nZPG+BWvP9p0OrfEk7W5u3ZsH6h+vDqqQwqBZPxj8HtxmPrAOHkQGjMCgYEAugvXdD3nNO
|VME6eVlrvx5GE3CPsSx/uckXcGmTXwSCSWMxIBfo3sC/aywGOnFcVelYaic8VJRjd5YP13
|BQlIm3CNPAX2zkQsf30bKxXd8wUvvoUgj435tKBFdCv0O51CYjQnJ4GObw9eYoWJzO0hw5
|FwBlTucKiSVVtuGSJNYqcCIQDDq0owebPTl07K9aJ9x3CjRfOzooYF0j5J+Z/ZCrO+vQJh
|ATT+wjNI6/Y7l9nkl6dgpSVpNPv9RirWycTF99b0BBmNlNmKN2hpZ1X78msOR8VbC0sOHB
|qLe3W3qsOq1+s72iqNAoc3R4PXMbQlqKy7EYhTHBGStmnnLpDBevyH9PbXGjAaAxUAuf8c
|k0RnN9Gy+FeaMkrJSv877B4CAR0DgYQAAoGAb9T2zZSabq9bVxeWdbsPuUjpkDcNFSDCVR
|4T4q5xF4TDDnSuilV/KH2L1yginHZG1ztPndFNG7LbUZTFbVSWQDiKOIFjSozDHgmJdKZY
|1chaPc+7uCN/nB99ePqe+ZCekedLwqS+RQZ4Qlg9n2Ms74TUZ+X7xm2iNilnkEbbTkijfj
|B8MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgMIMB8GA1UdIwQYMBaAFHBEPoIub4fe
|StN14z0gvEMrk/EfMB0GA1UdDgQWBBQm/xlIw1kzaFaNfsiAaFzPPHLdJjAcBgNVHREEFT
|ATgRFCb2JESEBleGFtcGxlLmNvbTAJBgcqhkjOOAQDAzEAMC4CFQCx+Kd4d/4pkKBGwwkj
|0fUou8cXtgIVAIgJG4/9/OwJWwYbl1DUjNFjTZFM
|<BobDHEncryptByCarl.cer

***BobRSASignByCarl.cer***

|* Example BobRSASignByCarl.cer
|>BobRSASignByCarl.cer
|MIICJzCCAZCgAwIBAgIQRjRrx4AAVrwR024uzV1x0DANBgkqhkiG9w0BAQUFADASMRAwDg
|YDVQQDEwdDYXJsUlNBMB4XDTk5MDkxOTAxMDkwMloXDTM5MTIzMTIzNTk1OVowETEPMA0G
|A1UEAxMGQm9iUlNBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCp4WeYPznVX/Kgk0
|FepnmJhcg1XZqRW/sdAdoZcCYXD72lItA1hW16mGYUQVzPt7cIOwnJkbgZaTdt+WUee9mp
|MySjfzu7r0YBhjY0MssHA1lS/IWLMQS4zBgIFEjmTxz7XWDE4FwfU9N/U9hpAfEF+Hpw0b
|6Dxl84zxwsqmqn6wIDAQABo38wfTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIFIDAf
|BgNVHSMEGDAWgBTp4JAnrHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQU6PS4Z9izlqQq8x
|GqKdOVWoYWtCQwHQYDVR0RBBYwFIESQm9iUlNBQGV4YW1wbGUuY29tMA0GCSqGSIb3DQEB
|BQUAA4GBAHuOZsXxED8QIEyIcat7QGshM/pKld6dDltrlCEFwPLhfirNnJOIh/uLt359QW
|Hh5NZt+eIEVWFFvGQnRMChvVl52R1kPCHWRbBdaDOS6qzxV+WBfZjmNZGjOd539OgcOync
|f1EHl/M28FAK3Zvetl44ESv7V+qJba3JiNiPzyvT
|<BobRSASignByCarl.cer

***CarlDSSSelf.cer***

|* Example CarlDSSSelf.cer
|>CarlDSSSelf.cer
|MIICmzCCAlqgAwIBAgIBATAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOT
|kwODE2MjI1MDUwWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQDEwdDYXJsRFNTMIIBtzCC
|ASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8ZMsw6UCQbrAd
|SxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5UAFIk4vrJRVR
|l1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAhUA3cEv31POCz
|Rgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytbDJHOpWJSacrh
|bT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0R5NVpzqn9GUR
|+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgOBhQACgYEAmYd0JwNm
|oLHArdwsdbvhbESc2iFtTUdtsWIJ6diuHvI6tJSxo456m3FOAJTJtCVOuWCWGSQB82IM/n
|XA+87YaADj/dVwT98jlhkGlPSxYY86V7EIEaQLJiXwUnaB6gtiDZUq5oa6crKnUIMLqifN
|G6lNiZrXjRg5hD+LxVZNgHqjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAg
|GGMB0GA1UdDgQWBBRwRD6CLm+H3krTdeM9ILxDK5PxHzAJBgcqhkjOOAQDAzAAMC0CFGup
|8E56Wnnj+b49K8kGN+kRF6ETAhUAjzRpKouxPAN5lDJNEh/OiftGsjs=
|<CarlDSSSelf.cer

***CarlRSASelf.cer***

|* Example CarlRSASelf.cer
|>CarlRSASelf.cer
|MIIB6zCCAVSgAwIBAgIQRjRrx4AAVrwR024un/JQIDANBgkqhkiG9w0BAQUFADASMRAwDg
|YDVQQDEwdDYXJsUlNBMB4XDTk5MDgxODA3MDAwMFoXDTM5MTIzMTIzNTk1OVowEjEQMA4G
|A1UEAxMHQ2FybFJTQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Ev/GLgkV/R3/2
|5ze5NxXLwzGpKSciPYQUbQzRE6BLOOr4KdvVEeF3rydiwrhjmnvdeNGlPs5ADV6OyiNrHt
|4lDiMgmKP5+ZJY+4Tqu5fdWWZdoWoMW+Dq5EW+9e9Kcpy4LdrETpqpOUKQ74GNbIV17yds
|TyEWA4uRs8HZfJavECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
|AYYwHQYDVR0OBBYEFOngkCeseCB6mtNM8kI3TiKunji7MA0GCSqGSIb3DQEBBQUAA4GBAL
|ee1ATT7Snk/4mJFS5M2wzwSA8yYe7EBOwSXS3/D2RZfgrD7Rj941ZAN6cHtfA4EmFQ7e/d
|P+MLuGGlpJs85p6cVJq2ldbabDu1LUU1nUkBdvq5uTH5+WsSU6D1FGCbfco+8lNrsDdvre
|Z019v6WuoUQWNdzb7IDsHaao1TNBgC
|<CarlRSASelf.cer

***DianeDHEncryptByCarl.cer***

|* Example DianeDHEncryptByCarl.cer
|>DianeDHEncryptByCarl.cer
|MIIDZTCCAySgAwIBAgICANMwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAyMTY1N1oXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHRGlhbmVESDCCAkEw
|ggG2BgcqhkjOPgIBMIIBqQKBgQDKbpHCsL2oWPIxIXS7H+QQvdCTon5h4T26IwQW0GY5vT
|vNBXRI8QNwlfQFY20uv5q3/5f/Obtj202kcdiUmrTyij2ft12NyuKvtQ/PBWWCaG5D0vQE
|XwOL+VD1yGwFJry/Ng9cw1FqZ+h1MmZ4kWPo/jTnGbZwbHg4NoLSNDbC3wKBgG7WdjZL5F
|kHV18YmhDSMVymELAmlkJNfKOh056lgLIfNxFJfIqZ2FY/k1HtblT7btuy/DTA58oeWCvV
|PTvcrnEh2TtWuKf2TSJSX0G61R6CaWzdcHHMbDvvhKlxi6k7Kgn4vf3LUbwuLso+MIz6VJ
|59DQPi32NibfNQgifc0Zn3AiEAqgVl+91OqALxNDnno/x9RhC4XfAu8sXRXqJ0TNoPTh8C
|YQEwzQOCzT8yOl8WXvITX1Ib3/+qOwY8f4EmHLcMoBQJG10m/XEzjPKsQX4NrDWVkH6lra
|tVUIDw0rkqEU12RXY/DDiuclnG7L3v525gI5O5JwJEfkrT2jk6mmNDPBsjxWIwGgMVAND9
|1uBGl9Gnf7v/mkPwYmSzfJerAgF6A4GEAAKBgGBebu9hVXc/nWoREPTTybhyoB+J3+S8If
|3kn1DWj475Z5cU4DQZjz1YUh7cXQVOT8aIhXisAWw1zoZtkEtYSC4PsuMqTkfDsU0qesm3
|5cZoinOuUyGzzwnEYqPosLvc3g0uZkg3qNuiS/vb+qaSS0EKxlQLixqdL/9gCwsI2UI/o4
|GAMH4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCAwgwHwYDVR0jBBgwFoAUcEQ+gi5v
|h95K03XjPSC8QyuT8R8wHQYDVR0OBBYEFEfzT811fahSIahhNle1+Jru2zBGMB4GA1UdEQ
|QXMBWBE0RpYW5lREhAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhQjQLaLBSl+aQP0
|t9qX9JaMFaoiVQIVAILYJOV/zQRUbgz01cm9mZgMYEvT
|<DianeDHEncryptByCarl.cer

***DianeDSSSignByCarlInherit.cer***

|* Example DianeDSSSignByCarlInherit.cer
|>DianeDSSSignByCarlInherit.cer
|MIIBuDCCAXegAwIBAgICANIwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAyMDgxMFoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIRGlhbmVEU1MwgZMw
|CQYHKoZIzjgEAQOBhQACgYEAoAAXeCzufoFTLi5hCA+hm1FSGtpZqHMvEiW2CMvK7ypEdo
|pSCeq9BSLVD/b9RtevmTgJDhPLTyzdHDT3HL8l/yPTO1nngpc3vjEk2BjI80k5W7fi5Sd+
|/IxFclt+Po9oTd1GeiK+jv/M2jkpoznln0PpVcnXW6aBZ8zAqs0uxSOjgYEwfzAMBgNVHR
|MBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm+H3krTdeM9ILxD
|K5PxHzAdBgNVHQ4EFgQUZDCZfVzcRQuZOlIvFr9YUN3OKxgwHwYDVR0RBBgwFoEURGlhbm
|VEU1NAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhUAoRr4Fw4+XaiM9LZVMx5L4yys
|uV8CFChLEEVY0hydVTUUGJGyPznftW7T
|<DianeDSSSignByCarlInherit.cer

***DianeRSASignByCarl.cer***

|* Example DianeRSASignByCarl.cer
|>DianeRSASignByCarl.cer
|MIICLDCCAZWgAwIBAgIQRjRrx4AAVrwR024u1ZowkDANBgkqhkiG9w0BAQUFADASMRAwDg
|YDVQQDEwdDYXJsUlNBMB4XDTk5MDgxOTA3MDAwMFoXDTM5MTIzMTIzNTk1OVowEzERMA8G
|A1UEAxMIRGlhbmVSU0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANb9uMBwxkwl7O
|rP6ny7omL68OYyOlP/sZJaF/Qg4ZkkggrQ9nz7RMqLJwbxfiYDqXadz+ygLHCW8oNC9tS3
|KAq7+L9KTBk/B9ugwWAet35n996xw2BJrEXX+MbvCDchk0fu8HM1crACxPMRw15H5Qq3g/
|HbdGlki0QdlV3NKMCFAgMBAAGjgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF
|4DAfBgNVHSMEGDAWgBTp4JAnrHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQUjPPLdQ6NMf
|bUKdpEknW4/u1POQwwHwYDVR0RBBgwFoEURGlhbmVSU0FAZXhhbXBsZS5jb20wDQYJKoZI
|hvcNAQEFBQADgYEAfaYstXhC1nnzMf72QsoPEweSCRvgb7CRGPa/SvvMY3n7gb/dl8eQa8
|sKNytBagOYxRs+MshFK4YBnBziNu8WwRqSuL5i+1M+SUcLxLnkK1imBoPwsqe7hX7VxtrO
|nHsxctei6kGrasDdH7kURBjPhFdm6MXmuNwtsx8bKEM2dXo=
|<DianeRSASignByCarl.cer

