S/MIME examples

Holger Ebel | 26 Jun 2003 13:34

Picon

Re: Who has tried some or all of the S/MIME examples?


Hi folks,

Test results for S/MIME Examples-10; the libraries which were used for
these tests: - AuthentiDate's Java Security Provider (AJSP 1.5)
              - various Java algorithm engines

4. Trivial

4.1 ContentInfo with Data type, BER

Tested content equals ExContent: ok
Tested content type is Data: ok

4.2 ContentInfo with Data type, DER

Tested content equals ExContent: ok
Tested content type is Data: ok

5. SignedData

Note: All occurrences of the signatureAlgorithm DSA have been silently
replaced by DSAwithSHA for our tests since this will be happen also
in the next version of this draft.

5.1 Basic, DSS/DSA

Signed by Alice (DSS/DSA): ok
without attribute certificates: ok
just her cert included in the certificates field: ok

(Continue reading)

Jacoby, Jeffrey | 21 May 2003 01:27

Re: Who has tried some or all of the S/MIME examples?


"Pawling, John" wrote:
> 
> All,
> 
> DigitalNet agrees with Russ, Blake and Jim.  We will generate a new
> example 5.1 message that includes the id-dsa-with-sha1 OID.

Sorry for the very late response, but didn't Jim also indicate other
examples ( 5.3, 5.4, 5.6, 5.7 ) had the same issue?  

Jeff
--

-- 
Jeff Jacoby, Principal Programmer                
RSA Security Inc., DSG                     jjacoby <at> rsasecurity.com
2955 Campus Dr., Ste. 400                  (650) 295-7569
San Mateo, CA  94403

Pawling, John | 8 May 2003 21:20

RE: Who has tried some or all of the S/MIME examples?


All,

DigitalNet agrees with Russ, Blake and Jim.  We will generate a new
example 5.1 message that includes the id-dsa-with-sha1 OID.

====================================================
John Pawling, John.Pawling <at> DigitalNet.com
DigitalNet (formerly Getronics Government Solutions)
===================================================

-----Original Message-----
From: Russ Housley [mailto:housley <at> vigilsec.com] 
Sent: Thursday, May 08, 2003 2:47 PM
To: blake <at> brutesquadlabs.com; phoffman <at> imc.org
Cc: ietf-smime <at> imc.org; ietf-smime-examples <at> imc.org
Subject: RE: Who has tried some or all of the S/MIME examples?

I believe that we should be using id-dsa-with-sha1.

Russ

 > > 5.1.bin - failed
 > > 	1.  signatureAlgorithm is 1.2.840.10040.4.1 not
1.2.840.10040.4.3
 >
 > From RFC3370, section 3.1:
 >
 >    The algorithm identifier for DSA with SHA-1 signature values is:
 >

(Continue reading)

Russ Housley | 8 May 2003 20:47

RE: Who has tried some or all of the S/MIME examples?


I believe that we should be using id-dsa-with-sha1.

Russ

 > > 5.1.bin - failed
 > > 	1.  signatureAlgorithm is 1.2.840.10040.4.1 not 1.2.840.10040.4.3
 >
 > From RFC3370, section 3.1:
 >
 >    The algorithm identifier for DSA with SHA-1 signature values is:
 >
 >       id-dsa-with-sha1 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
 >           us(840) x9-57 (10040) x9cm(4) 3 }
 >
 >    When the id-dsa-with-sha1 algorithm identifier is used, the
 >    AlgorithmIdentifier parameters field MUST be absent.
 >
 >
 > From RFC2630, section 12.2.1:
 >
 >    The DSA signature algorithm is defined in FIPS Pub 186 [DSS].  DSA is
 >    always used with the SHA-1 message digest algorithm.  The algorithm
 >    identifier for DSA is:
 >
 >       id-dsa-with-sha1 OBJECT IDENTIFIER ::=  { iso(1) member-body(2)
 >           us(840) x9-57 (10040) x9cm(4) 3 }
 >
 >    The AlgorithmIdentifier parameters field must not be present.
 >

(Continue reading)

Pawling, John | 6 May 2003 20:20

RE: Who has tried some or all of the S/MIME examples?


