[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

More examples-05 issues

To: <ietf-smime-examples@xxxxxxx>
Subject: More examples-05 issues
From: "Alexei Shamov" <shamov@xxxxxxx>
Date: Mon, 15 Jan 2001 15:41:15 +0200
Importance: Normal
List-archive: <http://www.imc.org/ietf-smime-examples/mail-archive/>
List-id: <ietf-smime-examples.imc.org>
List-unsubscribe: <mailto:ietf-smime-examples-request@imc.org?body=unsubscribe>
Sender: owner-ietf-smime-examples@xxxxxxxxxxxx

Hi All,

Testing examples-05 document, I have found some more issues as follows:

1. I was unable to decrypt some Diffie-Hellman enveloped messages (6.2, 6.9,
6.10) with User Keying Material specified in KeyAgreeRecipientInfo.

Firstly, ukm is 1024 bits long (128 bytes) octet string. Should not it be
512 bits (64 bytes) as specified in RFC 2631 / 2.1.2? (Ahmed Bhamjee has
already addressed this issue before).

Secondly, in examples 6.2, 6.9 when RC2 CEK was wrapped with 3DES KEK,  it
seems that Triple-DES key wrap algorithm (RFC2630/12.6.2) was used (only
128-bit plain CEK appears after decryption, not LENGTH || CEK || PAD).
Should not RC2 key wrap algorithm (RFC2630/12.6.4) be used?

Example 6.10 failed at KeyCheck step of RC2 key unwrap. Perhaps this is a
problem of my implementation (some debug information is attached to the end
of this message).

2. MailingListRC2.bin file is 17 bytes long because of one extra '0d' byte.

3. BobPrivRSAEncrypt.pri is a copy of CarlPrivRSASign.pri. Correct version
of the BobPrivRSAEncrypt.pri could be found in SFL examples at
\smimeR1.8\test\CMS_MSExamples2.d\FirstSet.d\certs.d\private.d\BobPrivRSAEnc
rypt.pri (635 bytes long).

4. In 6.2 and some other messages GeneralizedTime does not have century
specified, as per RFC 2459/4.1.2.5.2. Is it acceptable?

01E1 A2   63:         [2] {
01E3 02    1:           INTEGER 4
01E6 30   22:           SEQUENCE {
01E8 04   11:             OCTET STRING 'MailListTripleDES'
01FB 18    D:             GeneralizedTime '951230235959Z'
            :             }

Regards,
Alexei

P.S. Debug information for example 6.10

OtherInfo=
0000 30   A3: SEQUENCE {
0003 30   13:   SEQUENCE {
0005 06    B:     OBJECT IDENTIFIER
            :       id-alg-CMSRC2wrap (1 2 840 113549 1 9 16 3 7)
0012 04    4:     OCTET STRING
            :       00 00 00 01
            :     }
0018 A0   83:   [0] {
001B 04   80:     OCTET STRING
            :       17 2F 3B 6C DE 37 69 19 8A 7A 03 F2 DE A3 04 96
            :       7E 0A 8E 30 3F 76 C8 58 3A 95 B0 46 98 23 50 82
            :       DC 46 52 6E 7C 5E 60 1B 3E B5 DC 2D 2D B7 1A EC
            :       13 70 8A 7B 83 73 4D 17 BE 93 4B 58 BC 66 D1 8B
            :       42 95 A7 E2 F1 9A 5B 08 61 16 88 E4 C2 AC DD 1A
            :       79 0D 37 FF A8 E6 7A AC 91 79 2F 2A 33 E1 E9 52
            :       4F 18 AE 18 46 03 25 84 D1 13 E1 87 1B 48 80 74
            :       F3 33 23 68 1E CD 81 40 4A E9 83 02 2D 23 0B A2
            :     }
009E A2    6:   [2] {
00A0 04    4:     OCTET STRING
            :       00 00 00 80
            :     }
            :   }

ZZ =
c2 5e 2c 49 65 6b 8e 28 36 45 9a 5c 54 f4 ce 64
0d 97 cc 0e ce 40 f3 4e ff 6c 9f 9a c8 76 c7 38
02 48 ec 39 c5 6b e1 6d 0a 73 ac cb cc 25 4b 6b
b6 32 54 89 40 95 f7 64 06 99 d3 61 af 86 06 51
10 97 be 2a 2d 30 76 92 e6 26 8d 38 4b a6 7c cb
3c 68 4b f1 b4 44 6d 60 d3 b1 d7 13 4e 91 a1 96
48 c4 74 79 7e 1b 69 c5 43 52 11 cc b9 a0 93 4b
e3 21 30 de 7a 98 85 c2 40 1c f4 b5 1f 4d 41 f2

KEK=95 cf 08 a6 f9 5c 97 a9 18 ae 3b ee 26 67 71 6a

Prev by Date: Re: Issues with draft-ietf-smime-examples-05
Next by Date: RE: More examples-05 issues
Previous by thread: Issues with draft-ietf-smime-examples-05
Next by thread: RE: More examples-05 issues
Index(es):
- Date
- Thread