***EricaDHEncryptByCarl.cer***

|* Example EricaDHEncryptByCarl.cer
|>EricaDHEncryptByCarl.cer
|MIIC5zCCAqegAwIBAgICANQwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAyMTcxNloXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHRXJpY2FESDCCAcQw
|ggE4BgcqhkjOPgIBMIIBKwKBgQDsLM2k75omL2KnuyNN3yslwWjSnqlFWzbxlIkar30RJJ
|09uTwp6NcjgDOmnkUCu6rMnigFlaCzF3bB9yU1YQJBkicMXq5I5fNuOO+R0c83/ppAl8gt
|NZ6dk8b4Fa8/2nQ6t8STtbm7dmwfqH68OqpDCoFk/GPwe3GY+sA4eRAaMwKBgQC6C9d0Pe
|c05UwTp5WWu/HkYTcI+xLH+5yRdwaZNfBIJJYzEgF+jewL9rLAY6cVxV6VhqJzxUlGN3lg
|/XcFCUibcI08BfbORCx/fRsrFd3zBS++hSCPjfm0oEV0K/Q7nUJiNCcngY5vD15ihYnM7S
|HDkXAGVO5wqJJVW24ZIk1ipwIhAMOrSjB5s9OXTsr1on3HcKNF87OihgXSPkn5n9kKs769
|A4GFAAKBgQDRK+QdProYz3Ugxsdew8Rs6vMj2QkfRpj0zlm5ts7oOsYY+Fl3G5mw2tzAnQ
|nkr/lhkSxHzEde3yszdvNn7HfoLDcwoYld88j2XBZK5LeM9XvVOP0UrOh6wn3uB5AnCnyH
|qKLicDXqbt6eUDFr6QnaJRoBjuP/Jhx19cPOWvWehaOBgDB+MAwGA1UdEwEB/wQCMAAwDg
|YDVR0PAQH/BAQDAgMIMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0GA1Ud
|DgQWBBSNUx1hVX9gNW2mNqLFk/ia/cB1dDAeBgNVHREEFzAVgRNFcmljYURIQGV4YW1wbG
|UuY29tMAkGByqGSM44BAMDLwAwLAIUUR/Ueh3G1H7pqo5zsy+dZSmVt0kCFAnNWDVwS8MP
|B50JGVGJj5h/0YiR
|<EricaDHEncryptByCarl.cer

From Section 3.4 2.4

***CarlDSSCRLForAll.crl***

|* Example CarlDSSCRLForAll.crl
|>CarlDSSCRLForAll.crl
|MIHYMIGZMAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUxcNOTkwODI3MDcwMDAwWj
|BpMBMCAgDIFw05OTA4MjIwNzAwMDBaMBMCAgDJFw05OTA4MjIwNzAwMDBaMBMCAgDTFw05
|OTA4MjIwNzAwMDBaMBMCAgDSFw05OTA4MjIwNzAwMDBaMBMCAgDUFw05OTA4MjQwNzAwMD
|BaMAkGByqGSM44BAMDLwAwLAIUfmVSdjP+NHMX0feW+aDU2G1cfT0CFAJ6W7fVWxjBz4fv
|ftok8yqDnDWh
|<CarlDSSCRLForAll.crl

***CarlDSSCRLForCarl.crl***

|* Example CarlDSSCRLForCarl.crl
|>CarlDSSCRLForCarl.crl
|MIGDMEQwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTFw05OTA4MjUwNzAwMDBaMB
|QwEgIBARcNOTkwODIyMDcwMDAwWjAJBgcqhkjOOAQDAzAAMC0CFQCzH8VPej3sdtVg+d55
|IuxPsJD+lwIUWovDhLxmhxu/eYJbCl0H9rqpBSk=
|<CarlDSSCRLForCarl.crl

***CarlDSSCRLEmpty.crl***

|* Example CarlDSSCRLEmpty.crl
|>CarlDSSCRLEmpty.crl
|MG0wLjAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MXDTk5MDgyMDA3MDAwMFowCQ
|YHKoZIzjgEAwMwADAtAhRiPzYXMVguZ1B59QlLjK3Ua/RknwIVALU7TqFMe/0Pw42btv7D
|XW/eZSh9
|<CarlDSSCRLEmpty.crl

***CarlRSACRLForAll.crl***

|* Example CarlRSACRLForAll.crl
|>CarlRSACRLForAll.crl
|MIIBMzCBnTANBgkqhkiG9w0BAQQFADASMRAwDgYDVQQDEwdDYXJsUlNBFw05OTA4MjcwNz
|AwMDBaMGkwIQIQRjRrx4AAVrwR024uxBCzsBcNOTkwODIyMDcwMDAwWjAhAhBGNGvHgABW
|vBHTbi7VmjCQFw05OTA4MjIwNzAwMDBaMCECEEY0a8eAAFa8EdNuLs1dcdAXDTk5MDgyND
|A3MDAwMFowDQYJKoZIhvcNAQEEBQADgYEAv7OXqlPwMiEWK3eSemu7l8jc6vH6ZhYwDrWe
|XPCB1F6zbsGIa4zUXsVN+0deZvNdq+W0GDZgqE2cPInsbye/NVBxgcK5RFtiiRkSMal7mt
|PMZssR2QsQR3etTyLZ5X8w8lv8lFGlWHY7H6hGph/2od5Voe0xiGmXDwjT1AxgWx4=
|<CarlRSACRLForAll.crl

***CarlRSACRLForCarl.crl***

|* Example CarlRSACRLForCarl.crl
|>CarlRSACRLForCarl.crl
|MIHsMFcwDQYJKoZIhvcNAQEEBQAwEjEQMA4GA1UEAxMHQ2FybFJTQRcNOTkwODI1MDcwMD
|AwWjAjMCECEEY0a8eAAFa8EdNuLp/yUCAXDTk5MDgyMjA3MDAwMFowDQYJKoZIhvcNAQEE
|BQADgYEAIe8h1MEahZVJa8pFYtzXCf+pUS6O2UcY+vjlct1P7XR04/NlMmUoLJodV+XVJg
|bq1eYjlYSNDome7psML84H96PRa4VMD//m3fzczXMsHn3csHHFTPwBblJXaR45Y98SIjDH
|E1WUBW4qAKlbxCpmlGLONjPCK2NHJZ3z3nDuAFY=
|<CarlRSACRLForCarl.crl

***CarlRSACRLEmpty.crl***

|* Example CarlRSACRLEmpty.crl
|>CarlRSACRLEmpty.crl
|MIHHMDIwDQYJKoZIhvcNAQEEBQAwEjEQMA4GA1UEAxMHQ2FybFJTQRcNOTkwODIwMDcwMD
|AwWjANBgkqhkiG9w0BAQQFAAOBgQCpxSG4E3x087UR7ATzIEWGHgtuf4NtX/Q0dgZZJQ4E
|PYgJiIE3xNwgmPoXgQs3lKy0j3tRiRSky3JzFAe8IpxAoQf8RHyFDwuI0e7hDq/2FnStoa
|/BAHUAZOqlmvYLCKLblRlfpqe5OUUlCg72XoTn+LlayRjCDriglr6BOoBtyQ==
|<CarlRSACRLEmpty.crl

Rest of the sections

***4.1.bin***

***3.1.bin***

|* Example 4.1.bin 3.1.bin
|>4.1.bin
|MIAGCSqGSIb3DQEHAaCAJIAEBFRoaXMEGCBpcyBzb21lIHNhbXBsZSBjb250ZW50LgAAAA
|AAAA==
|<4.1.bin

***4.2.bin***
|<3.1.bin

***3.2.bin***

|* Example 4.2.bin 3.2.bin
|>4.2.bin
|MCsGCSqGSIb3DQEHAaAeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQu
|<4.2.bin

***5.1.bin***
|<3.2.bin

***4.1.bin***

|* Example 5.1.bin
|>5.1.bin 4.1.bin
|>4.1.bin
|MIIDlwYJKoZIhvcNAQcCoIIDiDCCA4QCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuAwggLcMIICm6ADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm
|+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0R
|BBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhRVDKQZH0IriX
|EiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3iEFJbQ169MWMwYQIBATAYMBIxEDAOBgNV
|BAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaMAkGByqGSM44BAMELjAsAhQJkf7r0mn1GLfXzV
|X0geoqQmqtAwIUOgfMwyG+4RpLfz61Ddu6HOq8zYk=
|<5.1.bin

***5.2.bin***
|<4.1.bin

***4.2.bin***

|* Example 5.2.bin
|>5.2.bin 4.2.bin
|>4.2.bin
|MIIDUgYJKoZIhvcNAQcCoIIDQzCCAz8CAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa
|AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIICMDCCAiwwggGVoAMCAQICEEY0
|a8eAAFa8EdNuLsQQs7AwDQYJKoZIhvcNAQEFBQAwEjEQMA4GA1UEAxMHQ2FybFJTQTAeFw
|05OTA5MTkwMTA4NDdaFw0zOTEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlUlNBMIGf
|MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgiXM5jdj19eiHdjl/TrAFu1OD3g+3q9x9x3
|UpDQUubRLfpoYm1NJvqlgp/Jfs+oJRDzCAvrFQnkZE8Sy72DLPxmhvB9mwYKy+7jQJahP1
|9wUFk99eujVW2WH/GX/Jgeb4bOqHQHDvrG0sdJ8t+lU6uZl3AqZIUoxO81c4V3RXXwIDAQ
|ABo4GBMH8wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAU6eCQ
|J6x4IHqa00zyQjdOIq6eOLswHQYDVR0OBBYEFHfStNG3TIqKo85Fnc7sPKA64/9QMB8GA1
|UdEQQYMBaBFEFsaWNlUlNBQGV4YW1wbGUuY29tMA0GCSqGSIb3DQEBBQUAA4GBAD5wR6hI
|zBNYj8pRcWtONhhdBH6AsY1NzMqjj8x9Vsi8z26zHFmpIKoFgahOJa2ncBR1L/XHm9EO6W
|PSZLfGZm5zIVTf9LolXX1J05RrIjZ0c7hK7C9k7dM90qdCxeg3irTbn2fkvZ/5/nTv6vnu
|Y2rYP0slCbXYGnau65vbSbAiMYHLMIHIAgEBMCYwEjEQMA4GA1UEAxMHQ2FybFJTQQIQRj
|Rrx4AAVrwR024uxBCzsDAJBgUrDgMCGgUAMA0GCSqGSIb3DQEBAQUABIGALyOC0vMJX7gM
|WOtOnb+JmoHldcSRPdPQ1Xu21f6UoYqs48SE9c1gTieV9s8AhnZ1Pyvw59QCZ6f1x40WBK
|WztefZMvAk7+cgRNWfB8VTJPrOAR0PFxOnKpWdK+QDlRQL6TkNus5unJ4M6JjmVRPUaG/Q
|B9eisWJM44+v/eDVXcc=
|<5.2.bin