Paul,

DigitalNet has used the S/MIME Freeware Library (SFL) (and underlying libraries) to successfully
process the vast majority of the examples in the draft-ietf-smime-examples-10.txt.  This message
includes the notes regarding our testing.  We will send you corrected examples for sections 11.1 and 11.2.

Test Results for S/MIME Examples-10:

These tests were executed by DigitalNet using the S/MIME Freeware Library (SFL) and underlying
libraries.  Point of contact is Bob Colestock, Robert.Colestock <at> DigitalNet.com.

(Note: Test numbers correspond to Examples-10 section numbers.)

4.  ContentInfo Tests

4.1	ContentInfo with Data type, BER:  Successfully ASN.1 decoded the BER-encoded ContentInfo sample in
Examples document, but SFL can only create DER-encoded ContentInfo objects because the Enhanced SNACC
library always uses DER to ASN.1 encode objects.

4.2	ContentInfo with Data type, DER:  Successfully decoded sample in Examples document using SFL.

5.  SignedData Tests

5.1	Basic signed content, DSS:  Successfully verified signature of sample in Examples document using SFL.

5.2	Basic signed content, RSA:  Successfully verified signature of sample in Examples document using SFL.

5.3	Basic signed content, detached content: Successfully verified signature of sample in Examples
document using SFL.

(Continue reading)

Russ Housley | 8 May 2003 20:47

RE: Who has tried some or all of the S/MIME examples?


I believe that we should be using id-dsa-with-sha1.

Russ

 > > 5.1.bin - failed
 > > 	1.  signatureAlgorithm is 1.2.840.10040.4.1 not 1.2.840.10040.4.3
 >
 > From RFC3370, section 3.1:
 >
 >    The algorithm identifier for DSA with SHA-1 signature values is:
 >
 >       id-dsa-with-sha1 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
 >           us(840) x9-57 (10040) x9cm(4) 3 }
 >
 >    When the id-dsa-with-sha1 algorithm identifier is used, the
 >    AlgorithmIdentifier parameters field MUST be absent.
 >
 >
 > From RFC2630, section 12.2.1:
 >
 >    The DSA signature algorithm is defined in FIPS Pub 186 [DSS].  DSA is
 >    always used with the SHA-1 message digest algorithm.  The algorithm
 >    identifier for DSA is:
 >
 >       id-dsa-with-sha1 OBJECT IDENTIFIER ::=  { iso(1) member-body(2)
 >           us(840) x9-57 (10040) x9cm(4) 3 }
 >
 >    The AlgorithmIdentifier parameters field must not be present.
 >

(Continue reading)

Pawling, John | 6 May 2003 20:20

RE: Who has tried some or all of the S/MIME examples?


Paul,

DigitalNet has used the S/MIME Freeware Library (SFL) (and underlying libraries) to successfully
process the vast majority of the examples in the draft-ietf-smime-examples-10.txt.  This message
includes the notes regarding our testing.  We will send you corrected examples for sections 11.1 and 11.2.

Test Results for S/MIME Examples-10:

These tests were executed by DigitalNet using the S/MIME Freeware Library (SFL) and underlying
libraries.  Point of contact is Bob Colestock, Robert.Colestock <at> DigitalNet.com.

(Note: Test numbers correspond to Examples-10 section numbers.)

4.  ContentInfo Tests

4.1	ContentInfo with Data type, BER:  Successfully ASN.1 decoded the BER-encoded ContentInfo sample in
Examples document, but SFL can only create DER-encoded ContentInfo objects because the Enhanced SNACC
library always uses DER to ASN.1 encode objects.

4.2	ContentInfo with Data type, DER:  Successfully decoded sample in Examples document using SFL.

5.  SignedData Tests

5.1	Basic signed content, DSS:  Successfully verified signature of sample in Examples document using SFL.

5.2	Basic signed content, RSA:  Successfully verified signature of sample in Examples document using SFL.

5.3	Basic signed content, detached content: Successfully verified signature of sample in Examples
document using SFL.

(Continue reading)

Return

Return to gmane.ietf.smime-examples.

Search Archive

Language

Change language

Options

Current view: Threads only / Showing only 20 lines / Not hiding cited text.
Change to All messages, whole messages, or hide cited text.

Post a message
NNTP Newsgroup
Classic Gmane web interface
XML

XML

RSS Feed
List Information

About Gmane