S/MIME examples

ronen | 4 Jun 2003 07:41

example 5.2 basic signed content RSA


hi,
i am coding CMS ( RFC3380 ) and i was parsing example 5.2 at
draft-ietf-smime-examples-10.txt and got to the Certificate part.
i like to know why it is SEQUENCE ( in the example ) and not SET OF  (as
like in the CMS RFC3380 ).

This is how it is defined in the RFC :
SignedData ::= SEQUENCE {
        version CMSVersion,
        digestAlgorithms DigestAlgorithmIdentifiers,
        encapContentInfo EncapsulatedContentInfo,
        certificates [0] IMPLICIT CertificateSet OPTIONAL,
        crls [1] IMPLICIT CertificateRevocationLists OPTIONAL,
        signerInfos SignerInfos }

 CertificateSet ::= SET OF CertificateChoices

in draft-ietf-smime-examples-10.txt  ex5.2 Basic signed content it is :
-------------------- Content
Info -----------------------------------------------------------------------
-
 0 30  850: SEQUENCE {

-------------------- Content
Type ---------------------------------------------------------------------

   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
            :     (PKCS #7)

(Continue reading)

headers

Sam Roberts | 4 Jun 2003 17:00

Re: example 5.2 basic signed content RSA


Wrote ronen <ronen <at> discretix.com>, on Wed, Jun 04, 2003 at 08:41:20AM +0300:
> i am coding CMS ( RFC3380 ) and i was parsing example 5.2 at
> draft-ietf-smime-examples-10.txt and got to the Certificate part.
> i like to know why it is SEQUENCE ( in the example ) and not SET OF  (as
> like in the CMS RFC3380 ).

It is a SET OF, except it's implicitly tagged, and the [0] tag overwrites
the SET tag. You'll need to figure out tagging to work with ASN.1.

> -------------- The start of the Certificate SET ------------------------------------------------------------
> 
>   84 A0  560:       [0] {     <--- SET OF, but implictly tagged [0]

>   88 30  556:         SEQUENCE {       <------ why not SET !!! ? ? ? ?
                             This SEQUENCE, above, is the start of the
														 X.509 Certificate, not the start of the SET
														 OF Certificate!

>   92 30  405:           SEQUENCE {
                             And this SEQUENCE is the start of the
														 TBSCertificate inside of the Certificate.
>   96 A0    3:             [0] {
>   98 02    1:               INTEGER 2
>             :               }
> 101 02   16:             INTEGER
>             :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E
>             :               C4 10 B3 B0
> 119 30   13:             SEQUENCE {
> 121 06    9:               OBJECT IDENTIFIER

(Continue reading)