***5.3.bin***
|<4.2.bin

***4.3.bin***

|* Example 5.3.bin
|>5.3.bin 4.3.bin
|>4.3.bin
|MIIDdwYJKoZIhvcNAQcCoIIDaDCCA2QCAQExCTAHBgUrDgMCGjALBgkqhkiG9w0BBwGggg
|LgMIIC3DCCApugAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4X
|DTk5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1Mwgg
|G2MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE//
|lOFzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6
|iLVPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6Ya
|RWa4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dm1
|nizaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB80jhbgvMAF8
|bUmJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GEAAKBgFzjuV
|p1FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyohs+JH09B41b
|Y8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTSljf2YUeyxD
|KE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GBMH8wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMC
|BsAwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8wHQYDVR0OBBYEFL5sobPjwf
|ftQ3CkzhMB4v3jl/7NMB8GA1UdEQQYMBaBFEFsaWNlRFNTQGV4YW1wbGUuY29tMAkGByqG
|SM44BAMDMAAwLQIUVQykGR9CK4lxIjONg2q1PWdrv0UCFQCfYVNSVAtcst3a53Yd4hBSW0
|NevTFjMGECAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGjAJBgcqhkjO
|OAQDBC4wLAIUBvvHKiTVNIn3i7X9cySlhsgPWmwCFGZpGbxoWNGNsZ1SP9oUiA39yaG4
|<5.3.bin

***5.4.bin***
|<4.3.bin

***4.4.bin***

|* Example 5.4.bin
|>5.4.bin 4.4.bin
|>4.4.bin
|MIILDQYJKoZIhvcNAQcCoIIK/jCCCvoCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCB68wggIsMIIBlaADAgECAhBGNGvH
|gABWvBHTbi7EELOwMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNVBAMTB0NhcmxSU0EwHhcNOT
|kwOTE5MDEwODQ3WhcNMzkxMjMxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZVJTQTCBnzAN
|BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4IlzOY3Y9fXoh3Y5f06wBbtTg94Pt6vcfcd1KQ
|0FLm0S36aGJtTSb6pYKfyX7PqCUQ8wgL6xUJ5GRPEsu9gyz8ZobwfZsGCsvu40CWoT9fcF
|BZPfXro1Vtlh/xl/yYHm+Gzqh0Bw76xtLHSfLfpVOrmZdwKmSFKMTvNXOFd0V18CAwEAAa
|OBgTB/MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFOngkCes
|eCB6mtNM8kI3TiKunji7MB0GA1UdDgQWBBR30rTRt0yKiqPORZ3O7DygOuP/UDAfBgNVHR
|EEGDAWgRRBbGljZVJTQUBleGFtcGxlLmNvbTANBgkqhkiG9w0BAQUFAAOBgQA+cEeoSMwT
|WI/KUXFrTjYYXQR+gLGNTczKo4/MfVbIvM9usxxZqSCqBYGoTiWtp3AUdS/1x5vRDulj0m
|S3xmZucyFU3/S6JV19SdOUayI2dHO4SuwvZO3TPdKnQsXoN4q0259n5L2f+f507+r57mNq
|2D9LJQm12Bp2ruub20mwIjCCApswggJaoAMCAQICAQEwCQYHKoZIzjgEAzASMRAwDgYDVQ
|QDEwdDYXJsRFNTMB4XDTk5MDgxNjIyNTA1MFoXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UE
|AxMHQ2FybERTUzCCAbcwggErBgcqhkjOOAQBMIIBHgKBgQC2SRg+ikTBKXGUTAHEEsF6ec
|tUTasegfvGTLMOlAkG6wHUschxS8dFwFAlXZz82uRt0+KGSISCfboVlUoW9kbt3faY0rt+
|igqKuhZ7uVABSJOL6yUVUZdV3I9TDhCpUPxwt80wVP3a3qiqIrWhr4vMAojni3Bfua3hCN
|RtKS3W6QIVAN3BL99Tzgs0YHc+AqS/il2YuRDVAoGADO5Xm0u92rYHanQ3T1V/ne28YQ3r
|Rlk8VgsrWwyRzqViUmnK4W0+vb/+4be5K2E8rcuuReMGrIwinZxEhwvHzfAc2bVOXXPerw
|7JHVpR9U9EeTVac6p/RlEfqUIWnEjrinlhtNUvUyJEYx+GuKNYBiX4KcDvuuB18ELEY2VS
|mwoDgYUAAoGBAJmHdCcDZqCxwK3cLHW74WxEnNohbU1HbbFiCenYrh7yOrSUsaOOeptxTg
|CUybQlTrlglhkkAfNiDP51wPvO2GgA4/3VcE/fI5YZBpT0sWGPOlexCBGkCyYl8FJ2geoL
|Yg2VKuaGunKyp1CDC6onzRupTYma140YOYQ/i8VWTYB6o0IwQDAPBgNVHRMBAf8EBTADAQ
|H/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUcEQ+gi5vh95K03XjPSC8QyuT8R8wCQYH
|KoZIzjgEAwMwADAtAhRrqfBOelp54/m+PSvJBjfpERehEwIVAI80aSqLsTwDeZQyTRIfzo
|n7RrI7MIIC3DCCApugAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNT
|MB4XDTk5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1
|MwggG2MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauE
|CE//lOFzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny
|/dQ6iLVPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDi
|R6YaRWa4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssaMMMeUF
|3dm1nizaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB80jhbgv
|MAF8bUmJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GEAAKBgF
|zjuVp1FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyohs+JH09
|B41bY8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTSljf2YU
|eyxDKE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GBMH8wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8E
|BAMCBsAwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8wHQYDVR0OBBYEFL5sob
|PjwfftQ3CkzhMB4v3jl/7NMB8GA1UdEQQYMBaBFEFsaWNlRFNTQGV4YW1wbGUuY29tMAkG
|ByqGSM44BAMDMAAwLQIUVQykGR9CK4lxIjONg2q1PWdrv0UCFQCfYVNSVAtcst3a53Yd4h
|BSW0NevaGB2zCB2DCBmTAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MXDTk5MDgy
|NzA3MDAwMFowaTATAgIAyBcNOTkwODIyMDcwMDAwWjATAgIAyRcNOTkwODIyMDcwMDAwWj
|ATAgIA0xcNOTkwODIyMDcwMDAwWjATAgIA0hcNOTkwODIyMDcwMDAwWjATAgIA1BcNOTkw
|ODI0MDcwMDAwWjAJBgcqhkjOOAQDAy8AMCwCFH5lUnYz/jRzF9H3lvmg1NhtXH09AhQCel
|u31VsYwc+H737aJPMqg5w1oTGCAiowggImAgEBMBgwEjEQMA4GA1UEAxMHQ2FybERTUwIC
|AMgwBwYFKw4DAhqgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBT
|EPFw0wMzA1MTQxNTM5MDBaMCMGCSqGSIb3DQEJBDEWBBRAauwIUnm6bhYCLZ4GKcAilofd
|SDAJBgcqhkjOOAQDBC4wLAIUO6XgStttWOAZ0QAcT0SaV3pxZmgCFBoRmNYfH680gQHevo
|vctqhqkWkToYIBYjA+BgsqhkiG9w0BCRACBDEvMC0MIENvbnRlbnQgSGludHMgRGVzY3Jp
|cHRpb24gQnVmZmVyBgkqhkiG9w0BBwEwggEeBgkqhkiG9w0BCQYxggEPMIIBCwIBATAmMB
|IxEDAOBgNVBAMTB0NhcmxSU0ECEEY0a8eAAFa8EdNuLsQQs7AwBwYFKw4DAhqgQzAcBgkq
|hkiG9w0BCQUxDxcNMDMwNTE0MTUzOTAwWjAjBgkqhkiG9w0BCQQxFgQUAl9JTjmYUIWzZt
|OKH3ueaar72DMwDQYJKoZIhvcNAQEBBQAEgYBtqiAk7XrupV6H3XUfK1QQZfTOm7EseHS8
|ixxgtduLA55J8it/k249iRTJ42v09n12rj5YH5u7vHwwGU4Q9wLxi1u025q7k7QY0MwryZ
|GprdlG+GWp4nGV0NROH810b4LoN29aPcvH1F/CgBva04RAaF9WmmL1Ow1sM8PtZz9Dvw==
|<5.4.bin

***5.5.bin***
|<4.4.bin

***4.4.bin***

|* Example 5.5.bin
|>5.5.bin 4.4.bin
|>4.4.bin
|MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAaCAJIAEBF
|RoaXMEGCBpcyBzb21lIHNhbXBsZSBjb250ZW50LgAAAAAAAKCAMIIB6zCCAVSgAwIBAgIQ
|RjRrx4AAVrwR024un/JQIDANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdDYXJsUlNBMB
|4XDTk5MDgxODA3MDAwMFoXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHQ2FybFJTQTCB
|nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Ev/GLgkV/R3/25ze5NxXLwzGpKSciPYQU
|bQzRE6BLOOr4KdvVEeF3rydiwrhjmnvdeNGlPs5ADV6OyiNrHt4lDiMgmKP5+ZJY+4Tqu5
|fdWWZdoWoMW+Dq5EW+9e9Kcpy4LdrETpqpOUKQ74GNbIV17ydsTyEWA4uRs8HZfJavECAw
|EAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFOng
|kCeseCB6mtNM8kI3TiKunji7MA0GCSqGSIb3DQEBBQUAA4GBALee1ATT7Snk/4mJFS5M2w
|zwSA8yYe7EBOwSXS3/D2RZfgrD7Rj941ZAN6cHtfA4EmFQ7e/dP+MLuGGlpJs85p6cVJq2
|ldbabDu1LUU1nUkBdvq5uTH5+WsSU6D1FGCbfco+8lNrsDdvreZ019v6WuoUQWNdzb7IDs
|Haao1TNBgCMIICLDCCAZWgAwIBAgIQRjRrx4AAVrwR024uxBCzsDANBgkqhkiG9w0BAQUF
|ADASMRAwDgYDVQQDEwdDYXJsUlNBMB4XDTk5MDkxOTAxMDg0N1oXDTM5MTIzMTIzNTk1OV
|owEzERMA8GA1UEAxMIQWxpY2VSU0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOCJ
|czmN2PX16Id2OX9OsAW7U4PeD7er3H3HdSkNBS5tEt+mhibU0m+qWCn8l+z6glEPMIC+sV
|CeRkTxLLvYMs/GaG8H2bBgrL7uNAlqE/X3BQWT3166NVbZYf8Zf8mB5vhs6odAcO+sbSx0
|ny36VTq5mXcCpkhSjE7zVzhXdFdfAgMBAAGjgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDw
|EB/wQEAwIGwDAfBgNVHSMEGDAWgBTp4JAnrHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQU
|d9K00bdMioqjzkWdzuw8oDrj/1AwHwYDVR0RBBgwFoEUQWxpY2VSU0FAZXhhbXBsZS5jb2
|0wDQYJKoZIhvcNAQEFBQADgYEAPnBHqEjME1iPylFxa042GF0EfoCxjU3MyqOPzH1WyLzP
|brMcWakgqgWBqE4lradwFHUv9ceb0Q7pY9Jkt8ZmbnMhVN/0uiVdfUnTlGsiNnRzuErsL2
|Tt0z3Sp0LF6DeKtNufZ+S9n/n+dO/q+e5jatg/SyUJtdgadq7rm9tJsCIAADGByzCByAIB
|ATAmMBIxEDAOBgNVBAMTB0NhcmxSU0ECEEY0a8eAAFa8EdNuLsQQs7AwCQYFKw4DAhoFAD
|ANBgkqhkiG9w0BAQEFAASBgC8jgtLzCV+4DFjrTp2/iZqB5XXEkT3T0NV7ttX+lKGKrOPE
|hPXNYE4nlfbPAIZ2dT8r8OfUAmen9ceNFgSls7Xn2TLwJO/nIETVnwfFUyT6zgEdDxcTpy
|qVnSvkA5UUC+k5DbrObpyeDOiY5lUT1Ghv0AfXorFiTOOPr/3g1V3HAAAAAAAA
|<5.5.bin

