RE: Who has tried some or all of the S/MIME examples?

["Pawling, John" <John.Pawling@xxxxxxxxxxxxxx>]

Paul,

DigitalNet has used the S/MIME Freeware Library (SFL) (and underlying libraries) to successfully process the vast majority of the examples in the draft-ietf-smime-examples-10.txt.  This message includes the notes regarding our testing.  We will send you corrected examples for sections 11.1 and 11.2.


Test Results for S/MIME Examples-10:

These tests were executed by DigitalNet using the S/MIME Freeware Library (SFL) and underlying libraries.  Point of contact is Bob Colestock, Robert.Colestock@xxxxxxxxxxxxxxx

(Note: Test numbers correspond to Examples-10 section numbers.)


4.  ContentInfo Tests

4.1	ContentInfo with Data type, BER:  Successfully ASN.1 decoded the BER-encoded ContentInfo sample in Examples document, but SFL can only create DER-encoded ContentInfo objects because the Enhanced SNACC library always uses DER to ASN.1 encode objects.

4.2	ContentInfo with Data type, DER:  Successfully decoded sample in Examples document using SFL.


5.  SignedData Tests

5.1	Basic signed content, DSS:  Successfully verified signature of sample in Examples document using SFL.

5.2	Basic signed content, RSA:  Successfully verified signature of sample in Examples document using SFL.

5.3	Basic signed content, detached content: Successfully verified signature of sample in Examples document using SFL.

5.4	Fancier signed content, Signed content with signed/unsigned attributes: Successfully verified signature of sample in Examples document using SFL.  

5.5	All RSA signed message:  Successfully verified signature of sample in Examples document using SFL.

5.6	Multiple DSS signatures: Successfully verified all of the signatures in the sample in the Examples document.  

5.7	Signing using SKI:  Successfully verified signature of sample in Examples document using SFL. 

5.8	S/MIME multipart/signed message: Successfully verified signature of sample in Examples document using SFL. 

5.9	S/MIME application/pkcs7-mime signed message:  Successfully verified signature of sample in Examples document using SFL.

5.10	SignedData With Attributes: Successfully verified signature of sample in Examples document.

5.11	SignedData with Certificates Only: Successfully verified that there were no SignerInfos that were present or verified in the sample in the Examples document.


6.   Enveloped-data Tests

6.1.	Basic encrypted content, TripleDES and DH:  Successfully used SFL to process this envelopedData sample.   

6.2.	Basic encrypted content, TripleDES and RSA:  Successfully decrypted sample in Examples document using SFL.

6.3.	Basic encrypted content, RC2/40 and RSA:  Successfully decrypted sample in Examples document using SFL.
  
6.4.	Encrypted content, two recipients, no shared keying material: Successfully used SFL to process the envelopedData sample.  NOTE:  Unsuccessful Invalid tag for privateKeyInfo for second login

6.5.	Encrypted content, two recipients, shared keying material: Was unable to use the SFL to process the envelopedData sample because of an SFL bug related to processing shared UKMs.  SFL will be fixed to be able to successfully process this message as it has in the past.

6.6.	Encrypted content, TripleDES and DH, previously-distributed keys: Used SFL to successfully process the envelopedData sample.

6.7.	Encrypted content, RC2/40 and RSA, previously-distributed keys: Used SFL to successfully process the envelopedData sample.  

6.8.	S/MIME application/pkcs7-mime encrypted message:  Successfully used SFL to process the envelopedData sample.

6.9.	EnvelopedData with All Recipient Types: Successfully used SFL to process the envelopedData sample for all recipient types KARI, KTRI, and KEKRI.

6.10.	EnvelopedData with KARI RC2 Encryption: Successfully used SFL to process the envelopedData sample.

6.11.	EnvelopedData with KEK 3DES Encryption: Successfully used SFL to process the envelopedData sample.


7.  DigestedData:  SFL does not support.



8.  Encrypted-Data Tests: 

8.1. Simple EncryptedData: Successfully used SFL to process the encryptedData sample.

8.2. EncryptedData with unprotected attributes: Successfully used SFL to process the encryptedData sample.


9.  Authenticated-Data:  SFL does not support.



10. Key Wrapping:  Tests conducted as part of EnvelopedData testing. 


11.  ESS Examples

11.1	ReceiptRequest:  Used SFL to successfully process the signedData including a receiptRequest attribute.  Note that the 11.2 signedReceipt is supposed to be in response to the 11.1 signedData receiptRequest, but the examples-10 samples are incorrect.  DigitalNet will provide new samples for 11.1 and 11.2 that are correct.

11.2	Receipt:  Used SFL to successfully process the signedData including a receipt content type.  NOTE - Unsuccessful - no match in signer info error

11.3	ESSSecurityLabel:  Used SFL to successfully process the signedData including a ESSSecurityLabel signed attribute.

11.4	EquivalentLabels:  Used SFL to successfully process the signedData including an EquivalentLabels signed attribute.

11.5	mlExpansionHistory:  Used SFL to successfully process the signedData including an mlExpansionHistory signed attribute.

11.6	SigningCertificate:  Used SFL to successfully process the signedData including a SigningCertificate signed attribute.

====================================================
John Pawling, John.Pawling@xxxxxxxxxxxxxx
DigitalNet (formerly Getronics Government Solutions)
====================================================