***5.6.bin***
|<4.4.bin

***4.6.bin***

|* Example 5.6.bin
|>5.6.bin 4.6.bin
|>4.6.bin
|MIIFtwYJKoZIhvcNAQcCoIIFqDCCBaQCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCBJwwggG4MIIBd6ADAgECAgIA0jAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDIwODEwWhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhEaWFuZURTUzCBkzAJBgcqhkjOOAQBA4GFAAKBgQCg
|ABd4LO5+gVMuLmEID6GbUVIa2lmocy8SJbYIy8rvKkR2ilIJ6r0FItUP9v1G16+ZOAkOE8
|tPLN0cNPccvyX/I9M7WeeClze+MSTYGMjzSTlbt+LlJ378jEVyW34+j2hN3UZ6Ir6O/8za
|OSmjOeWfQ+lVyddbpoFnzMCqzS7FI6OBgTB/MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BA
|QDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0GA1UdDgQWBBRkMJl9
|XNxFC5k6Ui8Wv1hQ3c4rGDAfBgNVHREEGDAWgRREaWFuZURTU0BleGFtcGxlLmNvbTAJBg
|cqhkjOOAQDAzAAMC0CFQChGvgXDj5dqIz0tlUzHkvjLKy5XwIUKEsQRVjSHJ1VNRQYkbI/
|Od+1btMwggLcMIICm6ADAgECAgIAyDAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1
|MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMjMxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURT
|UzCCAbYwggErBgcqhkjOOAQBMIIBHgKBgQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4
|QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2TDINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSf
|L91DqItU8T+wBwhHTV2Iw8O1s+NVCHXVOXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAO
|JHphpFZrgTxtqPuDchK2KL95PNAoGAJjjQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5Q
|Xd2bWeLNqgU9WMB7oja4bgevfYpCJaf0dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC
|8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGmE2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGA
|XOO5WnUUlgupet3jP6nsrF7cvbcTETSmFokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT
|0HjVtjyLtFpaBK44XWzgaAP+gjfhryJKtTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/Zh
|R7LEMoTwfkFA/UanY04z8qXi9PKD5bijgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/w
|QEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyh
|s+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0RBBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQ
|YHKoZIzjgEAwMwADAtAhRVDKQZH0IriXEiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3i
|EFJbQ169MYHGMGECAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGjAJBg
|cqhkjOOAQDBC4wLAIUSCTei4XyFq/sgmGpVNAtBKHMWk8CFBft1XcC7nUT2BC9PZcXIIi7
|/XuBMGECAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIA0jAHBgUrDgMCGjAJBgcqhkjOOA
|QDBC4wLAIUFf+BTYytgE6bNVgEN25jbulbg/oCFAZ+WE4rMYRB7Ul5OD530qaMdQgh
|<5.6.bin

***5.7.bin***
|<4.6.bin

***4.7.bin***

|* Example 5.7.bin
|>5.7.bin 4.7.bin
|>4.7.bin
|MIIDlAYJKoZIhvcNAQcCoIIDhTCCA4ECAQMxCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuAwggLcMIICm6ADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm
|+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0R
|BBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhRVDKQZH0IriX
|EiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3iEFJbQ169MWAwXgIBA4AUvmyhs+PB9+1D
|cKTOEwHi/eOX/s0wBwYFKw4DAhowCQYHKoZIzjgEAwQvMC0CFQCJw2t7VvfDEgBl8Tf1xF
|gXjRFXgwIUCw9DOqrs3nphLIyc9UGZpzwgw7c=
|<5.7.bin

***5.8.eml***
|<4.7.bin

***4.8.eml***

|* Example 5.8.eml
|>5.8.eml 4.8.eml
|>4.8.eml
|TUlNRS1WZXJzaW9uOiAxLjANClRvOiBVc2VyMkBleGFtcGxlcy5jb20NCkZyb206IGFsaW
|NlRHNzQGV4YW1wbGVzLmNvbQ0KU3ViamVjdDogRXhhbXBsZSA1LjgNCk1lc3NhZ2UtSWQ6
|IDwwMjA5MDYwMDI1NTAzMDAuMjQ5QGV4YW1wbGVzLmNvbT4NCkRhdGU6IEZyaSwgMDYgU2
|VwIDIwMDIgMDA6MjU6MjEgLTAzMDAgDQpDb250ZW50LVR5cGU6IG11bHRpcGFydC9zaWdu
|ZWQ7DQoJbWljYWxnPVNIQTE7DQoJYm91bmRhcnk9Ii0tLS09X05leHRCb3VuZHJ5X19fX0
|ZyaSxfMDZfU2VwXzIwMDJfMDA6MjU6MjEiOw0KCXByb3RvY29sPSJhcHBsaWNhdGlvbi9w
|a2NzNy1zaWduYXR1cmUiDQoNClRoaXMgaXMgYSBtdWx0aS1wYXJ0IG1lc3NhZ2UgaW4gTU
|lNRSBmb3JtYXQuDQoNCi0tLS0tLT1fTmV4dEJvdW5kcnlfX19fRnJpLF8wNl9TZXBfMjAw
|Ml8wMDoyNToyMQ0KDQpUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuDQotLS0tLS09X0
|5leHRCb3VuZHJ5X19fX0ZyaSxfMDZfU2VwXzIwMDJfMDA6MjU6MjENCkNvbnRlbnQtVHlw
|ZTogYXBwbGljYXRpb24vcGtjczctc2lnbmF0dXJlOyBuYW1lPXNtaW1lLnA3cw0KQ29udG
|VudC1UcmFuc2Zlci1FbmNvZGluZzogYmFzZTY0DQpDb250ZW50LURpc3Bvc2l0aW9uOiBh
|dHRhY2htZW50OyBmaWxlbmFtZT1zbWltZS5wN3MNCg0KTUlJRGR3WUpLb1pJaHZjTkFRY0
|NvSUlEYURDQ0EyUUNBUUV4Q1RBSEJnVXJEZ01DR2pBTEJna3Foa2lHOXcwQkJ3R2dnZ0xn
|TUlJQw0KM0RDQ0FwdWdBd0lCQWdJQ0FNZ3dDUVlIS29aSXpqZ0VBekFTTVJBd0RnWURWUV
|FERXdkRFlYSnNSRk5UTUI0WERUazVNRGd4TnpBeA0KTVRBME9Wb1hEVE01TVRJek1USXpO
|VGsxT1Zvd0V6RVJNQThHQTFVRUF4TUlRV3hwWTJWRVUxTXdnZ0cyTUlJQkt3WUhLb1pJem
|pnRQ0KQVRDQ0FSNENnWUVBZ1kzTjdZUHFDcDQ1UHNKSUtLUGtSNVBkRHRlb0R1eFR4YXVF
|Q0UvL2xPRnpTSDRNMXZORVNOSCtuNitrb1lrdg0KNGRrd3lEYmVQNXUvdDB6Y1gybUs1SF
|hRTnd5UkNKV2IzcWRlK2Z6MG55L2RRNmlMVlBFL3NBY0lSMDFkaU1QRHRiUGpWUWgxMVRs
|Mg0KRU1SNHZmK2RzSVNYTi9Ma1VSdTE1QW1XWFBOK1c5c0NGUURpUjZZYVJXYTRFOGJhaj
|dnM0lTdGlpL2VUelFLQmdDWTQwQlNKTXFvNQ0KK3o1dDJVdFpha3gySXprRUFqVmM4c3Nh
|TU1NZVVGM2RtMW5pemFvRlBWakFlNkkydUc0SHIzMktRaVduOUhYUFNnaGVTejZRK0czcQ
|0Kbk1raGlqdDJGT25PTGwyakI4MGpoYmd2TUFGOGJVbUpFWWsyUkwzNHlKVktVMWExNHZs
|ejdCcGhOaDhSZjhLOTdkRlEvNWgwd3RHQg0KU21BNXVqWTVBNEdFQUFLQmdGemp1VnAxRk
|pZTHFYcmQ0eitwN0t4ZTNMMjNFeEUwcGhhSktCRWoyVFNHWjNWMUV4STlRMXR2NVZHLw0K
|K29ueW9ocytKSDA5QjQxYlk4aTdSYVdnU3VPRjFzNEdnRC9vSTM0YThpU3JVeHE0SncwZT
|d3aS9aaFNBWEdLc1pmb1ZpL0c3Tk5UUw0KbGpmMllVZXl4REtFOEg1QlFQMUdwMk5PTS9L
|bDR2VHlnK1c0bzRHQk1IOHdEQVlEVlIwVEFRSC9CQUl3QURBT0JnTlZIUThCQWY4RQ0KQk
|FNQ0JzQXdId1lEVlIwakJCZ3dGb0FVY0VRK2dpNXZoOTVLMDNYalBTQzhReXVUOFI4d0hR
|WURWUjBPQkJZRUZMNXNvYlBqd2ZmdA0KUTNDa3poTUI0djNqbC83Tk1COEdBMVVkRVFRWU
|1CYUJGRUZzYVdObFJGTlRRR1Y0WVcxd2JHVXVZMjl0TUFrR0J5cUdTTTQ0QkFNRA0KTUFB
|d0xRSVVWUXlrR1I5Q0s0bHhJak9OZzJxMVBXZHJ2MFVDRlFDZllWTlNWQXRjc3QzYTUzWW
|Q0aEJTVzBOZXZURmpNR0VDQVFFdw0KR0RBU01SQXdEZ1lEVlFRREV3ZERZWEpzUkZOVEFn
|SUF5REFIQmdVckRnTUNHakFKQmdjcWhrak9PQVFCQkM0d0xBSVVNL21HZjZnaw0KZ3A5Wj
|BYdFJkR2ltSmVCL0J4VUNGR0ZGSnF3WVJ0MVdZY0lPUW9HaWFvd3FHelZJDQoNCi0tLS0t
|LT1fTmV4dEJvdW5kcnlfX19fRnJpLF8wNl9TZXBfMjAwMl8wMDoyNToyMS0tDQo=
|<5.8.eml

***5.9.eml***
|<4.8.eml

***4.9.eml***

|* Example 5.9.eml
|>5.9.eml 4.9.eml
|>4.9.eml
|TUlNRS1WZXJzaW9uOiAxLjANClRvOiBVc2VyMkBleGFtcGxlcy5jb20NCkZyb206IGFsaW
|NlRHNzQGV4YW1wbGVzLmNvbQ0KU3ViamVjdDogRXhhbXBsZSA1LjkNCk1lc3NhZ2UtSWQ6
|IDwwMjEwMzExNjQ1NDAzMDAuMzA0QGV4YW1wbGVzLmNvbT4NCkRhdGU6IFRodSwgMzEgT2
|N0IDIwMDIgMTY6NDU6MTQgLTAzMDAgDQpDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL3Br
|Y3M3LW1pbWU7IHNtaW1lLXR5cGU9c2lnbmVkLWRhdGE7DQoJbmFtZT1zbWltZS5wN20NCk
|NvbnRlbnQtVHJhbnNmZXItRW5jb2Rpbmc6IGJhc2U2NA0KQ29udGVudC1EaXNwb3NpdGlv
|bjogYXR0YWNobWVudDsgZmlsZW5hbWU9c21pbWUucDdtDQoNCg0KTUlJRG1RWUpLb1pJaH
|ZjTkFRY0NvSUlEaWpDQ0E0WUNBUUV4Q1RBSEJnVXJEZ01DR2pBdEJna3Foa2lHOXcwQkJ3
|R2dJQVFlRFFwVQ0KYUdseklHbHpJSE52YldVZ2MyRnRjR3hsSUdOdmJuUmxiblF1b0lJQz
|REQ0NBdHd3Z2dLYm9BTUNBUUlDQWdESU1Ba0dCeXFHU000NA0KQkFNd0VqRVFNQTRHQTFV
|RUF4TUhRMkZ5YkVSVFV6QWVGdzA1T1RBNE1UY3dNVEV3TkRsYUZ3MHpPVEV5TXpFeU16VT
|VOVGxhTUJNeA0KRVRBUEJnTlZCQU1UQ0VGc2FXTmxSRk5UTUlJQnRqQ0NBU3NHQnlxR1NN
|NDRCQUV3Z2dFZUFvR0JBSUdOemUyRDZncWVPVDdDU0Npag0KNUVlVDNRN1hxQTdzVThXcm
|hBaFAvNVRoYzBoK0ROYnpSRWpSL3ArdnBLR0pMK0haTU1nMjNqK2J2N2RNM0Y5cGl1UjEw
|RGNNa1FpVg0KbTk2blh2bjg5Sjh2M1VPb2kxVHhQN0FIQ0VkTlhZakR3N1d6NDFVSWRkVT
|VkaERFZUwzL25iQ0VsemZ5NUZFYnRlUUpsbHp6Zmx2Yg0KQWhVQTRrZW1Ha1ZtdUJQRzJv
|KzROeUVyWW92M2s4MENnWUFtT05BVWlUS3FPZnMrYmRsTFdXcE1kaU01QkFJMVhQTExHak
|RESGxCZA0KM1p0WjRzMnFCVDFZd0h1aU5yaHVCNjk5aWtJbHAvUjF6MG9JWGtzK2tQaHQ2
|cHpKSVlvN2RoVHB6aTVkb3dmTkk0VzRMekFCZkcxSg0KaVJHSk5rUzkrTWlWU2xOV3RlTD
|VjK3dhWVRZZkVYL0N2ZTNSVVArWWRNTFJnVXBnT2JvMk9RT0JoQUFDZ1lCYzQ3bGFkUlNX
|QzZsNg0KM2VNL3FleXNYdHk5dHhNUk5LWVdpU2dSSTlrMGhtZDFkUk1TUFVOYmIrVlJ2L3
|FKOHFJYlBpUjlQUWVOVzJQSXUwV2xvRXJqaGRiTw0KQm9BLzZDTitHdklrcTFNYXVDY05I
|dThJdjJZVWdGeGlyR1g2Rll2eHV6VFUwcFkzOW1GSHNzUXloUEIrUVVEOVJxZGpUalB5cG
|VMMA0KOG9QbHVLT0JnVEIvTUF3R0ExVWRFd0VCL3dRQ01BQXdEZ1lEVlIwUEFRSC9CQVFE
|QWdiQU1COEdBMVVkSXdRWU1CYUFGSEJFUG9JdQ0KYjRmZVN0TjE0ejBndkVNcmsvRWZNQj
|BHQTFVZERnUVdCQlMrYktHejQ4SDM3VU53cE00VEFlTDk0NWYrelRBZkJnTlZIUkVFR0RB
|Vw0KZ1JSQmJHbGpaVVJUVTBCbGVHRnRjR3hsTG1OdmJUQUpCZ2NxaGtqT09BUURBekFBTU
|MwQ0ZGVU1wQmtmUWl1SmNTSXpqWU5xdFQxbg0KYTc5RkFoVUFuMkZUVWxRTFhMTGQydWQy
|SGVJUVVsdERYcjB4WXpCaEFnRUJNQmd3RWpFUU1BNEdBMVVFQXhNSFEyRnliRVJUVXdJQw
|0KQU1nd0J3WUZLdzREQWhvd0NRWUhLb1pJempnRUFRUXVNQ3dDRkQxY1NXNkxJVUZ6ZVhs
|ZTNZSTVTS1NCZXIvc0FoUW1DcTdzL0NURg0KSE9FamdBU2VVamJNcHg1ZzZBPT0=
|<5.9.eml
|<4.9.eml

|* Example 5.10.bin
|>5.10.bin 4.10.bin
|>4.10.bin
|MIIH/wYJKoZIhvcNAQcCoIIH8DCCB+wCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuAwggLcMIICm6ADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm
|+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0R
|BBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhRVDKQZH0IriX
|EiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3iEFJbQ169MYIEyTCCBMUCAQEwGDASMRAw
|DgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGqCCBF8wGAYJKoZIhvcNAQkDMQsGCSqGSI
|b3DQEHATAjBgkqhkiG9w0BCQQxFgQUQGrsCFJ5um4WAi2eBinAIpaH3UgwOAYDKqszMTEE
|L1RoaXMgaXMgYSB0ZXN0IEdlbmVyYWwgQVNOIEF0dHJpYnV0ZSwgbnVtYmVyIDEuMD4GCy
|qGSIb3DQEJEAIEMS8wLQwgQ29udGVudCBIaW50cyBEZXNjcmlwdGlvbiBCdWZmZXIGCSqG
|SIb3DQEHATBKBgkqhkiG9w0BCQ8xPTA7MAcGBSoDBAUGMDAGBioDBAUGTQQmU21pbWUgQ2
|FwYWJpbGl0aWVzIHBhcmFtZXRlcnMgYnVmZmVyIDIwbQYLKoZIhvcNAQkQAgIxXjFcAgEB
|BgcqAwQFBgcIExtUSElTIElTIEEgUFJJVkFDWSBNQVJLIFRFU1QxMTAvgAgqAwQFBgeGeK
|EjEyFUSElTIElTIEEgVEVTVCBTRUNVUklUWS1DQVRFR09SWS4wbwYLKoZIhvcNAQkQAgox
|YDBeBgUqAwQFBgQrQ29udGVudCBSZWZlcmVuY2UgQ29udGVudCBJZGVudGlmaWVyIEJ1Zm
|ZlcgQoQ29udGVudCBSZWZlcmVuY2UgU2lnbmF0dXJlIFZhbHVlIEJ1ZmZlcjBzBgsqhkiG
|9w0BCRACCzFkoGIwWjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDVVTIEdvdmVybm1lbnQxET
|APBgNVBAsTCFZEQSBTaXRlMQwwCgYDVQQLEwNWREExEjAQBgNVBAMTCURhaXN5IFJTQQIE
|ClVEMzCB/AYLKoZIhvcNAQkQAgMxgewwgekwgeYEBzU3MzgyOTkYDzE5OTkwMzExMTA0ND
|MzWqGByTCBxqRhMF8xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1VUyBHb3Zlcm5tZW50MREw
|DwYDVQQLEwhWREEgU2l0ZTEMMAoGA1UECxMDVkRBMRcwFQYDVQQDEw5CdWdzIEJ1bm55IE
|RTQaRhMF8xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1VUyBHb3Zlcm5tZW50MREwDwYDVQQL
|EwhWREEgU2l0ZTEMMAoGA1UECxMDVkRBMRcwFQYDVQQDEw5FbG1lciBGdWRkIERTQTCCAQ
|IGCyqGSIb3DQEJEAIJMYHyMIHvMXICAQEGByoDBAUGBwkTJkVRVUlWQUxFTlQgVEhJUyBJ
|UyBBIFBSSVZBQ1kgTUFSSyBURVNUMTwwOoAIKgMEBQYHhnihLhMsRVFVSVZBTEVOVCBUSE
|lTIElTIEEgVEVTVCBTRUNVUklUWS1DQVRFR09SWS4xeQIBAQYHKgMEBQYHChMtRVFVSVZB
|TEVOVCBUSElTIElTIEEgU0VDT05EIFBSSVZBQ1kgTUFSSyBURVNUMTwwOoAIKgMEBQYHhn
|ihLhMsRVFVSVZBTEVOVCBUSElTIElTIEEgVEVTVCBTRUNVUklUWS1DQVRFR09SWS4wCQYH
|KoZIzjgEAwQvMC0CFQC8MzdlxPdwXBdJE6pMhcq7UpFIWQIUY5aiFIvPV96wSF9sZN2EBE
|lfHMo=
|<5.10.bin

***5.11.bin***
|<4.10.bin

***4.11.bin***

|* Example 5.11.bin
|>5.11.bin 4.11.bin
|>4.11.bin
|MIIGiAYJKoZIhvcNAQcCoIIGeTCCBnUCAQExADALBgkqhkiG9w0BBwGgggV/MIICmzCCAl
|qgAwIBAgIBATAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE2MjI1
|MDUwWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQDEwdDYXJsRFNTMIIBtzCCASsGByqGSM
|44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8ZMsw6UCQbrAdSxyHFLx0XA
|UCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5UAFIk4vrJRVRl1Xcj1MOEK
|lQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAhUA3cEv31POCzRgdz4CpL+K
|XZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytbDJHOpWJSacrhbT69v/7ht7
|krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0R5NVpzqn9GUR+pQhacSOuK
|eWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgOBhQACgYEAmYd0JwNmoLHArdwsdb
|vhbESc2iFtTUdtsWIJ6diuHvI6tJSxo456m3FOAJTJtCVOuWCWGSQB82IM/nXA+87YaADj
|/dVwT98jlhkGlPSxYY86V7EIEaQLJiXwUnaB6gtiDZUq5oa6crKnUIMLqifNG6lNiZrXjR
|g5hD+LxVZNgHqjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1Ud
|DgQWBBRwRD6CLm+H3krTdeM9ILxDK5PxHzAJBgcqhkjOOAQDAzAAMC0CFGup8E56Wnnj+b
|49K8kGN+kRF6ETAhUAjzRpKouxPAN5lDJNEh/OiftGsjswggLcMIICm6ADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm
|+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0R
|BBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhRVDKQZH0IriX
|EiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3iEFJbQ169oYHbMIHYMIGZMAkGByqGSM44
|BAMwEjEQMA4GA1UEAxMHQ2FybERTUxcNOTkwODI3MDcwMDAwWjBpMBMCAgDIFw05OTA4Mj
|IwNzAwMDBaMBMCAgDJFw05OTA4MjIwNzAwMDBaMBMCAgDTFw05OTA4MjIwNzAwMDBaMBMC
|AgDSFw05OTA4MjIwNzAwMDBaMBMCAgDUFw05OTA4MjQwNzAwMDBaMAkGByqGSM44BAMDLw
|AwLAIUfmVSdjP+NHMX0feW+aDU2G1cfT0CFAJ6W7fVWxjBz4fvftok8yqDnDWhMQA=
|<5.11.bin

***6.1.bin***

|* Example 6.1.bin
|>6.1.bin
|MIIBqgYJKoZIhvcNAQcDoIIBmzCCAZcCAQIxggFLoYIBRwIBA6CBlaGBkjAJBgcqhkjOPg
|IBA4GEAAKBgES5JjITd62IzfWfS02pbP84YOuEq0Xmo/TilCeX8I0ppesfIZFoWDnI8knY
|mdtIqJ5HpZ4GvrT0oIYBEMRQ+7H1MYgSexUYcPhyCGVPUaejlhjoebSmbPG3emEm9q9NNE
|Ii3YDzx0LOahyMpiTpVGqgZ7GA3ruwxP68RUzS7DV0oUIEQKl0xOmqedPOXHSk7aXbZfXA
|N9aB8QqTXySh25eW7oeLedvpBxEjznAkhDByAoPVfWDT1PanTUzC4In6zVkgopMwHgYLKo
|ZIhvcNAQkQAwUwDwYLKoZIhvcNAQkQAwYFADBGMEQwGDASMRAwDgYDVQQDEwdDYXJsRFNT
|AgIAyQQol6Icmx1yA0z6H87aroVJ4Q0yBJeAQ8sASWA2p91LDuXWqHu6ZpSXpzBDBgkqhk
|iG9w0BBwEwFAYIKoZIhvcNAwcECDfnftcWF8isgCBq8riaWGWyrfQ6oDGyvfdSeusr+wR3
|D+JZxjO7Bf0M6g==
|<6.1.bin

***6.10.bin***

|* Example 6.10.bin
|>6.10.bin
|MIIBsQYJKoZIhvcNAQcDoIIBojCCAZ4CAQIxggFNoYIBSQIBA6CBlqGBkzAJBgcqhkjOPg
|IBA4GFAAKBgQCxVDIS+2JTfa1q4sBSu7HnnmKTS+C/39J/JZIjadcWgLQMg5OhY24vYZNu
|DHji3MbIUF/ZDXdq1Y84RcYiK5TcxXqL40i8ROWbRWwXF+dfgeUDQhZDghuWpNx1mLRaDm
|DfCusLxx2sdBkvLuaYqTif1asjn0qMpNOvci1t5sxaEKFCBEBdvE5OPEgJg99sCkXo7G5z
|Onsqk6sudTZI9DcCfi4HVMuBbZ2v2wtkha5FaTCKxxLxaDccoUT4jUaB0x96D5ZNMB8GCy
|qGSIb3DQEJEAMFMBAGCyqGSIb3DQEJEAMHAgE6MEYwRDAYMBIxEDAOBgNVBAMTB0NhcmxE
|U1MCAgDJBCgyY9D2lnZNv5YltH8xwqKi9Vcc1ky/YZ5jn2UrmJMqdEatNaOOy4T4MEgGCS
|qGSIb3DQEHATAZBggqhkiG9w0DAjANAgE6BAi+w3yBV7EE84AgHhzrPcwD/1m79zfWfvjq
|J3WRBP2xioKgePEp6Clkv+U=
|<6.10.bin

***6.11.bin***

|* Example 6.11.bin
|>6.11.bin
|MIHBBgkqhkiG9w0BBwOggbMwgbACAQIxZqJkAgEEMCQEEU1haWxMaXN0VHJpcGxlREVTGA
|8xOTk1MTIzMDIzNTk1OVowDwYLKoZIhvcNAQkQAwYFAAQodDHARVFMPC0u2mNQi67UrGTM
|la6vzQ+MtkgfC0USTfukq8eDMEtprTBDBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECEEecO
|x9VoDZgCDATH5uMelgREm54z4kptRYTV5lB2mlaak4831QyQmzwA==
|<6.11.bin

***6.2.bin***
|<4.11.bin

***5.1.bin***

|* Example 6.2.bin
|>6.2.bin 5.1.bin
|>5.1.bin
|MIIBHgYJKoZIhvcNAQcDoIIBDzCCAQsCAQAxgcAwgb0CAQAwJjASMRAwDgYDVQQDEwdDYX
|JsUlNBAhBGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUABIGAC3EN5nGIiJi2lsGP
|cP2iJ97a4e8kbKQz36zg6Z2i0yx6zYC4mZ7mX7FBs3IWg+f6KgCLx3M1eCbWx8+MDFbbpX
|adCDgO8/nUkUNYeNxJtuzubGgzoyEd8Ch4H/dd9gdzTd+taTEgS0ipdSJuNnkVY4/M652j
|KKHRLFf02hosdR8wQwYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAgtaMXpRwZRNYAgDsiSf8
|Z9P43LrY4OxUk660cu1lXeCSFOSOpOJ7FuVyU=
|<6.2.bin

***6.3.bin***

|* Example 6.3.bin
|>6.3.bin
|MIIBIwYJKoZIhvcNAQcDoIIBFDCCARACAQAxgcAwgb0CAQAwJjASMRAwDgYDVQQDEwdDYX
|JsUlNBAhBGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUABIGAhUK+4wsu5Q8JqiTK
|3trB0wm4Jysly9Vx+8mc2/CybqCKXxydSu2YnRU5JgEaLmvwRDmJNzxvx0phCwsnd6r51J
|ek0iE/wj8g1NwQ6dY/ANucgkfWfpb/Em6HhKC67YEPVm2mHeurw7ehufhfi8wbSuUUNgZh
|0MdkX2lnkalQ7tgwSAYJKoZIhvcNAQcBMBkGCCqGSIb3DQMCMA0CAToECOhwgeLvxRVXgC
|AGUwp7jVwWDczVdtaLWdZFjBoaDOYe895DVgCbQIw4XQ==
|<6.3.bin

***6.4.bin***

|* Example 6.4.bin
|>6.4.bin
|MIIC9wYJKoZIhvcNAQcDoIIC6DCCAuQCAQIxggKYoYIBSAIBA6CBlqGBkzAJBgcqhkjOPg
|IBA4GFAAKBgQCdbqpNVTUFZmX3oGR1mWf7Tk9TVTR6hSGVK35iPN4KySAcTIBHPqZf9UsH
|EiZ0vti4LizqRSEFyH36aG4jRocP0tCoiw7eTX0s81F2n1j38nsjMNchU5ApmlteZBwN/3
|7rnTXftdOj/zAiuK8xCcKOv8i9UfInpc00EbVMK79oGKFCBECDFBrYRijveD/IHik7FPj+
|FjYubzXIKWCKxmq/SOZ222p8GDYTRyDiXzkIwgSX8/zmw291Tskwl7FBa6HoUNbHMB4GCy
|qGSIb3DQEJEAMFMA8GCyqGSIb3DQEJEAMGBQAwRjBEMBgwEjEQMA4GA1UEAxMHQ2FybERT
|UwICANMEKDhzky1Gg8F+6mBrQc9ybzUNWbHjxQlZlOKC7Rj+Jhu8RoEbhZpWPzyhggFIAg
|EDoIGWoYGTMAkGByqGSM4+AgEDgYUAAoGBALpYk4u8MVn5z/cjOnd1y/SbfF5T63OUT+V1
|VUhNUMSvcWmHyry1W2M7mg6l0POX2xhRwMs1pQcgIXkCB67KJu5Erpw3N4vIRbNiT6SHDh
|F+SJa2o3Tg9J9dJsHofry/s0zrSlpYyxLoPkI8mdyz03pP0wiDdmtz5rAI63YOuEBMoUIE
|QP/eiHo/qkTYEBSmKXLQCEyarH00tWhNCO3LSCpw1nrFQZuuxgMj8Ic/wVVNb+D/52sc71
|TtxFLdkAQlXvJDwRkwHgYLKoZIhvcNAQkQAwUwDwYLKoZIhvcNAQkQAwYFADBGMEQwGDAS
|MRAwDgYDVQQDEwdDYXJsRFNTAgIAyQQoIZ9l8JcEwId+2Wki46GAsolO1n2zVd4jqlusDh
|crRROpJLwJNQDmkjBDBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECLia7T9eZxGKgCDqqtjE
|cWPkMZYREuSOhGDwoBQC+SN54j3z/OOmdP0lOA==
|<6.4.bin

***6.5.bin***

|* Example 6.5.bin
|>6.5.bin
|MIIBrQYJKoZIhvcNAQcDoIIBnjCCAZoCAQIxggFOoYIBSgIBA6CBlaGBkjAJBgcqhkjOPg
|IBA4GEAAKBgCHKVaMQM9OFoaZK2BiFExXXRaUXlN1nW+1DA+E24y7d+Tw4Zbk0ZokpDX5v
|hXL53eRifsOe88Q4OWrqTgeDuEQjf779Ao9IlUjQLL8C7s2pruMg/SArer2sWYhi9UiFJq
|AgK/WWAkoa/KEPj5AD7pFBRt6n5XkwN4rLQT9m8/cHMB4GCyqGSIb3DQEJEAMFMA8GCyqG
|SIb3DQEJEAMGBQAwgYwwRDAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDJBChzJjprl/lQOr
|hqjedHWLpMC03HJKITIm86k3DsLBfRa4AaueN5uKZ7MEQwGDASMRAwDgYDVQQDEwdDYXJs
|RFNTAgIA1AQorIS/KLUZVhm38r0yWVqexn71ldzxIIAVwryVRz6S7s+2QY9Fg8nIXzBDBg
|kqhkiG9w0BBwEwFAYIKoZIhvcNAwcECMrUyMIptPqsgCACGOJ8GSE0zEOIiEX2fq2rlypD
|EeZFARE6wtgpbU1seA==
|<6.5.bin

***6.6.eml***

|* Example 6.6.eml
|>6.6.eml
|U3ViamVjdDogVGVzdCBzdWJqZWN0DQpNSU1FLVZlcnNpb246IDEuMA0KQ29udGVudC1UeX
|BlOiBhcHBsaWNhdGlvbi94LXBrY3M3LW1pbWU7DQoJbmFtZT0ic21pbWUucDdtIjsNCglz
|bWltZS10eXBlPWVudmVsb3BlZC1kYXRhDQpDb250ZW50LVRyYW5zZmVyLUVuY29kaW5nOi
|BiYXNlNjQNCkNvbnRlbnQtRGlzcG9zaXRpb246IGF0dGFjaG1lbnQ7DQoJZmlsZW5hbWU9
|InNtaW1lLnA3bSINClgtTWltZU9MRTogUHJvZHVjZWQgQnkgTWljcm9zb2Z0IE1pbWVPTE
|UgVjUuMDAuMjExNS4zMDANCg0KTUlBR0NTcUdTSWIzRFFFSEE2Q0FNSUFDQVFJeGdnRmRv
|WUlCQkFJQkE2Q0JsYUdCa2pBSkJnY3Foa2pPUGdJQkE0R0VBQUtCZ0UzNA0KOE84V1lrYi
|ttaDlKeXdJbUlKMWowUElqODRTbnBLY2xxTzMxRWNTY1p6a1NpUVFQK2dxcGhJbWZFd0lH
|aDdQN3l3dW9GdXhkb3Q4Qw0KMlgvbkR1YmhycktJbUczWjk2aC9GQWg2L3JnQTZQMTByMn
|llc1YxUXZxZkdnWUJoOStvOXpxL1MxK1E4c3NGSDlqMW5aelRMTEwzcg0Kckc4VzR6dG11
|NHFYK1E4OU1COEdDeXFHU0liM0RRRUpFQU1GTUJBR0N5cUdTSWIzRFFFSkVBTUhBZ0U2TU
|VZd1JEQVlNQkl4RURBTw0KQmdOVkJBTVRCME5oY214RVUxTUNBZ0RKQkNoVEV2L0lpWWI1
|OGZKcEJjMU1RQUoxRlNHMzNMZEZicFJxOFFpck1VMTJKaUhkOXFBSg0Kamo5Q29sTUNBUV
|F3RXdRUlRXRnBiRXhwYzNSVWNtbHdiR1ZFUlZNd0R3WUxLb1pJaHZjTkFRa1FBd1lGQUFR
|by9KVjI1cWlwc2xidQ0KdWJaRExzbEVCOTNZNHJHdE9KSHB5bU51K3U1RmU3YnB5cFZ0an
|c0VldqQ0FCZ2txaGtpRzl3MEJCd0V3R1FZSUtvWklodmNOQXdJdw0KRFFJQk9nUUlqM2hQ
|OUZnMnlFcWdnQVFnNGxZTE9nbjBOdU9yU0FMTHZ0TjROemVWdFlKMDdoc1cyT1o3RnFRTm
|11b0FBQUFBQUFBQQ0KQUFBQQ0K
|<6.6.eml

***6.7.bin***
|<5.1.bin

***5.2.bin***

|* Example 6.7.bin
|>6.7.bin 5.2.bin
|>5.2.bin
|MIIBZQYJKoZIhvcNAQcDoIIBVjCCAVICAQIxggEAMIG9AgEAMCYwEjEQMA4GA1UEAxMHQ2
|FybFJTQQIQRjRrx4AAVrwR024uzV1x0DANBgkqhkiG9w0BAQEFAASBgJQmQojGi7Z4IP+C
|VypBmNFoCDoEp87khtgyff2N4SmqD3RxPx+8hbLQt9i3YcMwcap+aiOkyqjMalT03VUC0X
|BOGv+HYI3HBZm/aFzxoq+YOXAWs5xlGerZwTOc9j6AYlK4qXvnztR5SQ8TBjlzytm4V7zg
|+TGrnGVNQBNw47Ewoj4CAQQwDQQLTWFpbExpc3RSQzIwEAYLKoZIhvcNAQkQAwcCAToEGH
|cUr5MSJ/g9HnJVHsQ6X56VcwYb+OfojTBJBgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgIC
|AKAECJwE0hkuKlWhgCBeKNXhojuej3org9Lt7n+wWxOhnky5V50vSpoYRfRRyw==
|<6.7.bin

***6.8.eml***

|* Example 6.8.eml
|>6.8.eml
|VG86IFVzZXIyDUZyb206IFVzZXIxLA1TdWJqZWN0OiBFeGFtcGxlIDYuOA1EYXRlOiBUdW
|UsIDE5IEp1biAyMDAxIDE4OjEyOjU2IC0wMzYwIChDZW50cmFsIFN0YW5kYXJkIFRpbWUp
|DUNvbnRlbnQtVHlwZTogQXBwbGljYXRpb24vcGtjczctbWltZTtuYW1lPSJzbWltZS5wN2
|0iO2ZpbGVuYW1lPSJzbWltZS5wN20iDUNvbnRlbnQtVHJhbnNmZXItRW5jb2Rpbmc6IGJh
|c2U2NA1Db250ZW50LURpc3Bvc2l0aW9uOiBhdHRhY2htZW50O2ZpbGVuYW1lPSJzbWltZS
|5wN20iDQ1NSUlCcXdZSktvWklodmNOQVFjRG9JSUJuRENDQVpnQ0FRSXhnZ0ZNb1lJQlNB
|SUJBNkNCbHFHQmt6QUpCZ2NxaGtqT1BnSUJBNEdGDUFBS0JnUURtSnloazRBV1o4Q1VFQ2
|swMy9jT21rRWMvamVZRjJ6aUlEMWhGN09MZFM2QUNxajJHODlGdjNQc0kycnlDY21XMVo2
|a0UNQjR5TDV4Z3UyaW5GcVlUdzRHc2lIZUZCTVpJaEIxbG5Tc0J5NWhnWFdkZVpvR01Qaz
|RVbkZEN3RlMzZkR0dWcHN3MHhBbnNPVHllMw1OL0EreHNCZXN0dElVOHBIQ2VEaUxibTFD
|cUZDQkVCVG9kWUZXMlBQcWVNVUlzS2tQNGxFN1JiNXRKRGJuQ1VjcGF2TkdoQlJyQWhJDW
|gxV0hSNW54WFNtUUU4bGxTaUY0ajJOVnJUWGhzcHdRNVc3VFJhOVFNQjRHQ3lxR1NJYjNE
|UUVKRUFNRk1BOEdDeXFHU0liM0RRRUoNRUFNR0JRQXdSakJFTUJnd0VqRVFNQTRHQTFVRU
|F4TUhRMkZ5YkVSVFV3SUNBTWtFS1BIcUJ1VHpCREdFVzVhRTlodUlqNlNuNk9WNg12MmJo
|aER2RERnZ1pzd2RtWnJBblF6dW8rWFF3UXdZSktvWklodmNOQVFjQk1CUUdDQ3FHU0liM0
|RRTUhCQWhGTUxlWHd0YzlTNEFnDUI0STl4NUhlK2ZFL1dHQTNtbXZUbk9Gd1lCOGNLVnB3
|dDBFSGk1emY1bDg9DQ0NDQ==
|<6.8.eml

***6.9.bin***
|<5.2.bin

***5.3.eml***

|* Example 6.9.bin
|>6.9.bin
|MIIDSQYJKoZIhvcNAQcDoIIDOjCCAzYCAQIxggJtMIG9AgEAMCYwEjEQMA4GA1UEAxMHQ2
|FybFJTQQIQRjRrx4AAVrwR024uzV1x0DANBgkqhkiG9w0BAQEFAASBgAwIcJ5lN+29OcDP
|BslAl9xfAwUjCPnX0lJchljkaCcAlt+JqF+uwH4DAnHs1iuboY6zFxLFQ/dKQIgnXkXBJM
|c4wFsgZBICvidjNXxwozXbgRFvk5cdSrpm1FzWdlS1lY6ofrhmx4cHAQ0if7NSqcnhffI3
|lcvNKY70bu8VMCF7oYIBSAIBA6CBlaGBkjAJBgcqhkjOPgIBA4GEAAKBgH2RZjleEf8Jw6
|DaM5afR06BcbLCgFiVQE4iSghVKGAlF7zkqxfXwzEFbmgI7IvgIZt132Clskq+QfExM9t3
|Ytw65KDIP9q+TmprRA/1CYZRF1jW8Ua6yTesrVgN32wyv661jxaRogqTKETnVXgoWpqdvd
|6Nr6RbIbsSAjAXlwlhoUIEQGdllBCy8n8dMe9qMXaITeJGeUNLg3c0vrQC5fnK3rvLX4Ui
|BzJi5o5RdGfC0vwrczMqnf9oHmx0jvRNNLLaRgcwHwYLKoZIhvcNAQkQAwUwEAYLKoZIhv
|cNAQkQAwcCATowRjBEMBgwEjEQMA4GA1UEAxMHQ2FybERTUwICAMkEKGcB4THGRNXOazhw
|yGmW2Czpwz5LftKVKctKDuJcsSpH5L8Q7G6s8h6iXwIBBDAeBAtNYWlsTGlzdFJDMhgPMT
|k5NTEyMzAyMzU5NTlaMBAGCyqGSIb3DQEJEAMHAgE6BChm8ykpQ+6co5ZQv1StTlwoIhqb
|E6G0mZ/ge60H8BtSNOe8AAdxa/nBMEgGCSqGSIb3DQEHATAZBggqhkiG9w0DAjANAgE6BA
|gjfpe4P8GOdYAgEuRB9qpBojaBYvFHO2jHZRKnplSO0g9PmN55i6WajFWhdjA4BgMqqzMx
|MQQvVGhpcyBpcyBhIHRlc3QgR2VuZXJhbCBBU04gQXR0cmlidXRlLCBudW1iZXIgMS4wOg
|YLKoZIhvcNAQkQAgQxKzApDCBDb250ZW50IEhpbnRzIERlc2NyaXB0aW9uIEJ1ZmZlcgYF
|KgMGBQQ=
|<6.9.bin

***7.0.bin*** 5.3.eml
|>5.3.eml
|TUlNRS1WZXJzaW9uOiAxLjAKTWVzc2FnZS1JZDogPDAwMTAzMTEyMDA1MjAzLjAwMzQ5QG
|FteWVtaWx5LmlnLmNvbT4KRGF0ZTogVHVlLCAzMSBPY3QgMjAwMCAxMjowMDo1MiAtMDYw
|MCAoQ2VudHJhbCBTdGFuZGFyZCBUaW1lKQpGcm9tOiBVc2VyMQpUbzogVXNlcjIKU3Viam
|VjdDogRXhhbXBsZSA1LjMKQ29udGVudC1UeXBlOiBBcHBsaWNhdGlvbi9wa2NzNy1taW1l
|O25hbWU9c21pbWUucDdtO2ZpbGVuYW1lPXNtaW1lLnA3bQpDb250ZW50LVRyYW5zZmVyLU
|VuY29kaW5nOiBiYXNlNjQKQ29udGVudC1EZXNjcmlwdGlvbjogYXR0YWNobWVudDtmaWxl
|bmFtZT1zbWltZS5wN20KCk1JSUJIZ1lKS29aSWh2Y05BUWNEb0lJQkR6Q0NBUXNDQVFBeG
|djQXdnYjBDQVFBd0pqQVNNUkF3RGdZRFZRUURFd2REWVgKSnNVbE5CQWhCR05HdkhnQUJX
|dkJIVGJpN05YWEhRTUEwR0NTcUdTSWIzRFFFQkFRVUFCSUdBQzNFTjVuR0lpSmkybHNHUA
|pjUDJpSjk3YTRlOGtiS1F6MzZ6ZzZaMmkweXg2ellDNG1aN21YN0ZCczNJV2crZjZLZ0NM
|eDNNMWVDYld4OCtNREZiYnBYCmFkQ0RnTzgvblVrVU5ZZU54SnR1enViR2d6b3lFZDhDaD
|RIL2RkOWdkelRkK3RhVEVnUzBpcGRTSnVObmtWWTQvTTY1MmoKS0tIUkxGZjAyaG9zZFI4
|d1F3WUpLb1pJaHZjTkFRY0JNQlFHQ0NxR1NJYjNEUU1IQkFndGFNWHBSd1pSTllBZ0RzaV
|NmOApaOVA0M0xyWTRPeFVrNjYwY3UxbFhlQ1NGT1NPcE9KN0Z1VnlVPQoK
|<5.3.eml

***6.0.bin***

|* Example 7.0.bin
|>7.0.bin 6.0.bin
|>6.0.bin
|MF4GCSqGSIb3DQEHBaBRME8CAQAwBwYFKw4DAhowKwYJKoZIhvcNAQcBoB4EHFRoaXMgaX
|Mgc29tZSBzYW1wbGUgY29udGVudC4EFEBq7AhSebpuFgItngYpwCKWh91I
|<7.0.bin

***8.1.bin***
|<6.0.bin

***7.1.bin***

|* Example 8.1.bin
|>8.1.bin 7.1.bin
|>7.1.bin
|MFcGCSqGSIb3DQEHBqBKMEgCAQAwQwYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAiza2v7Yj
|EIToAg+vzt2z8YFx04iRHqNNYg2/TD2VgV75M7mvXXBPa1cOI=
|<8.1.bin

***8.2.bin***
|<7.1.bin

***7.2.bin***

|* Example 8.2.bin
|>8.2.bin 7.2.bin
|>7.2.bin
|MIGVBgkqhkiG9w0BBwaggYcwgYQCAQIwQwYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAgHJy
|CFkJ6wfoAg0iCPZ0iKy0HkImhdvncFUibt4wG9AJFYpzVuvEuiBzOhOjA4BgMqqzMxMQQv
|VGhpcyBpcyBhIHRlc3QgR2VuZXJhbCBBU04gQXR0cmlidXRlLCBudW1iZXIgMS4=
|<8.2.bin

***11.1.bin***

|* Example 11.1.bin
|>11.1.bin
|MIIEgAYJKoZIhvcNAQcCoIIEcTCCBG0CAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuAwggLcMIICm6ADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm
|+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0R
|BBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhRVDKQZH0IriX
|EiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3iEFJbQ169MYIBSjCCAUYCAQEwGDASMRAw
|DgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGqCB4DAYBgkqhkiG9w0BCQMxCwYJKoZIhv
|cNAQcBMB4GCSqGSIb3DQEJDzERMA8wDQYLKoZIhvcNAQkQAwgwIwYJKoZIhvcNAQkEMRYE
|FEBq7AhSebpuFgItngYpwCKWh91IMH8GCyqGSIb3DQEJEAIBMXAwbgQyRXhhbXBsZSAxMS
|4xIChBbGljZSBhc2tzIGZvciBhIHJlY2VpcHQgZnJvbSBEaWFuZSmhGTAXpBUwEzERMA8G
|A1UEAxMIQWxpY2VSU0EwHTAbgRlyb2JlcnQuY29sZXN0b2NrQHdhbmcuY29tMAkGByqGSM
|44BAEEMDAuAhUA0xwlND3blojWe5lKwjBb48ZCM9wCFQDOPXBlNKUvvHWEd+zO62sV+J2x
|+g==
|<11.1.bin

***11.2.bin***

|* Example 11.2.bin
|>11.2.bin
|MIIELAYJKoZIhvcNAQcCoIIEHTCCBBkCAQMxCTAHBgUrDgMCGjCBhwYLKoZIhvcNAQkQAQ
|GgeAR2MHQCAQEGCSqGSIb3DQEHAQQyRXhhbXBsZSAxMS4xIChBbGljZSBhc2tzIGZvciBh
|IHJlY2VpcHQgZnJvbSBEaWFuZSkEMDAuAhUA0xwlND3blojWe5lKwjBb48ZCM9wCFQDOPX
|BlNKUvvHWEd+zO62sV+J2x+qCCAgYwggICMIIBb6ADAgECAhBGNGvHgABWvBHTbi7EELOw
|MAkGBSsOAwIdBQAwEjEQMA4GA1UEAxMHQ2FybFJTQTAeFw05OTA5MTkwMTA4NDdaFw0zOT
|EyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlUlNBMIGfMA0GCSqGSIb3DQEBAQUAA4GN
|ADCBiQKBgQDgiXM5jdj19eiHdjl/TrAFu1OD3g+3q9x9x3UpDQUubRLfpoYm1NJvqlgp/J
|fs+oJRDzCAvrFQnkZE8Sy72DLPxmhvB9mwYKy+7jQJahP19wUFk99eujVW2WH/GX/Jgeb4
|bOqHQHDvrG0sdJ8t+lU6uZl3AqZIUoxO81c4V3RXXwIDAQABo2AwXjAMBgNVHRMBAf8EAj
|AAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBTp4JAnrHggeprTTPJCN04irp44uzAd
|BgNVHQ4EFgQUd9K00bdMioqjzkWdzuw8oDrj/1AwCQYFKw4DAh0FAAOBgQC/NDLm/GqIQX
|3wXJmhk7dJtwJSHsuErJPXWCsAoZzESEiZ3QLDxgX40iXxo5zJMwGKdg5vd0Ojv+Hms2oE
|eTnu4enlnVAHiyLcElDj87Q9nuWTnrHNM/ngq5hxCfjrsPyc7PGI2K4D0f5g4WIUsaIj0s
|iNGB9e7ptyAifChT0ELjGCAXMwggFvAgEBMCYwEjEQMA4GA1UEAxMHQ2FybFJTQQIQRjRr
|x4AAVrwR024uxBCzsDAHBgUrDgMCGqCBpjAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQAQ
|EwHAYJKoZIhvcNAQkFMQ8XDTAzMDUwNjE3MTMwMFowHgYJKoZIhvcNAQkPMREwDzANBgsq
|hkiG9w0BCRADCDAjBgkqhkiG9w0BCQQxFgQUMTUD7N/+BYSqVBs4V8fQkHCbK4wwJQYLKo
|ZIhvcNAQkQAgUxFgQUkphGHWduuysEiTzguz/05Cz3tQowDQYJKoZIhvcNAQEBBQAEgYBV
|Ljpqoc/OQmUFGzwrQucjehZRVk+VcvE3gzz5uvNlvqbawY90PKon7gR/URdCmYU7JU7kXO
|lpA9mGQNKAMwr83y3O/JowXJUMwT9Tk5kQ2LGXDPcWg5NegnSo1QMARH43dB/e7gj8VEVt
|w9DK81r59R+0eaF+zK8bEblkwCV44g==
|<11.2.bin

***11.3.bin***

|* Example 11.3.bin
|>11.3.bin
|MIIETwYJKoZIhvcNAQcCoIIEQDCCBDwCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuIwggLeMIICnaADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMA
|AwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0G
|A1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJBgcqhkjOOAQDAzAAMC0CFQCYsMY/z3
|FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoYfBpX8oLbsxggEXMIIBEwIBATAYMBIx
|EDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaoIGuMBgGCSqGSIb3DQEJAzELBgkqhk
|iG9w0BBwEwIwYJKoZIhvcNAQkEMRYEFEBq7AhSebpuFgItngYpwCKWh91IMG0GCyqGSIb3
|DQEJEAICMV4xXAIBAQYHKgMEBQYHCDExMC+ACCoDBAUGB4Z4oSMTIVRISVMgSVMgQSBURV
|NUIFNFQ1VSSVRZLUNBVEVHT1JZLhMbVEhJUyBJUyBBIFBSSVZBQ1kgTUFSSyBURVNUMAkG
|ByqGSM44BAMELzAtAhQoFXy/YrEeCZe8SYGQz4pGfpT1XQIVAIgGwk7fTf1gScEhKQwETQ
|i321qS
|<11.3.bin

***11.4.bin***

|* Example 11.4.bin
|>11.4.bin
|MIIFPAYJKoZIhvcNAQcCoIIFLTCCBSkCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuIwggLeMIICnaADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMA
|AwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0G
|A1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJBgcqhkjOOAQDAzAAMC0CFQCYsMY/z3
|FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoYfBpX8oLbsxggIEMIICAAIBATAYMBIx
|EDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaoIIBmzAYBgkqhkiG9w0BCQMxCwYJKo
|ZIhvcNAQcBMCMGCSqGSIb3DQEJBDEWBBRAauwIUnm6bhYCLZ4GKcAilofdSDBxBgsqhkiG
|9w0BCRACAjFiMWACAQEGByoDBAUGBwgxNTAzgAgqAwQFBgeGeKEnEyVCT0IgVEhJUyBJUy
|BBIFRFU1QgU0VDVVJJVFktQ0FURUdPUlkuExtUSElTIElTIEEgUFJJVkFDWSBNQVJLIFRF
|U1QwgeYGCyqGSIb3DQEJEAIJMYHWMIHTMWQCAQEGByoDBAUGBwgxNTAzgAgqAwQFBgeGeK
|EnEyVCT0IgVEhJUyBJUyBBIFRFU1QgU0VDVVJJVFktQ0FURUdPUlkuEx9CT0IgVEhJUyBJ
|UyBBIFBSSVZBQ1kgTUFSSyBURVNUMWsCAQEGByoDBAUGBwkxNTAzgAgqAwQFBgeGeKEnEy
|VCT0IgVEhJUyBJUyBBIFRFU1QgU0VDVVJJVFktQ0FURUdPUlkuEyZCT0IgVEhJUyBJUyBB
|IFNFQ09ORCBQUklWQUNZIE1BUksgVEVTVDAJBgcqhkjOOAQDBC4wLAIUFmxY0ndQeXCdUp
|nCOW6cSfsuzOwCFEJVQU9m8BXdRoYWPqO7S3xUyXsA
|<11.4.bin

***11.5.bin***

|* Example 11.5.bin
|>11.5.bin
|MIIB+QYJKoZIhvcNAQcCoIIB6jCCAeYCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LjGCAacwggGjAgEBMBgwEjEQMA4GA1UE
|AxMHQ2FybERTUwICAMgwBwYFKw4DAhqgggE+MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBw
|EwIwYJKoZIhvcNAQkEMRYEFEBq7AhSebpuFgItngYpwCKWh91IMIH8BgsqhkiG9w0BCRAC
|AzGB7DCB6TCB5gQHNTczODI5ORgPMTk5OTAzMTExMDQ0MzNaoYHJMIHGpGEwXzELMAkGA1
|UEBhMCVVMxFjAUBgNVBAoTDVVTIEdvdmVybm1lbnQxETAPBgNVBAsTCFZEQSBTaXRlMQww
|CgYDVQQLEwNWREExFzAVBgNVBAMTDkJ1Z3MgQnVubnkgRFNBpGEwXzELMAkGA1UEBhMCVV
|MxFjAUBgNVBAoTDVVTIEdvdmVybm1lbnQxETAPBgNVBAsTCFZEQSBTaXRlMQwwCgYDVQQL
|EwNWREExFzAVBgNVBAMTDkVsbWVyIEZ1ZGQgRFNBMAkGByqGSM44BAMELjAsAhQYaftiVf
|ptULJPZPEjcniFFHPJtwIUexXGMmL3knelG1iPtquMSdi6Wdo=
|<11.5.bin

***11.6.bin***

|* Example 11.6.bin
|>11.6.bin
|MIIEVgYJKoZIhvcNAQcCoIIERzCCBEMCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuIwggLeMIICnaADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMA
|AwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0G
|A1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJBgcqhkjOOAQDAzAAMC0CFQCYsMY/z3
|FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoYfBpX8oLbsxggEeMIIBGgIBATAYMBIx
|EDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaoIG2MBgGCSqGSIb3DQEJAzELBgkqhk
|iG9w0BBwEwIwYJKoZIhvcNAQkEMRYEFEBq7AhSebpuFgItngYpwCKWh91IMHUGCyqGSIb3
|DQEJEAIMMWYwZDAwMC4ELFRISVMgSVMgQSBTSUdOSU5HIENFUlRJRklDQVRFIEFUVFJJQl
|VURSBURVNUMDAwLgYGKgMEBQYHMCQwIgYGKgMEBQYHBBhUSElTIElTIEEgUVVBTElGSUVS
|IFRFU1QwCQYHKoZIzjgEAwQuMCwCFG8G44EFvTAkLwnI62FX2il5CXmvAhQLes0xrGqHdm
|s9FwRTLfmqjqacxA==
|<11.6.bin
|<7.2.bin

D. Acknowledgments

The following three people

Blake Ramsdell, Jim Schaad, and John Pawling contributed the vast
majority of the examples in this document, and/or correct examples
during the early drafts of this document.

Blake Ramsdell
Jim Schaad
John Pawling Additional examples came from
many people, including Rob Colestock and Paul Hoffman.

The examples are displayed with a modified version of Peter Gutmann's
"dumpasn1" program. Peter and Jim Schaad and Blake Ramsdell have been
updating the program based on input from the process of writing this
draft.

E. Differences between -10 and -11

Updated many

Removed a whole slew of the examples:
5.1.bin
5.3.bin
5.4.bin
5.6.bin
5.7.bin
5.10.bin
8.2.bin
11.1.bin
11.2.bin examples, including all of those that showed
Diffie-Hellman keys, preshared keys, and ESS examples.

F. Editor's Address

Paul Hoffman
Internet Mail Consortium
127 Segre Place
Santa Cruz, CA  95060 USA
phoffman@imc.org